Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails
3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow
remote attackers to inject arbitrary web script or HTML via text declared
as "HTML safe" and used as attribute values in tag handlers.
#### Bugs
* <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834155>
#### Notes
Author| Note
---|---
[seth-arnold](<https://launchpad.net/~seth-arnold>) | In Oneiric-Saucy, rails package is just for transition; The rails package contains actual code from vivid onward
[mdeslaur](<https://launchpad.net/~mdeslaur>) | The GnuPG project used this CVE number by mistake when doing an announcement. The GnuPG issue is actually CVE-2016-6313.
{"redhat": [{"lastseen": "2021-10-19T20:35:42", "description": "Ruby on Rails is a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.\n\nSecurity Fix(es):\n\n* It was discovered that Action View tag helpers did not escape quotes when using strings declared as HTML safe as attribute values. A remote attacker could use this flaw to conduct a cross-site scripting (XSS) attack. (CVE-2016-6316)\n\nRed Hat would like to thank the Ruby on Rails project for reporting this issue. Upstream acknowledges Andrew Carpenter (Critical Juncture) as the original reporter.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-09-13T09:51:16", "type": "redhat", "title": "(RHSA-2016:1857) Moderate: ror40-rubygem-actionpack security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2018-06-12T21:28:24", "id": "RHSA-2016:1857", "href": "https://access.redhat.com/errata/RHSA-2016:1857", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-19T20:36:26", "description": "Ruby on Rails is a model-view-controller (MVC) framework for web application development. Action View implements the view component.\n\nSecurity Fix(es):\n\n* It was discovered that Action View tag helpers did not escape quotes when using strings declared as HTML safe as attribute values. A remote attacker could use this flaw to conduct a cross-site scripting (XSS) attack. (CVE-2016-6316)\n\nRed Hat would like to thank the Ruby on Rails project for reporting this issue. Upstream acknowledges Andrew Carpenter (Critical Juncture) as the original reporter.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-09-13T09:50:58", "type": "redhat", "title": "(RHSA-2016:1856) Moderate: rh-ror41-rubygem-actionview security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2018-06-12T21:28:18", "id": "RHSA-2016:1856", "href": "https://access.redhat.com/errata/RHSA-2016:1856", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-19T20:37:53", "description": "Ruby on Rails is a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.\n\nSecurity Fix(es):\n\n* It was discovered that Action View tag helpers did not escape quotes when using strings declared as HTML safe as attribute values. A remote attacker could use this flaw to conduct a cross-site scripting (XSS) attack. (CVE-2016-6316)\n\nRed Hat would like to thank the Ruby on Rails project for reporting this issue. Upstream acknowledges Andrew Carpenter (Critical Juncture) as the original reporter.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-09-13T09:51:35", "type": "redhat", "title": "(RHSA-2016:1858) Moderate: ruby193-rubygem-actionpack security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2018-06-12T21:28:26", "id": "RHSA-2016:1858", "href": "https://access.redhat.com/errata/RHSA-2016:1858", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-19T18:37:12", "description": "The libgcrypt library provides general-purpose implementations of various cryptographic algorithms.\n\nSecurity Fix(es):\n\n* A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. (CVE-2016-6313)\n\nRed Hat would like to thank Felix D\u00f6rre and Vladimir Klebanov for reporting this issue.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-11-08T03:29:18", "type": "redhat", "title": "(RHSA-2016:2674) Moderate: libgcrypt security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2018-06-06T16:24:22", "id": "RHSA-2016:2674", "href": "https://access.redhat.com/errata/RHSA-2016:2674", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-21T04:46:32", "description": "Ruby on Rails is a model-view-controller (MVC) framework for web application development. Action View implements the view component, and Active Record implements the model component.\n\nSecurity Fix(es) in rubygem-actionview:\n\n* It was discovered that Action View tag helpers did not escape quotes when using strings declared as HTML safe as attribute values. A remote attacker could use this flaw to conduct a cross-site scripting (XSS) attack. (CVE-2016-6316)\n\nSecurity Fix(es) in rubygem-activerecord:\n\n* A flaw was found in the way Active Record handled certain special values in dynamic finders and relations. If a Ruby on Rails application performed JSON parameter parsing, a remote attacker could possibly manipulate search conditions in SQL queries generated by the application. (CVE-2016-6317)\n\nRed Hat would like to thank the Ruby on Rails project for reporting these issues. Upstream acknowledges Andrew Carpenter (Critical Juncture) as the original reporter of CVE-2016-6316; and joernchen (Phenoelit) as the original reporter of CVE-2016-6317.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-09-13T09:49:49", "type": "redhat", "title": "(RHSA-2016:1855) Moderate: rh-ror42 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "modified": "2018-04-23T07:41:48", "id": "RHSA-2016:1855", "href": "https://access.redhat.com/errata/RHSA-2016:1855", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2019-05-29T18:35:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-27T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-actionview FEDORA-2016-ab8bf51cf3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6316"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809171", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809171", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionview FEDORA-2016-ab8bf51cf3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809171\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-27 05:53:27 +0200 (Sat, 27 Aug 2016)\");\n script_cve_id(\"CVE-2016-6316\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-actionview FEDORA-2016-ab8bf51cf3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-actionview'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rubygem-actionview on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-ab8bf51cf3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHYGEL6GEXD5GMJSM2FCGFAPH4NJAWH3\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionview\", rpm:\"rubygem-actionview~4.2.3~6.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:19", "description": "Andrew Carpenter of Critical Juncture\ndiscovered a cross-site scripting vulnerability affecting Action View in rails,\na web application framework written in Ruby. Text declared as HTML safe\nwill not have quotes escaped when used as attribute values in tag helpers.", "cvss3": {}, "published": "2016-08-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3651-1 (rails - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6316"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703651", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703651", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3651.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3651-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703651\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-6316\");\n script_name(\"Debian Security Advisory DSA 3651-1 (rails - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-25 00:00:00 +0200 (Thu, 25 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3651.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"rails on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthis problem has been fixed in version 2:4.1.8-1+deb8u4.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2:4.2.7.1-1.\n\nWe recommend that you upgrade your rails packages.\");\n script_tag(name:\"summary\", value:\"Andrew Carpenter of Critical Juncture\ndiscovered a cross-site scripting vulnerability affecting Action View in rails,\na web application framework written in Ruby. Text declared as HTML safe\nwill not have quotes escaped when used as attribute values in tag helpers.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"rails\", ver:\"2:4.1.8-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-actionmailer\", ver:\"2:4.1.8-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-actionpack\", ver:\"2:4.1.8-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-actionview\", ver:\"2:4.1.8-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-activemodel\", ver:\"2:4.1.8-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-activerecord\", ver:\"2:4.1.8-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-activesupport\", ver:\"2:4.1.8-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-activesupport-2.3\", ver:\"2:4.1.8-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-rails\", ver:\"2:4.1.8-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby-railties\", ver:\"2:4.1.8-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-07-21T21:54:04", "description": "This host is running Ruby on Rails and is\n prone to cross site scripting vulnerability.", "cvss3": {}, "published": "2016-10-13T00:00:00", "type": "openvas", "title": "Ruby on Rails Action View Cross Site Scripting Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6316"], "modified": "2020-07-14T00:00:00", "id": "OPENVAS:1361412562310807380", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807380", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ruby on Rails Action View Cross Site Scripting Vulnerability (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:rubyonrails:rails\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807380\");\n script_version(\"2020-07-14T14:33:06+0000\");\n script_cve_id(\"CVE-2016-6316\");\n script_bugtraq_id(92430);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-07-14 14:33:06 +0000 (Tue, 14 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-10-13 14:29:55 +0530 (Thu, 13 Oct 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Ruby on Rails Action View Cross Site Scripting Vulnerability (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running Ruby on Rails and is\n prone to cross site scripting vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to the Text declared as\n 'HTML safe' when passed as an attribute value to a tag helper will not have\n quotes escaped which can lead to an XSS attack.