Apple Mac OS X 2006-007存在多个安全漏洞

2006-11-29T00:00:00

Description

Apple Mac OS X是一款基于BSD的操作系统。 Apple Mac OS X存在多个安全问题，远程和本地攻击者可以利用漏洞进行恶意代码执行，拒绝服务攻击，特权提升，覆盖文件，获得敏感信息等攻击。具体问题如下： AirPort－CVE-ID: CVE-2006-5710： AirPort无线驱动不正确处理应答帧，可导致基于堆的溢出。 ATS－CVE-ID: CVE-2006-4396： Apple Type服务不安全建立错误日至可导致任意文件覆盖。 ATS－CVE-ID: CVE-2006-4398： Apple Type服务存在多个缓冲区溢出，可导致以高权限执行任意代码。 ATS－CVE-ID: CVE-2006-4400：利用特殊的字体文件，可导致任意代码执行。 CFNetwork－CVE-ID: CVE-2006-4401：通过诱使用户访问恶意ftp URI，可导致任意ftp命令执行。 ClamAV－CVE-ID: CVE-2006-4182：恶意email消息可导致ClamAV执行任意代码。 Finder－CVE-ID: CVE-2006-4402：通过浏览共享目录可导致应用程序崩溃或执行任意代码。 ftpd－CVE-ID: CVE-2006-4403：当ftp访问启用时，未授权用户可判别合法的账户名。 gnuzip－CVE-ID: CVE-2006-4334, CVE-2006-4335, CVE-2006-4336, CVE-2006-4337, CVE-2006-4338： gunzip处理压缩文件存在多个问题，可导致应用程序崩溃或执行任意指令。 Installer－CVE-ID: CVE-2006-4404：当以管理用户安装软件时，系统权限可能被未授权利用。 OpenSSL－CVE-ID: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-4339, CVE-2006-4343： OpenSSL存在多个安全问题可导致任意代码执行或者获得敏感信息。 perl－CVE-ID: CVE-2005-3962：不安全处理字符串，可导致Perl应用程序执行任意代码。 PHP－CVE-ID: CVE-2006-1490, CVE-2006-1990： Php应用程序存在多个问题，可导致拒绝服务或执行任意代码。 PHP－CVE-ID: CVE-2006-5465： PHP的htmlentities()和htmlspecialchars()函数存在缓冲区溢出，可导致任意代码执行。 PPP－CVE-ID: CVE-2006-4406：在不可信的本地网络上使用PPPoE可导致任意代码执行。 Samba－CVE-ID: CVE-2006-3403：当Windows共享使用时，远程攻击者可进行拒绝服务攻击。 Security Framework－CVE-ID: CVE-2006-4407：不安全的传送方法可导致不协商最安全的加密信息。 Security Framework－CVE-ID: CVE-2006-4408：处理X.509证书时可导致拒绝服务攻击。 Security Framework－CVE-ID: CVE-2006-4409：当使用http代理时，证书废弃列表不能获得。 Security Framework－CVE-ID: CVE-2006-4410：部分调用证书错误的被授权。 VPN－CVE-ID: CVE-2006-4411: 恶意本地用户可获得系统特权。 WebKit－CVE-ID: CVE-2006-4412：通过诱使用户浏览恶意web页执行任意代码。 Apple Mac OS X Server 10.4.8 Apple Mac OS X Server 10.4.7 Apple Mac OS X Server 10.4.6 Apple Mac OS X Server 10.4.5 Apple Mac OS X Server 10.4.4 Apple Mac OS X Server 10.4.3 Apple Mac OS X Server 10.4.2 Apple Mac OS X Server 10.4.1 Apple Mac OS X Server 10.4 Apple Mac OS X Server 10.3.9 Apple Mac OS X Server 10.3.8 Apple Mac OS X Server 10.3.7 Apple Mac OS X Server 10.3.6 Apple Mac OS X Server 10.3.5 Apple Mac OS X Server 10.3.4 Apple Mac OS X Server 10.3.3 Apple Mac OS X Server 10.3.2 Apple Mac OS X Server 10.3.1 Apple Mac OS X Server 10.3 Apple Mac OS X Server 10.2.8 Apple Mac OS X Server 10.2.7 Apple Mac OS X Server 10.2.6 Apple Mac OS X Server 10.2.5 Apple Mac OS X Server 10.2.4 Apple Mac OS X Server 10.2.3 Apple Mac OS X Server 10.2.2 Apple Mac OS X Server 10.2.1 Apple Mac OS X Server 10.2 Apple Mac OS X Server 10.1.5 Apple Mac OS X Server 10.1.4 Apple Mac OS X Server 10.1.3 Apple Mac OS X Server 10.1.2 Apple Mac OS X Server 10.1.1 Apple Mac OS X Server 10.1 Apple Mac OS X Server 10.0 Apple Mac OS X 10.4.8 Apple Mac OS X 10.4.7 Apple Mac OS X 10.4.6 Apple Mac OS X 10.4.5 Apple Mac OS X 10.4.4 Apple Mac OS X 10.4.3 Apple Mac OS X 10.4.2 Apple Mac OS X 10.4.1 Apple Mac OS X 10.4 Apple Mac OS X 10.3.9 Apple Mac OS X 10.3.8 Apple Mac OS X 10.3.7 Apple Mac OS X 10.3.6 Apple Mac OS X 10.3.5 Apple Mac OS X 10.3.4 Apple Mac OS X 10.3.3 Apple Mac OS X 10.3.2 Apple Mac OS X 10.3.1 Apple Mac OS X 10.3 Apple Mac OS X 10.2.8 Apple Mac OS X 10.2.7 Apple Mac OS X 10.2.6 Apple Mac OS X 10.2.5 Apple Mac OS X 10.2.4 Apple Mac OS X 10.2.3 Apple Mac OS X 10.2.2 Apple Mac OS X 10.2.1 Apple Mac OS X 10.2 Apple Mac OS X 10.1.5 Apple Mac OS X 10.1.4 Apple Mac OS X 10.1.3 Apple Mac OS X 10.1.2 Apple Mac OS X 10.1.1 Apple Mac OS X 10.1 Apple Mac OS X 10.1 Apple Mac OS X 10.0.4 Apple Mac OS X 10.0.3 Apple Mac OS X 10.0.2 Apple Mac OS X 10.0.1 Apple Mac OS X 10.0 3 Apple Mac OS X 10.0 <a href="http://docs.info.apple.com/article.html?artnum=304829" target="_blank">http://docs.info.apple.com/article.html?artnum=304829</a>

{"sourceData": "", "status": "details", "description": "Apple Mac OS X\u662f\u4e00\u6b3e\u57fa\u4e8eBSD\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nApple Mac OS X\u5b58\u5728\u591a\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8fdc\u7a0b\u548c\u672c\u5730\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u8fdb\u884c\u6076\u610f\u4ee3\u7801\u6267\u884c\uff0c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\uff0c\u7279\u6743\u63d0\u5347\uff0c\u8986\u76d6\u6587\u4ef6\uff0c\u83b7\u5f97\u654f\u611f\u4fe1\u606f\u7b49\u653b\u51fb\u3002\r\n\r\n\u5177\u4f53\u95ee\u9898\u5982\u4e0b\uff1a\r\n\r\nAirPort\uff0dCVE-ID: CVE-2006-5710\uff1a\r\n\r\nAirPort\u65e0\u7ebf\u9a71\u52a8\u4e0d\u6b63\u786e\u5904\u7406\u5e94\u7b54\u5e27\uff0c\u53ef\u5bfc\u81f4\u57fa\u4e8e\u5806\u7684\u6ea2\u51fa\u3002\r\n\r\nATS\uff0dCVE-ID: CVE-2006-4396\uff1a\r\n\r\nApple Type\u670d\u52a1\u4e0d\u5b89\u5168\u5efa\u7acb\u9519\u8bef\u65e5\u81f3\u53ef\u5bfc\u81f4\u4efb\u610f\u6587\u4ef6\u8986\u76d6\u3002\r\n\r\nATS\uff0dCVE-ID: CVE-2006-4398\uff1a\r\n\r\nApple Type\u670d\u52a1\u5b58\u5728\u591a\u4e2a\u7f13\u51b2\u533a\u6ea2\u51fa\uff0c\u53ef\u5bfc\u81f4\u4ee5\u9ad8\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nATS\uff0dCVE-ID: CVE-2006-4400\uff1a\r\n\r\n\u5229\u7528\u7279\u6b8a\u7684\u5b57\u4f53\u6587\u4ef6\uff0c\u53ef\u5bfc\u81f4\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002\r\n\r\nCFNetwork\uff0dCVE-ID: CVE-2006-4401\uff1a\r\n\r\n\u901a\u8fc7\u8bf1\u4f7f\u7528\u6237\u8bbf\u95ee\u6076\u610fftp URI\uff0c\u53ef\u5bfc\u81f4\u4efb\u610fftp\u547d\u4ee4\u6267\u884c\u3002\r\n\r\nClamAV\uff0dCVE-ID: CVE-2006-4182\uff1a\r\n\r\n\u6076\u610femail\u6d88\u606f\u53ef\u5bfc\u81f4ClamAV\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nFinder\uff0dCVE-ID: CVE-2006-4402\uff1a\r\n\r\n\u901a\u8fc7\u6d4f\u89c8\u5171\u4eab\u76ee\u5f55\u53ef\u5bfc\u81f4\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nftpd\uff0dCVE-ID: CVE-2006-4403\uff1a\r\n\r\n\u5f53ftp\u8bbf\u95ee\u542f\u7528\u65f6\uff0c\u672a\u6388\u6743\u7528\u6237\u53ef\u5224\u522b\u5408\u6cd5\u7684\u8d26\u6237\u540d\u3002\r\n\r\ngnuzip\uff0dCVE-ID: CVE-2006-4334, CVE-2006-4335, CVE-2006-4336, CVE-2006-4337, CVE-2006-4338\uff1a\r\n\r\ngunzip\u5904\u7406\u538b\u7f29\u6587\u4ef6\u5b58\u5728\u591a\u4e2a\u95ee\u9898\uff0c\u53ef\u5bfc\u81f4\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\r\n\r\nInstaller\uff0dCVE-ID: CVE-2006-4404\uff1a\r\n\r\n\u5f53\u4ee5\u7ba1\u7406\u7528\u6237\u5b89\u88c5\u8f6f\u4ef6\u65f6\uff0c\u7cfb\u7edf\u6743\u9650\u53ef\u80fd\u88ab\u672a\u6388\u6743\u5229\u7528\u3002\r\n\r\nOpenSSL\uff0dCVE-ID: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-4339, CVE-2006-4343\uff1a\r\n\r\nOpenSSL\u5b58\u5728\u591a\u4e2a\u5b89\u5168\u95ee\u9898\u53ef\u5bfc\u81f4\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6216\u8005\u83b7\u5f97\u654f\u611f\u4fe1\u606f\u3002\r\n\r\nperl\uff0dCVE-ID: CVE-2005-3962\uff1a\r\n\r\n\u4e0d\u5b89\u5168\u5904\u7406\u5b57\u7b26\u4e32\uff0c\u53ef\u5bfc\u81f4Perl\u5e94\u7528\u7a0b\u5e8f\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nPHP\uff0dCVE-ID: CVE-2006-1490, CVE-2006-1990\uff1a\r\n\r\nPhp\u5e94\u7528\u7a0b\u5e8f\u5b58\u5728\u591a\u4e2a\u95ee\u9898\uff0c\u53ef\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nPHP\uff0dCVE-ID: CVE-2006-5465\uff1a\r\n\r\nPHP\u7684htmlentities()\u548chtmlspecialchars()\u51fd\u6570\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\uff0c\u53ef\u5bfc\u81f4\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002\r\n\r\nPPP\uff0dCVE-ID: CVE-2006-4406\uff1a\r\n\r\n\u5728\u4e0d\u53ef\u4fe1\u7684\u672c\u5730\u7f51\u7edc\u4e0a\u4f7f\u7528PPPoE\u53ef\u5bfc\u81f4\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002\r\n\r\nSamba\uff0dCVE-ID: CVE-2006-3403\uff1a\r\n\r\n\u5f53Windows\u5171\u4eab\u4f7f\u7528\u65f6\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n\r\nSecurity Framework\uff0dCVE-ID: CVE-2006-4407\uff1a\r\n\r\n\u4e0d\u5b89\u5168\u7684\u4f20\u9001\u65b9\u6cd5\u53ef\u5bfc\u81f4\u4e0d\u534f\u5546\u6700\u5b89\u5168\u7684\u52a0\u5bc6\u4fe1\u606f\u3002\r\n\r\nSecurity Framework\uff0dCVE-ID: CVE-2006-4408\uff1a\r\n\r\n\u5904\u7406X.509\u8bc1\u4e66\u65f6\u53ef\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n\r\nSecurity Framework\uff0dCVE-ID: CVE-2006-4409\uff1a\r\n\r\n\u5f53\u4f7f\u7528http\u4ee3\u7406\u65f6\uff0c\u8bc1\u4e66\u5e9f\u5f03\u5217\u8868\u4e0d\u80fd\u83b7\u5f97\u3002\r\n\r\nSecurity Framework\uff0dCVE-ID: CVE-2006-4410\uff1a\r\n\r\n\u90e8\u5206\u8c03\u7528\u8bc1\u4e66\u9519\u8bef\u7684\u88ab\u6388\u6743\u3002\r\n\r\nVPN\uff0dCVE-ID: CVE-2006-4411:\r\n\r\n\u6076\u610f\u672c\u5730\u7528\u6237\u53ef\u83b7\u5f97\u7cfb\u7edf\u7279\u6743\u3002\r\n\r\nWebKit\uff0dCVE-ID: CVE-2006-4412\uff1a\r\n\r\n\u901a\u8fc7\u8bf1\u4f7f\u7528\u6237\u6d4f\u89c8\u6076\u610fweb\u9875\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\n\n\nApple Mac OS X Server 10.4.8\r\nApple Mac OS X Server 10.4.7\r\nApple Mac OS X Server 10.4.6\r\nApple Mac OS X Server 10.4.5\r\nApple Mac OS X Server 10.4.4\r\nApple Mac OS X Server 10.4.3\r\nApple Mac OS X Server 10.4.2\r\nApple Mac OS X Server 10.4.1\r\nApple Mac OS X Server 10.4\r\nApple Mac OS X Server 10.3.9\r\nApple Mac OS X Server 10.3.8\r\nApple Mac OS X Server 10.3.7\r\nApple Mac OS X Server 10.3.6\r\nApple Mac OS X Server 10.3.5\r\nApple Mac OS X Server 10.3.4\r\nApple Mac OS X Server 10.3.3\r\nApple Mac OS X Server 10.3.2\r\nApple Mac OS X Server 10.3.1\r\nApple Mac OS X Server 10.3\r\nApple Mac OS X Server 10.2.8\r\nApple Mac OS X Server 10.2.7\r\nApple Mac OS X Server 10.2.6\r\nApple Mac OS X Server 10.2.5\r\nApple Mac OS X Server 10.2.4\r\nApple Mac OS X Server 10.2.3\r\nApple Mac OS X Server 10.2.2\r\nApple Mac OS X Server 10.2.1\r\nApple Mac OS X Server 10.2\r\nApple Mac OS X Server 10.1.5\r\nApple Mac OS X Server 10.1.4\r\nApple Mac OS X Server 10.1.3\r\nApple Mac OS X Server 10.1.2\r\nApple Mac OS X Server 10.1.1\r\nApple Mac OS X Server 10.1\r\nApple Mac OS X Server 10.0\r\nApple Mac OS X 10.4.8\r\nApple Mac OS X 10.4.7\r\nApple Mac OS X 10.4.6\r\nApple Mac OS X 10.4.5\r\nApple Mac OS X 10.4.4\r\nApple Mac OS X 10.4.3\r\nApple Mac OS X 10.4.2\r\nApple Mac OS X 10.4.1\r\nApple Mac OS X 10.4\r\nApple Mac OS X 10.3.9\r\nApple Mac OS X 10.3.8\r\nApple Mac OS X 10.3.7\r\nApple Mac OS X 10.3.6\r\nApple Mac OS X 10.3.5\r\nApple Mac OS X 10.3.4\r\nApple Mac OS X 10.3.3\r\nApple Mac OS X 10.3.2\r\nApple Mac OS X 10.3.1\r\nApple Mac OS X 10.3\r\nApple Mac OS X 10.2.8\r\nApple Mac OS X 10.2.7\r\nApple Mac OS X 10.2.6\r\nApple Mac OS X 10.2.5\r\nApple Mac OS X 10.2.4\r\nApple Mac OS X 10.2.3\r\nApple Mac OS X 10.2.2\r\nApple Mac OS X 10.2.1\r\nApple Mac OS X 10.2\r\nApple Mac OS X 10.1.5\r\nApple Mac OS X 10.1.4\r\nApple Mac OS X 10.1.3\r\nApple Mac OS X 10.1.2\r\nApple Mac OS X 10.1.1\r\nApple Mac OS X 10.1\r\nApple Mac OS X 10.1\r\nApple Mac OS X 10.0.4\r\nApple Mac OS X 10.0.3\r\nApple Mac OS X 10.0.2\r\nApple Mac OS X 10.0.1\r\nApple Mac OS X 10.0 3\r\nApple Mac OS X 10.0 \r\n\n <a href=\"http://docs.info.apple.com/article.html?artnum=304829\" target=\"_blank\">http://docs.info.apple.com/article.html?artnum=304829</a>", "sourceHref": "", "reporter": "Root", "href": "https://www.seebug.org/vuldb/ssvid-623", "type": "seebug", "viewCount": 16, "references": [], "lastseen": "2017-11-19T22:20:08", "published": "2006-11-29T00:00:00", "cvelist": ["CVE-2005-3962", "CVE-2006-1490", "CVE-2006-1990", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3403", "CVE-2006-3738", "CVE-2006-4182", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338", "CVE-2006-4339", "CVE-2006-4343", "CVE-2006-4396", "CVE-2006-4398", "CVE-2006-4400", "CVE-2006-4401", "CVE-2006-4402", "CVE-2006-4403", "CVE-2006-4404", "CVE-2006-4406", "CVE-2006-4407", "CVE-2006-4408", "CVE-2006-4409", "CVE-2006-4410", "CVE-2006-4411", "CVE-2006-4412", "CVE-2006-5465", "CVE-2006-5710"], "id": "SSV:623", "enchantments_done": [], "modified": "2006-11-29T00:00:00", "title": "Apple Mac OS X 2006-007\u5b58\u5728\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "bulletinFamily": "exploit", "enchantments": {"score": {"value": -0.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "centos", "idList": ["CESA-2005:880", "CESA-2005:881", "CESA-2006:0276", "CESA-2006:0501-02", "CESA-2006:0568", "CESA-2006:0591", "CESA-2006:0591-6", "CESA-2006:0661", "CESA-2006:0661-01", "CESA-2006:0667", "CESA-2006:0667-01", "CESA-2006:0695", "CESA-2006:0695-01", "CESA-2006:0730", "CESA-2006:0730-01"]}, {"type": "cert", "idList": ["VU:180864", "VU:191336", "VU:247744", "VU:258744", "VU:313836", "VU:323424", "VU:371648", "VU:381508", "VU:386964", "VU:423396", "VU:547300", "VU:554780", "VU:596848", "VU:681056", "VU:734032", "VU:773548", "VU:800296", "VU:811384", "VU:835936", "VU:845620", "VU:848960", "VU:870960", "VU:933712", "VU:948385"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2006-123", "CPAI-2006-298", "CPAI-2008-014"]}, {"type": "checkpoint_security", "idList": ["CPS:SK32088", "CPS:SK32188", "CPS:SK32230", "CPS:SK33695", "CPS:SK33771", "CPS:SK35708"]}, {"type": "cisco", "idList": ["CISCO-SA-20060905-CVE-2007-5810"]}, {"type": "cve", "idList": ["CVE-2005-3962", "CVE-2005-4261", "CVE-2006-1490", "CVE-2006-1990", "CVE-2006-2937", "CVE-2006-2938", "CVE-2006-2940", "CVE-2006-3403", "CVE-2006-3738", "CVE-2006-4182", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338", "CVE-2006-4339", "CVE-2006-4340", "CVE-2006-4343", "CVE-2006-4396", "CVE-2006-4398", "CVE-2006-4400", "CVE-2006-4401", "CVE-2006-4402", "CVE-2006-4403", "CVE-2006-4404", "CVE-2006-4406", "CVE-2006-4407", "CVE-2006-4408", "CVE-2006-4409", "CVE-2006-4410", "CVE-2006-4411", "CVE-2006-4412", "CVE-2006-4482", "CVE-2006-4790", "CVE-2006-5179", "CVE-2006-5465", "CVE-2006-5484", "CVE-2006-5710", "CVE-2006-7140", "CVE-2007-2966", "CVE-2007-5135", "CVE-2007-5898", "CVE-2009-2624"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1110-1:E5A75", "DEBIAN:DSA-1173-1:8498F", "DEBIAN:DSA-1174-1:77B2E", "DEBIAN:DSA-1181-1:40536", "DEBIAN:DSA-1185-1:2C57C", "DEBIAN:DSA-1185-2:4AF37", "DEBIAN:DSA-1195-1:12A42", "DEBIAN:DSA-1195-1:C6A33", "DEBIAN:DSA-1196-1:F66C3", "DEBIAN:DSA-1206-1:A74A0", "DEBIAN:DSA-1974-1:9AB49", "DEBIAN:DSA-943-1:5CBA7", "DEBIAN:DSA-943-1:D0943"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2005-3962", "DEBIANCVE:CVE-2006-2937", "DEBIANCVE:CVE-2006-2940", "DEBIANCVE:CVE-2006-3403", "DEBIANCVE:CVE-2006-3738", "DEBIANCVE:CVE-2006-4182", "DEBIANCVE:CVE-2006-4334", "DEBIANCVE:CVE-2006-4335", "DEBIANCVE:CVE-2006-4336", "DEBIANCVE:CVE-2006-4337", "DEBIANCVE:CVE-2006-4338", "DEBIANCVE:CVE-2006-4339", "DEBIANCVE:CVE-2006-4340", "DEBIANCVE:CVE-2006-4343", "DEBIANCVE:CVE-2007-5135", "DEBIANCVE:CVE-2009-2624"]}, {"type": "exploitdb", "idList": ["EDB-ID:28726", "EDB-ID:4773"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:034D322B9C4D058098E22E5788CDA9A0", "EXPLOITPACK:85DFC07A21CE638C0F80271A05CBC86C"]}, {"type": "f5", "idList": ["F5:K6623", "F5:K6734", "F5:K6804", "F5:K8106", "SOL5794", "SOL6623", "SOL6734", "SOL6804", "SOL8106"]}, {"type": "fedora", "idList": ["FEDORA:L18M7WWK008220", "FEDORA:L1QM9JUC009191", "FEDORA:L3IMG3K5004841", "FEDORA:L4EHLJW7018518", "FEDORA:L4O5OCBW020783", "FEDORA:L4VDCFKZ008574"]}, {"type": "freebsd", "idList": ["077C2DCA-8F9A-11DB-AB33-000E0C2E438A", "0F37D765-C5D4-11DB-9F82-000E0C2E438A", "11A84092-8F9F-11DB-AB33-000E0C2E438A", "1FE734BF-4A06-11DB-B48D-00508D6A62DF", "B168DDEA-105A-11DB-AC96-000C6EC775D9", "BB33981A-7AC6-11DA-BF72-00123F589060", "C97D7A37-2233-11DF-96DD-001B2134EF46"]}, {"type": "gentoo", "idList": ["GLSA-200512-01", "GLSA-200605-08", "GLSA-200607-10", "GLSA-200609-05", "GLSA-200609-13", "GLSA-200610-06", "GLSA-200610-10", "GLSA-200610-11", "GLSA-200611-24", "GLSA-200612-11", "GLSA-200703-21", "GLSA-200710-06", "GLSA-201408-19"]}, {"type": "jvn", "idList": ["JVN:51615542"]}, {"type": "mozilla", "idList": ["MFSA2006-60"]}, {"type": "nessus", "idList": ["3509.PRM", "3682.PRM", "3755.PRM", "3794.PRM", "4444.PRM", "4632.PRM", "5339.PRM", "ATTACHMATE_REFLECTION_70_SP1.NASL", "CENTOS_RHSA-2005-880.NASL", "CENTOS_RHSA-2005-881.NASL", "CENTOS_RHSA-2006-0276.NASL", "CENTOS_RHSA-2006-0568.NASL", "CENTOS_RHSA-2006-0591.NASL", "CENTOS_RHSA-2006-0661.NASL", "CENTOS_RHSA-2006-0667.NASL", "CENTOS_RHSA-2006-0695.NASL", "CENTOS_RHSA-2006-0730.NASL", "DEBIAN_DSA-1110.NASL", "DEBIAN_DSA-1173.NASL", "DEBIAN_DSA-1174.NASL", "DEBIAN_DSA-1181.NASL", "DEBIAN_DSA-1185.NASL", "DEBIAN_DSA-1195.NASL", "DEBIAN_DSA-1196.NASL", "DEBIAN_DSA-1206.NASL", "DEBIAN_DSA-1379.NASL", "DEBIAN_DSA-1974.NASL", "DEBIAN_DSA-943.NASL", "F5_BIGIP_SOL6623.NASL", "F5_BIGIP_SOL6734.NASL", "F5_BIGIP_SOL8106.NASL", "FEDORA_2005-1113.NASL", "FEDORA_2005-1116.NASL", "FEDORA_2005-1144.NASL", "FEDORA_2005-1145.NASL", "FEDORA_2006-1004.NASL", "FEDORA_2006-1168.NASL", "FEDORA_2006-1169.NASL", "FEDORA_2006-289.NASL", "FEDORA_2006-807.NASL", "FEDORA_2006-808.NASL", "FEDORA_2006-953.NASL", "FEDORA_2006-989.NASL", "FEDORA_2007-219.NASL", "FEDORA_2007-557.NASL", "FREEBSD_PKG_077C2DCA8F9A11DBAB33000E0C2E438A.NASL", "FREEBSD_PKG_0F37D765C5D411DB9F82000E0C2E438A.NASL", "FREEBSD_PKG_11A840928F9F11DBAB33000E0C2E438A.NASL", "FREEBSD_PKG_1FE734BF4A0611DBB48D00508D6A62DF.NASL", "FREEBSD_PKG_B168DDEA105A11DBAC96000C6EC775D9.NASL", "FREEBSD_PKG_BB33981A7AC611DABF7200123F589060.NASL", "FREEBSD_PKG_C97D7A37223311DF96DD001B2134EF46.NASL", "GENTOO_GLSA-200512-01.NASL", "GENTOO_GLSA-200605-08.NASL", "GENTOO_GLSA-200607-10.NASL", "GENTOO_GLSA-200609-05.NASL", "GENTOO_GLSA-200609-13.NASL", "GENTOO_GLSA-200610-06.NASL", "GENTOO_GLSA-200610-10.NASL", "GENTOO_GLSA-200610-11.NASL", "GENTOO_GLSA-200611-24.NASL", "GENTOO_GLSA-200612-11.NASL", "GENTOO_GLSA-200703-21.NASL", "GENTOO_GLSA-200710-06.NASL", "GENTOO_GLSA-201408-19.NASL", "HPUX_PHCO_35587.NASL", "HPUX_PHNE_35920.NASL", "HPUX_PHSS_35110.NASL", "HPUX_PHSS_35111.NASL", "HPUX_PHSS_35436.NASL", "HPUX_PHSS_35437.NASL", "HPUX_PHSS_35458.NASL", "HPUX_PHSS_35459.NASL", "HPUX_PHSS_35460.NASL", "HPUX_PHSS_35461.NASL", "HPUX_PHSS_35462.NASL", "HPUX_PHSS_35463.NASL", "HPUX_PHSS_35480.NASL", "HPUX_PHSS_35481.NASL", "MACOSX_JAVA_REL6.NASL", "MACOSX_SECUPD2006-007.NASL", "MANDRAKE_MDKSA-2005-225.NASL", "MANDRAKE_MDKSA-2006-063.NASL", "MANDRAKE_MDKSA-2006-091.NASL", "MANDRAKE_MDKSA-2006-120.NASL", "MANDRAKE_MDKSA-2006-122.NASL", "MANDRAKE_MDKSA-2006-161.NASL", "MANDRAKE_MDKSA-2006-166.NASL", "MANDRAKE_MDKSA-2006-167.NASL", "MANDRAKE_MDKSA-2006-172.NASL", "MANDRAKE_MDKSA-2006-177.NASL", "MANDRAKE_MDKSA-2006-178.NASL", "MANDRAKE_MDKSA-2006-184.NASL", "MANDRAKE_MDKSA-2006-196.NASL", "MANDRAKE_MDKSA-2006-207.NASL", "MANDRAKE_MDKSA-2007-193.NASL", "NEWSTART_CGSL_NS-SA-2019-0020_OPENSSL098E.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "OPENOFFICE_32.NASL", "OPENSSL_0_9_7K_0_9_8C.NASL", "OPENSSL_0_9_7L_0_9_8D.NASL", "OPENSSL_0_9_8M.NASL", "ORACLELINUX_ELSA-2006-0661.NASL", "ORACLELINUX_ELSA-2006-0667.NASL", "ORACLELINUX_ELSA-2006-0695.NASL", "ORACLELINUX_ELSA-2006-0730.NASL", "PHP_4_4_3.NASL", "PHP_5_2_0.NASL", "REDHAT-RHSA-2005-880.NASL", "REDHAT-RHSA-2005-881.NASL", "REDHAT-RHSA-2006-0276.NASL", "REDHAT-RHSA-2006-0501.NASL", "REDHAT-RHSA-2006-0568.NASL", "REDHAT-RHSA-2006-0591.NASL", "REDHAT-RHSA-2006-0661.NASL", "REDHAT-RHSA-2006-0667.NASL", "REDHAT-RHSA-2006-0695.NASL", "REDHAT-RHSA-2006-0730.NASL", "REDHAT-RHSA-2007-0062.NASL", "REDHAT-RHSA-2007-0072.NASL", "REDHAT-RHSA-2007-0073.NASL", "REDHAT-RHSA-2008-0264.NASL", "REDHAT-RHSA-2008-0525.NASL", "REDHAT-RHSA-2008-0629.NASL", "SAMBA_ACL_SECURITY_BYPASS.NASL", "SLACKWARE_SSA_2006-195-01.NASL", "SLACKWARE_SSA_2006-257-02.NASL", "SLACKWARE_SSA_2006-262-01.NASL", "SLACKWARE_SSA_2006-272-01.NASL", "SLACKWARE_SSA_2006-307-01.NASL", "SLACKWARE_SSA_2006-310-01.NASL", "SOLARIS10_116648-25.NASL", "SOLARIS10_116648.NASL", "SOLARIS10_118371.NASL", "SOLARIS10_119213-27.NASL", "SOLARIS10_119213-30.NASL", "SOLARIS10_119213-31.NASL", "SOLARIS10_119213-32.NASL", "SOLARIS10_119213-33.NASL", "SOLARIS10_119213-36.NASL", "SOLARIS10_119213-37.NASL", "SOLARIS10_119213-38.NASL", "SOLARIS10_119213.NASL", "SOLARIS10_119985-02.NASL", "SOLARIS10_119985.NASL", "SOLARIS10_121229-02.NASL", "SOLARIS10_121229.NASL", "SOLARIS10_X86_116649-25.NASL", "SOLARIS10_X86_118372.NASL", "SOLARIS10_X86_119214-27.NASL", "SOLARIS10_X86_119214-30.NASL", "SOLARIS10_X86_119214-31.NASL", "SOLARIS10_X86_119214-32.NASL", "SOLARIS10_X86_119214-33.NASL", "SOLARIS10_X86_119214-36.NASL", "SOLARIS10_X86_119214-37.NASL", "SOLARIS10_X86_119214-38.NASL", "SOLARIS10_X86_119214.NASL", "SOLARIS10_X86_121230-02.NASL", "SOLARIS10_X86_121230.NASL", "SOLARIS10_X86_122082-01.NASL", "SOLARIS10_X86_122082.NASL", "SOLARIS11_GZIP_20141107.NASL", "SOLARIS8_114045.NASL", "SOLARIS8_116648.NASL", "SOLARIS8_119209.NASL", "SOLARIS9_113451.NASL", "SOLARIS9_113713.NASL", "SOLARIS9_114049.NASL", "SOLARIS9_116648.NASL", "SOLARIS9_117123.NASL", "SOLARIS9_119211.NASL", "SOLARIS9_X86_114050.NASL", "SOLARIS9_X86_114435.NASL", "SOLARIS9_X86_114568.NASL", "SOLARIS9_X86_119212.NASL", "SOLARIS9_X86_122715.NASL", "SUSE9_11220.NASL", "SUSE_APACHE2-MOD_PHP5-2236.NASL", "SUSE_APACHE2-MOD_PHP5-2238.NASL", "SUSE_BIND-2268.NASL", "SUSE_BIND-2269.NASL", "SUSE_CLAMAV-2179.NASL", "SUSE_CLAMAV-2180.NASL", "SUSE_COMPAT-OPENSSL097G-2163.NASL", "SUSE_COMPAT-OPENSSL097G-2171.NASL", "SUSE_GZIP-2084.NASL", "SUSE_GZIP-2085.NASL", "SUSE_OPENSSL-2069.NASL", "SUSE_OPENSSL-2082.NASL", "SUSE_OPENSSL-2140.NASL", "SUSE_OPENSSL-2141.NASL", "SUSE_OPENSSL-2162.NASL", "SUSE_OPENSSL-2175.NASL", "SUSE_OPENSSL-2349.NASL", "SUSE_OPERA-2181.NASL", "SUSE_PHP5-1590.NASL", "SUSE_SAMBA-1830.NASL", "SUSE_SAMBA-1961.NASL", "SUSE_SA_2005_071.NASL", "SUSE_SA_2006_024.NASL", "SUSE_SA_2006_031.NASL", "SUSE_SA_2006_055.NASL", "SUSE_SA_2006_058.NASL", "SUSE_SA_2006_060.NASL", "SUSE_SA_2006_061.NASL", "SUSE_SA_2006_067.NASL", "UBUNTU_USN-222-1.NASL", "UBUNTU_USN-222-2.NASL", "UBUNTU_USN-314-1.NASL", "UBUNTU_USN-320-1.NASL", "UBUNTU_USN-339-1.NASL", "UBUNTU_USN-349-1.NASL", "UBUNTU_USN-353-1.NASL", "UBUNTU_USN-353-2.NASL", "UBUNTU_USN-375-1.NASL", "UBUNTU_USN-522-1.NASL", "VMWARE_MULTIPLE_VMSA_2008_0005.NASL", "VMWARE_VMSA-2008-0013.NASL", "XEROX_XRX07_001.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2006-2937", "OPENSSL:CVE-2006-2940", "OPENSSL:CVE-2006-3738", "OPENSSL:CVE-2006-4339", "OPENSSL:CVE-2006-4343"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310110173", "OPENVAS:1361412562310121263", "OPENVAS:136141256231057110", "OPENVAS:136141256231057385", "OPENVAS:136141256231057389", "OPENVAS:136141256231057491", "OPENVAS:136141256231057698", "OPENVAS:136141256231057699", "OPENVAS:136141256231065145", "OPENVAS:136141256231065185", "OPENVAS:136141256231065213", "OPENVAS:136141256231065270", "OPENVAS:136141256231065329", "OPENVAS:136141256231065349", "OPENVAS:136141256231065430", "OPENVAS:136141256231065603", "OPENVAS:136141256231066771", "OPENVAS:136141256231067053", "OPENVAS:1361412562310835034", "OPENVAS:1361412562310835119", "OPENVAS:1361412562310835145", "OPENVAS:1361412562310855008", "OPENVAS:1361412562310855013", "OPENVAS:1361412562310855018", "OPENVAS:1361412562310855023", "OPENVAS:1361412562310855030", "OPENVAS:1361412562310855170", "OPENVAS:1361412562310855192", "OPENVAS:1361412562310855238", "OPENVAS:1361412562310855300", "OPENVAS:1361412562310855322", "OPENVAS:1361412562310855346", "OPENVAS:1361412562310855366", "OPENVAS:1361412562310855369", "OPENVAS:1361412562310855376", "OPENVAS:1361412562310855516", "OPENVAS:1361412562310855612", "OPENVAS:1361412562310855640", "OPENVAS:1361412562310855702", "OPENVAS:1361412562310855735", "OPENVAS:1361412562310855742", "OPENVAS:1361412562310855768", "OPENVAS:1361412562310855771", "OPENVAS:1361412562310855780", "OPENVAS:1361412562310855835", "OPENVAS:1361412562310855853", "OPENVAS:1361412562311220191548", "OPENVAS:55974", "OPENVAS:56147", "OPENVAS:56271", "OPENVAS:56723", "OPENVAS:57079", "OPENVAS:57107", "OPENVAS:57110", "OPENVAS:57326", "OPENVAS:57359", "OPENVAS:57360", "OPENVAS:57377", "OPENVAS:57385", "OPENVAS:57389", "OPENVAS:57405", "OPENVAS:57475", "OPENVAS:57478", "OPENVAS:57481", "OPENVAS:57491", "OPENVAS:57507", "OPENVAS:57511", "OPENVAS:57537", "OPENVAS:57567", "OPENVAS:57698", "OPENVAS:57699", "OPENVAS:57726", "OPENVAS:57728", "OPENVAS:57847", "OPENVAS:57883", "OPENVAS:57891", "OPENVAS:57896", "OPENVAS:57904", "OPENVAS:57908", "OPENVAS:57909", "OPENVAS:57937", "OPENVAS:57950", "OPENVAS:58053", "OPENVAS:58159", "OPENVAS:58654", "OPENVAS:61041", "OPENVAS:65145", "OPENVAS:65185", "OPENVAS:65213", "OPENVAS:65270", "OPENVAS:65329", "OPENVAS:65349", "OPENVAS:65430", "OPENVAS:65603", "OPENVAS:66771", "OPENVAS:67053", "OPENVAS:835034", "OPENVAS:835119", "OPENVAS:835145", "OPENVAS:850066", "OPENVAS:855008", "OPENVAS:855013", "OPENVAS:855018", "OPENVAS:855023", "OPENVAS:855030", "OPENVAS:855170", "OPENVAS:855192", "OPENVAS:855238", "OPENVAS:855300", "OPENVAS:855322", "OPENVAS:855346", "OPENVAS:855366", "OPENVAS:855369", "OPENVAS:855376", "OPENVAS:855516", "OPENVAS:855612", "OPENVAS:855640", "OPENVAS:855702", "OPENVAS:855735", "OPENVAS:855742", "OPENVAS:855768", "OPENVAS:855771", "OPENVAS:855780", "OPENVAS:855835", "OPENVAS:855853", "OPENVAS:861185", "OPENVAS:861240", "OPENVAS:861271", "OPENVAS:861278", "OPENVAS:861335", "OPENVAS:861336"]}, {"type": "oraclelinux", "idList": ["ELSA-2006-0661", "ELSA-2006-0667", "ELSA-2006-0669", "ELSA-2006-0695", "ELSA-2006-0730", "ELSA-2015-3022", "ELSA-2019-4581", "ELSA-2019-4747"]}, {"type": "osv", "idList": ["OSV:DSA-1110", "OSV:DSA-1173-1", "OSV:DSA-1174-1", "OSV:DSA-1181-1", "OSV:DSA-1185-2", "OSV:DSA-1195-1", "OSV:DSA-1196-1", "OSV:DSA-1206-1", "OSV:DSA-1974-1", "OSV:DSA-943-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:62019"]}, {"type": "redhat", "idList": ["RHSA-2005:880", "RHSA-2005:881", "RHSA-2006:0276", "RHSA-2006:0501", "RHSA-2006:0568", "RHSA-2006:0591", "RHSA-2006:0661", "RHSA-2006:0667", "RHSA-2006:0695", "RHSA-2006:0730", "RHSA-2006:0731", "RHSA-2007:0062", "RHSA-2007:0072", "RHSA-2007:0073", "RHSA-2008:0264", "RHSA-2008:0525", "RHSA-2008:0629"]}, {"type": "samba", "idList": ["SAMBA:CVE-2006-3403"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:11048", "SECURITYVULNS:DOC:14146", "SECURITYVULNS:DOC:14292", "SECURITYVULNS:DOC:14317", "SECURITYVULNS:DOC:14486", "SECURITYVULNS:DOC:14721", "SECURITYVULNS:DOC:14908", "SECURITYVULNS:DOC:14920", "SECURITYVULNS:DOC:15013", "SECURITYVULNS:DOC:15014", "SECURITYVULNS:DOC:15015", "SECURITYVULNS:DOC:16277", "SECURITYVULNS:DOC:18695", "SECURITYVULNS:DOC:19438", "SECURITYVULNS:VULN:6626", "SECURITYVULNS:VULN:6663"]}, {"type": "seebug", "idList": ["SSV:630", "SSV:641", "SSV:65057", "SSV:7704", "SSV:82273"]}, {"type": "slackware", "idList": ["SSA-2006-195-01", "SSA-2006-257-02", "SSA-2006-262-01", "SSA-2006-272-01", "SSA-2006-307-01", "SSA-2006-310-01"]}, {"type": "suse", "idList": ["SUSE-SA:2005:071", "SUSE-SA:2006:024", "SUSE-SA:2006:031", "SUSE-SA:2006:055", "SUSE-SA:2006:056", "SUSE-SA:2006:058", "SUSE-SA:2006:060", "SUSE-SA:2006:061", "SUSE-SA:2006:067", "SUSE-SA:2007:010"]}, {"type": "threatpost", "idList": ["THREATPOST:DA06EE238F79D261C0FCB61902F3CDBD"]}, {"type": "ubuntu", "idList": ["USN-222-1", "USN-222-2", "USN-314-1", "USN-320-1", "USN-339-1", "USN-349-1", "USN-353-1", "USN-353-2", "USN-375-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2005-3962", "UB:CVE-2006-1490", "UB:CVE-2006-1990", "UB:CVE-2006-2937", "UB:CVE-2006-2940", "UB:CVE-2006-3403", "UB:CVE-2006-3738", "UB:CVE-2006-4182", "UB:CVE-2006-4334", "UB:CVE-2006-4335", "UB:CVE-2006-4336", "UB:CVE-2006-4337", "UB:CVE-2006-4338", "UB:CVE-2006-4339", "UB:CVE-2006-4340", "UB:CVE-2006-4343", "UB:CVE-2006-4482", "UB:CVE-2006-4790", "UB:CVE-2006-5465", "UB:CVE-2007-5135", "UB:CVE-2007-5898", "UB:CVE-2009-2624"]}, {"type": "veracode", "idList": ["VERACODE:23067", "VERACODE:23068", "VERACODE:23069", "VERACODE:23070", "VERACODE:23071"]}, {"type": "vmware", "idList": ["VMSA-2008-0005", "VMSA-2008-0005.1"]}]}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2005:880", "CESA-2005:881", "CESA-2006:0276", "CESA-2006:0501-02", "CESA-2006:0568", "CESA-2006:0591", "CESA-2006:0591-6", "CESA-2006:0661", "CESA-2006:0661-01", "CESA-2006:0667", "CESA-2006:0667-01", "CESA-2006:0695", "CESA-2006:0695-01", "CESA-2006:0730", "CESA-2006:0730-01"]}, {"type": "cert", "idList": ["VU:180864", "VU:191336", "VU:258744", "VU:323424", "VU:371648", "VU:681056", "VU:734032", "VU:800296", "VU:811384", "VU:835936", "VU:848960", "VU:870960"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2008-014"]}, {"type": "checkpoint_security", "idList": ["CPS:SK32088", "CPS:SK32188", "CPS:SK32230", "CPS:SK33695", "CPS:SK33771", "CPS:SK35708"]}, {"type": "cisco", "idList": ["CISCO-SA-20060905-CVE-2007-5810"]}, {"type": "cve", "idList": ["CVE-2005-3962", "CVE-2006-1490", "CVE-2006-1990", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3403", "CVE-2006-3738", "CVE-2006-4182", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338", "CVE-2006-4339", "CVE-2006-4343", "CVE-2006-4396", "CVE-2006-4398", "CVE-2006-4400", "CVE-2006-4401", "CVE-2006-4402", "CVE-2006-4403", "CVE-2006-4404", "CVE-2006-4406", "CVE-2006-4407", "CVE-2006-4408", "CVE-2006-4409", "CVE-2006-4410", "CVE-2006-4411", "CVE-2006-4412", "CVE-2006-5465", "CVE-2006-5710"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1110-1:E5A75"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2006-4336"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:85DFC07A21CE638C0F80271A05CBC86C"]}, {"type": "f5", "idList": ["SOL5794", "SOL6623", "SOL6734", "SOL6804", "SOL8106"]}, {"type": "fedora", "idList": ["FEDORA:L18M7WWK008220"]}, {"type": "freebsd", "idList": ["077C2DCA-8F9A-11DB-AB33-000E0C2E438A", "0F37D765-C5D4-11DB-9F82-000E0C2E438A", "11A84092-8F9F-11DB-AB33-000E0C2E438A", "1FE734BF-4A06-11DB-B48D-00508D6A62DF", "B168DDEA-105A-11DB-AC96-000C6EC775D9", "BB33981A-7AC6-11DA-BF72-00123F589060", "C97D7A37-2233-11DF-96DD-001B2134EF46"]}, {"type": "gentoo", "idList": ["GLSA-200512-01", "GLSA-201408-19"]}, {"type": "jvn", "idList": ["JVN:51615542"]}, {"type": "mozilla", "idList": ["MFSA2006-60"]}, {"type": "nessus", "idList": ["3509.PRM", "CENTOS_RHSA-2006-0591.NASL", "CENTOS_RHSA-2006-0730.NASL", "F5_BIGIP_SOL6734.NASL", "F5_BIGIP_SOL8106.NASL", "FREEBSD_PKG_0F37D765C5D411DB9F82000E0C2E438A.NASL", "GENTOO_GLSA-200611-24.NASL", "HPUX_PHSS_35481.NASL", "MANDRAKE_MDKSA-2006-063.NASL", "MANDRAKE_MDKSA-2006-120.NASL", "MANDRAKE_MDKSA-2006-172.NASL", "MANDRAKE_MDKSA-2006-196.NASL", "ORACLELINUX_ELSA-2006-0695.NASL", "REDHAT-RHSA-2006-0568.NASL", "REDHAT-RHSA-2006-0730.NASL", "REDHAT-RHSA-2007-0073.NASL", "SLACKWARE_SSA_2006-272-01.NASL", "SOLARIS10_119985-02.NASL", "SOLARIS9_113713.NASL", "SOLARIS9_X86_114568.NASL", "SUSE_OPENSSL-2349.NASL", "UBUNTU_USN-222-1.NASL", "UBUNTU_USN-522-1.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2006-2940"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231057389", "OPENVAS:136141256231065603", "OPENVAS:1361412562310855192", "OPENVAS:1361412562310855300", "OPENVAS:1361412562310855366", "OPENVAS:1361412562310855376", "OPENVAS:1361412562310855702", "OPENVAS:1361412562310855742", "OPENVAS:1361412562310855768", "OPENVAS:56723", "OPENVAS:57107", "OPENVAS:57385", "OPENVAS:57567", "OPENVAS:57891", "OPENVAS:57909", "OPENVAS:835145", "OPENVAS:855366"]}, {"type": "oraclelinux", "idList": ["ELSA-2006-0661"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:62019"]}, {"type": "redhat", "idList": ["RHSA-2006:0568", "RHSA-2006:0667", "RHSA-2006:0730"]}, {"type": "samba", "idList": ["SAMBA:CVE-2006-3403"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:11048"]}, {"type": "seebug", "idList": ["SSV:630"]}, {"type": "slackware", "idList": ["SSA-2006-195-01"]}, {"type": "suse", "idList": ["SUSE-SA:2006:058", "SUSE-SA:2007:010"]}, {"type": "threatpost", "idList": ["THREATPOST:DA06EE238F79D261C0FCB61902F3CDBD"]}, {"type": "ubuntu", "idList": ["USN-339-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2006-1990", "UB:CVE-2006-3738", "UB:CVE-2006-4182", "UB:CVE-2006-4339", "UB:CVE-2006-4343"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2005-3962", "epss": "0.001510000", "percentile": "0.495400000", "modified": "2023-03-14"}, {"cve": "CVE-2006-1490", "epss": "0.275700000", "percentile": "0.960610000", "modified": "2023-03-14"}, {"cve": "CVE-2006-1990", "epss": "0.036640000", "percentile": "0.902850000", "modified": "2023-03-14"}, {"cve": "CVE-2006-2937", "epss": "0.153130000", "percentile": "0.949480000", "modified": "2023-03-14"}, {"cve": "CVE-2006-2940", "epss": "0.028380000", "percentile": "0.891140000", "modified": "2023-03-14"}, {"cve": "CVE-2006-3403", "epss": "0.082460000", "percentile": "0.933170000", "modified": "2023-03-14"}, {"cve": "CVE-2006-3738", "epss": "0.968750000", "percentile": "0.994640000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4182", "epss": "0.361810000", "percentile": "0.964880000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4334", "epss": "0.024680000", "percentile": "0.883580000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4335", "epss": "0.020740000", "percentile": "0.872880000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4336", "epss": "0.029450000", "percentile": "0.892880000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4337", "epss": "0.035790000", "percentile": "0.901860000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4338", "epss": "0.029310000", "percentile": "0.892680000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4339", "epss": "0.012220000", "percentile": "0.832000000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4343", "epss": "0.009150000", "percentile": "0.804260000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4396", "epss": "0.000420000", "percentile": "0.004980000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4398", "epss": "0.000420000", "percentile": "0.058110000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4400", "epss": "0.004110000", "percentile": "0.698680000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4401", "epss": "0.015940000", "percentile": "0.853700000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4402", "epss": "0.045820000", "percentile": "0.912530000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4403", "epss": "0.028100000", "percentile": "0.890450000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4404", "epss": "0.010150000", "percentile": "0.814380000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4406", "epss": "0.069810000", "percentile": "0.928530000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4407", "epss": "0.007400000", "percentile": "0.779070000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4408", "epss": "0.031490000", "percentile": "0.895920000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4409", "epss": "0.006430000", "percentile": "0.760910000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4410", "epss": "0.018790000", "percentile": "0.865900000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4411", "epss": "0.000430000", "percentile": "0.058770000", "modified": "2023-03-14"}, {"cve": "CVE-2006-4412", "epss": "0.038930000", "percentile": "0.905560000", "modified": "2023-03-14"}, {"cve": "CVE-2006-5465", "epss": "0.363350000", "percentile": "0.964940000", "modified": "2023-03-14"}, {"cve": "CVE-2006-5710", "epss": "0.107860000", "percentile": "0.941340000", "modified": "2023-03-14"}], "vulnersScore": -0.1}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1660025421, "score": 1660025700, "epss": 1678851499}, "_internal": {"score_hash": "7ed733057be68b4e862e95179d3f9164"}}

{"nessus": [{"lastseen": "2023-02-04T14:30:34", "description": "The remote host is running a version of Mac OS X which does not have the security update 2006-007 applied.\n\nSecurity Update 2006-007 contains several security fixes for the following programs :\n\n - AirPort\n - ATS\n - CFNetwork\n - Finder\n - Font Book\n - Font Importer\n - Installer\n - OpenSSL\n - PHP\n - PPP\n - Samba\n - Security Framework\n - VPN\n - WebKit\n - gnuzip\n - perl", "cvss3": {}, "published": "2006-11-29T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2006-007)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-4396", "CVE-2006-4398", "CVE-2006-4400", "CVE-2006-4401", "CVE-2006-4402", "CVE-2006-4403", "CVE-2006-4404", "CVE-2006-4406", "CVE-2006-4407", "CVE-2006-4408", "CVE-2006-4409", "CVE-2006-4410", "CVE-2006-4411", "CVE-2006-4412", "CVE-2006-5710"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2006-007.NASL", "href": "https://www.tenable.com/plugins/nessus/23740", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(23740);\n script_version (\"1.23\");\n\n script_cve_id(\"CVE-2006-4396\", \"CVE-2006-4398\", \"CVE-2006-4400\", \"CVE-2006-4401\", \"CVE-2006-4402\",\n \"CVE-2006-4403\", \"CVE-2006-4404\", \"CVE-2006-4406\", \"CVE-2006-4407\", \"CVE-2006-4408\",\n \"CVE-2006-4409\", \"CVE-2006-4410\", \"CVE-2006-4411\", \"CVE-2006-4412\", \"CVE-2006-5710\");\n script_bugtraq_id(21335, 20862);\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2006-007)\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update which fixes a security\nissue.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X which does not have\nthe security update 2006-007 applied.\n\nSecurity Update 2006-007 contains several security fixes for the following \nprograms :\n\n - AirPort\n - ATS\n - CFNetwork\n - Finder\n - Font Book\n - Font Importer\n - Installer\n - OpenSSL\n - PHP\n - PPP\n - Samba\n - Security Framework\n - VPN\n - WebKit\n - gnuzip\n - perl\" );\n # http://web.archive.org/web/20061215055354/http://docs.info.apple.com/article.html?artnum=304829\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2ea04761\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Install the missing security update :\n\nFor Mac OS X 10.4 :\nhttp://www.apple.com/support/downloads/securityupdate20060071048clientppc.html\nhttp://www.apple.com/support/downloads/securityupdate20060071048clientintel.html\nhttp://www.apple.com/support/downloads/securityupdate20060071048serverppc.html\n\nFor Mac OS X 10.3 :\nhttp://www.apple.com/support/downloads/securityupdate20060071039client.html\nhttp://www.apple.com/support/downloads/securityupdate20060071039server.html\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\nscript_set_attribute(attribute:\"plugin_publication_date\", value: \"2006/11/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2006/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2006/11/28\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"local\");\nscript_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\nscript_end_attributes();\n\n script_summary(english:\"Check for the version of Mac OS X\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"MacOS X Local Security Checks\");\n script_dependencies(\"ssh_get_info.nasl\",\"mdns.nasl\", \"ntp_open.nasl\");\n script_require_keys(\"Host/MacOSX/packages\");\n exit(0);\n}\n\n#\n\npackages = get_kb_item(\"Host/MacOSX/packages\");\nif ( ! packages ) exit(0);\n\n\nuname = get_kb_item(\"Host/uname\");\nif ( egrep(pattern:\"Darwin.* (7\\.[0-9]\\.|8\\.[0-8]\\.)\", string:uname) )\n{\n if (!egrep(pattern:\"^SecUpd(Srvr)?(2006-007|2007-003)\", string:packages) )\n\t\t security_hole(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:26:36", "description": "NULL Dereference (CVE-2006-4334)\n\nA stack modification vulnerability (where a stack buffer can be modified out of bounds, but not in the traditional stack overrun sense) exists in the LZH decompression support of gzip.\n(CVE-2006-4335)\n\nA .bss buffer underflow exists in gzip's pack support, where a loop from build_tree() does not enforce any lower bound while constructing the prefix table. (CVE-2006-4336)\n\nA .bss buffer overflow vulnerability exists in gzip's LZH support, due to it's inability to handle exceptional input in the make_table() function, a pathological decoding table can be constructed in such a way as to generate counts so high that the rapid growth of `nextcode` exceeds the size of the table[] buffer. (CVE-2006-4337)\n\nA possible infinite loop exists in code from unlzh.c for traversing the branches of a tree structure. This makes it possible to disrupt the operation of automated systems relying on gzip for data decompression, resulting in a minor DoS. (CVE-2006-4338) Updated packages have been patched to address these issues.", "cvss3": {}, "published": "2007-02-18T00:00:00", "type": "nessus", "title": "Mandrake Linux Security Advisory : gzip (MDKSA-2006:167)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:gzip", "cpe:/o:mandriva:linux:2006"], "id": "MANDRAKE_MDKSA-2006-167.NASL", "href": "https://www.tenable.com/plugins/nessus/24553", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2006:167. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24553);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_xref(name:\"MDKSA\", value:\"2006:167\");\n\n script_name(english:\"Mandrake Linux Security Advisory : gzip (MDKSA-2006:167)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandrake Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"NULL Dereference (CVE-2006-4334)\n\nA stack modification vulnerability (where a stack buffer can be\nmodified out of bounds, but not in the traditional stack overrun\nsense) exists in the LZH decompression support of gzip.\n(CVE-2006-4335)\n\nA .bss buffer underflow exists in gzip's pack support, where a loop\nfrom build_tree() does not enforce any lower bound while constructing\nthe prefix table. (CVE-2006-4336)\n\nA .bss buffer overflow vulnerability exists in gzip's LZH support, due\nto it's inability to handle exceptional input in the make_table()\nfunction, a pathological decoding table can be constructed in such a\nway as to generate counts so high that the rapid growth of `nextcode`\nexceeds the size of the table[] buffer. (CVE-2006-4337)\n\nA possible infinite loop exists in code from unlzh.c for traversing\nthe branches of a tree structure. This makes it possible to disrupt\nthe operation of automated systems relying on gzip for data\ndecompression, resulting in a minor DoS. (CVE-2006-4338) Updated\npackages have been patched to address these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gzip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2006\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2006.0\", reference:\"gzip-1.2.4a-15.3.20060mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:15:07", "description": "- Wed Sep 20 2006 Ivana Varekova <varekova at redhat.com> 1.3.5-7.fc5\n\n - fix bug 204676 (patches by Tavis Ormandy)\n\n - CVE-2006-4334 - null dereference problem\n\n - CVE-2006-4335 - buffer overflow problem\n\n - CVE-2006-4336 - buffer underflow problem\n\n - CVE-2006-4338 - infinite loop problem\n\n - CVE-2006-4337 - buffer overflow problem\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2007-01-17T00:00:00", "type": "nessus", "title": "Fedora Core 5 : gzip-1.3.5-7.fc5 (2006-989)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gzip", "p-cpe:/a:fedoraproject:fedora:gzip-debuginfo", "cpe:/o:fedoraproject:fedora_core:5"], "id": "FEDORA_2006-989.NASL", "href": "https://www.tenable.com/plugins/nessus/24183", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2006-989.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24183);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2006-989\");\n\n script_name(english:\"Fedora Core 5 : gzip-1.3.5-7.fc5 (2006-989)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Wed Sep 20 2006 Ivana Varekova <varekova at redhat.com>\n 1.3.5-7.fc5\n\n - fix bug 204676 (patches by Tavis Ormandy)\n\n - CVE-2006-4334 - null dereference problem\n\n - CVE-2006-4335 - buffer overflow problem\n\n - CVE-2006-4336 - buffer underflow problem\n\n - CVE-2006-4338 - infinite loop problem\n\n - CVE-2006-4337 - buffer overflow problem\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2006-October/000649.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?896a5020\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gzip and / or gzip-debuginfo packages.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gzip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 5.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC5\", reference:\"gzip-1.3.5-7.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"gzip-debuginfo-1.3.5-7.fc5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gzip / gzip-debuginfo\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-11T14:27:51", "description": "The remote host is affected by the vulnerability described in GLSA-200609-13 (gzip: Multiple vulnerabilities)\n\n Tavis Ormandy of the Google Security Team has reported multiple vulnerabilities in gzip. A stack buffer modification vulnerability was discovered in the LZH decompression code, where a pathological data stream may result in the modification of stack data such as frame pointer, return address or saved registers. A static buffer underflow was discovered in the pack decompression support, allowing a specially crafted pack archive to underflow a .bss buffer. A static buffer overflow was uncovered in the LZH decompression code, allowing a data stream consisting of pathological huffman codes to overflow a .bss buffer. Multiple infinite loops were also uncovered in the LZH decompression code.\n Impact :\n\n A remote attacker may create a specially crafted gzip archive, which when decompressed by a user or automated system exectues arbitrary code with the privileges of the user id invoking gzip. The infinite loops may be abused by an attacker to disrupt any automated systems invoking gzip to handle data decompression.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2006-09-27T00:00:00", "type": "nessus", "title": "GLSA-200609-13 : gzip: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:gzip", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200609-13.NASL", "href": "https://www.tenable.com/plugins/nessus/22457", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200609-13.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22457);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_xref(name:\"GLSA\", value:\"200609-13\");\n\n script_name(english:\"GLSA-200609-13 : gzip: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200609-13\n(gzip: Multiple vulnerabilities)\n\n Tavis Ormandy of the Google Security Team has reported multiple\n vulnerabilities in gzip. A stack buffer modification vulnerability was\n discovered in the LZH decompression code, where a pathological data\n stream may result in the modification of stack data such as frame\n pointer, return address or saved registers. A static buffer underflow\n was discovered in the pack decompression support, allowing a specially\n crafted pack archive to underflow a .bss buffer. A static buffer\n overflow was uncovered in the LZH decompression code, allowing a data\n stream consisting of pathological huffman codes to overflow a .bss\n buffer. Multiple infinite loops were also uncovered in the LZH\n decompression code.\n \nImpact :\n\n A remote attacker may create a specially crafted gzip archive, which\n when decompressed by a user or automated system exectues arbitrary code\n with the privileges of the user id invoking gzip. The infinite loops\n may be abused by an attacker to disrupt any automated systems invoking\n gzip to handle data decompression.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200609-13\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All gzip users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/gzip-1.3.5-r9'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/09/27\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-arch/gzip\", unaffected:make_list(\"ge 1.3.5-r9\"), vulnerable:make_list(\"lt 1.3.5-r9\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gzip\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:11:04", "description": "Several security issues with gzip have been found that can be exploited to compromise the system in conjunction with other programs while processing malformed archive files. The vulnerabilities have been tracked by Mitre CVE-2006-4334, CVE-2006-4335, CVE-2006-4336, CVE-2006-4337 and CVE-2006-4338.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : gzip (YOU Patch Number 11220)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_11220.NASL", "href": "https://www.tenable.com/plugins/nessus/41099", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41099);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n\n script_name(english:\"SuSE9 Security Update : gzip (YOU Patch Number 11220)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security issues with gzip have been found that can be\nexploited to compromise the system in conjunction with other programs\nwhile processing malformed archive files. The vulnerabilities have\nbeen tracked by Mitre CVE-2006-4334, CVE-2006-4335, CVE-2006-4336,\nCVE-2006-4337 and CVE-2006-4338.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4334.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4335.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4336.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4337.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4338.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 11220.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"gzip-1.3.5-136.13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:28:00", "description": "Updated gzip packages that fix several security issues are now available for Red Hat Enterprise Linux.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe gzip package contains the GNU gzip data compression program.\n\nTavis Ormandy of the Google Security Team discovered two denial of service flaws in the way gzip expanded archive files. If a victim expanded a specially crafted archive, it could cause the gzip executable to hang or crash. (CVE-2006-4334, CVE-2006-4338)\n\nTavis Ormandy of the Google Security Team discovered several code execution flaws in the way gzip expanded archive files. If a victim expanded a specially crafted archive, it could cause the gzip executable to crash or execute arbitrary code. (CVE-2006-4335, CVE-2006-4336, CVE-2006-4337)\n\nUsers of gzip should upgrade to these updated packages, which contain a backported patch and is not vulnerable to these issues.", "cvss3": {}, "published": "2006-09-22T00:00:00", "type": "nessus", "title": "RHEL 2.1 / 3 / 4 : gzip (RHSA-2006:0667)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:gzip", "cpe:/o:redhat:enterprise_linux:2.1", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2006-0667.NASL", "href": "https://www.tenable.com/plugins/nessus/22442", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0667. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22442);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_xref(name:\"RHSA\", value:\"2006:0667\");\n\n script_name(english:\"RHEL 2.1 / 3 / 4 : gzip (RHSA-2006:0667)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated gzip packages that fix several security issues are now\navailable for Red Hat Enterprise Linux.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe gzip package contains the GNU gzip data compression program.\n\nTavis Ormandy of the Google Security Team discovered two denial of\nservice flaws in the way gzip expanded archive files. If a victim\nexpanded a specially crafted archive, it could cause the gzip\nexecutable to hang or crash. (CVE-2006-4334, CVE-2006-4338)\n\nTavis Ormandy of the Google Security Team discovered several code\nexecution flaws in the way gzip expanded archive files. If a victim\nexpanded a specially crafted archive, it could cause the gzip\nexecutable to crash or execute arbitrary code. (CVE-2006-4335,\nCVE-2006-4336, CVE-2006-4337)\n\nUsers of gzip should upgrade to these updated packages, which contain\na backported patch and is not vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4334\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2006:0667\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gzip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/09/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2006:0667\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"gzip-1.3-19.rhel2\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"gzip-1.3.3-13.rhel3\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"gzip-1.3.3-16.rhel4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gzip\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:28:56", "description": "Problem Description Multiple programming errors have been found in gzip which can be triggered when gzip is decompressing files. These errors include insufficient bounds checks in buffer use, a NULL pointer dereference, and a potential infinite loop. Impact The insufficient bounds checks in buffer use can cause gzip to crash, and may permit the execution of arbitrary code. The NULL pointer deference can cause gzip to crash. The infinite loop can cause a Denial-of-Service situation where gzip uses all available CPU time.\nWorkaround No workaround is available.", "cvss3": {}, "published": "2007-06-07T00:00:00", "type": "nessus", "title": "FreeBSD : gzip -- multiple vulnerabilities (11a84092-8f9f-11db-ab33-000e0c2e438a)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:gzip", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_11A840928F9F11DBAB33000E0C2E438A.NASL", "href": "https://www.tenable.com/plugins/nessus/25437", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25437);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_xref(name:\"FreeBSD\", value:\"SA-06:21.gzip\");\n\n script_name(english:\"FreeBSD : gzip -- multiple vulnerabilities (11a84092-8f9f-11db-ab33-000e0c2e438a)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Problem Description Multiple programming errors have been found in\ngzip which can be triggered when gzip is decompressing files. These\nerrors include insufficient bounds checks in buffer use, a NULL\npointer dereference, and a potential infinite loop. Impact The\ninsufficient bounds checks in buffer use can cause gzip to crash, and\nmay permit the execution of arbitrary code. The NULL pointer deference\ncan cause gzip to crash. The infinite loop can cause a\nDenial-of-Service situation where gzip uses all available CPU time.\nWorkaround No workaround is available.\"\n );\n # https://vuxml.freebsd.org/freebsd/11a84092-8f9f-11db-ab33-000e0c2e438a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a46c290a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/06/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gzip<1.3.12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:28:02", "description": "Updated gzip packages that fix several security issues are now available for Red Hat Enterprise Linux.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe gzip package contains the GNU gzip data compression program.\n\nTavis Ormandy of the Google Security Team discovered two denial of service flaws in the way gzip expanded archive files. If a victim expanded a specially crafted archive, it could cause the gzip executable to hang or crash. (CVE-2006-4334, CVE-2006-4338)\n\nTavis Ormandy of the Google Security Team discovered several code execution flaws in the way gzip expanded archive files. If a victim expanded a specially crafted archive, it could cause the gzip executable to crash or execute arbitrary code. (CVE-2006-4335, CVE-2006-4336, CVE-2006-4337)\n\nUsers of gzip should upgrade to these updated packages, which contain a backported patch and is not vulnerable to these issues.", "cvss3": {}, "published": "2006-09-22T00:00:00", "type": "nessus", "title": "CentOS 3 / 4 : gzip (CESA-2006:0667)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:gzip", "cpe:/o:centos:centos:3", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2006-0667.NASL", "href": "https://www.tenable.com/plugins/nessus/22422", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0667 and \n# CentOS Errata and Security Advisory 2006:0667 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22422);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_xref(name:\"RHSA\", value:\"2006:0667\");\n\n script_name(english:\"CentOS 3 / 4 : gzip (CESA-2006:0667)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated gzip packages that fix several security issues are now\navailable for Red Hat Enterprise Linux.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe gzip package contains the GNU gzip data compression program.\n\nTavis Ormandy of the Google Security Team discovered two denial of\nservice flaws in the way gzip expanded archive files. If a victim\nexpanded a specially crafted archive, it could cause the gzip\nexecutable to hang or crash. (CVE-2006-4334, CVE-2006-4338)\n\nTavis Ormandy of the Google Security Team discovered several code\nexecution flaws in the way gzip expanded archive files. If a victim\nexpanded a specially crafted archive, it could cause the gzip\nexecutable to crash or execute arbitrary code. (CVE-2006-4335,\nCVE-2006-4336, CVE-2006-4337)\n\nUsers of gzip should upgrade to these updated packages, which contain\na backported patch and is not vulnerable to these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-September/013266.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?517e38ed\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-September/013268.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a4c7d464\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-September/013270.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29860d2a\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-September/013271.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?049b9f6d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-September/013273.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?02804933\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-September/013274.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0ad76939\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gzip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/09/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"gzip-1.3.3-13.rhel3\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", reference:\"gzip-1.3.3-16.rhel4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gzip\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:29:26", "description": "Tavis Ormandy from the Google Security Team discovered several vulnerabilities in gzip, the GNU compression utility. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2006-4334 A NULL pointer dereference may lead to denial of service if gzip is used in an automated manner.\n\n - CVE-2006-4335 Missing boundary checks may lead to stack modification, allowing execution of arbitrary code.\n\n - CVE-2006-4336 A buffer underflow in the pack support code may lead to execution of arbitrary code.\n\n - CVE-2006-4337 A buffer underflow in the LZH support code may lead to execution of arbitrary code.\n\n - CVE-2006-4338 An infinite loop may lead to denial of service if gzip is used in an automated manner.", "cvss3": {}, "published": "2006-10-14T00:00:00", "type": "nessus", "title": "Debian DSA-1181-1 : gzip - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:gzip", "cpe:/o:debian:debian_linux:3.1"], "id": "DEBIAN_DSA-1181.NASL", "href": "https://www.tenable.com/plugins/nessus/22723", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1181. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22723);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_xref(name:\"DSA\", value:\"1181\");\n\n script_name(english:\"Debian DSA-1181-1 : gzip - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tavis Ormandy from the Google Security Team discovered several\nvulnerabilities in gzip, the GNU compression utility. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2006-4334\n A NULL pointer dereference may lead to denial of service\n if gzip is used in an automated manner.\n\n - CVE-2006-4335\n Missing boundary checks may lead to stack modification,\n allowing execution of arbitrary code.\n\n - CVE-2006-4336\n A buffer underflow in the pack support code may lead to\n execution of arbitrary code.\n\n - CVE-2006-4337\n A buffer underflow in the LZH support code may lead to\n execution of arbitrary code.\n\n - CVE-2006-4338\n An infinite loop may lead to denial of service if gzip\n is used in an automated manner.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-4334\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-4335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-4336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-4337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-4338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-1181\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the gzip package.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.3.5-10sarge2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"gzip\", reference:\"1.3.5-10sarge2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:36:45", "description": "This update fixes several security problems that can be exploited to compromise the system in conjunction with other programs while processing malformated archive files. (CVE-2006-4334 / CVE-2006-4335 / CVE-2006-4336 / CVE-2006-4337 / CVE-2006-4338)", "cvss3": {}, "published": "2007-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : gzip (ZYPP Patch Number 2085)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_GZIP-2085.NASL", "href": "https://www.tenable.com/plugins/nessus/29458", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29458);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n\n script_name(english:\"SuSE 10 Security Update : gzip (ZYPP Patch Number 2085)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security problems that can be exploited to\ncompromise the system in conjunction with other programs while\nprocessing malformated archive files. (CVE-2006-4334 / CVE-2006-4335 /\nCVE-2006-4336 / CVE-2006-4337 / CVE-2006-4338)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4334.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4335.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4336.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4337.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4338.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 2085.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:0, reference:\"gzip-1.3.5-159.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:0, reference:\"gzip-1.3.5-159.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:35:45", "description": "Tavis Ormandy discovered that gzip did not sufficiently verify the validity of gzip or compress archives while unpacking. By tricking an user or automated system into unpacking a specially crafted compressed file, this could be exploited to execute arbitrary code with the user's privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2007-11-10T00:00:00", "type": "nessus", "title": "Ubuntu 5.04 / 5.10 / 6.06 LTS : gzip vulnerabilities (USN-349-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gzip", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:5.10", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-349-1.NASL", "href": "https://www.tenable.com/plugins/nessus/27929", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-349-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27929);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_xref(name:\"USN\", value:\"349-1\");\n\n script_name(english:\"Ubuntu 5.04 / 5.10 / 6.06 LTS : gzip vulnerabilities (USN-349-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tavis Ormandy discovered that gzip did not sufficiently verify the\nvalidity of gzip or compress archives while unpacking. By tricking an\nuser or automated system into unpacking a specially crafted compressed\nfile, this could be exploited to execute arbitrary code with the\nuser's privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/349-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gzip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.04|5\\.10|6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.04 / 5.10 / 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gzip\", pkgver:\"1.3.5-9ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"gzip\", pkgver:\"1.3.5-11ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"gzip\", pkgver:\"1.3.5-12ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gzip\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:33", "description": "From Red Hat Security Advisory 2006:0667 :\n\nUpdated gzip packages that fix several security issues are now available for Red Hat Enterprise Linux.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe gzip package contains the GNU gzip data compression program.\n\nTavis Ormandy of the Google Security Team discovered two denial of service flaws in the way gzip expanded archive files. If a victim expanded a specially crafted archive, it could cause the gzip executable to hang or crash. (CVE-2006-4334, CVE-2006-4338)\n\nTavis Ormandy of the Google Security Team discovered several code execution flaws in the way gzip expanded archive files. If a victim expanded a specially crafted archive, it could cause the gzip executable to crash or execute arbitrary code. (CVE-2006-4335, CVE-2006-4336, CVE-2006-4337)\n\nUsers of gzip should upgrade to these updated packages, which contain a backported patch and is not vulnerable to these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 / 4 : gzip (ELSA-2006-0667)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:gzip", "cpe:/o:oracle:linux:3", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2006-0667.NASL", "href": "https://www.tenable.com/plugins/nessus/67408", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2006:0667 and \n# Oracle Linux Security Advisory ELSA-2006-0667 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67408);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_xref(name:\"RHSA\", value:\"2006:0667\");\n\n script_name(english:\"Oracle Linux 3 / 4 : gzip (ELSA-2006-0667)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2006:0667 :\n\nUpdated gzip packages that fix several security issues are now\navailable for Red Hat Enterprise Linux.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe gzip package contains the GNU gzip data compression program.\n\nTavis Ormandy of the Google Security Team discovered two denial of\nservice flaws in the way gzip expanded archive files. If a victim\nexpanded a specially crafted archive, it could cause the gzip\nexecutable to hang or crash. (CVE-2006-4334, CVE-2006-4338)\n\nTavis Ormandy of the Google Security Team discovered several code\nexecution flaws in the way gzip expanded archive files. If a victim\nexpanded a specially crafted archive, it could cause the gzip\nexecutable to crash or execute arbitrary code. (CVE-2006-4335,\nCVE-2006-4336, CVE-2006-4337)\n\nUsers of gzip should upgrade to these updated packages, which contain\na backported patch and is not vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2006-November/000007.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-March/000084.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gzip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"gzip-1.3.3-13.rhel3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"gzip-1.3.3-13.rhel3\")) flag++;\n\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"gzip-1.3.3-16.rhel4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"gzip-1.3.3-16.rhel4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gzip\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:30:32", "description": "s700_800 11.11 Software Distributor Cumulative Patch : \n\nA potential security vulnerability has been identified with the version of GZIP delivered by HP-UX Software Distributor (SD). The vulnerability could be remotely exploited leading to a Denial of Service (DoS).", "cvss3": {}, "published": "2007-09-25T00:00:00", "type": "nessus", "title": "HP-UX PHCO_35587 : HP-UX Running Software Distributor (SD), Remote Denial of Service (DoS) (HPSBUX02195 SSRT061237 rev.1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-11T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHCO_35587.NASL", "href": "https://www.tenable.com/plugins/nessus/26120", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHCO_35587. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26120);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_bugtraq_id(19488, 20042);\n script_xref(name:\"HP\", value:\"emr_na-c00874667\");\n script_xref(name:\"HP\", value:\"HPSBUX02195\");\n script_xref(name:\"HP\", value:\"SSRT061237\");\n\n script_name(english:\"HP-UX PHCO_35587 : HP-UX Running Software Distributor (SD), Remote Denial of Service (DoS) (HPSBUX02195 SSRT061237 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.11 Software Distributor Cumulative Patch : \n\nA potential security vulnerability has been identified with the\nversion of GZIP delivered by HP-UX Software Distributor (SD). The\nvulnerability could be remotely exploited leading to a Denial of\nService (DoS).\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00874667\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bb18571d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHCO_35587 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.11\"))\n{\n exit(0, \"The host is not affected since PHCO_35587 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHCO_35587\", \"PHCO_38226\", \"PHCO_41200\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.GZIP\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-AGENT\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-CMDS\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-ENG-A-MAN\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-FRE-I-MSG\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-GER-I-MSG\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-HELP\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-HELP\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MAN\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-E-MSG\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-HELP\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MAN\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-JPN-S-MSG\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-KOR-E-MSG\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-B-MSG\", version:\"B.11.11.0612.458\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0106\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0109\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0112\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0203\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0206\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0209\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0212\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0303\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0306\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0309\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0312\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0406\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0412\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0509.428\")) flag++;\nif (hpux_check_patch(app:\"SW-DIST.SD-TCH-H-MSG\", version:\"B.11.11.0612.458\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:16:30", "description": "- Thu Sep 28 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8a-5.4\n\n - fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)\n\n - fix CVE-2006-2940 - parasitic public keys DoS (#207274)\n\n - fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)\n\n - fix CVE-2006-4343 - sslv2 client DoS (#206940)\n\n - Sat Sep 9 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8a-5.3\n\n - fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2007-01-17T00:00:00", "type": "nessus", "title": "Fedora Core 5 : openssl-0.9.8a-5.4 (2006-1004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "p-cpe:/a:fedoraproject:fedora:openssl-debuginfo", "p-cpe:/a:fedoraproject:fedora:openssl-devel", "p-cpe:/a:fedoraproject:fedora:openssl-perl", "cpe:/o:fedoraproject:fedora_core:5"], "id": "FEDORA_2006-1004.NASL", "href": "https://www.tenable.com/plugins/nessus/24028", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2006-1004.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24028);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2006-1004\");\n\n script_name(english:\"Fedora Core 5 : openssl-0.9.8a-5.4 (2006-1004)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Thu Sep 28 2006 Tomas Mraz <tmraz at redhat.com>\n 0.9.8a-5.4\n\n - fix CVE-2006-2937 - mishandled error on ASN.1 parsing\n (#207276)\n\n - fix CVE-2006-2940 - parasitic public keys DoS\n (#207274)\n\n - fix CVE-2006-3738 - buffer overflow in\n SSL_get_shared_ciphers (#206940)\n\n - fix CVE-2006-4343 - sslv2 client DoS (#206940)\n\n - Sat Sep 9 2006 Tomas Mraz <tmraz at redhat.com>\n 0.9.8a-5.3\n\n - fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5\n signatures (#205180)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2006-September/000636.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7928ca04\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 5.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC5\", reference:\"openssl-0.9.8a-5.4\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"openssl-debuginfo-0.9.8a-5.4\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"openssl-devel-0.9.8a-5.4\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"openssl-perl-0.9.8a-5.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-18T15:28:49", "description": "A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as 'parasitic public keys' have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-4339 and CVE-2006-4343.", "cvss3": {}, "published": "2007-10-17T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : compat-openssl097g (compat-openssl097g-2171)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:compat-openssl097g", "p-cpe:/a:novell:opensuse:compat-openssl097g-32bit", "cpe:/o:novell:opensuse:10.1"], "id": "SUSE_COMPAT-OPENSSL097G-2171.NASL", "href": "https://www.tenable.com/plugins/nessus/27187", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update compat-openssl097g-2171.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27187);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\");\n\n script_name(english:\"openSUSE 10 Security Update : compat-openssl097g (compat-openssl097g-2171)\");\n script_summary(english:\"Check for the compat-openssl097g-2171 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow condition within the SSL_get_shared_ciphers()\nfunction and a DoS condition known as 'parasitic public keys' have\nbeen fixed. The later problem allowed attackers to trick the OpenSSL\nengine to spend an extraordinary amount of time to process public\nkeys. The following CAN numbers have been assigned: CVE-2006-2937,\nCVE-2006-2940, CVE-2006-3738, CVE-2006-4339 and CVE-2006-4343.