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to inject arbitrary web script or HTML via crafted parameters.\");\n\n script_tag(name:\"affected\", value:\"Ruby on Rails 3.x before 3.2.22.3,\n Ruby on Rails 4.x before 4.2.7.1 and\n Ruby on Rails 5.x before 5.0.0.1 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Ruby on Rails 3.2.22.3 or 4.2.7.1 or\n 5.0.0.1 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://seclists.org/oss-sec/2016/q3/260\");\n script_xref(name:\"URL\", value:\"https://groups.google.com/forum/#!msg/rubyonrails-security/I-VWr034ouk/gGu2FrCwDAAJ\");\n script_xref(name:\"URL\", value:\"http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_rails_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"rails/detected\", \"Host/runs_unixoide\");\n exit(0);\n}\n\ninclude( \"version_func.inc\" );\ninclude( \"host_details.inc\" );\n\nif( isnull( port = get_app_port( cpe: CPE ) ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, port: port, exit_no_version: TRUE ) )\n exit( 0 );\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nVULN = FALSE;\n\nif( version =~ \"^(3\\.)\")\n{\n if( version_is_less( version: version, test_version: \"3.2.22.3\" ) )\n {\n fix = \"3.2.22.3\";\n VULN = TRUE;\n }\n}\n\nelse if( version =~ \"^(4\\.)\" )\n{\n if( version_is_less( version: version, test_version: \"4.2.7.1\" ) )\n {\n fix = \"4.2.7.1\";\n VULN = TRUE;\n }\n}\n\nelse if( version =~ \"^(5\\.)\" )\n{\n if( version_is_less( version: version, test_version: \"5.0.0.1\" ) )\n {\n fix = \"5.0.0.1\";\n VULN = TRUE;\n }\n}\n\nif( VULN )\n{\n report = report_fixed_ver( installed_version: version, fixed_version: fix, install_path: location );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-07-24T12:55:10", "description": "Andrew Carpenter of Critical Juncture\ndiscovered a cross-site scripting vulnerability affecting Action View in rails,\na web application framework written in Ruby. Text declared as HTML safe \nwill not have quotes escaped when used as attribute values in tag helpers.", "cvss3": {}, "published": "2016-08-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3651-1 (rails - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6316"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703651", "href": "http://plugins.openvas.org/nasl.php?oid=703651", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3651.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3651-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703651);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-6316\");\n script_name(\"Debian Security Advisory DSA 3651-1 (rails - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-08-25 00:00:00 +0200 (Thu, 25 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3651.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"rails on Debian Linux\");\n script_tag(name: \"insight\", value: \"Rails is a full-stack, open-source web\nframework in Ruby for writing real-world applications.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthis problem has been fixed in version 2:4.1.8-1+deb8u4.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2:4.2.7.1-1.\n\nWe recommend that you upgrade your rails packages.\");\n script_tag(name: \"summary\", value: \"Andrew Carpenter of Critical Juncture\ndiscovered a cross-site scripting vulnerability affecting Action View in rails,\na web application framework written in Ruby. Text declared as HTML safe \nwill not have quotes escaped when used as attribute values in tag helpers.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"rails\", ver:\"2:4.1.8-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-actionmailer\", ver:\"2:4.1.8-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-actionpack\", ver:\"2:4.1.8-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-actionview\", ver:\"2:4.1.8-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-activemodel\", ver:\"2:4.1.8-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-activerecord\", ver:\"2:4.1.8-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-activesupport\", ver:\"2:4.1.8-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-activesupport-2.3\", ver:\"2:4.1.8-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-rails\", ver:\"2:4.1.8-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby-railties\", ver:\"2:4.1.8-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:35:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-27T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-actionview FEDORA-2016-0d9890f7b5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6316"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809170", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809170", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionview FEDORA-2016-0d9890f7b5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809170\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-27 05:53:30 +0200 (Sat, 27 Aug 2016)\");\n script_cve_id(\"CVE-2016-6316\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-actionview FEDORA-2016-0d9890f7b5\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-actionview'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rubygem-actionview on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-0d9890f7b5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4APXKS7NQ42L26TII23EU4OR5UUM7PGI\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionview\", rpm:\"rubygem-actionview~4.2.5.2~3.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-07-21T21:53:46", "description": "This host is running Ruby on Rails and is\n prone to cross site scripting vulnerability.", "cvss3": {}, "published": "2016-10-13T00:00:00", "type": "openvas", "title": "Ruby on Rails Action View Cross Site Scripting Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6316"], "modified": "2020-07-14T00:00:00", "id": "OPENVAS:1361412562310807379", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807379", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ruby on Rails Action View Cross Site Scripting Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:rubyonrails:rails\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807379\");\n script_version(\"2020-07-14T14:33:06+0000\");\n script_cve_id(\"CVE-2016-6316\");\n script_bugtraq_id(92430);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-07-14 14:33:06 +0000 (Tue, 14 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-10-13 14:29:50 +0530 (Thu, 13 Oct 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Ruby on Rails Action View Cross Site Scripting Vulnerability (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running Ruby on Rails and is\n prone to cross site scripting vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to the Text declared as\n 'HTML safe' when passed as an attribute value to a tag helper will not have\n quotes escaped which can lead to an XSS attack.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to inject arbitrary web script or HTML via crafted parameters.\");\n\n script_tag(name:\"affected\", value:\"Ruby on Rails 3.x before 3.2.22.3,\n Ruby on Rails 4.x before 4.2.7.1 and\n Ruby on Rails 5.x before 5.0.0.1 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Ruby on Rails 3.2.22.3 or 4.2.7.1 or\n 5.0.0.1 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://seclists.org/oss-sec/2016/q3/260\");\n script_xref(name:\"URL\", value:\"https://groups.google.com/forum/#!msg/rubyonrails-security/I-VWr034ouk/gGu2FrCwDAAJ\");\n script_xref(name:\"URL\", value:\"http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_rails_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"rails/detected\", \"Host/runs_windows\");\n exit(0);\n}\n\ninclude( \"version_func.inc\" );\ninclude( \"host_details.inc\" );\n\nif( isnull( port = get_app_port( cpe: CPE ) ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, port: port, exit_no_version: TRUE ) )\n exit( 0 );\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nVULN = FALSE;\n\nif( version =~ \"^(3\\.)\" )\n{\n if( version_is_less( version: version, test_version: \"3.2.22.3\" ) )\n {\n fix = \"3.2.22.3\";\n VULN = TRUE;\n }\n}\n\nelse if( version =~ \"^(4\\.)\" )\n{\n if( version_is_less( version: version, test_version: \"4.2.7.1\" ) )\n {\n fix = \"4.2.7.1\";\n VULN = TRUE;\n }\n}\n\nelse if( version =~ \"^(5\\.)\" )\n{\n if( version_is_less( version: version, test_version: \"5.0.0.1\" ) )\n {\n fix = \"5.0.0.1\";\n VULN = TRUE;\n }\n}\n\nif( VULN )\n{\n report = report_fixed_ver( installed_version: version, fixed_version: fix, install_path: location );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-08T00:00:00", "type": "openvas", "title": "Fedora Update for libgcrypt FEDORA-2016-2b4ecfa79f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809234", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809234", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libgcrypt FEDORA-2016-2b4ecfa79f\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809234\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-08 05:51:10 +0200 (Thu, 08 Sep 2016)\");\n script_cve_id(\"CVE-2016-6313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libgcrypt FEDORA-2016-2b4ecfa79f\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libgcrypt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libgcrypt on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-2b4ecfa79f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6GUKHKI36S47OWTX6VCPNGTCY3LPYQ5M\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"libgcrypt\", rpm:\"libgcrypt~1.6.6~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:56", "description": "Felix Doerre and Vladimir Klebanov from\nthe Karlsruhe Institute of Technology discovered a flaw in the mixing functions of\nLibgcrypt", "cvss3": {}, "published": "2016-08-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3650-1 (libgcrypt20 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703650", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703650", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3650.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3650-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703650\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-6313\");\n script_name(\"Debian Security Advisory DSA 3650-1 (libgcrypt20 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-17 00:00:00 +0200 (Wed, 17 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3650.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"libgcrypt20 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthis problem has been fixed in version 1.6.3-2+deb8u2.\n\nWe recommend that you upgrade your libgcrypt20 packages.\");\n script_tag(name:\"summary\", value:\"Felix Doerre and Vladimir Klebanov from\nthe Karlsruhe Institute of Technology discovered a flaw in the mixing functions of\nLibgcrypt's random number generator. An attacker who obtains 4640 bits from the RNG\ncan trivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that existing\nRSA keys are not weakened. For DSA and Elgamal keys it is also unlikely\nthat the private key can be predicted from other public information.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libgcrypt11-dev\", ver:\"1.6.3-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgcrypt20:amd64\", ver:\"1.6.3-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgcrypt20:i386\", ver:\"1.6.3-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libgcrypt20-dbg:amd64\", ver:\"1.6.3-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgcrypt20-dbg:i386\", ver:\"1.6.3-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libgcrypt20-dev\", ver:\"1.6.3-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgcrypt20-doc\", ver:\"1.6.3-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:33:02", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2016-1081)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220161081", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220161081", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2016.1081\");\n script_version(\"2020-01-23T10:42:25+0000\");\n script_cve_id(\"CVE-2016-6313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:42:25 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:42:25 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2016-1081)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2016-1081\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1081\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libgcrypt' package(s) announced via the EulerOS-SA-2016-1081 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.(CVE-2016-6313)\");\n\n script_tag(name:\"affected\", value:\"'libgcrypt' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libgcrypt\", rpm:\"libgcrypt~1.5.3~13.1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libgcrypt-devel\", rpm:\"libgcrypt-devel~1.5.3~13.1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-17T22:55:34", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2016-10-26T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2016-744)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120733", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120733", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120733\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2016-10-26 15:38:24 +0300 (Wed, 26 Oct 2016)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2016-744)\");\n script_tag(name:\"insight\", value:\"A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker who can obtain the first 580 bytes of the PRNG output can trivially predict the following 20 bytes.\");\n script_tag(name:\"solution\", value:\"Run yum update libgcrypt to update your system.\n\n Run yum update gnupg to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-744.html\");\n script_cve_id(\"CVE-2016-6313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"libgcrypt-devel\", rpm:\"libgcrypt-devel~1.5.3~12.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libgcrypt\", rpm:\"libgcrypt~1.5.3~12.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libgcrypt-debuginfo\", rpm:\"libgcrypt-debuginfo~1.5.3~12.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gnupg-debuginfo\", rpm:\"gnupg-debuginfo~1.4.19~1.28.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gnupg\", rpm:\"gnupg~1.4.19~1.28.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:29", "description": "Felix Doerre and Vladimir Klebanov from\nthe Karlsruhe Institute of Technology discovered a flaw in the mixing functions of\nGnuPG", "cvss3": {}, "published": "2016-08-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3649-1 (gnupg - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703649", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703649", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3649.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3649-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703649\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-6313\");\n script_name(\"Debian Security Advisory DSA 3649-1 (gnupg - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-17 00:00:00 +0200 (Wed, 17 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3649.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"gnupg on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthis problem has been fixed in version 1.4.18-7+deb8u2.\n\nWe recommend that you upgrade your gnupg packages.\");\n script_tag(name:\"summary\", value:\"Felix Doerre and Vladimir Klebanov from\nthe Karlsruhe Institute of Technology discovered a flaw in the mixing functions of\nGnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can\ntrivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that existing\nRSA keys are not weakened. For DSA and Elgamal keys it is also unlikely\nthat the private key can be predicted from other public information.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"gnupg\", ver:\"1.4.18-7+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gnupg-curl\", ver:\"1.4.18-7+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gpgv\", ver:\"1.4.18-7+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gpgv-win32\", ver:\"1.4.18-7+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:34:10", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2019-1448)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191448", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191448", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1448\");\n script_version(\"2020-01-23T11:47:33+0000\");\n script_cve_id(\"CVE-2016-6313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:47:33 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:47:33 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2019-1448)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1448\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1448\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libgcrypt' package(s) announced via the EulerOS-SA-2019-1448 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.(CVE-2016-6313)\");\n\n script_tag(name:\"affected\", value:\"'libgcrypt' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libgcrypt\", rpm:\"libgcrypt~1.5.3~14.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for gnupg FEDORA-2016-aab0a156ab", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310871998", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871998", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnupg FEDORA-2016-aab0a156ab\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871998\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:23:50 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for gnupg FEDORA-2016-aab0a156ab\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gnupg'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"gnupg on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-aab0a156ab\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PH35KIEBPEC7EXIQVGF6WDNPT7T6MGSN\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnupg\", rpm:\"gnupg~1.4.21~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "openvas", "title": "RedHat Update for libgcrypt RHSA-2016:2674-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871714", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871714", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for libgcrypt RHSA-2016:2674-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871714\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 18:00:15 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-6313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for libgcrypt RHSA-2016:2674-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libgcrypt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The libgcrypt library provides\ngeneral-purpose implementations of various cryptographic algorithms.\n\nSecurity Fix(es):\n\n * A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number\nGenerator). An attacker able to obtain the first 580 bytes of the PRNG\noutput could predict the following 20 bytes. (CVE-2016-6313)\n\nRed Hat would like to thank Felix Doerre and Vladimir Klebanov for reporting\nthis issue.\");\n script_tag(name:\"affected\", value:\"libgcrypt on\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:2674-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-November/msg00057.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"libgcrypt\", rpm:\"libgcrypt~1.5.3~13.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgcrypt-debuginfo\", rpm:\"libgcrypt-debuginfo~1.5.3~13.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgcrypt-devel\", rpm:\"libgcrypt-devel~1.5.3~13.el7_3.1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libgcrypt\", rpm:\"libgcrypt~1.4.5~12.el6_8\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgcrypt-debuginfo\", rpm:\"libgcrypt-debuginfo~1.4.5~12.el6_8\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgcrypt-devel\", rpm:\"libgcrypt-devel~1.4.5~12.el6_8\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-19T00:00:00", "type": "openvas", "title": "Ubuntu Update for gnupg USN-3064-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842867", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842867", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for gnupg USN-3064-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842867\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-19 05:37:36 +0200 (Fri, 19 Aug 2016)\");\n script_cve_id(\"CVE-2016-6313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for gnupg USN-3064-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gnupg'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Felix Dö rre and Vladimir Klebanov discovered\n that GnuPG incorrectly handled mixing functions in the random number generator. An\n attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits\n of output.