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected compat-openssl097g packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:compat-openssl097g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:compat-openssl097g-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"compat-openssl097g-0.9.7g-13.5\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"compat-openssl097g-32bit-0.9.7g-13.5\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openssl097g\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:30:55", "description": "A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as 'parasitic public keys' have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937 / CVE-2006-2940 / CVE-2006-3738 / CVE-2006-4339 / CVE-2006-4343.", "cvss3": {}, "published": "2007-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : compat-openssl097g (ZYPP Patch Number 2163)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_COMPAT-OPENSSL097G-2163.NASL", "href": "https://www.tenable.com/plugins/nessus/29405", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29405);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\");\n\n script_name(english:\"SuSE 10 Security Update : compat-openssl097g (ZYPP Patch Number 2163)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow condition within the SSL_get_shared_ciphers()\nfunction and a DoS condition known as 'parasitic public keys' have\nbeen fixed. The later problem allowed attackers to trick the OpenSSL\nengine to spend an extraordinary amount of time to process public\nkeys. The following CAN numbers have been assigned: CVE-2006-2937 /\nCVE-2006-2940 / CVE-2006-3738 / CVE-2006-4339 / CVE-2006-4343.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-2937.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-2940.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-3738.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4339.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4343.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 2163.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:0, reference:\"compat-openssl097g-0.9.7g-13.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:0, cpu:\"x86_64\", reference:\"compat-openssl097g-32bit-0.9.7g-13.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:0, reference:\"compat-openssl097g-0.9.7g-13.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:0, cpu:\"x86_64\", reference:\"compat-openssl097g-32bit-0.9.7g-13.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:03:03", "description": "Updated OpenSSL packages are now available to correct several security issues. \n\nThis update has been rated as having important security impact by the Red Hat Security Response Team. \n\nThe OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. \n\nThese vulnerabilities can affect applications which use OpenSSL to parse ASN.1 data from untrusted sources, including SSL servers which enable client authentication and S/MIME applications.\n\nUsers are advised to upgrade to these updated packages, which contain backported patches to correct these issues.\n\nNote: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.\n\n\nFrom Red Hat Security Advisory 2006:0695 :\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). Few applications make use of this vulnerable function and generally it is used only when applications are compiled for debugging.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a flaw in the SSLv2 client code. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343)\n\nDr S. N. Henson of the OpenSSL core team and Open Network Security recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered denial of service vulnerabilities :\n\n* Certain public key types can take disproportionate amounts of time to process, leading to a denial of service. (CVE-2006-2940)\n\n* During parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). This issue does not affect the OpenSSL version distributed in Red Hat Enterprise Linux 2.1.\n\n\nFrom Red Hat Security Advisory 2006:0661 :\n\nDaniel Bleichenbacher recently described an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature.\n\nThe Google Security Team discovered that OpenSSL is vulnerable to this attack. This issue affects applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5.\n(CVE-2006-4339)\n\nThis errata also resolves a problem where a customized ca-bundle.crt file was overwritten when the openssl package was upgraded.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : openssl (ELSA-2006-0695 / ELSA-2006-0661)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl096b", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl-perl", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2006-0661.NASL", "href": "https://www.tenable.com/plugins/nessus/67405", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisories ELSA-2006-0695 / \n# ELSA-2006-0661.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67405);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\");\n script_bugtraq_id(19849);\n script_xref(name:\"RHSA\", value:\"2006:0661\");\n script_xref(name:\"RHSA\", value:\"2006:0695\");\n\n script_name(english:\"Oracle Linux 4 : openssl (ELSA-2006-0695 / ELSA-2006-0661)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated OpenSSL packages are now available to correct several security\nissues. \n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team. \n\nThe OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and protocols. \n\nThese vulnerabilities can affect applications which use OpenSSL to\nparse ASN.1 data from untrusted sources, including SSL servers which\nenable client authentication and S/MIME applications.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to correct these issues.\n\nNote: After installing this update, users are advised to either\nrestart all services that use OpenSSL or restart their system.\n\n\nFrom Red Hat Security Advisory 2006:0695 :\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\nbuffer overflow in the SSL_get_shared_ciphers() utility function. An\nattacker could send a list of ciphers to an application that used this\nfunction and overrun a buffer (CVE-2006-3738). Few applications make\nuse of this vulnerable function and generally it is used only when\napplications are compiled for debugging.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\nflaw in the SSLv2 client code. When a client application used OpenSSL\nto create an SSLv2 connection to a malicious server, that server could\ncause the client to crash. (CVE-2006-4343)\n\nDr S. N. Henson of the OpenSSL core team and Open Network Security\nrecently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk)\nwhich uncovered denial of service vulnerabilities :\n\n* Certain public key types can take disproportionate amounts of time\nto process, leading to a denial of service. (CVE-2006-2940)\n\n* During parsing of certain invalid ASN.1 structures an error\ncondition was mishandled. This can result in an infinite loop which\nconsumed system memory (CVE-2006-2937). This issue does not affect the\nOpenSSL version distributed in Red Hat Enterprise Linux 2.1.\n\n\nFrom Red Hat Security Advisory 2006:0661 :\n\nDaniel Bleichenbacher recently described an attack on PKCS #1 v1.5\nsignatures. Where an RSA key with exponent 3 is used it may be\npossible for an attacker to forge a PKCS #1 v1.5 signature that would\nbe incorrectly verified by implementations that do not check for\nexcess data in the RSA exponentiation result of the signature.\n\nThe Google Security Team discovered that OpenSSL is vulnerable to this\nattack. This issue affects applications that use OpenSSL to verify\nX.509 certificates as well as other uses of PKCS #1 v1.5.\n(CVE-2006-4339)\n\nThis errata also resolves a problem where a customized ca-bundle.crt\nfile was overwritten when the openssl package was upgraded.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2006-November/000009.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 310, 399);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl096b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openssl-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openssl-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openssl-devel-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openssl-devel-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openssl-perl-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openssl-perl-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openssl096b-0.9.6b-22.46\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openssl096b-0.9.6b-22.46\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:31:20", "description": "This update fixes several security problems that can be exploited to compromise the system in conjunction with other programs while processing malformated archive files.\n(CVE-2006-4334,CVE-2006-4335,CVE-2006-4336,CVE-2006-4337,CVE\n\n-2006-4338)", "cvss3": {}, "published": "2007-10-17T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : gzip (gzip-2084)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:gzip", "cpe:/o:novell:opensuse:10.1"], "id": "SUSE_GZIP-2084.NASL", "href": "https://www.tenable.com/plugins/nessus/27261", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update gzip-2084.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27261);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\");\n\n script_name(english:\"openSUSE 10 Security Update : gzip (gzip-2084)\");\n script_summary(english:\"Check for the gzip-2084 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security problems that can be exploited to\ncompromise the system in conjunction with other programs while\nprocessing malformated archive files.\n(CVE-2006-4334,CVE-2006-4335,CVE-2006-4336,CVE-2006-4337,CVE\n\n-2006-4338)\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gzip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"gzip-1.3.5-159.5\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gzip\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:31:08", "description": "The remote host is affected by the vulnerability described in GLSA-200611-24 (LHa: Multiple vulnerabilities)\n\n Tavis Ormandy of the Google Security Team discovered several vulnerabilities in the LZH decompression component used by LHa. The make_table function of unlzh.c contains an array index error and a buffer overflow vulnerability. The build_tree function of unpack.c contains a buffer underflow vulnerability. Additionally, unlzh.c contains a code that could run in an infinite loop.\n Impact :\n\n By enticing a user to uncompress a specially crafted archive, a remote attacker could cause a Denial of Service by CPU consumption or execute arbitrary code with the rights of the user running the application.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2006-11-30T00:00:00", "type": "nessus", "title": "GLSA-200611-24 : LHa: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:lha", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200611-24.NASL", "href": "https://www.tenable.com/plugins/nessus/23746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200611-24.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(23746);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_xref(name:\"GLSA\", value:\"200611-24\");\n\n script_name(english:\"GLSA-200611-24 : LHa: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200611-24\n(LHa: Multiple vulnerabilities)\n\n Tavis Ormandy of the Google Security Team discovered several\n vulnerabilities in the LZH decompression component used by LHa. The\n make_table function of unlzh.c contains an array index error and a\n buffer overflow vulnerability. The build_tree function of unpack.c\n contains a buffer underflow vulnerability. Additionally, unlzh.c\n contains a code that could run in an infinite loop.\n \nImpact :\n\n By enticing a user to uncompress a specially crafted archive, a remote\n attacker could cause a Denial of Service by CPU consumption or execute\n arbitrary code with the rights of the user running the application.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200611-24\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All LHa users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/lha-114i-r6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:lha\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/11/30\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-arch/lha\", unaffected:make_list(\"ge 114i-r6\"), vulnerable:make_list(\"lt 114i-r6\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"LHa\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:02:16", "description": "From Red Hat Security Advisory 2006:0695 :\n\nUpdated OpenSSL packages are now available to correct several security issues.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). Few applications make use of this vulnerable function and generally it is used only when applications are compiled for debugging.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a flaw in the SSLv2 client code. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343)\n\nDr S. N. Henson of the OpenSSL core team and Open Network Security recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered denial of service vulnerabilities :\n\n* Certain public key types can take disproportionate amounts of time to process, leading to a denial of service. (CVE-2006-2940)\n\n* During parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). This issue does not affect the OpenSSL version distributed in Red Hat Enterprise Linux 2.1.\n\nThese vulnerabilities can affect applications which use OpenSSL to parse ASN.1 data from untrusted sources, including SSL servers which enable client authentication and S/MIME applications.\n\nUsers are advised to upgrade to these updated packages, which contain backported patches to correct these issues.\n\nNote: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 : openssl (ELSA-2006-0695)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl-perl", "p-cpe:/a:oracle:linux:openssl096b", "cpe:/o:oracle:linux:3"], "id": "ORACLELINUX_ELSA-2006-0695.NASL", "href": "https://www.tenable.com/plugins/nessus/67411", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2006:0695 and \n# Oracle Linux Security Advisory ELSA-2006-0695 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67411);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_xref(name:\"RHSA\", value:\"2006:0695\");\n\n script_name(english:\"Oracle Linux 3 : openssl (ELSA-2006-0695)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2006:0695 :\n\nUpdated OpenSSL packages are now available to correct several security\nissues.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\nbuffer overflow in the SSL_get_shared_ciphers() utility function. An\nattacker could send a list of ciphers to an application that used this\nfunction and overrun a buffer (CVE-2006-3738). Few applications make\nuse of this vulnerable function and generally it is used only when\napplications are compiled for debugging.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\nflaw in the SSLv2 client code. When a client application used OpenSSL\nto create an SSLv2 connection to a malicious server, that server could\ncause the client to crash. (CVE-2006-4343)\n\nDr S. N. Henson of the OpenSSL core team and Open Network Security\nrecently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk)\nwhich uncovered denial of service vulnerabilities :\n\n* Certain public key types can take disproportionate amounts of time\nto process, leading to a denial of service. (CVE-2006-2940)\n\n* During parsing of certain invalid ASN.1 structures an error\ncondition was mishandled. This can result in an infinite loop which\nconsumed system memory (CVE-2006-2937). This issue does not affect the\nOpenSSL version distributed in Red Hat Enterprise Linux 2.1.\n\nThese vulnerabilities can affect applications which use OpenSSL to\nparse ASN.1 data from untrusted sources, including SSL servers which\nenable client authentication and S/MIME applications.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to correct these issues.\n\nNote: After installing this update, users are advised to either\nrestart all services that use OpenSSL or restart their system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-March/000085.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl096b\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"openssl-0.9.7a-33.21\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"openssl-0.9.7a-33.21\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"openssl-devel-0.9.7a-33.21\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"openssl-devel-0.9.7a-33.21\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"openssl-perl-0.9.7a-33.21\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"openssl-perl-0.9.7a-33.21\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"openssl096b-0.9.6b-16.46\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"openssl096b-0.9.6b-16.46\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl / openssl096b\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-17T14:14:32", "description": "The remote host is affected by the vulnerability described in GLSA-200610-11 (OpenSSL: Multiple vulnerabilities)\n\n Tavis Ormandy and Will Drewry, both of the Google Security Team, discovered that the SSL_get_shared_ciphers() function contains a buffer overflow vulnerability, and that the SSLv2 client code contains a flaw leading to a crash. Additionally Dr. Stephen N. Henson found that the ASN.1 handler contains two Denial of Service vulnerabilities: while parsing an invalid ASN.1 structure and while handling certain types of public key.\n Impact :\n\n An attacker could trigger the buffer overflow vulnerability by sending a malicious suite of ciphers to an application using the vulnerable function, and thus execute arbitrary code with the rights of the user running the application. An attacker could also consume CPU and/or memory by exploiting the Denial of Service vulnerabilities. Finally a malicious server could crash a SSLv2 client through the SSLv2 vulnerability.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2006-10-25T00:00:00", "type": "nessus", "title": "GLSA-200610-11 : OpenSSL: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:openssl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200610-11.NASL", "href": "https://www.tenable.com/plugins/nessus/22914", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200610-11.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22914);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_xref(name:\"GLSA\", value:\"200610-11\");\n\n script_name(english:\"GLSA-200610-11 : OpenSSL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200610-11\n(OpenSSL: Multiple vulnerabilities)\n\n Tavis Ormandy and Will Drewry, both of the Google Security Team,\n discovered that the SSL_get_shared_ciphers() function contains a buffer\n overflow vulnerability, and that the SSLv2 client code contains a flaw\n leading to a crash. Additionally Dr. Stephen N. Henson found that the\n ASN.1 handler contains two Denial of Service vulnerabilities: while\n parsing an invalid ASN.1 structure and while handling certain types of\n public key.\n \nImpact :\n\n An attacker could trigger the buffer overflow vulnerability by sending\n a malicious suite of ciphers to an application using the vulnerable\n function, and thus execute arbitrary code with the rights of the user\n running the application. An attacker could also consume CPU and/or\n memory by exploiting the Denial of Service vulnerabilities. Finally a\n malicious server could crash a SSLv2 client through the SSLv2\n vulnerability.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200610-11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All OpenSSL 0.9.8 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-0.9.8d'\n All OpenSSL 0.9.7 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-0.9.7l'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/openssl\", unaffected:make_list(\"ge 0.9.8d\", \"rge 0.9.7l\"), vulnerable:make_list(\"lt 0.9.8d\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:03:31", "description": "New openssl packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues.", "cvss3": {}, "published": "2006-09-29T00:00:00", "type": "nessus", "title": "Slackware 10.0 / 10.1 / 10.2 / 9.0 / 9.1 / current : openssl (SSA:2006-272-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:openssl", "p-cpe:/a:slackware:slackware_linux:openssl-solibs", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:9.0", "cpe:/o:slackware:slackware_linux:9.1"], "id": "SLACKWARE_SSA_2006-272-01.NASL", "href": "https://www.tenable.com/plugins/nessus/22467", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2006-272-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22467);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_xref(name:\"SSA\", value:\"2006-272-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 9.0 / 9.1 / current : openssl (SSA:2006-272-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New openssl packages are available for Slackware 9.0, 9.1, 10.0,\n10.1, 10.2, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?47ccb197\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl and / or openssl-solibs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl-solibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.0\", pkgname:\"openssl\", pkgver:\"0.9.7l\", pkgarch:\"i386\", pkgnum:\"1_slack9.0\")) flag++;\nif (slackware_check(osver:\"9.0\", pkgname:\"openssl-solibs\", pkgver:\"0.9.7l\", pkgarch:\"i386\", pkgnum:\"1_slack9.0\")) flag++;\n\nif (slackware_check(osver:\"9.1\", pkgname:\"openssl\", pkgver:\"0.9.7l\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\nif (slackware_check(osver:\"9.1\", pkgname:\"openssl-solibs\", pkgver:\"0.9.7l\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"openssl\", pkgver:\"0.9.7l\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\nif (slackware_check(osver:\"10.0\", pkgname:\"openssl-solibs\", pkgver:\"0.9.7l\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"openssl\", pkgver:\"0.9.7l\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\nif (slackware_check(osver:\"10.1\", pkgname:\"openssl-solibs\", pkgver:\"0.9.7l\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"openssl\", pkgver:\"0.9.7l\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\nif (slackware_check(osver:\"10.2\", pkgname:\"openssl-solibs\", pkgver:\"0.9.7l\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"openssl\", pkgver:\"0.9.8d\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8d\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-19T15:06:39", "description": "The remote host is affected by the vulnerability described in GLSA-200612-11 (AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities)\n\n Tavis Ormandy and Will Drewry, both of the Google Security Team, discovered that the SSL_get_shared_ciphers() function contains a buffer overflow vulnerability, and that the SSLv2 client code contains a flaw leading to a crash. Additionally, Dr. Stephen N. Henson found that the ASN.1 handler contains two Denial of Service vulnerabilities: while parsing an invalid ASN.1 structure and while handling certain types of public key.\n Impact :\n\n An attacker could trigger the buffer overflow by sending a malicious suite of ciphers to an application using the vulnerable function, and thus execute arbitrary code with the rights of the user running the application. An attacker could also consume CPU and/or memory by exploiting the Denial of Service vulnerabilities. Finally, a malicious server could crash a SSLv2 client through the SSLv2 vulnerability.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2006-12-14T00:00:00", "type": "nessus", "title": "GLSA-200612-11 : AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:emul-linux-x86-baselibs", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200612-11.NASL", "href": "https://www.tenable.com/plugins/nessus/23863", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200612-11.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(23863);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_bugtraq_id(20246, 20247, 20248, 20249);\n script_xref(name:\"GLSA\", value:\"200612-11\");\n\n script_name(english:\"GLSA-200612-11 : AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200612-11\n(AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities)\n\n Tavis Ormandy and Will Drewry, both of the Google Security Team,\n discovered that the SSL_get_shared_ciphers() function contains a buffer\n overflow vulnerability, and that the SSLv2 client code contains a flaw\n leading to a crash. Additionally, Dr. Stephen N. Henson found that the\n ASN.1 handler contains two Denial of Service vulnerabilities: while\n parsing an invalid ASN.1 structure and while handling certain types of\n public key.\n \nImpact :\n\n An attacker could trigger the buffer overflow by sending a malicious\n suite of ciphers to an application using the vulnerable function, and\n thus execute arbitrary code with the rights of the user running the\n application. An attacker could also consume CPU and/or memory by\n exploiting the Denial of Service vulnerabilities. Finally, a malicious\n server could crash a SSLv2 client through the SSLv2 vulnerability.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200612-11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All AMD64 x86 emulation base libraries users should upgrade to the\n latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/emul-linux-x86-baselibs-2.5.5'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:emul-linux-x86-baselibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/12/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\", \"Host/Gentoo/arch\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\nourarch = get_kb_item(\"Host/Gentoo/arch\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(amd64)$\") audit(AUDIT_ARCH_NOT, \"amd64\", ourarch);\n\nflag = 0;\n\nif (qpkg_check(package:\"app-emulation/emul-linux-x86-baselibs\", arch:\"amd64\", unaffected:make_list(\"ge 2.5.5\"), vulnerable:make_list(\"lt 2.5.5\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"AMD64 x86 emulation base libraries\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T14:25:15", "description": "According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.7l or 0.9.8d. As such, it is affected by multiple vulnerabilities :\n\n - A remote attacker could trigger a denial of service, either via malformed ASN.1 structures or specially crafted public keys. (CVE-2006-2937, CVE-2006-3738)\n\n - A remote attacker could execute arbitrary code on the remote server by exploiting a buffer overflow in the SSL_get_shared_ciphers function. (CVE-2006-2940)\n\n - A remote attacker could crash a client by sending an invalid server Hello. (CVE-2006-4343)", "cvss3": {}, "published": "2012-01-04T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.7l / 0.9.8d Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_0_9_7L_0_9_8D.NASL", "href": "https://www.tenable.com/plugins/nessus/17757", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(17757);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/15 20:50:25\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-3738\", \"CVE-2006-2940\", \"CVE-2006-4343\");\n script_bugtraq_id(20247, 20248, 20249); # 22083 is for Oracle\n\n script_name(english:\"OpenSSL < 0.9.7l / 0.9.8d Multiple Vulnerabilities\");\n script_summary(english:\"Does a banner check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote server is running a version of\nOpenSSL that is earlier than 0.9.7l or 0.9.8d. As such, it is\naffected by multiple vulnerabilities :\n\n - A remote attacker could trigger a denial of service, \n either via malformed ASN.1 structures or specially \n crafted public keys. (CVE-2006-2937, CVE-2006-3738)\n\n - A remote attacker could execute arbitrary code on the \n remote server by exploiting a buffer overflow in the \n SSL_get_shared_ciphers function. (CVE-2006-2940)\n\n - A remote attacker could crash a client by sending an \n invalid server Hello. (CVE-2006-4343)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20060928.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.us-cert.gov/ncas/alerts/ta06-333a\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to OpenSSL 0.9.7l / 0.9.8d or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:make_list('0.9.7l', '0.9.8d'), severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:03:57", "description": "Updated OpenSSL packages are now available to correct several security issues.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). Few applications make use of this vulnerable function and generally it is used only when applications are compiled for debugging.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a flaw in the SSLv2 client code. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343)\n\nDr S. N. Henson of the OpenSSL core team and Open Network Security recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered denial of service vulnerabilities :\n\n* Certain public key types can take disproportionate amounts of time to process, leading to a denial of service. (CVE-2006-2940)\n\n* During parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). This issue does not affect the OpenSSL version distributed in Red Hat Enterprise Linux 2.1.\n\nThese vulnerabilities can affect applications which use OpenSSL to parse ASN.1 data from untrusted sources, including SSL servers which enable client authentication and S/MIME applications.\n\nUsers are advised to upgrade to these updated packages, which contain backported patches to correct these issues.\n\nNote: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.", "cvss3": {}, "published": "2006-10-02T00:00:00", "type": "nessus", "title": "CentOS 3 / 4 : openssl (CESA-2006:0695)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:openssl", "p-cpe:/a:centos:centos:openssl-devel", "p-cpe:/a:centos:centos:openssl-perl", "p-cpe:/a:centos:centos:openssl096b", "cpe:/o:centos:centos:3", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2006-0695.NASL", "href": "https://www.tenable.com/plugins/nessus/22484", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0695 and \n# CentOS Errata and Security Advisory 2006:0695 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22484);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_xref(name:\"RHSA\", value:\"2006:0695\");\n\n script_name(english:\"CentOS 3 / 4 : openssl (CESA-2006:0695)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated OpenSSL packages are now available to correct several security\nissues.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\nbuffer overflow in the SSL_get_shared_ciphers() utility function. An\nattacker could send a list of ciphers to an application that used this\nfunction and overrun a buffer (CVE-2006-3738). Few applications make\nuse of this vulnerable function and generally it is used only when\napplications are compiled for debugging.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\nflaw in the SSLv2 client code. When a client application used OpenSSL\nto create an SSLv2 connection to a malicious server, that server could\ncause the client to crash. (CVE-2006-4343)\n\nDr S. N. Henson of the OpenSSL core team and Open Network Security\nrecently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk)\nwhich uncovered denial of service vulnerabilities :\n\n* Certain public key types can take disproportionate amounts of time\nto process, leading to a denial of service. (CVE-2006-2940)\n\n* During parsing of certain invalid ASN.1 structures an error\ncondition was mishandled. This can result in an infinite loop which\nconsumed system memory (CVE-2006-2937). This issue does not affect the\nOpenSSL version distributed in Red Hat Enterprise Linux 2.1.\n\nThese vulnerabilities can affect applications which use OpenSSL to\nparse ASN.1 data from untrusted sources, including SSL servers which\nenable client authentication and S/MIME applications.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to correct these issues.\n\nNote: After installing this update, users are advised to either\nrestart all services that use OpenSSL or restart their system.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-September/013297.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8c7bb654\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-September/013298.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0c318f6f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-September/013299.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d9b849c1\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-September/013306.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?73087775\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-September/013307.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ee0793d7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl096b\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"openssl-0.9.7a-33.21\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"openssl-devel-0.9.7a-33.21\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"openssl-perl-0.9.7a-33.21\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"openssl096b-0.9.6b-16.46\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"openssl-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"openssl-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"openssl-devel-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"openssl-devel-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"openssl-perl-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"openssl-perl-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"openssl096b-0.9.6b-22.46\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"openssl096b-0.9.6b-22.46\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl / openssl096b\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-17T14:34:41", "description": "According to its model number and software version, the remote host is a Xerox WorkCentre device that reportedly suffers from multiple issues in the ESS / Network Controller that could allow remote execution of arbitrary code on the affected device, initiation of denial of service attacks, and forgery of digital certificates.", "cvss3": {}, "published": "2007-07-01T00:00:00", "type": "nessus", "title": "Xerox WorkCentre Multiple OpenSSL Vulnerabilities (XRX07-001)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/h:xerox:workcentre"], "id": "XEROX_XRX07_001.NASL", "href": "https://www.tenable.com/plugins/nessus/25637", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(25637);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2018/11/15 20:50:24\");\n\n script_cve_id(\n \"CVE-2006-2937\",\n \"CVE-2006-2940\",\n \"CVE-2006-3738\",\n \"CVE-2006-4343\"\n );\n script_bugtraq_id(20246, 20247, 20248, 20249);\n\n script_name(english:\"Xerox WorkCentre Multiple OpenSSL Vulnerabilities (XRX07-001)\");\n script_summary(english:\"Checks Net Controller Software version of Xerox WorkCentre devices\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote multi-function device is affected by multiple issues.\");\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its model number and software version, the remote host\nis a Xerox WorkCentre device that reportedly suffers from multiple\nissues in the ESS / Network Controller that could allow remote\nexecution of arbitrary code on the affected device, initiation of\ndenial of service attacks, and forgery of digital certificates.\"\n );\n # https://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?25874e73\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Apply the P30 patch as described in the Xerox security bulletin\nreferenced above.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:xerox:workcentre\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"xerox_workcentre_detect.nasl\");\n script_require_keys(\"www/xerox_workcentre\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# This function returns TRUE if the version string ver lies in\n# the range [low, high].\nfunction ver_inrange(ver, low, high)\n{\n local_var ver_parts, low_parts, high_parts, i, p, low_p, high_p;\n\n if (isnull(ver) || isnull(low) || isnull(high)) return FALSE;\n\n # Split levels into parts.\n ver_parts = split(ver, sep:\".\", keep:0);\n low_parts = split(low, sep:\".\", keep:0);\n high_parts = split(high, sep:\".\", keep:0);\n\n # Compare each part.\n i = 0;\n while (ver_parts[i] != NULL)\n {\n p = int(ver_parts[i]);\n low_p = int(low_parts[i]);\n if (low_p == NULL) low_p = 0;\n high_p = int(high_parts[i]);\n if (high_p == NULL) high_p = 0;\n\n if (p > low_p && p < high_p) return TRUE;\n if (p < low_p || p > high_p) return FALSE;\n ++i;\n }\n return TRUE;\n}\n\n\n# Check whether the device is vulnerable.\nif (get_kb_item(\"www/xerox_workcentre\"))\n{\n model = get_kb_item_or_exit(\"www/xerox_workcentre/model\");\n ess = get_kb_item_or_exit(\"www/xerox_workcentre/ess\");\n\n # No need to check further if ESS has \".P30\" since that\n # indicates the patch has already been applied.\n if (ess && ess =~ \"\\.P30\") audit(AUDIT_HOST_NOT, \"affected\");\n\n # Test model number and software version against those in Xerox's security bulletin.\n if (\n (\n # nb: models 232/238/245/255/265/275 with ESS in [0, 040.022.00115).\n (model =~ \"^2(3[28]|[4-7]5)\" || model =~ \"Pro 2(3[28]|[4-7]5)\") &&\n ver_inrange(ver:ess, low:\"0.0.0\", high:\"040.022.1031\")\n ) ||\n (\n # nb: models 7655/7665 with ESS in [0, 040.032.53080].\n (model =~ \"^76[56]5\") &&\n ver_inrange(ver:ess, low:\"0.0.0\", high:\"040.032.53081\")\n )\n )\n security_hole(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T16:38:41", "description": "The remote BIG-IP device is missing a patch required by a security advisory.", "cvss3": {}, "published": "2014-10-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Local OpenSSL vulnerabilities (SOL6734)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-11T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL6734.NASL", "href": "https://www.tenable.com/plugins/nessus/78213", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL6734.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78213);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_bugtraq_id(20246, 20247, 20248, 20249, 22083);\n\n script_name(english:\"F5 Networks BIG-IP : Local OpenSSL vulnerabilities (SOL6734)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote BIG-IP device is missing a patch required by a security\nadvisory.\"\n );\n # http://www.openssl.org/news/secadv/20060928.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20060928.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K6734\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL6734.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL6734\";\nvmatrix = make_array();\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"9.2.0-9.2.5\",\"9.4.0-9.4.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"9.3\",\"9.4.2-9.4.8\",\"10\",\"11\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"9.2.0-9.2.5\",\"9.4.0-9.4.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"9.3\",\"9.4.2-9.4.8\",\"10\",\"11\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"9.2.2-9.2.5\",\"9.4.0-9.4.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"9.3\",\"9.4.2-9.4.8\",\"10\",\"11\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"9.0.0-9.1.2\",\"9.2.0-9.2.5\",\"9.4.0-9.4.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"9.1.3\",\"9.3\",\"9.4.2-9.4.8\",\"9.6\",\"10\",\"11\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"9.4.0-9.4.1\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"9.4.2-9.4.8\",\"10\",\"11\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:03:46", "description": "The fix used to correct CVE-2006-2940 introduced code that could lead to the use of uninitialized memory. Such use is likely to cause the application using the openssl library to crash, and has the potential to allow an attacker to cause the execution of arbitrary code. For reference please find below the original advisory text :\n\n Multiple vulnerabilities have been discovered in the OpenSSL cryptographic software package that could allow an attacker to launch a denial of service attack by exhausting system resources or crashing processes on a victim's computer.\n\n - CVE-2006-2937 Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). When the test suite was run against OpenSSL two denial of service vulnerabilities were discovered.\n\n During the parsing of certain invalid ASN1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory.\n\n Any code which uses OpenSSL to parse ASN1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.\n\n - CVE-2006-3738 Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer.\n\n - CVE-2006-4343 Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code. Where a client application uses OpenSSL to make a SSLv2 connection to a malicious server that server could cause the client to crash.\n\n - CVE-2006-2940 Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). When the test suite was run against OpenSSL a DoS was discovered.\n\n Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack.", "cvss3": {}, "published": "2006-10-14T00:00:00", "type": "nessus", "title": "Debian DSA-1185-2 : openssl - denial of service", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:3.1"], "id": "DEBIAN_DSA-1185.NASL", "href": "https://www.tenable.com/plugins/nessus/22727", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1185. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22727);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_xref(name:\"DSA\", value:\"1185\");\n\n script_name(english:\"Debian DSA-1185-2 : openssl - denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The fix used to correct CVE-2006-2940 introduced code that could lead\nto the use of uninitialized memory. Such use is likely to cause the\napplication using the openssl library to crash, and has the potential\nto allow an attacker to cause the execution of arbitrary code. For\nreference please find below the original advisory text :\n\n Multiple vulnerabilities have been discovered in the OpenSSL\n cryptographic software package that could allow an attacker to\n launch a denial of service attack by exhausting system resources or\n crashing processes on a victim's computer.\n\n - CVE-2006-2937\n Dr S N Henson of the OpenSSL core team and Open\n Network Security recently developed an ASN1 test suite\n for NISCC (www.niscc.gov.uk). When the test suite was\n run against OpenSSL two denial of service\n vulnerabilities were discovered.\n\n During the parsing of certain invalid ASN1 structures an error\n condition is mishandled. This can result in an infinite loop which\n consumes system memory.\n\n Any code which uses OpenSSL to parse ASN1 data from untrusted\n sources is affected. This includes SSL servers which enable client\n authentication and S/MIME applications.\n\n - CVE-2006-3738\n Tavis Ormandy and Will Drewry of the Google Security\n Team discovered a buffer overflow in\n SSL_get_shared_ciphers utility function, used by some\n applications such as exim and mysql. An attacker could\n send a list of ciphers that would overrun a buffer.\n\n - CVE-2006-4343\n Tavis Ormandy and Will Drewry of the Google Security\n Team discovered a possible DoS in the sslv2 client\n code. Where a client application uses OpenSSL to make\n a SSLv2 connection to a malicious server that server\n could cause the client to crash.\n\n - CVE-2006-2940\n Dr S N Henson of the OpenSSL core team and Open\n Network Security recently developed an ASN1 test suite\n for NISCC (www.niscc.gov.uk). When the test suite was\n run against OpenSSL a DoS was discovered.\n\n Certain types of public key can take disproportionate amounts of\n time to process. This could be used by an attacker in a denial of\n service attack.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2937\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-3738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-4343\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-1185\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openssl package. Note that services linking against the\nopenssl shared libraries will need to be restarted. Common examples of\nsuch services include most Mail Transport Agents, SSH servers, and web\nservers.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 0.9.7e-3sarge4.\n\nFor the unstable and testing distributions (sid and etch,\nrespectively), these problems will be fixed in version 0.9.7k-3 of the\nopenssl097 compatibility libraries, and version 0.9.8c-3 of the\nopenssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"libssl-dev\", reference:\"0.9.7e-3sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libssl0.9.7\", reference:\"0.9.7e-3sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"openssl\", reference:\"0.9.7e-3sarge4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-17T14:13:37", "description": "Updated OpenSSL packages are now available to correct several security issues.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). Few applications make use of this vulnerable function and generally it is used only when applications are compiled for debugging.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a flaw in the SSLv2 client code. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343)\n\nDr S. N. Henson of the OpenSSL core team and Open Network Security recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered denial of service vulnerabilities :\n\n* Certain public key types can take disproportionate amounts of time to process, leading to a denial of service. (CVE-2006-2940)\n\n* During parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). This issue does not affect the OpenSSL version distributed in Red Hat Enterprise Linux 2.1.\n\nThese vulnerabilities can affect applications which use OpenSSL to parse ASN.1 data from untrusted sources, including SSL servers which enable client authentication and S/MIME applications.\n\nUsers are advised to upgrade to these updated packages, which contain backported patches to correct these issues.\n\nNote: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.", "cvss3": {}, "published": "2006-09-29T00:00:00", "type": "nessus", "title": "RHEL 2.1 / 3 / 4 : openssl (RHSA-2006:0695)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "p-cpe:/a:redhat:enterprise_linux:openssl095a", "p-cpe:/a:redhat:enterprise_linux:openssl096", "p-cpe:/a:redhat:enterprise_linux:openssl096b", "cpe:/o:redhat:enterprise_linux:2.1", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2006-0695.NASL", "href": "https://www.tenable.com/plugins/nessus/22472", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0695. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22472);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_xref(name:\"RHSA\", value:\"2006:0695\");\n\n script_name(english:\"RHEL 2.1 / 3 / 4 : openssl (RHSA-2006:0695)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated OpenSSL packages are now available to correct several security\nissues.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\nbuffer overflow in the SSL_get_shared_ciphers() utility function. An\nattacker could send a list of ciphers to an application that used this\nfunction and overrun a buffer (CVE-2006-3738). Few applications make\nuse of this vulnerable function and generally it is used only when\napplications are compiled for debugging.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\nflaw in the SSLv2 client code. When a client application used OpenSSL\nto create an SSLv2 connection to a malicious server, that server could\ncause the client to crash. (CVE-2006-4343)\n\nDr S. N. Henson of the OpenSSL core team and Open Network Security\nrecently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk)\nwhich uncovered denial of service vulnerabilities :\n\n* Certain public key types can take disproportionate amounts of time\nto process, leading to a denial of service. (CVE-2006-2940)\n\n* During parsing of certain invalid ASN.1 structures an error\ncondition was mishandled. This can result in an infinite loop which\nconsumed system memory (CVE-2006-2937). This issue does not affect the\nOpenSSL version distributed in Red Hat Enterprise Linux 2.1.\n\nThese vulnerabilities can affect applications which use OpenSSL to\nparse ASN.1 data from untrusted sources, including SSL servers which\nenable client authentication and S/MIME applications.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to correct these issues.\n\nNote: After installing this update, users are advised to either\nrestart all services that use OpenSSL or restart their system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-2937\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-2940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-3738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4343\"\n );\n # http://www.openssl.org/news/secadv/20060928.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20060928.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2006:0695\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl095a\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl096\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl096b\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/09/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2006:0695\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"openssl-0.9.6b-46\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"openssl-0.9.6b-46\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"openssl-devel-0.9.6b-46\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"openssl-perl-0.9.6b-46\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"openssl095a-0.9.5a-32\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"openssl096-0.9.6-32\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"openssl-0.9.7a-33.21\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"openssl-devel-0.9.7a-33.21\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"openssl-perl-0.9.7a-33.21\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"openssl096b-0.9.6b-16.46\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"s390\", reference:\"openssl096b-0.9.6b-16.46\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"openssl096b-0.9.6b-16.46\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"openssl-0.9.7a-43.14\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"openssl-devel-0.9.7a-43.14\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"openssl-perl-0.9.7a-43.14\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"openssl096b-0.9.6b-22.46\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"s390\", reference:\"openssl096b-0.9.6b-22.46\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"openssl096b-0.9.6b-22.46\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl / openssl095a / openssl096 / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:28:28", "description": "A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as 'parasitic public keys' have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738 and CVE-2006-4343.", "cvss3": {}, "published": "2007-10-17T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : openssl (openssl-2140)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:openssl-32bit", "p-cpe:/a:novell:opensuse:openssl-devel", "p-cpe:/a:novell:opensuse:openssl-devel-32bit", "cpe:/o:novell:opensuse:10.1"], "id": "SUSE_OPENSSL-2140.NASL", "href": "https://www.tenable.com/plugins/nessus/27368", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openssl-2140.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27368);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n\n script_name(english:\"openSUSE 10 Security Update : openssl (openssl-2140)\");\n script_summary(english:\"Check for the openssl-2140 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow condition within the SSL_get_shared_ciphers()\nfunction and a DoS condition known as 'parasitic public keys' have\nbeen fixed. The later problem allowed attackers to trick the OpenSSL\nengine to spend an extraordinary amount of time to process public\nkeys. The following CAN numbers have been assigned: CVE-2006-2937,\nCVE-2006-2940, CVE-2006-3738 and CVE-2006-4343.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"openssl-0.9.8a-18.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"openssl-devel-0.9.8a-18.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"openssl-32bit-0.9.8a-18.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"openssl-devel-32bit-0.9.8a-18.10\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:23:57", "description": "Several problems have been found in OpenSSL :\n\n- During the parsing of certain invalid ASN1 structures an error condition is mishandled, possibly resulting in an infinite loop.\n\n- A buffer overflow exists in the SSL_get_shared_ciphers function.\n\n- A NULL pointer may be dereferenced in the SSL version 2 client code.\n\nIn addition, many applications using OpenSSL do not perform any validation of the lengths of public keys being used. Impact : Servers which parse ASN1 data from untrusted sources may be vulnerable to a denial of service attack.\n\nAn attacker accessing a server which uses SSL version 2 may be able to execute arbitrary code with the privileges of that server.\n\nA malicious SSL server can cause clients connecting using SSL version 2 to crash.\n\nApplications which perform public key operations using untrusted keys may be vulnerable to a denial of service attack. Workaround : No workaround is available, but not all of the vulnerabilities mentioned affect all applications.", "cvss3": {}, "published": "2007-02-27T00:00:00", "type": "nessus", "title": "FreeBSD : OpenSSL -- Multiple problems in crypto(3) (0f37d765-c5d4-11db-9f82-000e0c2e438a)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:openssl", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_0F37D765C5D411DB9F82000E0C2E438A.NASL", "href": "https://www.tenable.com/plugins/nessus/24719", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24719);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_xref(name:\"FreeBSD\", value:\"SA-06:23.openssl\");\n\n script_name(english:\"FreeBSD : OpenSSL -- Multiple problems in crypto(3) (0f37d765-c5d4-11db-9f82-000e0c2e438a)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several problems have been found in OpenSSL :\n\n- During the parsing of certain invalid ASN1 structures an error\ncondition is mishandled, possibly resulting in an infinite loop.\n\n- A buffer overflow exists in the SSL_get_shared_ciphers function.\n\n- A NULL pointer may be dereferenced in the SSL version 2 client code.\n\nIn addition, many applications using OpenSSL do not perform any\nvalidation of the lengths of public keys being used. Impact : Servers\nwhich parse ASN1 data from untrusted sources may be vulnerable to a\ndenial of service attack.\n\nAn attacker accessing a server which uses SSL version 2 may be able to\nexecute arbitrary code with the privileges of that server.\n\nA malicious SSL server can cause clients connecting using SSL version\n2 to crash.\n\nApplications which perform public key operations using untrusted keys\nmay be vulnerable to a denial of service attack. Workaround : No\nworkaround is available, but not all of the vulnerabilities mentioned\naffect all applications.\"\n );\n # https://vuxml.freebsd.org/freebsd/0f37d765-c5d4-11db-9f82-000e0c2e438a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a3352693\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"openssl<0.9.7l_0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"openssl>=0.9.8<0.9.8d_0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:19:25", "description": "The remote host is missing the patch for the advisory SUSE-SA:2006:058 (openssl).\n\n\nSeveral security problems were found and fixed in the OpenSSL cryptographic library.\n\nCVE-2006-3738/VU#547300:\nA Google security audit found a buffer overflow condition within the SSL_get_shared_ciphers() function which has been fixed.\n\nCVE-2006-4343/VU#386964:\nThe above Google security audit also found that the OpenSSL SSLv2 client code fails to properly check for NULL which could lead to a server program using openssl to crash.\n\nCVE-2006-2937:\nFix mishandling of an error condition in parsing of certain invalid ASN1 structures, which could result in an infinite loop which consumes system memory.\n\nCVE-2006-2940:\nCertain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack to cause the remote side top spend an excessive amount of time in computation.", "cvss3": {}, "published": "2007-02-18T00:00:00", "type": "nessus", "title": "SUSE-SA:2006:058: openssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "SUSE_SA_2006_058.NASL", "href": "https://www.tenable.com/plugins/nessus/24436", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2006:058\n#\n\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif(description)\n{\n script_id(24436);\n script_version(\"1.10\");\n \n name[\"english\"] = \"SUSE-SA:2006:058: openssl\";\n \n script_name(english:name[\"english\"]);\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a vendor-supplied security patch\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the patch for the advisory SUSE-SA:2006:058 (openssl).\n\n\nSeveral security problems were found and fixed in the OpenSSL\ncryptographic library.\n\nCVE-2006-3738/VU#547300:\nA Google security audit found a buffer overflow condition within the\nSSL_get_shared_ciphers() function which has been fixed.\n\nCVE-2006-4343/VU#386964:\nThe above Google security audit also found that the OpenSSL SSLv2\nclient code fails to properly check for NULL which could lead to a\nserver program using openssl to crash.\n\nCVE-2006-2937:\nFix mishandling of an error condition in parsing of certain invalid\nASN1 structures, which could result in an infinite loop which consumes\nsystem memory.\n\nCVE-2006-2940:\nCertain types of public key can take disproportionate amounts of time\nto process. This could be used by an attacker in a denial of service\nattack to cause the remote side top spend an excessive amount of time\nin computation.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"http://www.novell.com/linux/security/advisories/2006_58_openssl.html\" );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\" );\n\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/02/18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n script_end_attributes();\n\n \n summary[\"english\"] = \"Check for the version of the openssl package\";\n script_summary(english:summary[\"english\"]);\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n family[\"english\"] = \"SuSE Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/SuSE/rpm-list\");\n exit(0);\n}\n\ninclude(\"rpm.inc\");\nif ( rpm_check( reference:\"openssl-0.9.7g-2.10\", release:\"SUSE10.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"openssl-devel-0.9.7g-2.10\", release:\"SUSE10.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"openssl-0.9.7d-25.6\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"openssl-devel-0.9.7d-25.6\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"openssl-0.9.7e-3.6\", release:\"SUSE9.3\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"openssl-devel-0.9.7e-3.6\", release:\"SUSE9.3\") )\n{\n security_hole(0);\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-18T15:30:56", "description": "A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as 'parasitic public keys' have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937 / CVE-2006-2940 / CVE-2006-3738 / CVE-2006-4343.", "cvss3": {}, "published": "2007-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 2141)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_OPENSSL-2141.NASL", "href": "https://www.tenable.com/plugins/nessus/29542", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29542);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n\n script_name(english:\"SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 2141)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow condition within the SSL_get_shared_ciphers()\nfunction and a DoS condition known as 'parasitic public keys' have\nbeen fixed. The later problem allowed attackers to trick the OpenSSL\nengine to spend an extraordinary amount of time to process public\nkeys. The following CAN numbers have been assigned: CVE-2006-2937 /\nCVE-2006-2940 / CVE-2006-3738 / CVE-2006-4343.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-2937.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-2940.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-3738.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4343.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 2141.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:0, reference:\"openssl-0.9.8a-18.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:0, reference:\"openssl-devel-0.9.8a-18.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:0, cpu:\"x86_64\", reference:\"openssl-32bit-0.9.8a-18.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:0, cpu:\"x86_64\", reference:\"openssl-devel-32bit-0.9.8a-18.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:0, reference:\"openssl-0.9.8a-18.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:0, reference:\"openssl-devel-0.9.8a-18.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:0, cpu:\"x86_64\", reference:\"openssl-32bit-0.9.8a-18.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:0, cpu:\"x86_64\", reference:\"openssl-devel-32bit-0.9.8a-18.10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:27:59", "description": "New gzip packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix possible security issues.", "cvss3": {}, "published": "2006-09-22T00:00:00", "type": "nessus", "title": "Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : gzip (SSA:2006-262-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2005-0758", "CVE-2005-0988", "CVE-2005-1228", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:gzip", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "cpe:/o:slackware:slackware_linux:9.1"], "id": "SLACKWARE_SSA_2006-262-01.NASL", "href": "https://www.tenable.com/plugins/nessus/22421", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2006-262-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22421);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-0758\", \"CVE-2005-0988\", \"CVE-2005-1228\", \"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_xref(name:\"SSA\", value:\"2006-262-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : gzip (SSA:2006-262-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New gzip packages are available for Slackware 8.1, 9.0, 9.1, 10.0,\n10.1, 10.2, and -current to fix possible security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?366c264f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gzip package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/09/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"gzip\", pkgver:\"1.3.5\", pkgarch:\"i386\", pkgnum:\"1_slack8.1\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"gzip\", pkgver:\"1.3.5\", pkgarch:\"i386\", pkgnum:\"1_slack9.0\")) flag++;\n\nif (slackware_check(osver:\"9.1\", pkgname:\"gzip\", pkgver:\"1.3.5\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"gzip\", pkgver:\"1.3.5\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"gzip\", pkgver:\"1.3.5\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"gzip\", pkgver:\"1.3.5\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"gzip\", pkgver:\"1.3.5\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:29:48", "description": "Dr. Henson of the OpenSSL core team and Open Network Security discovered a mishandled error condition in the ASN.1 parser. By sending specially crafted packet data, a remote attacker could exploit this to trigger an infinite loop, which would render the service unusable and consume all available system memory. (CVE-2006-2937)\n\nCertain types of public key could take disproportionate amounts of time to process. The library now limits the maximum key exponent size to avoid Denial of Service attacks. (CVE-2006-2940)\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() function. By sending specially crafted packets to applications that use this function (like Exim, MySQL, or the openssl command line tool), a remote attacker could exploit this to execute arbitrary code with the server's privileges. (CVE-2006-3738)\n\nTavis Ormandy and Will Drewry of the Google Security Team reported that the get_server_hello() function did not sufficiently check the client's session certificate. This could be exploited to crash clients by remote attackers sending specially crafted SSL responses.\n(CVE-2006-4343).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2007-11-10T00:00:00", "type": "nessus", "title": "Ubuntu 5.04 / 5.10 / 6.06 LTS : openssl vulnerabilities (USN-353-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343", "CVE-2007-5135"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl-dev", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.7", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg", "p-cpe:/a:canonical:ubuntu_linux:openssl", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:5.10", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-353-1.NASL", "href": "https://www.tenable.com/plugins/nessus/27933", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-353-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27933);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2007-5135\");\n script_xref(name:\"USN\", value:\"353-1\");\n\n script_name(english:\"Ubuntu 5.04 / 5.10 / 6.06 LTS : openssl vulnerabilities (USN-353-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dr. Henson of the OpenSSL core team and Open Network Security\ndiscovered a mishandled error condition in the ASN.1 parser. By\nsending specially crafted packet data, a remote attacker could exploit\nthis to trigger an infinite loop, which would render the service\nunusable and consume all available system memory. (CVE-2006-2937)\n\nCertain types of public key could take disproportionate amounts of\ntime to process. The library now limits the maximum key exponent size\nto avoid Denial of Service attacks. (CVE-2006-2940)\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\nbuffer overflow in the SSL_get_shared_ciphers() function. By sending\nspecially crafted packets to applications that use this function (like\nExim, MySQL, or the openssl command line tool), a remote attacker\ncould exploit this to execute arbitrary code with the server's\nprivileges. (CVE-2006-3738)\n\nTavis Ormandy and Will Drewry of the Google Security Team reported\nthat the get_server_hello() function did not sufficiently check the\nclient's session certificate. This could be exploited to crash clients\nby remote attackers sending specially crafted SSL responses.\n(CVE-2006-4343).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/353-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.04|5\\.10|6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.04 / 5.10 / 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libssl-dev\", pkgver:\"0.9.7e-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libssl0.9.7\", pkgver:\"0.9.7e-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"openssl\", pkgver:\"0.9.7e-3ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libssl-dev\", pkgver:\"0.9.7g-1ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libssl0.9.7\", pkgver:\"0.9.7g-1ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"openssl\", pkgver:\"0.9.7g-1ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl-dev\", pkgver:\"0.9.8a-7ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8a-7ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8a-7ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"openssl\", pkgver:\"0.9.8a-7ubuntu0.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl-dev / libssl0.9.7 / libssl0.9.8 / libssl0.9.8-dbg / openssl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:28:28", "description": "An off-by-one error has been identified in the SSL_get_shared_ciphers() routine in the libssl library from OpenSSL, an implementation of Secure Socket Layer cryptographic libraries and utilities. This error could allow an attacker to crash an application making use of OpenSSL's libssl library, or potentially execute arbitrary code in the security context of the user running such an application.", "cvss3": {}, "published": "2007-10-03T00:00:00", "type": "nessus", "title": "Debian DSA-1379-1 : openssl - off-by-one error/buffer overflow", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343", "CVE-2007-5135"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:3.1", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1379.NASL", "href": "https://www.tenable.com/plugins/nessus/26209", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1379. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26209);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2007-5135\");\n script_xref(name:\"DSA\", value:\"1379\");\n\n script_name(english:\"Debian DSA-1379-1 : openssl - off-by-one error/buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An off-by-one error has been identified in the\nSSL_get_shared_ciphers() routine in the libssl library from OpenSSL,\nan implementation of Secure Socket Layer cryptographic libraries and\nutilities. This error could allow an attacker to crash an application\nmaking use of OpenSSL's libssl library, or potentially execute\narbitrary code in the security context of the user running such an\napplication.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1379\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openssl packages.\n\nFor the old stable distribution (sarge), this problem has been fixed\nin version 0.9.7e-3sarge5.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 0.9.8c-4etch1.\n\nFor the unstable and testing distributions (sid and lenny,\nrespectively), this problem has been fixed in version 0.9.8e-9.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"libssl-dev\", reference:\"0.9.7e-3sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libssl0.9.7\", reference:\"0.9.7e-3sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"openssl\", reference:\"0.9.7e-3sarge5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libssl-dev\", reference:\"0.9.8c-4etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libssl0.9.8\", reference:\"0.9.8c-4etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libssl0.9.8-dbg\", reference:\"0.9.8c-4etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"openssl\", reference:\"0.9.8c-4etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:24:40", "description": "Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).\nWhen the test suite was run against OpenSSL two denial of service vulnerabilities were discovered.\n\nDuring the parsing of certain invalid ASN1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory. (CVE-2006-2937)\n\nCertain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack. (CVE-2006-2940)\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer. (CVE-2006-3738)\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code. Where a client application uses OpenSSL to make a SSLv2 connection to a malicious server that server could cause the client to crash. (CVE-2006-4343)\n\nUpdated packages are patched to address these issues.\n\nUpdate :\n\nThere was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.", "cvss3": {}, "published": "2007-02-18T00:00:00", "type": "nessus", "title": "Mandrake Linux Security Advisory : openssl (MDKSA-2006:172-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343", "CVE-2007-5135"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64openssl0.9.7", "p-cpe:/a:mandriva:linux:lib64openssl0.9.7-devel", "p-cpe:/a:mandriva:linux:lib64openssl0.9.7-static-devel", "p-cpe:/a:mandriva:linux:lib64openssl0.9.8", "p-cpe:/a:mandriva:linux:lib64openssl0.9.8-devel", "p-cpe:/a:mandriva:linux:lib64openssl0.9.8-static-devel", "p-cpe:/a:mandriva:linux:libopenssl0.9.7", "p-cpe:/a:mandriva:linux:libopenssl0.9.7-devel", "p-cpe:/a:mandriva:linux:libopenssl0.9.7-static-devel", "p-cpe:/a:mandriva:linux:libopenssl0.9.8", "p-cpe:/a:mandriva:linux:libopenssl0.9.8-devel", "p-cpe:/a:mandriva:linux:libopenssl0.9.8-static-devel", "p-cpe:/a:mandriva:linux:openssl", "cpe:/o:mandriva:linux:2006", "cpe:/o:mandriva:linux:2007"], "id": "MANDRAKE_MDKSA-2006-172.NASL", "href": "https://www.tenable.com/plugins/nessus/24558", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2006:172. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24558);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2007-5135\");\n script_xref(name:\"MDKSA\", value:\"2006:172-1\");\n\n script_name(english:\"Mandrake Linux Security Advisory : openssl (MDKSA-2006:172-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dr S N Henson of the OpenSSL core team and Open Network Security\nrecently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).\nWhen the test suite was run against OpenSSL two denial of service\nvulnerabilities were discovered.\n\nDuring the parsing of certain invalid ASN1 structures an error\ncondition is mishandled. This can result in an infinite loop which\nconsumes system memory. (CVE-2006-2937)\n\nCertain types of public key can take disproportionate amounts of time\nto process. This could be used by an attacker in a denial of service\nattack. (CVE-2006-2940)\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\nbuffer overflow in the SSL_get_shared_ciphers utility function, used\nby some applications such as exim and mysql. An attacker could send a\nlist of ciphers that would overrun a buffer. (CVE-2006-3738)\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\npossible DoS in the sslv2 client code. Where a client application uses\nOpenSSL to make a SSLv2 connection to a malicious server that server\ncould cause the client to crash. (CVE-2006-4343)\n\nUpdated packages are patched to address these issues.\n\nUpdate :\n\nThere was an error in the original published patches for\nCVE-2006-2940. New packages have corrected this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.7-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.7-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.7-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.7-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2006\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.7-0.9.7g-2.5.