\");\n script_tag(name:\"affected\", value:\"gnupg on Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3064-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3064-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gnupg\", ver:\"1.4.16-1ubuntu2.4\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gnupg\", ver:\"1.4.11-3ubuntu2.10\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"gnupg\", ver:\"1.4.20-1ubuntu3.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-27T00:00:00", "type": "openvas", "title": "Fedora Update for gnupg FEDORA-2016-9864953aa3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809168", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809168", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnupg FEDORA-2016-9864953aa3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809168\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-27 05:53:31 +0200 (Sat, 27 Aug 2016)\");\n script_cve_id(\"CVE-2016-6313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for gnupg FEDORA-2016-9864953aa3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gnupg'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"gnupg on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-9864953aa3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74HLHHOBH7H5SMZTA4NPJSZQKRLUFFVC\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnupg\", rpm:\"gnupg~1.4.21~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for libgcrypt FEDORA-2016-b66a0aef08", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872032", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872032", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libgcrypt FEDORA-2016-b66a0aef08\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872032\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:25:11 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libgcrypt FEDORA-2016-b66a0aef08\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libgcrypt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libgcrypt on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-b66a0aef08\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQXJOKB7P7YPTKLRYCILWJ5W4H4IWRHI\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"libgcrypt\", rpm:\"libgcrypt~1.6.6~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:54:27", "description": "Felix Doerre and Vladimir Klebanov from\nthe Karlsruhe Institute of Technology discovered a flaw in the mixing functions of\nGnuPG", "cvss3": {}, "published": "2016-08-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3649-1 (gnupg - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703649", "href": "http://plugins.openvas.org/nasl.php?oid=703649", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3649.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3649-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703649);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-6313\");\n script_name(\"Debian Security Advisory DSA 3649-1 (gnupg - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-08-17 00:00:00 +0200 (Wed, 17 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3649.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"gnupg on Debian Linux\");\n script_tag(name: \"insight\", value: \"GnuPG is GNU's tool for secure\ncommunication and data storage. It can be used to encrypt data and to create\ndigital signatures. It includes an advanced key management facility and is\ncompliant with the proposed OpenPGP Internet standard as described in RFC\n4880.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthis problem has been fixed in version 1.4.18-7+deb8u2.\n\nWe recommend that you upgrade your gnupg packages.\");\n script_tag(name: \"summary\", value: \"Felix Doerre and Vladimir Klebanov from\nthe Karlsruhe Institute of Technology discovered a flaw in the mixing functions of\nGnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can\ntrivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that existing\nRSA keys are not weakened. For DSA and Elgamal keys it is also unlikely\nthat the private key can be predicted from other public information.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gnupg\", ver:\"1.4.18-7+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gnupg-curl\", ver:\"1.4.18-7+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gpgv\", ver:\"1.4.18-7+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gpgv-win32\", ver:\"1.4.18-7+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:35:41", "description": "Check the version of libgcrypt", "cvss3": {}, "published": "2016-11-13T00:00:00", "type": "openvas", "title": "CentOS Update for libgcrypt CESA-2016:2674 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882589", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882589", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libgcrypt CESA-2016:2674 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882589\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-13 05:45:20 +0100 (Sun, 13 Nov 2016)\");\n script_cve_id(\"CVE-2016-6313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for libgcrypt CESA-2016:2674 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of libgcrypt\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The libgcrypt library provides\ngeneral-purpose implementations of various cryptographic algorithms.\n\nSecurity Fix(es):\n\n * A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number\nGenerator). An attacker able to obtain the first 580 bytes of the PRNG\noutput could predict the following 20 bytes. (CVE-2016-6313)\n\nRed Hat would like to thank Felix Dorre and Vladimir Klebanov for reporting\nthis issue.\");\n script_tag(name:\"affected\", value:\"libgcrypt on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:2674\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-November/022141.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libgcrypt\", rpm:\"libgcrypt~1.4.5~12.el6_8\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgcrypt-devel\", rpm:\"libgcrypt-devel~1.4.5~12.el6_8\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:54:19", "description": "Felix Doerre and Vladimir Klebanov from\nthe Karlsruhe Institute of Technology discovered a flaw in the mixing functions of\nLibgcrypt", "cvss3": {}, "published": "2016-08-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3650-1 (libgcrypt20 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703650", "href": "http://plugins.openvas.org/nasl.php?oid=703650", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3650.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3650-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703650);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-6313\");\n script_name(\"Debian Security Advisory DSA 3650-1 (libgcrypt20 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-08-17 00:00:00 +0200 (Wed, 17 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3650.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"libgcrypt20 on Debian Linux\");\n script_tag(name: \"insight\", value: \"libgcrypt contains cryptographic\nfunctions. Many important free ciphers, hash algorithms and public key signing\nalgorithms have been implemented:\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthis problem has been fixed in version 1.6.3-2+deb8u2.\n\nWe recommend that you upgrade your libgcrypt20 packages.\");\n script_tag(name: \"summary\", value: \"Felix Doerre and Vladimir Klebanov from\nthe Karlsruhe Institute of Technology discovered a flaw in the mixing functions of\nLibgcrypt's random number generator. An attacker who obtains 4640 bits from the RNG\ncan trivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that existing\nRSA keys are not weakened. For DSA and Elgamal keys it is also unlikely\nthat the private key can be predicted from other public information.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libgcrypt11-dev\", ver:\"1.6.3-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgcrypt20:amd64\", ver:\"1.6.3-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgcrypt20:i386\", ver:\"1.6.3-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libgcrypt20-dbg:amd64\", ver:\"1.6.3-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgcrypt20-dbg:i386\", ver:\"1.6.3-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libgcrypt20-dev\", ver:\"1.6.3-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgcrypt20-doc\", ver:\"1.6.3-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:35:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-19T00:00:00", "type": "openvas", "title": "Ubuntu Update for libgcrypt20 USN-3065-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842866", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842866", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for libgcrypt20 USN-3065-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842866\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-19 05:37:34 +0200 (Fri, 19 Aug 2016)\");\n script_cve_id(\"CVE-2016-6313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for libgcrypt20 USN-3065-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libgcrypt20'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Felix Dö rre and Vladimir Klebanov\n discovered that Libgcrypt incorrectly handled mixing functions in the random\n number generator. An attacker able to obtain 4640 bits from the RNG can trivially\n predict the next 160 bits of output.\");\n script_tag(name:\"affected\", value:\"libgcrypt20 on Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3065-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3065-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libgcrypt11:i386\", ver:\"1.5.3-2ubuntu4.4\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgcrypt11:amd64\", ver:\"1.5.3-2ubuntu4.4\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libgcrypt11:i386\", ver:\"1.5.0-3ubuntu0.