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libopenssl0.9.7-0.9.7g-2.5.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"openssl-0.9.7g-2.5.20060mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-0.9.8b-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libopenssl0.9.8-0.9.8b-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"openssl-0.9.8b-2.2mdv2007.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:28:30", "description": "F5 Product Development has determined that the BIG-IP and Enterprise Manager products use a vulnerable version of OpenSSL; however, the vulnerable code is not used in either TMM or in Apache on the BIG-IP system. The vulnerability is considered to be a local vulnerability and cannot be exploited remotely.", "cvss3": {}, "published": "2015-09-18T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : OpenSSL SSL_get_shared_ciphers vulnerability (SOL8106)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343", "CVE-2007-5135"], "modified": "2021-01-11T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL8106.NASL", "href": "https://www.tenable.com/plugins/nessus/86017", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL8106.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86017);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2007-5135\");\n script_bugtraq_id(25831);\n\n script_name(english:\"F5 Networks BIG-IP : OpenSSL SSL_get_shared_ciphers vulnerability (SOL8106)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"F5 Product Development has determined that the BIG-IP and Enterprise\nManager products use a vulnerable version of OpenSSL; however, the\nvulnerable code is not used in either TMM or in Apache on the BIG-IP\nsystem. The vulnerability is considered to be a local vulnerability\nand cannot be exploited remotely.\"\n );\n # http://www.openssl.org/news/secadv/20071012.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20071012.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K8106\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL8106.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL8106\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"9.3.0\",\"9.4.2-9.4.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"9.2\",\"9.3.1\",\"9.4.5-9.4.8\",\"10\",\"11\",\"9.2\",\"9.4.0-9.4.1\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"9.3.0\",\"9.4.2-9.4.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"9.2\",\"9.3.1\",\"9.4.5-9.4.8\",\"10\",\"11\",\"9.2\",\"9.4.0-9.4.1\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"9.3.0\",\"9.4.2-9.4.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"9.2\",\"9.3.1\",\"9.4.5-9.4.8\",\"10\",\"11\",\"9.2\",\"9.4.0-9.4.1\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"9.1.3\",\"9.3.0\",\"9.4.2-9.4.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"9.0.0-9.1.3\",\"9.2\",\"9.3.1\",\"9.4.5-9.4.8\",\"9.6\",\"10\",\"11\",\"9.0.0-9.1.2\",\"9.2\",\"9.4.0-9.4.1\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"9.4.2-9.4.4\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"9.4.5-9.4.8\",\"10\",\"11\",\"9.4.0-9.4.1\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-17T14:13:29", "description": "The remote host is using a version of OpenSSL that is older than 0.9.6m or 0.9.7d There are several bugs in this version of OpenSSL that may allow an attacker to either execute remote code or cause a Denial of Service (DoS).", "cvss3": {}, "published": "2006-09-28T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.7l / 0.9.8d Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "3755.PRM", "href": "https://www.tenable.com/plugins/nnm/3755", "sourceData": "Binary data 3755.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:03:52", "description": "Multiple vulnerabilities have been discovered in the OpenSSL cryptographic software package that could allow an attacker to launch a denial of service attack by exhausting system resources or crashing processes on a victim's computer.\n\n - CVE-2006-3738 Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer.\n\n - CVE-2006-4343 Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code.\n Where a client application uses OpenSSL to make a SSLv2 connection to a malicious server that server could cause the client to crash.\n\n - CVE-2006-2940 Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC ( www.niscc.gov.uk). When the test suite was run against OpenSSL a DoS was discovered.\n\n Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack.", "cvss3": {}, "published": "2006-10-20T00:00:00", "type": "nessus", "title": "Debian DSA-1195-1 : openssl096 - denial of service (multiple)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl096", "cpe:/o:debian:debian_linux:3.1"], "id": "DEBIAN_DSA-1195.NASL", "href": "https://www.tenable.com/plugins/nessus/22881", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1195. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22881);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_bugtraq_id(20246, 20247, 20249);\n script_xref(name:\"DSA\", value:\"1195\");\n\n script_name(english:\"Debian DSA-1195-1 : openssl096 - denial of service (multiple)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in the OpenSSL\ncryptographic software package that could allow an attacker to launch\na denial of service attack by exhausting system resources or crashing\nprocesses on a victim's computer.\n\n - CVE-2006-3738\n Tavis Ormandy and Will Drewry of the Google Security\n Team discovered a buffer overflow in\n SSL_get_shared_ciphers utility function, used by some\n applications such as exim and mysql. An attacker could\n send a list of ciphers that would overrun a buffer.\n\n - CVE-2006-4343\n Tavis Ormandy and Will Drewry of the Google Security\n Team discovered a possible DoS in the sslv2 client code.\n Where a client application uses OpenSSL to make a SSLv2\n connection to a malicious server that server could cause\n the client to crash.\n\n - CVE-2006-2940\n Dr S N Henson of the OpenSSL core team and Open Network\n Security recently developed an ASN1 test suite for NISCC\n ( www.niscc.gov.uk). When the test suite was run against\n OpenSSL a DoS was discovered.\n\n Certain types of public key can take disproportionate amounts of\n time to process. This could be used by an attacker in a denial of\n service attack.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-3738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-4343\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-2940\"\n );\n # http://www.niscc.gov.uk/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.cpni.gov.uk/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-1195\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openssl096 package. Note that services linking against the\nopenssl shared libraries will need to be restarted. Common examples of\nsuch services include most Mail Transport Agents, SSH servers, and web\nservers.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 0.9.6m-1sarge4.\n\nThis package exists only for compatibility with older software, and is\nnot present in the unstable or testing branches of Debian.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl096\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/20\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"libssl0.9.6\", reference:\"0.9.6m-1sarge4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:24:35", "description": "Openssl recently had several vulnerabilities which were patched (CVE-2006-2937,2940,3738,4339, 4343). Some versions of ntp are built against a static copy of the SSL libraries. As a precaution an updated copy built against the new libraries in being made available.", "cvss3": {}, "published": "2007-02-18T00:00:00", "type": "nessus", "title": "Mandrake Linux Security Advisory : ntp (MDKSA-2006:178)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2006-5201", "CVE-2006-7140", "CVE-2007-5135"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:ntp", "p-cpe:/a:mandriva:linux:ntp-client", "cpe:/o:mandriva:linux:2006", "cpe:/o:mandriva:linux:2007"], "id": "MANDRAKE_MDKSA-2006-178.NASL", "href": "https://www.tenable.com/plugins/nessus/24564", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2006:178. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24564);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\", \"CVE-2006-5201\", \"CVE-2006-7140\", \"CVE-2007-5135\");\n script_bugtraq_id(19849, 20246, 20248, 20249);\n script_xref(name:\"MDKSA\", value:\"2006:178\");\n\n script_name(english:\"Mandrake Linux Security Advisory : ntp (MDKSA-2006:178)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Openssl recently had several vulnerabilities which were patched\n(CVE-2006-2937,2940,3738,4339, 4343). Some versions of ntp are built\nagainst a static copy of the SSL libraries. As a precaution an updated\ncopy built against the new libraries in being made available.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ntp and / or ntp-client packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ntp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2006\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2006.0\", reference:\"ntp-4.2.0-21.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"ntp-client-4.2.0-21.2.20060mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK2007.0\", reference:\"ntp-4.2.0-31.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"ntp-client-4.2.0-31.2mdv2007.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:23:57", "description": "Openssl recently had several vulnerabilities which were patched (CVE-2006-2937,2940,3738,4339, 4343). Some MySQL versions are built against a static copy of the SSL libraries. As a precaution an updated copy built against the new libraries in being made available.", "cvss3": {}, "published": "2007-02-18T00:00:00", "type": "nessus", "title": "Mandrake Linux Security Advisory : MySQL (MDKSA-2006:177)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2006-5201", "CVE-2006-7140", "CVE-2007-5135"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:MySQL", "p-cpe:/a:mandriva:linux:MySQL-Max", "p-cpe:/a:mandriva:linux:MySQL-NDB", "p-cpe:/a:mandriva:linux:MySQL-bench", "p-cpe:/a:mandriva:linux:MySQL-client", "p-cpe:/a:mandriva:linux:MySQL-common", "p-cpe:/a:mandriva:linux:lib64mysql14", "p-cpe:/a:mandriva:linux:lib64mysql14-devel", "p-cpe:/a:mandriva:linux:libmysql14", "p-cpe:/a:mandriva:linux:libmysql14-devel", "cpe:/o:mandriva:linux:2006"], "id": "MANDRAKE_MDKSA-2006-177.NASL", "href": "https://www.tenable.com/plugins/nessus/24563", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2006:177. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24563);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\", \"CVE-2006-5201\", \"CVE-2006-7140\", \"CVE-2007-5135\");\n script_bugtraq_id(19849, 20246, 20248, 20249);\n script_xref(name:\"MDKSA\", value:\"2006:177\");\n\n script_name(english:\"Mandrake Linux Security Advisory : MySQL (MDKSA-2006:177)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Openssl recently had several vulnerabilities which were patched\n(CVE-2006-2937,2940,3738,4339, 4343). Some MySQL versions are built\nagainst a static copy of the SSL libraries. As a precaution an updated\ncopy built against the new libraries in being made available.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-NDB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql14\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql14-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql14\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql14-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2006\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2006.0\", reference:\"MySQL-4.1.12-4.10.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"MySQL-Max-4.1.12-4.10.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"MySQL-NDB-4.1.12-4.10.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"MySQL-bench-4.1.12-4.10.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"MySQL-client-4.1.12-4.10.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"MySQL-common-4.1.12-4.10.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64mysql14-4.1.12-4.10.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"x86_64\", reference:\"lib64mysql14-devel-4.1.12-4.10.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libmysql14-4.1.12-4.10.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", cpu:\"i386\", reference:\"libmysql14-devel-4.1.12-4.10.20060mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-19T14:40:39", "description": "SunOS 5.10_x86: libssl patch.\nDate this patch was last updated by Sun : Apr/23/07", "cvss3": {}, "published": "2005-12-07T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 121230-02", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2006-5201", "CVE-2006-7140", "CVE-2007-5135"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "SOLARIS10_X86_121230.NASL", "href": "https://www.tenable.com/plugins/nessus/20275", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n# @DEPRECATED@\n#\n# This script has been deprecated as the associated patch is not\n# currently a recommended security fix.\n#\n# Disabled on 2011/10/24.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif(description)\n{\n script_id(20275);\n script_version(\"1.36\");\n\n script_name(english: \"Solaris 10 (x86) : 121230-02\");\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\", \"CVE-2006-5201\", \"CVE-2006-7140\", \"CVE-2007-5135\");\n script_set_attribute(attribute: \"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 121230-02\");\n script_set_attribute(attribute: \"description\", value:\n'SunOS 5.10_x86: libssl patch.\nDate this patch was last updated by Sun : Apr/23/07');\n script_set_attribute(attribute: \"solution\", value:\n\"You should install this patch for your system to be up-to-date.\");\n script_set_attribute(attribute: \"see_also\", value:\n\"http://download.oracle.com/sunalerts/1001144.1.html\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/12/07\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2006/09/05\");\n script_end_attributes();\n\n script_summary(english: \"Check for patch 121230-02\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n family[\"english\"] = \"Solaris Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Solaris/showrev\");\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"The associated patch is not currently a recommended security fix.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-19T14:34:59", "description": "SunOS 5.10_x86: libssl patch.\nDate this patch was last updated by Sun : Apr/23/07", "cvss3": {}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 121230-02", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2006-5201", "CVE-2006-7140", "CVE-2007-5135"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:121230", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_121230-02.NASL", "href": "https://www.tenable.com/plugins/nessus/107877", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107877);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\", \"CVE-2006-5201\", \"CVE-2006-7140\", \"CVE-2007-5135\");\n\n script_name(english:\"Solaris 10 (x86) : 121230-02\");\n script_summary(english:\"Check for patch 121230-02\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 121230-02\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10_x86: libssl patch.\nDate this patch was last updated by Sun : Apr/23/07\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://download.oracle.com/sunalerts/1001144.1.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 121230-02\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:121230\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"121230-02\", obsoleted_by:\"127112-08 127128-11 126254-01 \", package:\"SUNWopenssl-include\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"121230-02\", obsoleted_by:\"127112-08 127128-11 126254-01 \", package:\"SUNWopenssl-libraries\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWopenssl-include / SUNWopenssl-libraries\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-19T14:13:47", "description": "SunOS 5.9_x86: pkg utilities Patch.\nDate this patch was last updated by Sun : Apr/05/11", "cvss3": {}, "published": "2004-07-12T00:00:00", "type": "nessus", "title": "Solaris 9 (x86) : 114568-29", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343", "CVE-2007-5135", "CVE-2011-0412"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS9_X86_114568.NASL", "href": "https://www.tenable.com/plugins/nessus/13606", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(13606);\n script_version(\"1.45\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2007-5135\", \"CVE-2011-0412\");\n\n script_name(english:\"Solaris 9 (x86) : 114568-29\");\n script_summary(english:\"Check for patch 114568-29\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 114568-29\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.9_x86: pkg utilities Patch.\nDate this patch was last updated by Sun : Apr/05/11\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/114568-29\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"114568-29\", obsoleted_by:\"122715-03 \", package:\"SUNWhea\", version:\"11.9.0,REV=2002.11.04.02.51\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"114568-29\", obsoleted_by:\"122715-03 \", package:\"SUNWcsu\", version:\"11.9.0,REV=2002.11.04.02.51\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"114568-29\", obsoleted_by:\"122715-03 \", package:\"SUNWcsr\", version:\"11.9.0,REV=2002.11.04.02.51\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"114568-29\", obsoleted_by:\"122715-03 \", package:\"SUNWarc\", version:\"11.9.0,REV=2002.11.04.02.51\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());\n else security_hole(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:29:27", "description": "It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes.\n(CVE-2007-3108)\n\nMoritz Jodeit discovered that OpenSSL's SSL_get_shared_ciphers function did not correctly check the size of the buffer it was writing to. A remote attacker could exploit this to write one NULL byte past the end of an application's cipher list buffer, possibly leading to arbitrary code execution or a denial of service. (CVE-2007-5135).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2007-11-10T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 : openssl vulnerabilities (USN-522-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343", "CVE-2007-3108", "CVE-2007-5135"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl-dev", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg", "p-cpe:/a:canonical:ubuntu_linux:openssl", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:6.10", "cpe:/o:canonical:ubuntu_linux:7.04"], "id": "UBUNTU_USN-522-1.NASL", "href": "https://www.tenable.com/plugins/nessus/28127", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-522-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28127);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2007-3108\", \"CVE-2007-5135\");\n script_xref(name:\"USN\", value:\"522-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 : openssl vulnerabilities (USN-522-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that OpenSSL did not correctly perform Montgomery\nmultiplications. Local attackers might be able to reconstruct RSA\nprivate keys by examining another user's OpenSSL processes.\n(CVE-2007-3108)\n\nMoritz Jodeit discovered that OpenSSL's SSL_get_shared_ciphers\nfunction did not correctly check the size of the buffer it was writing\nto. A remote attacker could exploit this to write one NULL byte past\nthe end of an application's cipher list buffer, possibly leading to\narbitrary code execution or a denial of service. (CVE-2007-5135).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/522-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl-dev\", pkgver:\"0.9.8a-7ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8a-7ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8a-7ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"openssl\", pkgver:\"0.9.8a-7ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libssl-dev\", pkgver:\"0.9.8b-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8b-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8b-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"openssl\", pkgver:\"0.9.8b-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libssl-dev\", pkgver:\"0.9.8c-4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8c-4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8c-4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"openssl\", pkgver:\"0.9.8c-4ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl-dev / libssl0.9.8 / libssl0.9.8-dbg / openssl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T14:19:37", "description": "SunOS 5.9: pkg utilities Patch.\nDate this patch was last updated by Sun : Apr/05/11", "cvss3": {}, "published": "2004-07-12T00:00:00", "type": "nessus", "title": "Solaris 9 (sparc) : 113713-30", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343", "CVE-2007-5135", "CVE-2011-0412"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS9_113713.NASL", "href": "https://www.tenable.com/plugins/nessus/13543", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(13543);\n script_version(\"1.44\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2007-5135\", \"CVE-2011-0412\");\n\n script_name(english:\"Solaris 9 (sparc) : 113713-30\");\n script_summary(english:\"Check for patch 113713-30\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 113713-30\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.9: pkg utilities Patch.\nDate this patch was last updated by Sun : Apr/05/11\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/113713-30\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113713-30\", obsoleted_by:\"117123-10 \", package:\"SUNWhea\", version:\"11.9.0,REV=2002.04.06.15.27\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113713-30\", obsoleted_by:\"117123-10 \", package:\"SUNWcsu\", version:\"11.9.0,REV=2002.04.06.15.27\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113713-30\", obsoleted_by:\"117123-10 \", package:\"SUNWcsr\", version:\"11.9.0,REV=2002.04.06.15.27\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113713-30\", obsoleted_by:\"117123-10 \", package:\"SUNWarc\", version:\"11.9.0,REV=2002.04.06.15.27\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());\n else security_hole(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:32:54", "description": "SunOS 5.10: libssl patch.\nDate this patch was last updated by Sun : Apr/23/07", "cvss3": {}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 121229-02", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2969", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2006-5201", "CVE-2006-7140", "CVE-2007-5135"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:121229", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_121229-02.NASL", "href": "https://www.tenable.com/plugins/nessus/107376", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107376);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-2969\", \"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\", \"CVE-2006-5201\", \"CVE-2006-7140\", \"CVE-2007-5135\");\n\n script_name(english:\"Solaris 10 (sparc) : 121229-02\");\n script_summary(english:\"Check for patch 121229-02\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 121229-02\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10: libssl patch.\nDate this patch was last updated by Sun : Apr/23/07\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://download.oracle.com/sunalerts/1001144.1.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 121229-02\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:121229\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"121229-02\", obsoleted_by:\"120011-14 \", package:\"SUNWcakr\", version:\"11.10.0,REV=2005.08.25.02.12\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"121229-02\", obsoleted_by:\"120011-14 \", package:\"SUNWopenssl-include\", version:\"11.10.0,REV=2005.01.21.15.53\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"121229-02\", obsoleted_by:\"120011-14 \", package:\"SUNWopenssl-libraries\", version:\"11.10.0,REV=2005.01.21.15.53\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWcakr / SUNWopenssl-include / SUNWopenssl-libraries\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T14:42:33", "description": "SunOS 5.10: libssl patch.\nDate this patch was last updated by Sun : Apr/23/07", "cvss3": {}, "published": "2005-12-07T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 121229-02", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2969", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2006-5201", "CVE-2006-7140", "CVE-2007-5135"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "SOLARIS10_121229.NASL", "href": "https://www.tenable.com/plugins/nessus/20272", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n# @DEPRECATED@\n#\n# This script has been deprecated as the associated patch is not\n# currently a recommended security fix.\n#\n# Disabled on 2011/10/24.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif(description)\n{\n script_id(20272);\n script_version(\"1.33\");\n\n script_name(english: \"Solaris 10 (sparc) : 121229-02\");\n script_cve_id(\"CVE-2005-2969\", \"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\", \"CVE-2006-5201\", \"CVE-2006-7140\", \"CVE-2007-5135\");\n script_set_attribute(attribute: \"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 121229-02\");\n script_set_attribute(attribute: \"description\", value:\n'SunOS 5.10: libssl patch.\nDate this patch was last updated by Sun : Apr/23/07');\n script_set_attribute(attribute: \"solution\", value:\n\"You should install this patch for your system to be up-to-date.\");\n script_set_attribute(attribute: \"see_also\", value:\n\"http://download.oracle.com/sunalerts/1001144.1.html\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/12/07\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/10/11\");\n script_end_attributes();\n\n script_summary(english: \"Check for patch 121229-02\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n family[\"english\"] = \"Solaris Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Solaris/showrev\");\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"The associated patch is not currently a recommended security fix.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:28:09", "description": "SunOS 5.9_x86: wanboot and pkg utilities Patch.\nDate this patch was last updated by Sun : Oct/31/11", "cvss3": {}, "published": "2007-10-12T00:00:00", "type": "nessus", "title": "Solaris 9 (x86) : 122715-03", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-4339", "CVE-2006-5201", "CVE-2006-7140"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS9_X86_122715.NASL", "href": "https://www.tenable.com/plugins/nessus/27031", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27031);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-4339\", \"CVE-2006-5201\", \"CVE-2006-7140\");\n\n script_name(english:\"Solaris 9 (x86) : 122715-03\");\n script_summary(english:\"Check for patch 122715-03\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 122715-03\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.9_x86: wanboot and pkg utilities Patch.\nDate this patch was last updated by Sun : Oct/31/11\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/122715-03\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"122715-03\", obsoleted_by:\"\", package:\"SUNWcsu\", version:\"11.9.0,REV=2002.11.04.02.51\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"122715-03\", obsoleted_by:\"\", package:\"SUNWarc\", version:\"11.9.0,REV=2002.11.04.02.51\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"122715-03\", obsoleted_by:\"\", package:\"SUNWwbsup\", version:\"11.9.0,REV=2003.08.06.17.39\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"122715-03\", obsoleted_by:\"\", package:\"SUNWhea\", version:\"11.9.0,REV=2002.11.04.02.51\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"122715-03\", obsoleted_by:\"\", package:\"SUNWcsr\", version:\"11.9.0,REV=2002.11.04.02.51\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());\n else security_hole(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-18T15:26:58", "description": "SunOS 5.9: wanboot and pkg utilities Patch.\nDate this patch was last updated by Sun : Oct/31/11", "cvss3": {}, "published": "2007-09-25T00:00:00", "type": "nessus", "title": "Solaris 9 (sparc) : 117123-10", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-4339", "CVE-2006-5201", "CVE-2006-7140"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS9_117123.NASL", "href": "https://www.tenable.com/plugins/nessus/26166", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26166);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-4339\", \"CVE-2006-5201\", \"CVE-2006-7140\");\n\n script_name(english:\"Solaris 9 (sparc) : 117123-10\");\n script_summary(english:\"Check for patch 117123-10\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 117123-10\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.9: wanboot and pkg utilities Patch.\nDate this patch was last updated by Sun : Oct/31/11\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/117123-10\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"117123-10\", obsoleted_by:\"\", package:\"SUNWhea\", version:\"11.9.0,REV=2002.04.06.15.27\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"117123-10\", obsoleted_by:\"\", package:\"SUNWcar\", version:\"11.9.0,REV=2002.04.09.12.25\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"117123-10\", obsoleted_by:\"\", package:\"SUNWwbsup\", version:\"11.9.0,REV=2003.08.06.16.53\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"117123-10\", obsoleted_by:\"\", package:\"SUNWcsu\", version:\"11.9.0,REV=2002.04.06.15.27\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"117123-10\", obsoleted_by:\"\", package:\"SUNWcsr\", version:\"11.9.0,REV=2002.04.06.15.27\") < 0) flag++;\nif (solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"117123-10\", obsoleted_by:\"\", package:\"SUNWarc\", version:\"11.9.0,REV=2002.04.06.15.27\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());\n else security_hole(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-18T14:49:00", "description": "Red Hat Network Satellite Server version 5.1.1 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThis release corrects several security vulnerabilities in components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications.\n\nSeveral flaws in Zlib were discovered. An attacker could create a carefully-crafted compressed stream that would cause an application to crash if the stream was opened by a user. (CVE-2005-2096, CVE-2005-1849)\n\nA buffer overflow was discovered in the OpenSSL SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738).\n\nA flaw in the SSLv2 client code was discovered. If a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343)\n\nAn attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an RSA key with exponent 3 was used an attacker could, potentially, forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. This issue affected applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339)\n\nOpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. It is enabled in most servers that use OpenSSL to provide support for SSL and TLS. This work-around was vulnerable to a man-in-the-middle attack which allowed a remote user to force an SSL connection to use SSL 2.0, rather than a stronger protocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969)\n\nDuring OpenSSL parsing of certain invalid ASN.1 structures, an error condition was mishandled. This could result in an infinite loop which consumed system memory (CVE-2006-2937).\n\nCertain public key types could take disproportionate amounts of time to process in OpenSSL, leading to a denial of service. (CVE-2006-2940)\n\nA flaw was discovered in the Python repr() function's handling of UTF-32/UCS-4 strings. If an application used the repr() function on untrusted data, this could lead to a denial of service or, possibly, allow the execution of arbitrary code with the privileges of the application using the flawed function. (CVE-2006-4980)\n\nA flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This could, potentially, cause disclosure of data stored in the memory of an application using this function.\n(CVE-2007-2052)\n\nMultiple integer overflow flaws were discovered in Python's imageop module. If an application used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or, possibly, execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965)\n\nA stack-based buffer overflow was discovered in the Python interpreter, which could allow a local user to gain privileges by running a script with a long name from the current working directory.\n(CVE-2006-1542)\n\nUsers of Red Hat Network Satellite Server should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2010-01-10T00:00:00", "type": "nessus", "title": "RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0629)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-1849", "CVE-2005-2096", "CVE-2005-2969", "CVE-2006-1542", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2006-4980", "CVE-2007-2052", "CVE-2007-4965"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rhn-solaris-bootstrap", "p-cpe:/a:redhat:enterprise_linux:rhn_solaris_bootstrap_5_1_1_3", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2008-0629.NASL", "href": "https://www.tenable.com/plugins/nessus/43839", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0629. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43839);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-1849\", \"CVE-2005-2096\", \"CVE-2005-2969\", \"CVE-2006-1542\", \"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\", \"CVE-2006-4980\", \"CVE-2007-2052\", \"CVE-2007-4965\");\n script_bugtraq_id(19849, 20246, 20247, 20248, 20249, 25696);\n script_xref(name:\"RHSA\", value:\"2008:0629\");\n\n script_name(english:\"RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0629)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Red Hat Network Satellite Server version 5.1.1 is now available. This\nupdate includes fixes for a number of security issues in Red Hat\nNetwork Satellite Server Solaris client components.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThis release corrects several security vulnerabilities in components\nshipped as part of the Red Hat Network Satellite Server Solaris\nclient. In a typical operating environment, these components are not\nused by the Satellite Server in a vulnerable manner. These security\nupdates will reduce risk should these components be used by other\napplications.\n\nSeveral flaws in Zlib were discovered. An attacker could create a\ncarefully-crafted compressed stream that would cause an application to\ncrash if the stream was opened by a user. (CVE-2005-2096,\nCVE-2005-1849)\n\nA buffer overflow was discovered in the OpenSSL\nSSL_get_shared_ciphers() utility function. An attacker could send a\nlist of ciphers to an application that used this function and overrun\na buffer (CVE-2006-3738).\n\nA flaw in the SSLv2 client code was discovered. If a client\napplication used OpenSSL to create an SSLv2 connection to a malicious\nserver, that server could cause the client to crash. (CVE-2006-4343)\n\nAn attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an\nRSA key with exponent 3 was used an attacker could, potentially, forge\na PKCS #1 v1.5 signature that would be incorrectly verified by\nimplementations that do not check for excess data in the RSA\nexponentiation result of the signature. This issue affected\napplications that use OpenSSL to verify X.509 certificates as well as\nother uses of PKCS #1 v1.5. (CVE-2006-4339)\n\nOpenSSL contained a software work-around for a bug in SSL handling in\nMicrosoft Internet Explorer version 3.0.2. It is enabled in most\nservers that use OpenSSL to provide support for SSL and TLS. This\nwork-around was vulnerable to a man-in-the-middle attack which allowed\na remote user to force an SSL connection to use SSL 2.0, rather than a\nstronger protocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969)\n\nDuring OpenSSL parsing of certain invalid ASN.1 structures, an error\ncondition was mishandled. This could result in an infinite loop which\nconsumed system memory (CVE-2006-2937).\n\nCertain public key types could take disproportionate amounts of time\nto process in OpenSSL, leading to a denial of service. (CVE-2006-2940)\n\nA flaw was discovered in the Python repr() function's handling of\nUTF-32/UCS-4 strings. If an application used the repr() function on\nuntrusted data, this could lead to a denial of service or, possibly,\nallow the execution of arbitrary code with the privileges of the\napplication using the flawed function. (CVE-2006-4980)\n\nA flaw was discovered in the strxfrm() function of Python's locale\nmodule. Strings generated by this function were not properly\nNULL-terminated. This could, potentially, cause disclosure of data\nstored in the memory of an application using this function.