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgcrypt11:amd64\", ver:\"1.5.0-3ubuntu0.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libgcrypt20:i386\", ver:\"1.6.5-2ubuntu0.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgcrypt20:amd64\", ver:\"1.6.5-2ubuntu0.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-14T00:00:00", "type": "openvas", "title": "Fedora Update for gnupg FEDORA-2016-3a0195918f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809230", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809230", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnupg FEDORA-2016-3a0195918f\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809230\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-14 06:02:32 +0200 (Wed, 14 Sep 2016)\");\n script_cve_id(\"CVE-2016-6313\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for gnupg FEDORA-2016-3a0195918f\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gnupg'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"gnupg on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-3a0195918f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYVFE4GWAXPSAHF5LDITPVADHLY5WCKJ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnupg\", rpm:\"gnupg~1.4.21~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-activemodel FEDORA-2016-5760339e76", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872038", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872038", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activemodel FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872038\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:25:19 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-activemodel FEDORA-2016-5760339e76\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-activemodel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rubygem-activemodel on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5760339e76\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JNY6ZLXQZ4GJM4L5Z2JD42S4WMYF75U5\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activemodel\", rpm:\"rubygem-activemodel~5.0.0.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-rails FEDORA-2016-5760339e76", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310871890", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871890", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-rails FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871890\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:19:40 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-rails FEDORA-2016-5760339e76\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-rails'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rubygem-rails on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5760339e76\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAMEZEEF5UHZPV5IDQY4ZP5VLSRSFHY5\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-rails\", rpm:\"rubygem-rails~5.0.0.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:49", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-activerecord FEDORA-2016-5760339e76", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872047", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872047", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activerecord FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872047\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:25:34 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-activerecord FEDORA-2016-5760339e76\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-activerecord'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rubygem-activerecord on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5760339e76\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VQDB7AQ3WT2TSLDMYPYKXIMBJ7KYSJ6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activerecord\", rpm:\"rubygem-activerecord~5.0.0.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-actionview FEDORA-2016-5760339e76", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310871981", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871981", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionview FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871981\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:22:25 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-actionview FEDORA-2016-5760339e76\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-actionview'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rubygem-actionview on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5760339e76\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INSRTFAYYUM2XLIWRMW2ZQBU6VNPXG6B\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionview\", rpm:\"rubygem-actionview~5.0.0.1~2.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-activejob FEDORA-2016-5760339e76", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872008", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872008", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activejob FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872008\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:24:00 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-activejob FEDORA-2016-5760339e76\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-activejob'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rubygem-activejob on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5760339e76\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R67FRLEDPZRRVMJS3A5LA6YIM5UQO4GY\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activejob\", rpm:\"rubygem-activejob~5.0.0.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-activesupport FEDORA-2016-5760339e76", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310871965", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871965", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-activesupport FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871965\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:21:49 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-activesupport FEDORA-2016-5760339e76\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-activesupport'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rubygem-activesupport on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5760339e76\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRQYAVBWV4UNQ5XC3LB5L44OYTI3JZ3W\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-activesupport\", rpm:\"rubygem-activesupport~5.0.0.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-actionmailer FEDORA-2016-5760339e76", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872056", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872056", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionmailer FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872056\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:25:50 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-actionmailer FEDORA-2016-5760339e76\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-actionmailer'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rubygem-actionmailer on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5760339e76\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVDJLLIW67K6FGDQKQEY6EGTKQ7KXRQU\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionmailer\", rpm:\"rubygem-actionmailer~5.0.0.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-actioncable FEDORA-2016-5760339e76", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872011", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872011", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actioncable FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872011\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:24:06 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-actioncable FEDORA-2016-5760339e76\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-actioncable'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rubygem-actioncable on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5760339e76\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOQL7IU7SB6QJRWGKCHRPZQUOIURV63S\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actioncable\", rpm:\"rubygem-actioncable~5.0.0.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-railties FEDORA-2016-5760339e76", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310871937", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871937", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-railties FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871937\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:20:47 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-railties FEDORA-2016-5760339e76\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-railties'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rubygem-railties on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5760339e76\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWPXPNMF2BDDQ7AGYMPNOYVDE3BN3RFG\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-railties\", rpm:\"rubygem-railties~5.0.0.1~2.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-actionpack FEDORA-2016-5760339e76", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6317", "CVE-2016-6316"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872094", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872094", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-actionpack FEDORA-2016-5760339e76\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872094\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:27:14 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rubygem-actionpack FEDORA-2016-5760339e76\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-actionpack'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rubygem-actionpack on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5760339e76\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SB36DN7LSLP2GHE4LNAQGWXRMHZEU5F\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-actionpack\", rpm:\"rubygem-actionpack~5.0.0.1~2.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "debiancve": [{"lastseen": "2022-12-12T06:06:59", "description": "Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as \"HTML safe\" and used as attribute values in tag handlers.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2016-09-07T19:28:00", "type": "debiancve", "title": "CVE-2016-6316", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2016-09-07T19:28:00", "id": "DEBIANCVE:CVE-2016-6316", "href": "https://security-tracker.debian.org/tracker/CVE-2016-6316", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-11-25T06:04:52", "description": "The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-13T20:59:00", "type": "debiancve", "title": "CVE-2016-6313", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-12-13T20:59:00", "id": "DEBIANCVE:CVE-2016-6313", "href": "https://security-tracker.debian.org/tracker/CVE-2016-6313", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "github": [{"lastseen": "2023-01-23T20:08:38", "description": "Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as \"HTML safe\" and used as attribute values in tag handlers.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2017-10-24T18:33:35", "type": "github", "title": "actionview Cross-site Scripting vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2023-01-23T17:59:44", "id": "GHSA-PC3M-V286-2JWJ", "href": "https://github.com/advisories/GHSA-pc3m-v286-2jwj", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2023-01-26T14:20:31", "description": "- Fix for CVE-2016-6316 (rhbz#1366480)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2016-08-29T00:00:00", "type": "nessus", "title": "Fedora 23 : rubygem-actionview (2016-ab8bf51cf3)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rubygem-actionview", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-AB8BF51CF3.NASL", "href": "https://www.tenable.com/plugins/nessus/93143", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-ab8bf51cf3.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93143);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6316\");\n script_xref(name:\"FEDORA\", value:\"2016-ab8bf51cf3\");\n\n script_name(english:\"Fedora 23 : rubygem-actionview (2016-ab8bf51cf3)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fix for CVE-2016-6316 (rhbz#1366480)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab8bf51cf3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rubygem-actionview package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-actionview\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"rubygem-actionview-4.2.3-6.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rubygem-actionview\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-26T14:20:50", "description": "- Fix for CVE-2016-6316 (rhbz#1366480)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2016-08-29T00:00:00", "type": "nessus", "title": "Fedora 24 : rubygem-actionview (2016-0d9890f7b5)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rubygem-actionview", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-0D9890F7B5.NASL", "href": "https://www.tenable.com/plugins/nessus/93137", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-0d9890f7b5.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93137);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6316\");\n script_xref(name:\"FEDORA\", value:\"2016-0d9890f7b5\");\n\n script_name(english:\"Fedora 24 : rubygem-actionview (2016-0d9890f7b5)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fix for CVE-2016-6316 (rhbz#1366480)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-0d9890f7b5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rubygem-actionview package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-actionview\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"rubygem-actionview-4.2.5.2-3.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rubygem-actionview\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:40:07", "description": "Ruby Security team reports :\n\nThere is a possible XSS vulnerability in Action View. Text declared as 'HTML safe' will not have quotes escaped when used as attribute values in tag helpers. This vulnerability has been assigned the CVE identifier CVE-2016-6316.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2016-10-17T00:00:00", "type": "nessus", "title": "FreeBSD : Rails 4 -- Possible XSS Vulnerability in Action View (43f1c867-654a-11e6-8286-00248c0c745d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6316"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:rubygem-actionview", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_43F1C867654A11E6828600248C0C745D.NASL", "href": "https://www.tenable.com/plugins/nessus/94081", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94081);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-6316\");\n\n script_name(english:\"FreeBSD : Rails 4 -- Possible XSS Vulnerability in Action View (43f1c867-654a-11e6-8286-00248c0c745d)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ruby Security team reports :\n\nThere is a possible XSS vulnerability in Action View. Text declared as\n'HTML safe' will not have quotes escaped when used as attribute values\nin tag helpers. This vulnerability has been assigned the CVE\nidentifier CVE-2016-6316.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://groups.google.com/forum/#!topic/ruby-security-ann/8B2iV2tPRSE\"\n );\n # https://vuxml.freebsd.org/freebsd/43f1c867-654a-11e6-8286-00248c0c745d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e4ba1a05\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem-actionview\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"rubygem-actionview>3.0.0<4.2.7.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-17T14:23:26", "description": "Andrew Carpenter of Critical Juncture discovered a cross-site scripting vulnerability affecting Action View in rails, a web application framework written in Ruby. Text declared as 'HTML safe' will not have quotes escaped when used as attribute values in tag helpers.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2016-08-26T00:00:00", "type": "nessus", "title": "Debian DSA-3651-1 : rails - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:rails", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3651.NASL", "href": "https://www.tenable.com/plugins/nessus/93114", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3651. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93114);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6316\");\n script_xref(name:\"DSA\", value:\"3651\");\n\n script_name(english:\"Debian DSA-3651-1 : rails - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Andrew Carpenter of Critical Juncture discovered a cross-site\nscripting vulnerability affecting Action View in rails, a web\napplication framework written in Ruby. Text declared as 'HTML safe'\nwill not have quotes escaped when used as attribute values in tag\nhelpers.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/rails\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3651\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the rails packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2:4.1.8-1+deb8u4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rails\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"rails\", reference:\"2:4.1.8-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-actionmailer\", reference:\"2:4.1.8-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-actionpack\", reference:\"2:4.1.8-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-actionview\", reference:\"2:4.1.8-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-activemodel\", reference:\"2:4.1.8-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-activerecord\", reference:\"2:4.1.8-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-activesupport\", reference:\"2:4.1.8-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-activesupport-2.3\", reference:\"2:4.1.8-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-rails\", reference:\"2:4.1.8-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby-railties\", reference:\"2:4.1.8-1+deb8u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-11T14:24:20", "description": "According to the version of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.(CVE-2016-6313)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2017-05-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : libgcrypt (EulerOS-SA-2016-1081)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libgcrypt", "p-cpe:/a:huawei:euleros:libgcrypt-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2016-1081.NASL", "href": "https://www.tenable.com/plugins/nessus/99841", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99841);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-6313\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : libgcrypt (EulerOS-SA-2016-1081)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libgcrypt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - A design flaw was found in the libgcrypt PRNG\n (Pseudo-Random Number Generator). An attacker able to\n obtain the first 580 bytes of the PRNG output could\n predict the following 20 bytes.(CVE-2016-6313)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1081\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7b26fca4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libgcrypt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libgcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libgcrypt-1.5.3-13.1\",\n \"libgcrypt-devel-1.5.3-13.1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T16:58:57", "description": "This update for libgcrypt fixes the following issues :\n\n - RNG prediction vulnerability (bsc#994157, CVE-2016-6313)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-10-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libgcrypt (openSUSE-2016-1138)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libgcrypt-cavs", "p-cpe:/a:novell:opensuse:libgcrypt-cavs-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt-debugsource", "p-cpe:/a:novell:opensuse:libgcrypt-devel", "p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit", "p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libgcrypt20", "p-cpe:/a:novell:opensuse:libgcrypt20-32bit", "p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libgcrypt20-hmac", "p-cpe:/a:novell:opensuse:libgcrypt20-hmac-32bit", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-1138.NASL", "href": "https://www.tenable.com/plugins/nessus/93823", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1138.