\n(CVE-2007-2052)\n\nMultiple integer overflow flaws were discovered in Python's imageop\nmodule. If an application used the imageop module to process untrusted\nimages, it could cause the application to crash, enter an infinite\nloop, or, possibly, execute arbitrary code with the privileges of the\nPython interpreter. (CVE-2007-4965)\n\nA stack-based buffer overflow was discovered in the Python\ninterpreter, which could allow a local user to gain privileges by\nrunning a script with a long name from the current working directory.\n(CVE-2006-1542)\n\nUsers of Red Hat Network Satellite Server should upgrade to these\nupdated packages, which contain backported patches to correct these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-1849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2096\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-1542\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-2937\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-2940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-3738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4339\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4343\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0629\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected rhn-solaris-bootstrap and / or\nrhn_solaris_bootstrap_5_1_1_3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhn-solaris-bootstrap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhn_solaris_bootstrap_5_1_1_3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0629\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL4\", rpm:\"rhns-solaris-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Satellite Server\");\n\n if (rpm_check(release:\"RHEL4\", reference:\"rhn-solaris-bootstrap-5.1.1-3\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"rhn_solaris_bootstrap_5_1_1_3-1-0\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rhn-solaris-bootstrap / rhn_solaris_bootstrap_5_1_1_3\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-19T15:22:28", "description": "Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThis release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications.\n\nSeveral flaws in Zlib was discovered. An attacker could create a carefully-crafted compressed stream that would cause an application to crash if the stream is opened by a user. (CVE-2005-2096). An attacker could create a carefully crafted compressed stream that would cause an application to crash if the stream is opened by a user.\n(CVE-2005-1849)\n\nA buffer overflow was discovered in the OpenSSL SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738).\n\nA flaw in the SSLv2 client code was discovered. If a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343)\n\nAn attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. This issue affected applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339)\n\nOpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. It is enabled in most servers that use OpenSSL to provide support for SSL and TLS. This work-around could allow an attacker, acting as a 'man in the middle' to force an SSL connection to use SSL 2.0 rather than a stronger protocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969)\n\nDuring OpenSSL parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937).\n\nCertain public key types can take disproportionate amounts of time to process in OpenSSL, leading to a denial of service. (CVE-2006-2940)\n\nA flaw was discovered in the way that the Python repr() function handled UTF-32/UCS-4 strings. If an application written in Python used the repr() function on untrusted data, this could lead to a denial of service or possibly allow the execution of arbitrary code with the privileges of the Python application. (CVE-2006-4980)\n\nA flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This may possibly cause disclosure of data stored in the memory of a Python application using this function.\n(CVE-2007-2052)\n\nMultiple integer overflow flaws were discovered in Python's imageop module. If an application written in Python used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965)\n\nA stack-based buffer overflow was discovered in the Python interpreter, which could allow a local user to gain privileges by running a script with a long name from the current working directory.\n(CVE-2006-1542)\n\nUsers of Red Hat Network Satellite Server should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2010-01-10T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 : Solaris client in Satellite Server (RHSA-2008:0525)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-1849", "CVE-2005-2096", "CVE-2005-2969", "CVE-2006-1542", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2006-4980", "CVE-2007-2052", "CVE-2007-4965"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rhn-solaris-bootstrap", "p-cpe:/a:redhat:enterprise_linux:rhn_solaris_bootstrap_5_0_2_3", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2008-0525.NASL", "href": "https://www.tenable.com/plugins/nessus/43838", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0525. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43838);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-1849\", \"CVE-2005-2096\", \"CVE-2005-2969\", \"CVE-2006-1542\", \"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\", \"CVE-2006-4980\", \"CVE-2007-2052\", \"CVE-2007-4965\");\n script_bugtraq_id(19849, 20246, 20247, 20248, 20249, 25696, 28276);\n script_xref(name:\"RHSA\", value:\"2008:0525\");\n\n script_name(english:\"RHEL 3 / 4 : Solaris client in Satellite Server (RHSA-2008:0525)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Red Hat Network Satellite Server version 4.2.3 is now available. This\nupdate includes fixes for a number of security issues in Red Hat\nNetwork Satellite Server Solaris client components.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThis release corrects several security vulnerabilities in various\ncomponents shipped as part of the Red Hat Network Satellite Server\nSolaris client. In a typical operating environment, these components\nare not used by the Satellite Server in a vulnerable manner. These\nsecurity updates will reduce risk should these components be used by\nother applications.\n\nSeveral flaws in Zlib was discovered. An attacker could create a\ncarefully-crafted compressed stream that would cause an application to\ncrash if the stream is opened by a user. (CVE-2005-2096). An attacker\ncould create a carefully crafted compressed stream that would cause an\napplication to crash if the stream is opened by a user.\n(CVE-2005-1849)\n\nA buffer overflow was discovered in the OpenSSL\nSSL_get_shared_ciphers() utility function. An attacker could send a\nlist of ciphers to an application that used this function and overrun\na buffer (CVE-2006-3738).\n\nA flaw in the SSLv2 client code was discovered. If a client\napplication used OpenSSL to create an SSLv2 connection to a malicious\nserver, that server could cause the client to crash. (CVE-2006-4343)\n\nAn attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an\nRSA key with exponent 3 is used it may be possible for an attacker to\nforge a PKCS #1 v1.5 signature that would be incorrectly verified by\nimplementations that do not check for excess data in the RSA\nexponentiation result of the signature. This issue affected\napplications that use OpenSSL to verify X.509 certificates as well as\nother uses of PKCS #1 v1.5. (CVE-2006-4339)\n\nOpenSSL contained a software work-around for a bug in SSL handling in\nMicrosoft Internet Explorer version 3.0.2. It is enabled in most\nservers that use OpenSSL to provide support for SSL and TLS. This\nwork-around could allow an attacker, acting as a 'man in the middle'\nto force an SSL connection to use SSL 2.0 rather than a stronger\nprotocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969)\n\nDuring OpenSSL parsing of certain invalid ASN.1 structures an error\ncondition was mishandled. This can result in an infinite loop which\nconsumed system memory (CVE-2006-2937).\n\nCertain public key types can take disproportionate amounts of time to\nprocess in OpenSSL, leading to a denial of service. (CVE-2006-2940)\n\nA flaw was discovered in the way that the Python repr() function\nhandled UTF-32/UCS-4 strings. If an application written in Python used\nthe repr() function on untrusted data, this could lead to a denial of\nservice or possibly allow the execution of arbitrary code with the\nprivileges of the Python application. (CVE-2006-4980)\n\nA flaw was discovered in the strxfrm() function of Python's locale\nmodule. Strings generated by this function were not properly\nNULL-terminated. This may possibly cause disclosure of data stored in\nthe memory of a Python application using this function.\n(CVE-2007-2052)\n\nMultiple integer overflow flaws were discovered in Python's imageop\nmodule. If an application written in Python used the imageop module to\nprocess untrusted images, it could cause the application to crash,\nenter an infinite loop, or possibly execute arbitrary code with the\nprivileges of the Python interpreter. (CVE-2007-4965)\n\nA stack-based buffer overflow was discovered in the Python\ninterpreter, which could allow a local user to gain privileges by\nrunning a script with a long name from the current working directory.\n(CVE-2006-1542)\n\nUsers of Red Hat Network Satellite Server should upgrade to these\nupdated packages, which contain backported patches to correct these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-1849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2096\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-1542\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-2937\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-2940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-3738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4339\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4343\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0525\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected rhn-solaris-bootstrap and / or\nrhn_solaris_bootstrap_5_0_2_3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhn-solaris-bootstrap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhn_solaris_bootstrap_5_0_2_3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0525\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL3\", rpm:\"rhns-solaris-\") || rpm_exists(release:\"RHEL4\", rpm:\"rhns-solaris-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Satellite Server\");\n\n if (rpm_check(release:\"RHEL3\", reference:\"rhn-solaris-bootstrap-5.0.2-3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"rhn_solaris_bootstrap_5_0_2_3-1-0\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"rhn-solaris-bootstrap-5.0.2-3\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"rhn_solaris_bootstrap_5_0_2_3-1-0\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rhn-solaris-bootstrap / rhn_solaris_bootstrap_5_0_2_3\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T14:49:01", "description": "Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThis release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications.\n\nTwo denial-of-service flaws were fixed in ZLib. (CVE-2005-2096, CVE-2005-1849)\n\nMultiple flaws were fixed in OpenSSL. (CVE-2006-4343, CVE-2006-4339, CVE-2006-3738, CVE-2006-2940, CVE-2006-2937, CVE-2005-2969)\n\nMultiple flaws were fixed in Python. (CVE-2007-4965, CVE-2007-2052, CVE-2006-4980, CVE-2006-1542)\n\nUsers of Red Hat Network Satellite Server 5.0.1 are advised to upgrade to 5.0.2, which resolves these issues.", "cvss3": {}, "published": "2010-01-10T00:00:00", "type": "nessus", "title": "RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0264)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-1849", "CVE-2005-2096", "CVE-2005-2969", "CVE-2006-1542", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2006-4980", "CVE-2007-2052", "CVE-2007-4965"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rhn-solaris-bootstrap", "p-cpe:/a:redhat:enterprise_linux:rhn_solaris_bootstrap_5_0_2_3", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2008-0264.NASL", "href": "https://www.tenable.com/plugins/nessus/43836", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0264. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43836);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-1849\", \"CVE-2005-2096\", \"CVE-2005-2969\", \"CVE-2006-1542\", \"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\", \"CVE-2006-4980\", \"CVE-2007-2052\", \"CVE-2007-4965\");\n script_bugtraq_id(19849, 20246, 20247, 20248, 20249, 22083, 25696, 28276);\n script_xref(name:\"RHSA\", value:\"2008:0264\");\n\n script_name(english:\"RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0264)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Red Hat Network Satellite Server version 5.0.2 is now available. This\nupdate includes fixes for a number of security issues in Red Hat\nNetwork Satellite Server Solaris client components.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThis release corrects several security vulnerabilities in various\ncomponents shipped as part of the Red Hat Network Satellite Server\nSolaris client. In a typical operating environment, these components\nare not used by the Satellite Server in a vulnerable manner. These\nsecurity updates will reduce risk should these components be used by\nother applications.\n\nTwo denial-of-service flaws were fixed in ZLib. (CVE-2005-2096,\nCVE-2005-1849)\n\nMultiple flaws were fixed in OpenSSL. (CVE-2006-4343, CVE-2006-4339,\nCVE-2006-3738, CVE-2006-2940, CVE-2006-2937, CVE-2005-2969)\n\nMultiple flaws were fixed in Python. (CVE-2007-4965, CVE-2007-2052,\nCVE-2006-4980, CVE-2006-1542)\n\nUsers of Red Hat Network Satellite Server 5.0.1 are advised to upgrade\nto 5.0.2, which resolves these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-1849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2096\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-1542\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-2937\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-2940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-3738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4339\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4343\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0264\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected rhn-solaris-bootstrap and / or\nrhn_solaris_bootstrap_5_0_2_3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhn-solaris-bootstrap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhn_solaris_bootstrap_5_0_2_3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0264\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL4\", rpm:\"rhns-solaris-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Satellite Server\");\n\n if (rpm_check(release:\"RHEL4\", reference:\"rhn-solaris-bootstrap-5.0.2-3\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"rhn_solaris_bootstrap_5_0_2_3-1-0\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rhn-solaris-bootstrap / rhn_solaris_bootstrap_5_0_2_3\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-19T15:02:48", "description": "The remote host is affected by the vulnerability described in GLSA-200605-08 (PHP: Multiple vulnerabilities)\n\n Several vulnerabilities were discovered on PHP4 and PHP5 by Infigo, Tonu Samuel and Maksymilian Arciemowicz. These included a buffer overflow in the wordwrap() function, restriction bypasses in the copy() and tempname() functions, a cross-site scripting issue in the phpinfo() function, a potential crash in the substr_compare() function and a memory leak in the non-binary-safe html_entity_decode() function.\n Impact :\n\n Remote attackers might be able to exploit these issues in PHP applications making use of the affected functions, potentially resulting in the execution of arbitrary code, Denial of Service, execution of scripted contents in the context of the affected site, security bypass or information leak.\n Workaround :\n\n There is no known workaround at this point.", "cvss3": {}, "published": "2006-05-13T00:00:00", "type": "nessus", "title": "GLSA-200605-08 : PHP: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-0996", "CVE-2006-1490", "CVE-2006-1990", "CVE-2006-1991"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:php", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200605-08.NASL", "href": "https://www.tenable.com/plugins/nessus/21350", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200605-08.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21350);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-0996\", \"CVE-2006-1490\", \"CVE-2006-1990\", \"CVE-2006-1991\");\n script_xref(name:\"GLSA\", value:\"200605-08\");\n\n script_name(english:\"GLSA-200605-08 : PHP: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200605-08\n(PHP: Multiple vulnerabilities)\n\n Several vulnerabilities were discovered on PHP4 and PHP5 by Infigo,\n Tonu Samuel and Maksymilian Arciemowicz. These included a buffer\n overflow in the wordwrap() function, restriction bypasses in the copy()\n and tempname() functions, a cross-site scripting issue in the phpinfo()\n function, a potential crash in the substr_compare() function and a\n memory leak in the non-binary-safe html_entity_decode() function.\n \nImpact :\n\n Remote attackers might be able to exploit these issues in PHP\n applications making use of the affected functions, potentially\n resulting in the execution of arbitrary code, Denial of Service,\n execution of scripted contents in the context of the affected site,\n security bypass or information leak.\n \nWorkaround :\n\n There is no known workaround at this point.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200605-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All PHP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose dev-lang/php\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_cwe_id(79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/05/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\", \"Host/Gentoo/arch\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\nourarch = get_kb_item(\"Host/Gentoo/arch\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(alpha|amd64|ia64|ppc64)$\") audit(AUDIT_ARCH_NOT, \"alpha|amd64|ia64|ppc64\", ourarch);\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/php\", arch:\"alpha amd64 ia64 ppc64\", unaffected:make_list(\"ge 5.1.4-r4\", \"rge 4.4.2-r6\", \"rge 4.4.3-r1\", \"rge 4.4.4-r4\", \"rge 4.4.6\", \"ge 4.4.7\"), vulnerable:make_list(\"lt 5.1.4-r4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PHP\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:33:14", "description": "VMware products installed on the remote host are affected by multiple vulnerabilities :\n\n - The 'authd' process is affected by a privilege escalation vulnerability that could allow an attacker to execute arbitrary code with system level privileges or cause a denial of service condition.\n\n - A feature in VMware workstation version 6.0.2 could allow anonymous console access to guest host via VIX API, which could result in unauthorized access. This feature has been disabled in version 6.0.3.\n\n - Windows based VMware hosts are affected by a privilege escalation vulnerability. By manipulating 'config.ini' an attacker may be able to gain elevated privileges by hijacking the VMware VMX process.\n\n - Multiple VMware products are affected by a directory traversal vulnerability. If a Windows based VMware host is configured to allow shared access from a guest host to a folder on the Host system (HGFS), it may be possible to gain access to the Host file system from guest OS and create/modify arbitrary executable files. VMware Server is not affected by this vulnerability.\n\n - Multiple VMware products hosted on a Windows 2000 host are affected by a privilege escalation vulnerability.\n\n - Multiple VMware products are vulnerable to a potential denial of service attack.", "cvss3": {}, "published": "2008-04-02T00:00:00", "type": "nessus", "title": "VMware Products Multiple Vulnerabilities (VMSA-2008-0005)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-4339", "CVE-2006-4343", "CVE-2007-5269", "CVE-2007-5618", "CVE-2008-0923", "CVE-2008-1340", "CVE-2008-1361", "CVE-2008-1362", "CVE-2008-1363", "CVE-2008-1364", "CVE-2008-1392"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:vmware:ace", "cpe:/a:vmware:player", "cpe:/a:vmware:vmware_server", "cpe:/a:vmware:vmware_workstation"], "id": "VMWARE_MULTIPLE_VMSA_2008_0005.NASL", "href": "https://www.tenable.com/plugins/nessus/31729", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31729);\n script_version(\"1.23\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\n \"CVE-2006-2937\",\n \"CVE-2006-2940\",\n \"CVE-2006-4339\",\n \"CVE-2006-4343\",\n \"CVE-2007-5269\",\n \"CVE-2007-5618\",\n \"CVE-2008-0923\",\n \"CVE-2008-1340\",\n \"CVE-2008-1361\",\n \"CVE-2008-1362\",\n \"CVE-2008-1363\",\n \"CVE-2008-1364\",\n \"CVE-2008-1392\"\n );\n script_bugtraq_id(28276,28289);\n script_xref(name:\"VMSA\", value:\"2008-0005\");\n\n script_name(english:\"VMware Products Multiple Vulnerabilities (VMSA-2008-0005)\");\n script_summary(english:\"Checks vulnerable versions of multiple VMware products\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by\nmultiple issues.\");\n script_set_attribute(attribute:\"description\", value:\n\"VMware products installed on the remote host are affected by multiple\nvulnerabilities :\n\n - The 'authd' process is affected by a privilege\n escalation vulnerability that could allow an attacker to\n execute arbitrary code with system level privileges or\n cause a denial of service condition.\n\n - A feature in VMware workstation version 6.0.2 could\n allow anonymous console access to guest host via VIX\n API, which could result in unauthorized access. This\n feature has been disabled in version 6.0.3.\n\n - Windows based VMware hosts are affected by a privilege\n escalation vulnerability. By manipulating 'config.ini'\n an attacker may be able to gain elevated privileges by\n hijacking the VMware VMX process.\n\n - Multiple VMware products are affected by a directory\n traversal vulnerability. If a Windows based VMware host\n is configured to allow shared access from a guest host\n to a folder on the Host system (HGFS), it may be\n possible\n to gain access to the Host file system from guest OS and\n create/modify arbitrary executable files. VMware Server\n is not affected by this vulnerability.\n\n - Multiple VMware products hosted on a Windows 2000 host\n are affected by a privilege escalation vulnerability.\n\n - Multiple VMware products are vulnerable to a potential\n denial of service attack.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2008-0005.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/support/server/doc/releasenotes_server.html\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/support/player/doc/releasenotes_player.html\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/support/player2/doc/releasenotes_player2.html\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to :\n\n - VMware Workstation 6.0.3/5.5.6 or higher.\n - VMware Server 1.0.5 or higher.\n - VMware Player 2.0.3/1.0.6 or higher.\n - VMware ACE 2.0.3/1.0.5 or higher.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(16, 20, 22, 264, 310, 399);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:vmware:ace\");\n script_set_attribute(attribute:\"cpe\",value:\"cpe:/a:vmware:player\");\n script_set_attribute(attribute:\"cpe\",value:\"cpe:/a:vmware:vmware_server\");\n script_set_attribute(attribute:\"cpe\",value:\"cpe:/a:vmware:vmware_workstation\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"vmware_workstation_detect.nasl\",\"vmware_server_win_detect.nasl\", \"vmware_player_detect.nasl\",\"vmware_ace_detect.nasl\");\n script_require_ports(\"VMware/Server/Version\", \"VMware/ACE/Version\", \"VMware/Player/Version\", \"VMware/Workstation/Version\", 139, 445);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"smb_func.inc\");\n\nport = kb_smb_transport();\n\n# Check for VMware Workstation\n\nversion = get_kb_item(\"VMware/Workstation/Version\");\nif (version)\n{\n v = split(version, sep:\".\", keep:FALSE);\n\n if (( int(v[0]) < 5 ) ||\n ( int(v[0]) == 5 && int(v[1]) < 5 ) ||\n ( int(v[0]) == 5 && int(v[1]) == 5 && int(v[2]) < 6 ) ||\n ( int(v[0]) == 6 && int(v[1]) == 0 && int(v[2]) < 3 )\n )\n {\n if (report_verbosity)\n {\n report = string(\n \"\\n\",\n \"Version \",version,\" of VMware Workstation is installed on the remote host.\",\n \"\\n\"\n );\n security_hole(port:port, extra:report);\n }\n else\n \t security_hole(port);\n }\n}\n\n# Check for VMware Server\n\nversion = get_kb_item(\"VMware/Server/Version\");\nif (version)\n{\n v = split(version, sep:\".\", keep:FALSE);\n if ( ( int(v[0]) < 1 ) ||\n ( int(v[0]) == 1 && int(v[1]) == 0 && int(v[2]) < 5 )\n )\n {\n if (report_verbosity)\n {\n report = string(\n \"\\n\",\n \"Version \",version,\" of VMware Server is installed on the remote host.\",\n \"\\n\"\n );\n security_hole(port:port, extra:report);\n }\n else\n \tsecurity_hole(port);\n }\n}\n\n# Check for VMware Player\n\nversion = get_kb_item(\"VMware/Player/Version\");\nif (version)\n{\n v = split(version, sep:\".\", keep:FALSE);\n if ( ( int(v[0]) < 1 ) ||\n ( int(v[0]) == 1 && int(v[1]) == 0 && int(v[2]) < 6 ) ||\n ( int(v[0]) == 2 && int(v[1]) == 0 && int(v[2]) < 3 )\n )\n {\n if (report_verbosity)\n {\n report = string(\n \"\\n\",\n \"Version \",version,\" of VMware Player is installed on the remote host.\",\n \"\\n\"\n );\n security_hole(port:port, extra:report);\n }\n else\n security_hole(port);\n }\n}\n\n# Check for VMware ACE.\nversion = get_kb_item(\"VMware/ACE/Version\");\nif (version)\n{\n v = split(version, sep:\".\", keep:FALSE);\n if ( ( int(v[0]) < 1 ) ||\n ( int(v[0]) == 1 && int(v[1]) == 0 && int(v[2]) < 5 ) ||\n ( int(v[0]) == 2 && int(v[1]) == 0 && int(v[2]) < 3 )\n )\n {\n if (report_verbosity)\n {\n report = string(\n \"\\n\",\n \"Version \",version,\" of VMware ACE is installed on the remote host.\",\n \"\\n\"\n );\n security_hole(port:port, extra:report);\n }\n else\n security_hole(port);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T22:23:01", "description": "Mac OS X\u662f\u82f9\u679c\u5bb6\u65cf\u8ba1\u7b97\u673a\u6240\u4f7f\u7528\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nApple 2006-007\u5b89\u5168\u66f4\u65b0\u4fee\u590d\u4e86Mac OS X\u4e2d\u7684\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e\uff0c\u5177\u4f53\u5305\u62ec\uff1a\r\n\r\n* CVE-2006-4396\r\n\r\nApple Type Services\u670d\u52a1\u7a0b\u5e8f\u4e0d\u5b89\u5168\u5730\u521b\u5efa\u4e86\u9519\u8bef\u65e5\u5fd7\u6587\u4ef6\uff0c\u5141\u8bb8\u672c\u5730\u653b\u51fb\u8005\u4ee5\u7cfb\u7edf\u6743\u9650\u8986\u76d6\u6216\u521b\u5efa\u6587\u4ef6\u3002\r\n\r\n* CVE-2006-4398\r\n\r\nApple Type Services\u670d\u52a1\u7a0b\u5e8f\u4e2d\u5b58\u5728\u591a\u4e2a\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684\u670d\u52a1\u8bf7\u6c42\u89e6\u53d1\u8fd9\u4e9b\u6ea2\u51fa\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6216\u4ee5\u7cfb\u7edf\u6743\u9650\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\r\n\r\n* CVE-2006-4400\r\n\r\nApple Type Services\u670d\u52a1\u7a0b\u5e8f\u5728\u5904\u7406\u5b57\u4f53\u65f6\u5b58\u5728\u6808\u6ea2\u51fa\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u8bf1\u9a97\u7528\u6237\u6253\u5f00\u7279\u5236\u7684\u5b57\u4f53\u6587\u4ef6\u6765\u89e6\u53d1\u8fd9\u4e2a\u6ea2\u51fa\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6216\u4ee5\u7cfb\u7edf\u6743\u9650\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\r\n\r\n* CVE-2006-4401\r\n\r\n\u5982\u679c\u7528\u6237\u53d7\u9a97\u8bbf\u95ee\u4e86\u7279\u5236\u7684FTP URI\u7684\u8bdd\uff0c\u653b\u51fb\u8005\u5c31\u53ef\u4ee5\u5bfc\u81f4\u7528\u6237\u7684FTP\u5ba2\u6237\u7aef\u4ee5\u53d7\u5bb3\u7528\u6237\u7684\u51ed\u636e\u5411\u4efb\u610f\u53ef\u8bbf\u95ee\u7684FTP\u670d\u52a1\u5668\u53d1\u5e03FTP\u547d\u4ee4\u3002\r\n\r\n* CVE-2006-4402\r\n\r\n\u5982\u679c\u4f7f\u7528Finder\u6d4f\u89c8\u4e86\u5305\u542b\u6709\u88ab\u7834\u574f\u7684.DS_Store"\u6587\u4ef6\u7684\u76ee\u5f55\u7684\u8bdd\uff0c\u653b\u51fb\u8005\u5c31\u53ef\u4ee5\u89e6\u53d1\u5806\u6ea2\u51fa\uff0c\u5bfc\u81f4\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u4ee5\u8fd0\u884cFinder\u7528\u6237\u7684\u6743\u9650\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\r\n \r\n* CVE-2006-4403\r\n\r\n\u5728\u8bd5\u56fe\u8ba4\u8bc1\u6709\u6548\u7684\u7528\u6237\u65f6\uff0cFTP\u670d\u52a1\u5668\u53ef\u80fd\u4f1a\u5728\u5931\u8d25\u7684\u767b\u5f55\u5c1d\u8bd5\u540e\u5d29\u6e83\uff0c\u800c\u8bd5\u56fe\u8ba4\u8bc1\u672a\u77e5\u7528\u6237\u65f6\u4e0d\u4f1a\u51fa\u73b0\u8fd9\u79cd\u5d29\u6e83\uff0c\u56e0\u6b64\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u8fd9\u79cd\u884c\u4e3a\u5224\u65ad\u5e10\u53f7\u540d\u79f0\u662f\u5426\u6709\u6548\u3002\r\n\r\n* CVE-2006-4404\r\n\r\nAdmin\u7528\u6237\u5728\u4ee5\u7cfb\u7edf\u6743\u9650\u6267\u884c\u547d\u4ee4\u65f6\u901a\u5e38\u8981\u6c42\u8ba4\u8bc1\uff0c\u4f46\u662fInstaller\u5141\u8bb8Admin\u7528\u6237\u5728\u5b89\u88c5\u67d0\u4e9b\u8f6f\u4ef6\u5305\u65f6\u65e0\u9700\u8ba4\u8bc1\u4fbf\u53ef\u4ee5\u4f7f\u7528\u7cfb\u7edf\u6743\u9650\u3002\r\n\r\n* CVE-2006-4406\r\n\r\n\u5982\u679c\u542f\u7528\u4e86PPPoE\u7684\u8bdd\uff0c\u672c\u5730\u7f51\u7edc\u4e2d\u7684\u653b\u51fb\u8005\u5c31\u53ef\u4ee5\u89e6\u53d1\u6ea2\u51fa\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6216\u4ee5\u7cfb\u7edf\u6743\u9650\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\r\n\r\n* CVE-2006-4407\r\n\r\nSecure Transport\u5141\u8bb8\u4f7f\u7528\u591a\u79cd\u5bc6\u7801\u52a0\u5bc6\u548c\u8ba4\u8bc1\u6570\u636e\u3002\u5728\u8fdb\u884c\u8fde\u63a5\u7684\u65f6\u5019\uff0c\u5e94\u4f7f\u7528\u6700\u4f73\u7684\u53cc\u65b9\u90fd\u652f\u6301\u7684\u5bc6\u7801\u3002\u7531\u4e8e\u5728\u51ed\u636e\u4f18\u5148\u7ea7\u6b21\u5e8f\u4e2d\u7684\u9519\u8bef\uff0cSecure Transport\u53ef\u80fd\u4f1a\u5728\u6709\u66f4\u597d\u7684\u5bc6\u7801\u65f6\u4f7f\u7528\u6ca1\u6709\u63d0\u4f9b\u52a0\u5bc6\u6216\u8ba4\u8bc1\u7684\u5bc6\u7801\u3002\r\n\r\n* CVE-2006-4408\r\n\r\n\u5305\u542b\u6709\u516c\u94a5\u7684X.509\u8bc1\u4e66\u53ef\u80fd\u4f1a\u5728\u9a8c\u8bc1\u7b7e\u540d\u7684\u65f6\u5019\u6d88\u8017\u5927\u91cf\u7684\u7cfb\u7edf\u8d44\u6e90\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u8bf1\u9a97\u7cfb\u7edf\u5904\u7406\u8fd9\u6837\u7684\u8bc1\u4e66\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\r\n\r\n* CVE-2006-4409\r\n\r\n\u5728\u914d\u7f6e\u4e3a\u4f7f\u7528HTTP\u4ee3\u7406\u7684\u7cfb\u7edf\u4e0a\uff0c\u5728\u7ebf\u8bc1\u4e66\u72b6\u6001\u534f\u8bae\uff08OCSP\uff09\u670d\u52a1\u65e0\u6cd5\u68c0\u7d22\u8bc1\u4e66\u64a4\u9500\u5217\u8868\u3002\r\n\r\n* CVE-2006-4410\r\n\r\n\u5bf9\u4e8e\u67d0\u4e9b\u53f6\u8bc1\u4e66\uff08leaf certificate\uff09\uff0c\u53ef\u80fd\u65e0\u6cd5\u4ece\u53d1\u5e03\u4e2d\u5fc3\u67e5\u8be2\u64a4\u9500\u5217\u8868\u3002\r\n\r\n* CVE-2006-4411\r\n\r\n\u5728\u67d0\u4e9b\u73af\u5883\u4e0b\uff0cVPN\u670d\u52a1\u5668\u53ef\u80fd\u672a\u7ecf\u6b63\u786e\u5730\u6e05\u7406\u73af\u5883\u4fbf\u6267\u884c\u547d\u4ee4\uff0c\u8fd9\u53ef\u80fd\u5141\u8bb8\u6076\u610f\u7684\u672c\u5730\u7528\u6237\u4ee5\u7cfb\u7edf\u6743\u9650\u521b\u5efa\u6587\u4ef6\u6216\u6267\u884c\u547d\u4ee4\u3002\r\n\r\n* CVE-2006-4412\r\n\r\n\u7279\u5236\u7684HTML\u6587\u6863\u53ef\u80fd\u5bfc\u81f4\u8bbf\u95ee\u4e4b\u524d\u5df2\u89e3\u9664\u5206\u914d\u7684\u5bf9\u8c61\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6216\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\r\n\r\n\u6b64\u5916\uff0c\u8fd9\u4e2a\u66f4\u65b0\u8fd8\u4fee\u590d\u4e86\u4e00\u4e9bMac OS X\u6240\u6346\u7ed1\u7684\u7b2c\u4e09\u65b9\u4ea7\u54c1\u4e2d\u7684\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e\n\nApple Mac OS X 10.4.x\r\nApple Mac OS X 10.3.x\r\nApple MacOS X Server 10.4.x\r\nApple MacOS X Server 10.3.x\n \u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=\"http://www.apple.com/support/downloads/\" target=\"_blank\">http://www.apple.com/support/downloads/</a>", "published": "2006-12-05T00:00:00", "title": "Apple Mac OS X 2006-007\u66f4\u65b0\u4fee\u590d\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2006-4396", "CVE-2006-4398", "CVE-2006-4400", "CVE-2006-4401", "CVE-2006-4402", "CVE-2006-4403", "CVE-2006-4404", "CVE-2006-4406", "CVE-2006-4407", "CVE-2006-4408", "CVE-2006-4409", "CVE-2006-4410", "CVE-2006-4411", "CVE-2006-4412"], "modified": "2006-12-05T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-641", "id": "SSV:641", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}], "openvas": [{"lastseen": "2017-07-02T21:13:59", "description": "Check for the Version of SunFreeware gzip", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for SunFreeware gzip 120720-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4336", "CVE-2006-4338", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4337"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855013", "href": "http://plugins.openvas.org/nasl.php?oid=855013", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for SunFreeware gzip 120720-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"SunFreeware gzip on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n SunFreeware gzip\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855013);\n script_version(\"$Revision: 5359 $\");\n script_cve_id(\"CVE-2006-4338\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4334\", \"CVE-2006-4335\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"120720-02\");\n script_name( \"Solaris Update for SunFreeware gzip 120720-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-120720-02-1\");\n\n script_summary(\"Check for the Version of SunFreeware gzip\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"120720-02\", package:\"SUNWgzip SUNWgzipS\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:06", "description": "Check for the Version of Software Distributor (SD)", "cvss3": {}, "published": "2009-05-05T00:00:00", "type": "openvas", "title": "HP-UX Update for Software Distributor (SD) HPSBUX02195", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4336", "CVE-2006-4338", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4337"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:835145", "href": "http://plugins.openvas.org/nasl.php?oid=835145", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Software Distributor (SD) HPSBUX02195\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote Denial of Service (DoS)\";\ntag_affected = \"Software Distributor (SD) on\n HP-UX B.11.11 and B.11.23 running Software Distributor (SD)\";\ntag_insight = \"A potential security vulnerability has been identified with the version of \n GZIP delivered by HP-UX Software Distributor (SD). The vulnerability could \n be remotely exploited leading to a Denial of Service (DoS).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00874667-2\");\n script_id(835145);\n script_version(\"$Revision: 6584 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 16:13:23 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"HPSBUX\", value: \"02195\");\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_name( \"HP-UX Update for Software Distributor (SD) HPSBUX02195\");\n\n script_summary(\"Check for the Version of Software Distributor (SD)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"SW-DIST.GZIP\", revision:\"B.11.23.0612\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"SW-DIST.SD-AGENT\", revision:\"B.11.23.0612\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"SW-DIST.SD-CMDS\", revision:\"B.11.23.0612\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"SW-DIST.GZIP\", patch_list:['PHCO_35587'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"SW-DIST.SD-AGENT\", patch_list:['PHCO_35587'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"SW-DIST.SD-CMDS\", patch_list:['PHCO_35587'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:55", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n gzip\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012976 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for gzip", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4336", "CVE-2006-4338", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4337"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65213", "href": "http://plugins.openvas.org/nasl.php?oid=65213", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5012976.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for gzip\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n gzip\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012976 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65213);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for gzip\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"gzip\", rpm:\"gzip~1.3.5~136.13\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:19", "description": "The remote host is missing updates announced in\nadvisory GLSA 200609-13.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200609-13 (gzip)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4336", "CVE-2006-4338", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4337"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:57891", "href": "http://plugins.openvas.org/nasl.php?oid=57891", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"gzip is affected by multiple vulnerabilities, including buffer overflows\nand infinite loops, possibly allowing the execution of arbitrary code.\";\ntag_solution = \"All gzip users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/gzip-1.3.5-r9'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200609-13\nhttp://bugs.gentoo.org/show_bug.cgi?id=145511\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200609-13.\";\n\n \n\nif(description)\n{\n script_id(57891);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200609-13 (gzip)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-arch/gzip\", unaffected: make_list(\"ge 1.3.5-r9\"), vulnerable: make_list(\"lt 1.3.5-r9\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:14", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2008-09-04T00:00:00", "type": "openvas", "title": "FreeBSD Ports: gzip", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4336", "CVE-2006-4338", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4337"], "modified": "2016-09-20T00:00:00", "id": "OPENVAS:57726", "href": "http://plugins.openvas.org/nasl.php?oid=57726", "sourceData": "#\n#VID 11a84092-8f9f-11db-ab33-000e0c2e438a\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: gzip\n\nCVE-2006-4334\nUnspecified vulnerability in gzip 1.3.5 allows context-dependent\nattackers to cause a denial of service (crash) via a crafted GZIP (gz)\narchive, which results in a NULL dereference.\n\nCVE-2006-4335\nArray index error in the make_table function in unlzh.c in the LZH\ndecompression component in gzip 1.3.5, when running on certain\nplatforms, allows context-dependent attackers to cause a denial of\nservice (crash) and possibly execute arbitrary code via a crafted GZIP\narchive that triggers an out-of-bounds write, aka a 'stack\nmodification vulnerability.'\n\nCVE-2006-4336\nBuffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows\ncontext-dependent attackers to execute arbitrary code via a crafted leaf\ncount table that causes a write to a negative index.\n\nCVE-2006-4337\nBuffer overflow in the make_table function in the LHZ component in\ngzip 1.3.5 allows context-dependent attackers to execute arbitrary\ncode via a crafted decoding table in a GZIP archive.\n\nCVE-2006-4338\nunlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent\nattackers to cause a denial of service (infinite loop) via a crafted\nGZIP archive.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\nif(description)\n{\n script_id(57726);\n script_version(\"$Revision: 4118 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-20 07:32:38 +0200 (Tue, 20 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: gzip\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"gzip\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package gzip version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:24", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n gzip\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012976 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for gzip", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4336", "CVE-2006-4338", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4337"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065213", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065213", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5012976.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for gzip\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n gzip\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012976 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65213\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for gzip\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"gzip\", rpm:\"gzip~1.3.5~136.13\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:38:45", "description": "Check for the Version of Software Distributor (SD)", "cvss3": {}, "published": "2009-05-05T00:00:00", "type": "openvas", "title": "HP-UX Update for Software Distributor (SD) HPSBUX02195", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4336", "CVE-2006-4338", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4337"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310835145", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835145", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Software Distributor (SD) HPSBUX02195\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote Denial of Service (DoS)\";\ntag_affected = \"Software Distributor (SD) on\n HP-UX B.11.11 and B.11.23 running Software Distributor (SD)\";\ntag_insight = \"A potential security vulnerability has been identified with the version of \n GZIP delivered by HP-UX Software Distributor (SD). The vulnerability could \n be remotely exploited leading to a Denial of Service (DoS).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00874667-2\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835145\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"HPSBUX\", value: \"02195\");\n script_cve_id(\"CVE-2006-4334\", \"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_name( \"HP-UX Update for Software Distributor (SD) HPSBUX02195\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Software Distributor (SD)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"SW-DIST.GZIP\", revision:\"B.11.23.0612\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"SW-DIST.SD-AGENT\", revision:\"B.11.23.0612\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"SW-DIST.SD-CMDS\", revision:\"B.11.23.0612\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"SW-DIST.GZIP\", patch_list:['PHCO_35587'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"SW-DIST.SD-AGENT\", patch_list:['PHCO_35587'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"SW-DIST.SD-CMDS\", patch_list:['PHCO_35587'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:39:43", "description": "Check for the Version of SunFreeware gzip", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for SunFreeware gzip 120720-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4336", "CVE-2006-4338", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4337"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855013", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855013", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for SunFreeware gzip 120720-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"SunFreeware gzip on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n SunFreeware gzip\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855013\");\n script_version(\"$Revision: 9370 $\");\n script_cve_id(\"CVE-2006-4338\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4334\", \"CVE-2006-4335\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"120720-02\");\n script_name( \"Solaris Update for SunFreeware gzip 120720-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-120720-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of SunFreeware gzip\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"120720-02\", package:\"SUNWgzip SUNWgzipS\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:51", "description": "Check for the Version of pkg utilities", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for pkg utilities 114568-26", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855346", "href": "http://plugins.openvas.org/nasl.php?oid=855346", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for pkg utilities 114568-26\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"pkg utilities on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n pkg utilities\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855346);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:24:08 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114568-26\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for pkg utilities 114568-26\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114568-26-1\");\n\n script_summary(\"Check for the Version of pkg utilities\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"114568-26\", package:\"SUNWarc SUNWcsr SUNWhea SUNWcsu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:19", "description": "Check for the Version of pkg utilities", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for pkg utilities 113713-27", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855369", "href": "http://plugins.openvas.org/nasl.php?oid=855369", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for pkg utilities 113713-27\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"pkg utilities on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n pkg utilities\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855369);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:24:08 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"113713-27\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for pkg utilities 113713-27\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-113713-27-1\");\n\n script_summary(\"Check for the Version of pkg utilities\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113713-27\", package:\"SUNWarc SUNWcsr SUNWhea SUNWcsu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:55", "description": "Check for the Version of bootconfchk", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for bootconfchk 123377-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855366", "href": "http://plugins.openvas.org/nasl.php?oid=855366", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for bootconfchk 123377-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"bootconfchk on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n bootconfchk\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855366);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"123377-01\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for bootconfchk 123377-01\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-123377-01-1\");\n\n script_summary(\"Check for the Version of bootconfchk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"123377-01\", package:\"SUNWwbsup\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:48", "description": "Check for the Version of bootconfchk", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for bootconfchk 123376-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855376", "href": "http://plugins.openvas.org/nasl.php?oid=855376", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for bootconfchk 123376-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"bootconfchk on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n bootconfchk\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855376);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"123376-01\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for bootconfchk 123376-01\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-123376-01-1\");\n\n script_summary(\"Check for the Version of bootconfchk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"123376-01\", package:\"SUNWwbsup\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:05", "description": "Check for the Version of pkg utilities", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for pkg utilities 113713-28", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855735", "href": "http://plugins.openvas.org/nasl.php?oid=855735", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for pkg utilities 113713-28\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"pkg utilities on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n pkg utilities\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855735);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"113713-28\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for pkg utilities 113713-28\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-113713-28-1\");\n\n script_summary(\"Check for the Version of pkg utilities\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113713-28\", package:\"SUNWarc SUNWcsu SUNWcsr SUNWhea\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:08", "description": "Check for the Version of wanboot", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for wanboot 122715-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855170", "href": "http://plugins.openvas.org/nasl.php?oid=855170", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for wanboot 122715-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"wanboot on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n wanboot\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855170);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122715-02\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for wanboot 122715-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122715-02-1\");\n\n script_summary(\"Check for the Version of wanboot\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"122715-02\", package:\"SUNWwbsup\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:08", "description": "Check for the Version of wanboot", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for wanboot 117123-08", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855008", "href": "http://plugins.openvas.org/nasl.php?oid=855008", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for wanboot 117123-08\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"wanboot on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n wanboot\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855008);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:28:12 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"117123-08\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for wanboot 117123-08\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-117123-08-1\");\n\n script_summary(\"Check for the Version of wanboot\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"117123-08\", package:\"SUNWcar.us SUNWwbsup SUNWcar.u\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:09", "description": "Check for the Version of pkg utilities", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "openvas", "title": "Solaris Update for pkg utilities 114568-27", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855640", "href": "http://plugins.openvas.org/nasl.php?oid=855640", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for pkg utilities 114568-27\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"pkg utilities on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n pkg utilities\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855640);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-23 10:48:35 +0200 (Wed, 23 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114568-27\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for pkg utilities 114568-27\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114568-27-1\");\n\n script_summary(\"Check for the Version of pkg utilities\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"114568-27\", package:\"SUNWarc SUNWcsu SUNWcsr SUNWhea\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:46", "description": "Check for the Version of pkg utilities", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for pkg utilities 113713-27", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855369", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855369", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for pkg utilities 113713-27\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"pkg utilities on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n pkg utilities\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855369\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:24:08 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"113713-27\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for pkg utilities 113713-27\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-113713-27-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of pkg utilities\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113713-27\", package:\"SUNWarc SUNWcsr SUNWhea SUNWcsu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:22", "description": "Check for the Version of bootconfchk", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for bootconfchk 123377-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855366", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855366", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for bootconfchk 123377-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"bootconfchk on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n bootconfchk\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855366\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"123377-01\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for bootconfchk 123377-01\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-123377-01-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of bootconfchk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"123377-01\", package:\"SUNWwbsup\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:37", "description": "Check for the Version of wanboot", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for wanboot 122715-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855170", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855170", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for wanboot 122715-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"wanboot on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n wanboot\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855170\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122715-02\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for wanboot 122715-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122715-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of wanboot\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"122715-02\", package:\"SUNWwbsup\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:39", "description": "Check for the Version of wanboot", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for wanboot 117123-08", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855008", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855008", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for wanboot 117123-08\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"wanboot on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n wanboot\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855008\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:28:12 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"117123-08\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for wanboot 117123-08\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-117123-08-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of wanboot\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"117123-08\", package:\"SUNWcar.us SUNWwbsup SUNWcar.u\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:44", "description": "Check for the Version of pkg utilities", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "openvas", "title": "Solaris Update for pkg utilities 114568-27", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855640", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855640", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for pkg utilities 114568-27\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"pkg utilities on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n pkg utilities\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855640\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-23 10:48:35 +0200 (Wed, 23 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114568-27\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for pkg utilities 114568-27\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114568-27-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of pkg utilities\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"114568-27\", package:\"SUNWarc SUNWcsu SUNWcsr SUNWhea\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:38", "description": "Check for the Version of bootconfchk", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for bootconfchk 123376-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855376", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855376", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for bootconfchk 123376-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"bootconfchk on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n bootconfchk\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855376\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"123376-01\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for bootconfchk 123376-01\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-123376-01-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of bootconfchk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"123376-01\", package:\"SUNWwbsup\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:59", "description": "Check for the Version of pkg utilities", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for pkg utilities 114568-26", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855346", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855346", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for pkg utilities 114568-26\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"pkg utilities on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n pkg utilities\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855346\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:24:08 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114568-26\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for pkg utilities 114568-26\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114568-26-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of pkg utilities\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"114568-26\", package:\"SUNWarc SUNWcsr SUNWhea SUNWcsu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:23", "description": "Check for the Version of pkg utilities", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for pkg utilities 113713-28", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855735", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855735", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for pkg utilities 113713-28\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"pkg utilities on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n pkg utilities\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855735\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"113713-28\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for pkg utilities 113713-28\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-113713-28-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of pkg utilities\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113713-28\", package:\"SUNWarc SUNWcsu SUNWcsr SUNWhea\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:07", "description": "The remote host is missing updates announced in\nadvisory GLSA 200611-24.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200611-24 (lha)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4336", "CVE-2006-4338", "CVE-2006-4335", "CVE-2006-4337"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:57937", "href": "http://plugins.openvas.org/nasl.php?oid=57937", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"LHa is affected by several vulnerabilities including the remote execution\nof arbitrary code.\";\ntag_solution = \"All LHa users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/lha-114i-r6'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200611-24\nhttp://bugs.gentoo.org/show_bug.cgi?id=151252\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200611-24.\";\n\n \n\nif(description)\n{\n script_id(57937);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2006-4335\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4338\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200611-24 (lha)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-arch/lha\", unaffected: make_list(\"ge 114i-r6\"), vulnerable: make_list(\"lt 114i-r6\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:11", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openssl-devel\n openssl\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5018586 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for OpenSSL", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65603", "href": "http://plugins.openvas.org/nasl.php?oid=65603", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5018586.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for OpenSSL\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openssl-devel\n openssl\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5018586 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65603);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for OpenSSL\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.7d~15.29\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:56", "description": "The remote host is missing an update as announced\nvia advisory SSA:2006-272-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2006-272-01 openssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:57491", "href": "http://plugins.openvas.org/nasl.php?oid=57491", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2006_272_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New openssl packages are available for Slackware 9.0, 9.1, 10.0, 10.1,\n10.2, and -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2006-272-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2006-272-01\";\n \nif(description)\n{\n script_id(57491);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-3738\", \"CVE-2006-2940\", \"CVE-2006-4343\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2006-272-01 openssl \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.7l-i386-1_slack9.0\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.7l-i386-1_slack9.0\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.7l-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.7l-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.7l-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.7l-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.7l-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.7l-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.7l-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.7l-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:22", "description": "The remote host is missing updates announced in\nadvisory GLSA 200612-11.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200612-11 (emul-linux-x86-baselibs)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:57950", "href": "http://plugins.openvas.org/nasl.php?oid=57950", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL contains multiple vulnerabilities including the possible execution\nof remote arbitrary code.\";\ntag_solution = \"All AMD64 x86 emulation base libraries users should upgrade to the latest\nversion:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n'>=app-emulation/emul-linux-x86-baselibs-2.5.5'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200612-11\nhttp://bugs.gentoo.org/show_bug.cgi?id=152640\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200612-11.\";\n\n \n\nif(description)\n{\n script_id(57950);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200612-11 (emul-linux-x86-baselibs)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-emulation/emul-linux-x86-baselibs\", unaffected: make_list(\"ge 2.5.5\"), vulnerable: make_list(\"lt 2.5.5\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:56", "description": "The remote host is missing an update as announced\nvia advisory SSA:2006-272-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2006-272-01 openssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231057491", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231057491", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2006_272_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.57491\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-3738\", \"CVE-2006-2940\", \"CVE-2006-4343\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2006-272-01 openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(9\\.0|9\\.1|10\\.0|10\\.1|10\\.2)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2006-272-01\");\n\n script_tag(name:\"insight\", value:\"New openssl packages are available for Slackware 9.0, 9.1, 10.0, 10.1,\n10.2, and -current to fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2006-272-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.7l-i386-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.7l-i386-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.7l-i486-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.7l-i486-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.7l-i486-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.7l-i486-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.7l-i486-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.7l-i486-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.7l-i486-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.7l-i486-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:49:53", "description": "The remote host is missing an update to openssl\nannounced via advisory DSA 1185-1.\n\nMultiple vulnerabilities have been discovered in the OpenSSL\ncryptographic software package that could allow an attacker to launch\na denial of service attack by exhausting system resources or crashing\nprocesses on a victim's computer.\n\nCVE-2006-2937\nDr S N Henson of the OpenSSL core team and Open Network\nSecurity recently developed an ASN1 test suite for NISCC\n(www.niscc.gov.uk). When the test suite was run against\nOpenSSL two denial of service vulnerabilities were discovered.\n\nDuring the parsing of certain invalid ASN1 structures an error\ncondition is mishandled. This can result in an infinite loop\nwhich consumes system memory.\n\nAny code which uses OpenSSL to parse ASN1 data from untrusted\nsources is affected. This includes SSL servers which enable\nclient authentication and S/MIME applications.\n\nCVE-2006-3738\nTavis Ormandy and Will Drewry of the Google Security Team\ndiscovered a buffer overflow in SSL_get_shared_ciphers utility\nfunction, used by some applications such as exim and mysql. An\nattacker could send a list of ciphers that would overrun a\nbuffer.\n\nCVE-2006-4343\nTavis Ormandy and Will Drewry of the Google Security Team\ndiscovered a possible DoS in the sslv2 client code. Where a\nclient application uses OpenSSL to make a SSLv2 connection to\na malicious server that server could cause the client to\ncrash.\n\nCVE-2006-2940\nDr S N Henson of the OpenSSL core team and Open Network\nSecurity recently developed an ASN1 test suite for NISCC\n(www.niscc.gov.uk). When the test suite was run against\nOpenSSL a DoS was discovered.\n\nCertain types of public key can take disproportionate amounts\nof time to process. This could be used by an attacker in a\ndenial of service attack.", "cvss3": {}, "published": "2008-01-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1185-1 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:57478", "href": "http://plugins.openvas.org/nasl.php?oid=57478", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1185_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1185-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 0.9.7e-3sarge3.\n\nFor the unstable and testing distributions (sid and etch,\nrespectively), these problems will be fixed in version 0.9.7k-2 of the\nopenssl097 compatibility libraries, and version 0.9.8c-2 of the\nopenssl package.\n\nWe recommend that you upgrade your openssl package. Note that\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201185-1\";\ntag_summary = \"The remote host is missing an update to openssl\nannounced via advisory DSA 1185-1.\n\nMultiple vulnerabilities have been discovered in the OpenSSL\ncryptographic software package that could allow an attacker to launch\na denial of service attack by exhausting system resources or crashing\nprocesses on a victim's computer.\n\nCVE-2006-2937\nDr S N Henson of the OpenSSL core team and Open Network\nSecurity recently developed an ASN1 test suite for NISCC\n(www.niscc.gov.uk). When the test suite was run against\nOpenSSL two denial of service vulnerabilities were discovered.\n\nDuring the parsing of certain invalid ASN1 structures an error\ncondition is mishandled. This can result in an infinite loop\nwhich consumes system memory.\n\nAny code which uses OpenSSL to parse ASN1 data from untrusted\nsources is affected. This includes SSL servers which enable\nclient authentication and S/MIME applications.\n\nCVE-2006-3738\nTavis Ormandy and Will Drewry of the Google Security Team\ndiscovered a buffer overflow in SSL_get_shared_ciphers utility\nfunction, used by some applications such as exim and mysql. An\nattacker could send a list of ciphers that would overrun a\nbuffer.\n\nCVE-2006-4343\nTavis Ormandy and Will Drewry of the Google Security Team\ndiscovered a possible DoS in the sslv2 client code. Where a\nclient application uses OpenSSL to make a SSLv2 connection to\na malicious server that server could cause the client to\ncrash.\n\nCVE-2006-2940\nDr S N Henson of the OpenSSL core team and Open Network\nSecurity recently developed an ASN1 test suite for NISCC\n(www.niscc.gov.uk). When the test suite was run against\nOpenSSL a DoS was discovered.\n\nCertain types of public key can take disproportionate amounts\nof time to process. This could be used by an attacker in a\ndenial of service attack.\";\n\n\nif(description)\n{\n script_id(57478);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:13:11 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-2937\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1185-1 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.7e-3sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.7\", ver:\"0.9.7e-3sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.7e-3sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:00", "description": "The remote host is missing updates announced in\nadvisory GLSA 200610-11.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200610-11 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:57909", "href": "http://plugins.openvas.org/nasl.php?oid=57909", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code.\";\ntag_solution = \"All OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-0.9.8d'\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-0.9.7l'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200610-11\nhttp://bugs.gentoo.org/show_bug.cgi?id=145510\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200610-11.\";\n\n \n\nif(description)\n{\n script_id(57909);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200610-11 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(\"ge 0.9.8d\", \"rge 0.9.7l\"), vulnerable: make_list(\"lt 0.9.8d\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-08T11:44:22", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory FreeBSD-SA-06:23.openssl.asc", "cvss3": {}, "published": "2008-09-04T00:00:00", "type": "openvas", "title": "FreeBSD Security Advisory (FreeBSD-SA-06:23.openssl.asc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343"], "modified": "2017-12-07T00:00:00", "id": "OPENVAS:57475", "href": "http://plugins.openvas.org/nasl.php?oid=57475", "sourceData": "#\n#ADV FreeBSD-SA-06:23.openssl.asc\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n#\n\ntag_insight = \"FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured,\nand Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library.\n\nSeveral problems have been found in OpenSSL:\n\n1. During the parsing of certain invalid ASN1 structures an error condition\nis mishandled, possibly resulting in an infinite loop. [CVE-2006-2937]\n\n2. A buffer overflow exists in the SSL_get_shared_ciphers function.\n[CVE-2006-3738]\n\n3. A NULL pointer may be dereferenced in the SSL version 2 client code.