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93823);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-6313\");\n\n script_name(english:\"openSUSE Security Update : libgcrypt (openSUSE-2016-1138)\");\n script_summary(english:\"Check for the openSUSE-2016-1138 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libgcrypt fixes the following issues :\n\n - RNG prediction vulnerability (bsc#994157, CVE-2016-6313)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=994157\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-cavs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-cavs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libgcrypt-cavs-1.6.1-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libgcrypt-cavs-debuginfo-1.6.1-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libgcrypt-debugsource-1.6.1-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libgcrypt-devel-1.6.1-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libgcrypt-devel-debuginfo-1.6.1-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libgcrypt20-1.6.1-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libgcrypt20-debuginfo-1.6.1-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libgcrypt20-hmac-1.6.1-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libgcrypt-devel-32bit-1.6.1-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libgcrypt-devel-debuginfo-32bit-1.6.1-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-1.6.1-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libgcrypt20-debuginfo-32bit-1.6.1-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libgcrypt20-hmac-32bit-1.6.1-32.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt-cavs / libgcrypt-cavs-debuginfo / libgcrypt-debugsource / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T17:01:08", "description": "An update for libgcrypt is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe libgcrypt library provides general-purpose implementations of various cryptographic algorithms.\n\nSecurity Fix(es) :\n\n* A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. (CVE-2016-6313)\n\nRed Hat would like to thank Felix Dorre and Vladimir Klebanov for reporting this issue.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-11-08T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : libgcrypt (RHSA-2016:2674)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libgcrypt", "p-cpe:/a:redhat:enterprise_linux:libgcrypt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libgcrypt-devel", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2016-2674.NASL", "href": "https://www.tenable.com/plugins/nessus/94626", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2674. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94626);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"RHSA\", value:\"2016:2674\");\n\n script_name(english:\"RHEL 6 / 7 : libgcrypt (RHSA-2016:2674)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for libgcrypt is now available for Red Hat Enterprise Linux\n6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe libgcrypt library provides general-purpose implementations of\nvarious cryptographic algorithms.\n\nSecurity Fix(es) :\n\n* A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number\nGenerator). An attacker able to obtain the first 580 bytes of the PRNG\noutput could predict the following 20 bytes. (CVE-2016-6313)\n\nRed Hat would like to thank Felix Dorre and Vladimir Klebanov for\nreporting this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:2674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-6313\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libgcrypt, libgcrypt-debuginfo and / or\nlibgcrypt-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:2674\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"libgcrypt-1.4.5-12.el6_8\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libgcrypt-debuginfo-1.4.5-12.el6_8\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libgcrypt-devel-1.4.5-12.el6_8\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", reference:\"libgcrypt-1.5.3-13.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libgcrypt-debuginfo-1.5.3-13.el7_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libgcrypt-devel-1.5.3-13.el7_3.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt / libgcrypt-debuginfo / libgcrypt-devel\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T16:54:26", "description": "This update for libgcrypt fixes the following issues :\n\n - RNG prediction vulnerability (bsc#994157, CVE-2016-6313)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-09-22T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2016:2345-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libgcrypt-debugsource", "p-cpe:/a:novell:suse_linux:libgcrypt20", "p-cpe:/a:novell:suse_linux:libgcrypt20-debuginfo", "p-cpe:/a:novell:suse_linux:libgcrypt20-hmac", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-2345-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93644", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2345-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93644);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-6313\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2016:2345-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libgcrypt fixes the following issues :\n\n - RNG prediction vulnerability (bsc#994157, CVE-2016-6313)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=994157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6313/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162345-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3badc9f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2016-1370=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2016-1370=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2016-1370=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgcrypt-debugsource-1.6.1-16.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgcrypt20-1.6.1-16.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgcrypt20-debuginfo-1.6.1-16.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgcrypt20-hmac-1.6.1-16.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgcrypt20-32bit-1.6.1-16.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgcrypt20-debuginfo-32bit-1.6.1-16.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libgcrypt20-hmac-32bit-1.6.1-16.33.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libgcrypt-debugsource-1.6.1-16.33.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libgcrypt20-1.6.1-16.33.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-1.6.1-16.33.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libgcrypt20-debuginfo-1.6.1-16.33.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libgcrypt20-debuginfo-32bit-1.6.1-16.33.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:40:35", "description": "The crypto library libgcrypt11 has a weakness in the random number generator.\n\nCVE-2016-6313\n\nFelix Dörre and Vladimir Klebanov from the Karlsruhe Institute of Technology found a bug in the mixing functions of Libgcrypt's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug in GnuPG shows that existing RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely that the private key can be predicted from other public information.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 1.5.0-5+deb7u5.\n\nWe recommend that you upgrade your libgcrypt11 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-08-24T00:00:00", "type": "nessus", "title": "Debian DLA-600-1 : libgcrypt11 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libgcrypt11", "p-cpe:/a:debian:debian_linux:libgcrypt11-dbg", "p-cpe:/a:debian:debian_linux:libgcrypt11-dev", "p-cpe:/a:debian:debian_linux:libgcrypt11-doc", "p-cpe:/a:debian:debian_linux:libgcrypt11-udeb", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-600.NASL", "href": "https://www.tenable.com/plugins/nessus/93083", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-600-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93083);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6313\");\n\n script_name(english:\"Debian DLA-600-1 : libgcrypt11 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The crypto library libgcrypt11 has a weakness in the random number\ngenerator.\n\nCVE-2016-6313\n\nFelix Dörre and Vladimir Klebanov from the Karlsruhe Institute of\nTechnology found a bug in the mixing functions of Libgcrypt's random\nnumber generator. An attacker who obtains 4640 bits from the RNG can\ntrivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug in GnuPG shows that\nexisting RSA keys are not weakened. For DSA and Elgamal keys it is\nalso unlikely that the private key can be predicted from other public\ninformation.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1.5.0-5+deb7u5.\n\nWe recommend that you upgrade your libgcrypt11 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/08/msg00025.