\n[CVE-2006-4343]\n\nIn addition, many applications using OpenSSL do not perform any validation\nof the lengths of public keys being used. [CVE-2006-2940]\";\ntag_solution = \"Upgrade your system to the appropriate stable release\nor security branch dated after the correction date\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-06:23.openssl.asc\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory FreeBSD-SA-06:23.openssl.asc\";\n\n \nif(description)\n{\n script_id(57475);\n script_version(\"$Revision: 8023 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-07 09:36:26 +0100 (Thu, 07 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2006-2937\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n name = \"FreeBSD Security Advisory (FreeBSD-SA-06:23.openssl.asc)\";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n family = \"FreeBSD Local Security Checks\";\n script_family(family);\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdpatchlevel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\nif(patchlevelcmp(rel:\"6.1\", patchlevel:\"8\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"6.0\", patchlevel:\"13\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"5.5\", patchlevel:\"6\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"5.4\", patchlevel:\"20\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"5.3\", patchlevel:\"35\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"4.11\", patchlevel:\"23\")<0) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:14", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openssl-devel\n openssl\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5018586 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for OpenSSL", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065603", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065603", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5018586.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for OpenSSL\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openssl-devel\n openssl\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5018586 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65603\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for OpenSSL\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.7d~15.29\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:16", "description": "Check for the Version of Apache Remote Execution of Arbitrary Code", "cvss3": {}, "published": "2009-05-05T00:00:00", "type": "openvas", "title": "HP-UX Update for Apache Remote Execution of Arbitrary Code HPSBUX02186", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2005-2969", "CVE-2006-4339"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:835119", "href": "http://plugins.openvas.org/nasl.php?oid=835119", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Apache Remote Execution of Arbitrary Code HPSBUX02186\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote execution of arbitrary code\n Denial of Service (DoS)\n and unauthorized access.\";\ntag_affected = \"Apache Remote Execution of Arbitrary Code on\n HP-UX B.11.11, B.11.23, and B.11.31\";\ntag_insight = \"Potential security vulnerabilities have been identified with Apache running \n on HP-UX. These vulnerabilities could be exploited remotely to allow \n execution of arbitrary code, Denial of Service (DoS), or unauthorized \n access.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00849540-2\");\n script_id(835119);\n script_version(\"$Revision: 6584 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 16:13:23 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02186\");\n script_cve_id(\"CVE-2006-2940\", \"CVE-2006-2937\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2005-2969\");\n script_name( \"HP-UX Update for Apache Remote Execution of Arbitrary Code HPSBUX02186\");\n\n script_summary(\"Check for the Version of Apache Remote Execution of Arbitrary Code\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.00\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"A.2.0.58.01\", rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"B.2.0.58.01\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"A.2.0.58.01\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"B.2.0.58.01\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:47", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122301-44", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855768", "href": "http://plugins.openvas.org/nasl.php?oid=855768", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122301-44\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855768);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122301-44\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for Kernel 122301-44\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122301-44-1\");\n\n script_summary(\"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"122301-44\", package:\"SUNWatfsu SUNWarc SUNWrsg SUNWcstl SUNWsshdu SUNWcar.i SUNWrsgk SUNWcsu SUNWnfscr SUNWnfssu SUNWaudit SUNWcsr SUNWsshdr SUNWmdb SUNWvolu SUNWudfr SUNWnfscu SUNWsshcu SUNWatfsr SUNWsshu SUNWcsl SUNWsshr SUNWnfssr SUNWhea\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:18", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122301-40", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855018", "href": "http://plugins.openvas.org/nasl.php?oid=855018", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122301-40\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855018);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122301-40\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for Kernel 122301-40\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122301-40-1\");\n\n script_summary(\"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"122301-40\", package:\"SUNWsshcu SUNWcar.i SUNWarc SUNWmdb SUNWaudit SUNWsshdu SUNWcsl SUNWsshdr SUNWsshr SUNWcsr SUNWhea SUNWsshu SUNWcsu SUNWcstl\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:20", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122300-40", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855612", "href": "http://plugins.openvas.org/nasl.php?oid=855612", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122300-40\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855612);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122300-40\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for Kernel 122300-40\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122300-40-1\");\n\n script_summary(\"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"122300-40\", package:\"SUNWsshcu SUNWcar.us SUNWarc SUNWcar.m SUNWpdx SUNWmdb SUNWaudit SUNWsshdu FJSVhea SUNWcsl SUNWsshdr SUNWefcx.u SUNWsshr SUNWdrr.u SUNWdrrx.us SUNWcsxu SUNWcarx.us SUNWpiclu SUNWmdbx SUNWvolr SUNWdrr.us SUNWcsr SUNWefcx.us SUNWpd SUNWhea SUNWcslx SUNWcstlx SUNWcarx.u SUNWsshu SUNWcsu SUNWcar.u SUNWdrcrx.u SUNWdrrx.u SUNWcstl\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:55", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122301-42", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855702", "href": "http://plugins.openvas.org/nasl.php?oid=855702", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122301-42\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855702);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-23 10:48:35 +0200 (Wed, 23 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122301-42\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for Kernel 122301-42\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122301-42-1\");\n\n script_summary(\"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"122301-42\", package:\"SUNWatfsu SUNWarc SUNWrsg SUNWcstl SUNWsshdu SUNWcar.i SUNWrsgk SUNWcsu SUNWnfscr SUNWnfssu SUNWaudit SUNWcsr SUNWsshdr SUNWmdb SUNWvolu SUNWudfr SUNWnfscu SUNWsshcu SUNWatfsr SUNWsshu SUNWcsl SUNWsshr SUNWnfssr SUNWhea\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:54", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for kernel 127127-11", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2007-5135"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855322", "href": "http://plugins.openvas.org/nasl.php?oid=855322", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for kernel 127127-11\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"kernel on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855322);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"127127-11\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2007-5135\");\n script_name( \"Solaris Update for kernel 127127-11\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-127127-11-1\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"127127-11\", package:\"SUNWgssdh SUNWcakr.u SUNWrcmdc SUNWpsu SUNWfss SUNWatfsu SUNWscplp SUNWudapltu SUNWrds SUNWarc SUNWcakrnt2000.v SUNWfmd SUNWintgige SUNWbtool SUNWidn.u FJSVcpcu SUNWperl584core SUNWypr SUNWcry SUNWkrbu SUNWdrcr.u SUNWsmapi SUNWtavor SUNWgssk SUNWmdb SUNWzfsu SUNWaudit SUNWtsr SUNWldomr.v SUNWiopc.v SUNWcakr.us SUNWpapi SUNWcart200.v SUNWcpr.u SUNWkvm.u SUNWsndmu SUNWnfssu SUNWkdcu SUNWmdr SUNWpcr SUNWkvm.v SUNWkvm.us FJSVhea SUNWxcu4 SUNWudapltr SUNWdtrc SUNWopenssl-libraries FJSVfmd SUNWus.u SUNWcsl FJSVmdbr SUNWcpcu SUNWrcmds SUNWvolu SUNWniumx.v SUNWcpc.v SUNWib SUNWnisu SUNWtoo SUNWcryr SUNWdrr.u FJSVpiclu SUNWkvmt200.v SUNWefc.u SUNWtnetc SUNWpiclu SUNWtsg SUNWypu SUNWftduu SUNWppm SUNWcakr.v SUNWusb SUNWn2cp.v SUNWcti2.u SUNWzfsr SUNWdrr.us SUNWckr SUNWcsr SUNWfruid SUNW1394 SUNWgss SUNWkrbr SUNWtsu SUNWmdbr SUNWpd SUNWldomu.v SUNWpcu SUNWzfskr SUNWarcr SUNWmdu FJSVmdb SUNWpamsc SUNWwbsup SUNWcar.v SUNWhea SUNWnfsckr SUNWdtrp SUNWspnego SUNWdcar SUNWcpc.us SUNWpl5u SUNWnfsskr SUNWtnetd SUNWcslr SUNWippcore SUNWcsu SUNWust1.v SUNWnxge.v SUNWnfscu SUNWesu SUNWnxge.u SUNWcsd SUNWfruip.u SUNWpsr SUNWssad SUNWpdu SUNWcpc.u SUNWipplr SUNWpsm-lpd SUNWluxl SUNWefc.us SUNWzoneu SUNWipplu SUNWust2.v SUNWnfscr SUNWwrsm.u SUNWftdur SUNWpiclr SUNWcstl\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:59", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122300-44", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855780", "href": "http://plugins.openvas.org/nasl.php?oid=855780", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122300-44\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855780);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122300-44\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for Kernel 122300-44\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122300-44-1\");\n\n script_summary(\"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"122300-44\", package:\"SUNWatfsu SUNWudfrx SUNWarc SUNWcarx.u SUNWrsg SUNWvolr SUNWcstl SUNWnfscx SUNWcslx SUNWsshdu SUNWcstlx SUNWrsgk SUNWpdx SUNWcsu SUNWnfssx SUNWnfscr SUNWcsxu SUNWnfssu SUNWaudit SUNWpd SUNWcsr SUNWsshdr SUNWefcx.us SUNWmdbx SUNWmdb SUNWdrrx.u SUNWvolu SUNWcar.u SUNWdrr.us SUNWudfr SUNWnfscu SUNWrsgx SUNWcar.m SUNWsshcu SUNWcar.us FJSVhea SUNWatfsr SUNWpiclu SUNWdrrx.us SUNWsshu SUNWcsl SUNWsshr SUNWdrr.u SUNWefcx.u SUNWnfssr SUNWcarx.us SUNWdrcrx.u SUNWhea\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:40", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122301-40", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855018", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855018", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122301-40\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855018\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122301-40\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for Kernel 122301-40\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122301-40-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"122301-40\", package:\"SUNWsshcu SUNWcar.i SUNWarc SUNWmdb SUNWaudit SUNWsshdu SUNWcsl SUNWsshdr SUNWsshr SUNWcsr SUNWhea SUNWsshu SUNWcsu SUNWcstl\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:48", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122300-40", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855612", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855612", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122300-40\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855612\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122300-40\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for Kernel 122300-40\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122300-40-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"122300-40\", package:\"SUNWsshcu SUNWcar.us SUNWarc SUNWcar.m SUNWpdx SUNWmdb SUNWaudit SUNWsshdu FJSVhea SUNWcsl SUNWsshdr SUNWefcx.u SUNWsshr SUNWdrr.u SUNWdrrx.us SUNWcsxu SUNWcarx.us SUNWpiclu SUNWmdbx SUNWvolr SUNWdrr.us SUNWcsr SUNWefcx.us SUNWpd SUNWhea SUNWcslx SUNWcstlx SUNWcarx.u SUNWsshu SUNWcsu SUNWcar.u SUNWdrcrx.u SUNWdrrx.u SUNWcstl\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:55", "description": "Check for the Version of Apache Remote Execution of Arbitrary Code", "cvss3": {}, "published": "2009-05-05T00:00:00", "type": "openvas", "title": "HP-UX Update for Apache Remote Execution of Arbitrary Code HPSBUX02186", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2005-2969", "CVE-2006-4339"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310835119", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835119", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Apache Remote Execution of Arbitrary Code HPSBUX02186\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote execution of arbitrary code\n Denial of Service (DoS)\n and unauthorized access.\";\ntag_affected = \"Apache Remote Execution of Arbitrary Code on\n HP-UX B.11.11, B.11.23, and B.11.31\";\ntag_insight = \"Potential security vulnerabilities have been identified with Apache running \n on HP-UX. These vulnerabilities could be exploited remotely to allow \n execution of arbitrary code, Denial of Service (DoS), or unauthorized \n access.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00849540-2\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835119\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02186\");\n script_cve_id(\"CVE-2006-2940\", \"CVE-2006-2937\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2005-2969\");\n script_name( \"HP-UX Update for Apache Remote Execution of Arbitrary Code HPSBUX02186\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Apache Remote Execution of Arbitrary Code\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.00\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"A.2.0.58.01\", rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"B.2.0.58.01\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"A.2.0.58.01\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"B.2.0.58.01\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:16", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for kernel 127127-11", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2007-5135"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855322", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855322", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for kernel 127127-11\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"kernel on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855322\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"127127-11\");\n script_cve_id(\"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2007-5135\");\n script_name( \"Solaris Update for kernel 127127-11\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-127127-11-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"127127-11\", package:\"SUNWgssdh SUNWcakr.u SUNWrcmdc SUNWpsu SUNWfss SUNWatfsu SUNWscplp SUNWudapltu SUNWrds SUNWarc SUNWcakrnt2000.v SUNWfmd SUNWintgige SUNWbtool SUNWidn.u FJSVcpcu SUNWperl584core SUNWypr SUNWcry SUNWkrbu SUNWdrcr.u SUNWsmapi SUNWtavor SUNWgssk SUNWmdb SUNWzfsu SUNWaudit SUNWtsr SUNWldomr.v SUNWiopc.v SUNWcakr.us SUNWpapi SUNWcart200.v SUNWcpr.u SUNWkvm.u SUNWsndmu SUNWnfssu SUNWkdcu SUNWmdr SUNWpcr SUNWkvm.v SUNWkvm.us FJSVhea SUNWxcu4 SUNWudapltr SUNWdtrc SUNWopenssl-libraries FJSVfmd SUNWus.u SUNWcsl FJSVmdbr SUNWcpcu SUNWrcmds SUNWvolu SUNWniumx.v SUNWcpc.v SUNWib SUNWnisu SUNWtoo SUNWcryr SUNWdrr.u FJSVpiclu SUNWkvmt200.v SUNWefc.u SUNWtnetc SUNWpiclu SUNWtsg SUNWypu SUNWftduu SUNWppm SUNWcakr.v SUNWusb SUNWn2cp.v SUNWcti2.u SUNWzfsr SUNWdrr.us SUNWckr SUNWcsr SUNWfruid SUNW1394 SUNWgss SUNWkrbr SUNWtsu SUNWmdbr SUNWpd SUNWldomu.v SUNWpcu SUNWzfskr SUNWarcr SUNWmdu FJSVmdb SUNWpamsc SUNWwbsup SUNWcar.v SUNWhea SUNWnfsckr SUNWdtrp SUNWspnego SUNWdcar SUNWcpc.us SUNWpl5u SUNWnfsskr SUNWtnetd SUNWcslr SUNWippcore SUNWcsu SUNWust1.v SUNWnxge.v SUNWnfscu SUNWesu SUNWnxge.u SUNWcsd SUNWfruip.u SUNWpsr SUNWssad SUNWpdu SUNWcpc.u SUNWipplr SUNWpsm-lpd SUNWluxl SUNWefc.us SUNWzoneu SUNWipplu SUNWust2.v SUNWnfscr SUNWwrsm.u SUNWftdur SUNWpiclr SUNWcstl\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:24", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122301-42", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855702", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855702", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122301-42\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855702\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-23 10:48:35 +0200 (Wed, 23 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122301-42\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for Kernel 122301-42\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122301-42-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"122301-42\", package:\"SUNWatfsu SUNWarc SUNWrsg SUNWcstl SUNWsshdu SUNWcar.i SUNWrsgk SUNWcsu SUNWnfscr SUNWnfssu SUNWaudit SUNWcsr SUNWsshdr SUNWmdb SUNWvolu SUNWudfr SUNWnfscu SUNWsshcu SUNWatfsr SUNWsshu SUNWcsl SUNWsshr SUNWnfssr SUNWhea\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:32", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122301-44", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855768", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855768", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122301-44\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855768\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122301-44\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for Kernel 122301-44\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122301-44-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"122301-44\", package:\"SUNWatfsu SUNWarc SUNWrsg SUNWcstl SUNWsshdu SUNWcar.i SUNWrsgk SUNWcsu SUNWnfscr SUNWnfssu SUNWaudit SUNWcsr SUNWsshdr SUNWmdb SUNWvolu SUNWudfr SUNWnfscu SUNWsshcu SUNWatfsr SUNWsshu SUNWcsl SUNWsshr SUNWnfssr SUNWhea\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:46", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122300-44", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855780", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855780", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122300-44\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855780\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122300-44\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for Kernel 122300-44\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122300-44-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"122300-44\", package:\"SUNWatfsu SUNWudfrx SUNWarc SUNWcarx.u SUNWrsg SUNWvolr SUNWcstl SUNWnfscx SUNWcslx SUNWsshdu SUNWcstlx SUNWrsgk SUNWpdx SUNWcsu SUNWnfssx SUNWnfscr SUNWcsxu SUNWnfssu SUNWaudit SUNWpd SUNWcsr SUNWsshdr SUNWefcx.us SUNWmdbx SUNWmdb SUNWdrrx.u SUNWvolu SUNWcar.u SUNWdrr.us SUNWudfr SUNWnfscu SUNWrsgx SUNWcar.m SUNWsshcu SUNWcar.us FJSVhea SUNWatfsr SUNWpiclu SUNWdrrx.us SUNWsshu SUNWcsl SUNWsshr SUNWdrr.u SUNWefcx.u SUNWnfssr SUNWcarx.us SUNWdrcrx.u SUNWhea\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:56", "description": "Check for the Version of SunFreeware gzip", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for SunFreeware gzip 120719-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4336", "CVE-2005-1228", "CVE-2005-0988", "CVE-2006-4338", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4337"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855238", "href": "http://plugins.openvas.org/nasl.php?oid=855238", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for SunFreeware gzip 120719-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"SunFreeware gzip on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n SunFreeware gzip\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855238);\n script_version(\"$Revision: 5359 $\");\n script_cve_id(\"CVE-2005-0988\", \"CVE-2005-1228\", \"CVE-2006-4338\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4334\", \"CVE-2006-4335\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"120719-02\");\n script_name( \"Solaris Update for SunFreeware gzip 120719-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-120719-02-1\");\n\n script_summary(\"Check for the Version of SunFreeware gzip\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"120719-02\", package:\"SUNWgzip SUNWgzipS\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:39:28", "description": "Check for the Version of SunFreeware gzip", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for SunFreeware gzip 120719-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4336", "CVE-2005-1228", "CVE-2005-0988", "CVE-2006-4338", "CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4337"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855238", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855238", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for SunFreeware gzip 120719-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"SunFreeware gzip on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n SunFreeware gzip\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855238\");\n script_version(\"$Revision: 9370 $\");\n script_cve_id(\"CVE-2005-0988\", \"CVE-2005-1228\", \"CVE-2006-4338\", \"CVE-2006-4336\", \"CVE-2006-4337\", \"CVE-2006-4334\", \"CVE-2006-4335\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"120719-02\");\n script_name( \"Solaris Update for SunFreeware gzip 120719-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-120719-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of SunFreeware gzip\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"120719-02\", package:\"SUNWgzip SUNWgzipS\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:15", "description": "Check for the Version of /usr/bin/ssh", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for /usr/bin/ssh 114356-19", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483", "CVE-2006-0225"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855742", "href": "http://plugins.openvas.org/nasl.php?oid=855742", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for /usr/bin/ssh 114356-19\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"/usr/bin/ssh on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n /usr/bin/ssh\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855742);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114356-19\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-0225\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for /usr/bin/ssh 114356-19\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114356-19-1\");\n\n script_summary(\"Check for the Version of /usr/bin/ssh\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"114356-19\", package:\"SUNWsshcu SUNWsshu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:19", "description": "Check for the Version of /usr/bin/ssh", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for /usr/bin/ssh 114356-18", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483", "CVE-2006-0225"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855023", "href": "http://plugins.openvas.org/nasl.php?oid=855023", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for /usr/bin/ssh 114356-18\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"/usr/bin/ssh on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n /usr/bin/ssh\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855023);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:24:08 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114356-18\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-0225\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for /usr/bin/ssh 114356-18\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114356-18-1\");\n\n script_summary(\"Check for the Version of /usr/bin/ssh\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"114356-18\", package:\"SUNWsshcu SUNWsshu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:14", "description": "Check for the Version of /usr/bin/ssh", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for /usr/bin/ssh 114357-17", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483", "CVE-2006-0225"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855030", "href": "http://plugins.openvas.org/nasl.php?oid=855030", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for /usr/bin/ssh 114357-17\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"/usr/bin/ssh on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n /usr/bin/ssh\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855030);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:24:08 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114357-17\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-0225\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for /usr/bin/ssh 114357-17\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114357-17-1\");\n\n script_summary(\"Check for the Version of /usr/bin/ssh\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"114357-17\", package:\"SUNWsshcu SUNWsshu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:58", "description": "Check for the Version of /usr/bin/ssh", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for /usr/bin/ssh 114357-18", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483", "CVE-2006-0225"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855771", "href": "http://plugins.openvas.org/nasl.php?oid=855771", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for /usr/bin/ssh 114357-18\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"/usr/bin/ssh on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n /usr/bin/ssh\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855771);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114357-18\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-0225\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for /usr/bin/ssh 114357-18\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114357-18-1\");\n\n script_summary(\"Check for the Version of /usr/bin/ssh\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"114357-18\", package:\"SUNWsshcu SUNWsshu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-18T11:04:54", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2010-02-03T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122300-48", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483", "CVE-2006-0225"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:1361412562310855835", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855835", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122300-48\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855835\");\n script_version(\"$Revision: 8440 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-03 13:24:57 +0100 (Wed, 03 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122300-48\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-0225\");\n script_name(\"Solaris Update for Kernel 122300-48\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122300-48-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"122300-48\", package:\"SUNWcar.us SUNWatfsu SUNWarc SUNWnfssx SUNWcar.m SUNWudfrx SUNWpdx SUNWmdb SUNWaudit SUNWsshdu SUNWnfscx SUNWnfssu FJSVhea SUNWcsl SUNWrsg SUNWrsgx SUNWrsgk SUNWsshdr SUNWses SUNWefcx.u SUNWvolu SUNWsshr SUNWdrr.u SUNWdrrx.us SUNWssadx SUNWcsxu SUNWcarx.us SUNWpiclu SUNWmdbx SUNWnfssr SUNWvolr SUNWdrr.us SUNWcsr SUNWefcx.us SUNWpd SUNWhea SUNWcslx SUNWcstlx SUNWcarx.u SUNWatfsr SUNWsshu SUNWcsu SUNWcar.u SUNWnfscu SUNWdrcrx.u SUNWdrrx.u SUNWssad SUNWpdu SUNWnfscr SUNWcstl SUNWudfr\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-20T13:18:07", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2010-02-03T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122300-48", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483", "CVE-2006-0225"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:855835", "href": "http://plugins.openvas.org/nasl.php?oid=855835", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122300-48\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855835);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-03 13:24:57 +0100 (Wed, 03 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122300-48\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-0225\");\n script_name(\"Solaris Update for Kernel 122300-48\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122300-48-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"122300-48\", package:\"SUNWcar.us SUNWatfsu SUNWarc SUNWnfssx SUNWcar.m SUNWudfrx SUNWpdx SUNWmdb SUNWaudit SUNWsshdu SUNWnfscx SUNWnfssu FJSVhea SUNWcsl SUNWrsg SUNWrsgx SUNWrsgk SUNWsshdr SUNWses SUNWefcx.u SUNWvolu SUNWsshr SUNWdrr.u SUNWdrrx.us SUNWssadx SUNWcsxu SUNWcarx.us SUNWpiclu SUNWmdbx SUNWnfssr SUNWvolr SUNWdrr.us SUNWcsr SUNWefcx.us SUNWpd SUNWhea SUNWcslx SUNWcstlx SUNWcarx.u SUNWatfsr SUNWsshu SUNWcsu SUNWcar.u SUNWnfscu SUNWdrcrx.u SUNWdrrx.u SUNWssad SUNWpdu SUNWnfscr SUNWcstl SUNWudfr\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:11:14", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2010-02-03T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122301-48", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483", "CVE-2006-0225"], "modified": "2017-12-12T00:00:00", "id": "OPENVAS:855853", "href": "http://plugins.openvas.org/nasl.php?oid=855853", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122301-48\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Kernel on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855853);\n script_version(\"$Revision: 8082 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-12 07:31:24 +0100 (Tue, 12 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-03 13:24:57 +0100 (Wed, 03 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122301-48\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-0225\");\n script_name(\"Solaris Update for Kernel 122301-48\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122301-48-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of Kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"122301-48\", package:\"SUNWsshcu SUNWcar.i SUNWatfsu SUNWarc SUNWmdb SUNWaudit SUNWsshdu SUNWnfssu SUNWcsl SUNWrsg SUNWrsgk SUNWsshdr SUNWvolu SUNWsshr SUNWnfssr SUNWcsr SUNWhea SUNWatfsr SUNWsshu SUNWcsu SUNWnfscu SUNWnfscr SUNWcstl SUNWudfr\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:42", "description": "Check for the Version of /usr/bin/ssh", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for /usr/bin/ssh 114356-18", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483", "CVE-2006-0225"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855023", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855023", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for /usr/bin/ssh 114356-18\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"/usr/bin/ssh on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n /usr/bin/ssh\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855023\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:24:08 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114356-18\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-0225\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for /usr/bin/ssh 114356-18\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114356-18-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of /usr/bin/ssh\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"114356-18\", package:\"SUNWsshcu SUNWsshu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:49", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for kernel 127128-11", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2005-2969", "CVE-2006-4339", "CVE-2007-5135"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855192", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855192", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for kernel 127128-11\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"kernel on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n kernel\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855192\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"127128-11\");\n script_cve_id(\"CVE-2007-5135\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2005-2969\");\n script_name( \"Solaris Update for kernel 127128-11\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-127128-11-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"127128-11\", package:\"SUNWcpc.i SUNWrcmdc SUNWpsu SUNWfss SUNWatfsu SUNWscplp SUNWopenssl-include SUNWudapltu SUNWrds SUNWarc SUNWahci SUNWfmd SUNWintgige SUNWbtool SUNWperl584core SUNWypr SUNWcry SUNWkrbu SUNWsmapi SUNWtavor SUNWgssk SUNWpsdcr SUNWmdb SUNWzfsu SUNWaudit SUNWtsr SUNWpapi SUNWsndmu SUNWnfssu SUNWkdcu SUNWmdr SUNWpcr SUNWpsdir SUNWxcu4 SUNWudapltr SUNWdtrc SUNWopenssl-libraries SUNWcsl SUNWcpcu SUNWrcmds SUNWvolu SUNWib SUNWnisu SUNWos86r SUNWtoo SUNWcryr SUNWsi3124 SUNWtnetc SUNWtsg SUNWypu SUNWmv88sx SUNWftduu SUNWppm SUNWusb SUNWzfsr SUNWckr SUNWcsr SUNW1394 SUNWgss SUNWkrbr SUNWtsu SUNWmdbr SUNWlxr SUNWpcu SUNWzfskr SUNWarcr SUNWmdu SUNWpamsc SUNWnxge.i SUNWpsh SUNWhea SUNWcakr.i SUNWnfsckr SUNWdtrp SUNWspnego SUNWdcar SUNWpl5u SUNWnfsskr SUNWtnetd SUNWcslr SUNWippcore SUNWlxu SUNWcsu SUNWnfscu SUNWesu SUNWcsd SUNWpsr SUNWipplr SUNWpsm-lpd SUNWzoneu SUNWipplu SUNWnfscr SUNWftdur SUNWcstl\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:22", "description": "Check for the Version of /usr/bin/ssh", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for /usr/bin/ssh 114356-19", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483", "CVE-2006-0225"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855742", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855742", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for /usr/bin/ssh 114356-19\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"/usr/bin/ssh on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n /usr/bin/ssh\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855742\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114356-19\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-0225\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for /usr/bin/ssh 114356-19\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114356-19-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of /usr/bin/ssh\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"114356-19\", package:\"SUNWsshcu SUNWsshu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:12", "description": "Check for the Version of /usr/bin/ssh", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for /usr/bin/ssh 114357-17", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483", "CVE-2006-0225"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855030", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855030", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for /usr/bin/ssh 114357-17\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"/usr/bin/ssh on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n /usr/bin/ssh\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855030\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:24:08 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114357-17\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-0225\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name( \"Solaris Update for /usr/bin/ssh 114357-17\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114357-17-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of /usr/bin/ssh\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"114357-17\", package:\"SUNWsshcu SUNWsshu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:42", "description": "Check for the Version of /usr/bin/ssh", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for /usr/bin/ssh 114357-18", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483", "CVE-2006-0225"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855771", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855771", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for /usr/bin/ssh 114357-18\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"/usr/bin/ssh on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n /usr/bin/ssh\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855771\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114357-18\");\n script_cve_id(\"CVE-2008-1483\", \"CVE-2006-0225\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2006-4339\", \"CVE-2006-2937\", \"CVE-2006-2940\");\n script_name(\"Solaris Update for /usr/bin/ssh 114357-18\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114357-18-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of /usr/bin/ssh\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"114357-18\", package:\"SUNWsshcu SUNWsshu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:46", "description": "Check for the Version of Kernel", "cvss3": {}, "published": "2010-02-03T00:00:00", "type": "openvas", "title": "Solaris Update for Kernel 122301-48", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-3738", "CVE-2006-2940", "CVE-2006-2937", "CVE-2006-4343", "CVE-2006-4339", "CVE-2008-1483", "CVE-2006-0225"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:1361412562310855853", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855853", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Kernel 122301-48\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free

Apple Mac OS X 2006-007存在多个安全漏洞

Description

Related