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/libgcrypt11\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgcrypt11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgcrypt11-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgcrypt11-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgcrypt11-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgcrypt11-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libgcrypt11\", reference:\"1.5.0-5+deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgcrypt11-dbg\", reference:\"1.5.0-5+deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgcrypt11-dev\", reference:\"1.5.0-5+deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgcrypt11-doc\", reference:\"1.5.0-5+deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgcrypt11-udeb\", reference:\"1.5.0-5+deb7u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T16:52:25", "description": "This update for libgcrypt fixes the following issues :\n\n - RNG prediction vulnerability (bsc#994157, CVE-2016-6313)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-09-22T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : libgcrypt (SUSE-SU-2016:2346-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libgcrypt11", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-2346-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93645", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2346-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93645);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-6313\");\n\n script_name(english:\"SUSE SLES11 Security Update : libgcrypt (SUSE-SU-2016:2346-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libgcrypt fixes the following issues :\n\n - RNG prediction vulnerability (bsc#994157, CVE-2016-6313)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=994157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6313/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162346-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5601d8a8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-libgcrypt-12753=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-libgcrypt-12753=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-libgcrypt-12753=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libgcrypt11-32bit-1.5.0-0.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libgcrypt11-32bit-1.5.0-0.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libgcrypt11-1.5.0-0.22.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T16:52:36", "description": "A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker who can obtain the first 580 bytes of the PRNG output can trivially predict the following 20 bytes.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-09-16T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : libgcrypt / gnupg (ALAS-2016-744)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:gnupg", "p-cpe:/a:amazon:linux:gnupg-debuginfo", "p-cpe:/a:amazon:linux:libgcrypt", "p-cpe:/a:amazon:linux:libgcrypt-debuginfo", "p-cpe:/a:amazon:linux:libgcrypt-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2016-744.NASL", "href": "https://www.tenable.com/plugins/nessus/93536", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-744.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93536);\n script_version(\"2.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"ALAS\", value:\"2016-744\");\n\n script_name(english:\"Amazon Linux AMI : libgcrypt / gnupg (ALAS-2016-744)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number\nGenerator). An attacker who can obtain the first 580 bytes of the PRNG\noutput can trivially predict the following 20 bytes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-744.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update libgcrypt' to update your system.\n\nRun 'yum update gnupg' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:gnupg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libgcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libgcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"gnupg-1.4.19-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"gnupg-debuginfo-1.4.19-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libgcrypt-1.5.3-12.19.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libgcrypt-debuginfo-1.5.3-12.19.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libgcrypt-devel-1.5.3-12.19.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg / gnupg-debuginfo / libgcrypt / libgcrypt-debuginfo / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-26T14:20:07", "description": "This update for libgcrypt fixes the following issues :\n\n - RNG prediction vulnerability (boo#994157, CVE-2016-6313)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-09-01T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libgcrypt (openSUSE-2016-1042)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libgcrypt-cavs", "p-cpe:/a:novell:opensuse:libgcrypt-cavs-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt-debugsource", "p-cpe:/a:novell:opensuse:libgcrypt-devel", "p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit", "p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libgcrypt20", "p-cpe:/a:novell:opensuse:libgcrypt20-32bit", "p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libgcrypt20-hmac", "p-cpe:/a:novell:opensuse:libgcrypt20-hmac-32bit", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-1042.NASL", "href": "https://www.tenable.com/plugins/nessus/93250", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1042.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93250);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-6313\");\n\n script_name(english:\"openSUSE Security Update : libgcrypt (openSUSE-2016-1042)\");\n script_summary(english:\"Check for the openSUSE-2016-1042 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libgcrypt fixes the following issues :\n\n - RNG prediction vulnerability (boo#994157, CVE-2016-6313)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=994157\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-cavs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-cavs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgcrypt-cavs-1.6.1-8.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgcrypt-cavs-debuginfo-1.6.1-8.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgcrypt-debugsource-1.6.1-8.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgcrypt-devel-1.6.1-8.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgcrypt-devel-debuginfo-1.6.1-8.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgcrypt20-1.6.1-8.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgcrypt20-debuginfo-1.6.1-8.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgcrypt20-hmac-1.6.1-8.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libgcrypt-devel-32bit-1.6.1-8.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libgcrypt-devel-debuginfo-32bit-1.6.1-8.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-1.6.1-8.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libgcrypt20-debuginfo-32bit-1.6.1-8.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libgcrypt20-hmac-32bit-1.6.1-8.19.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt-cavs / libgcrypt-cavs-debuginfo / libgcrypt-debugsource / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-26T14:20:10", "description": "Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of Libgcrypt's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that existing RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely that the private key can be predicted from other public information.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-18T00:00:00", "type": "nessus", "title": "Debian DSA-3650-1 : libgcrypt20 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libgcrypt20", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3650.NASL", "href": "https://www.tenable.com/plugins/nessus/93019", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3650. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93019);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"DSA\", value:\"3650\");\n\n script_name(english:\"Debian DSA-3650-1 : libgcrypt20 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of\nTechnology discovered a flaw in the mixing functions of Libgcrypt's\nrandom number generator. An attacker who obtains 4640 bits from the\nRNG can trivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that\nexisting RSA keys are not weakened. For DSA and Elgamal keys it is\nalso unlikely that the private key can be predicted from other public\ninformation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libgcrypt20\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3650\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libgcrypt20 packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.6.3-2+deb8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libgcrypt11-dev\", reference:\"1.6.3-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgcrypt20\", reference:\"1.6.3-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgcrypt20-dbg\", reference:\"1.6.3-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgcrypt20-dev\", reference:\"1.6.3-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgcrypt20-doc\", reference:\"1.6.3-2+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-26T14:20:38", "description": "New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-24T00:00:00", "type": "nessus", "title": "Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : gnupg (SSA:2016-236-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:gnupg", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2016-236-01.NASL", "href": "https://www.tenable.com/plugins/nessus/93080", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2016-236-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93080);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"SSA\", value:\"2016-236-01\");\n\n script_name(english:\"Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : gnupg (SSA:2016-236-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New gnupg packages are available for Slackware 13.0, 13.1, 13.37,\n14.0, 14.1, 14.2, and -current to fix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.567121\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f8b1bb0f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gnupg package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.0\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"gnupg\", pkgver:\"1.4.21\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-26T14:20:38", "description": "New libgcrypt packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-24T00:00:00", "type": "nessus", "title": "Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : libgcrypt (SSA:2016-236-02)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:libgcrypt", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2016-236-02.NASL", "href": "https://www.tenable.com/plugins/nessus/93081", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2016-236-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93081);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"SSA\", value:\"2016-236-02\");\n\n script_name(english:\"Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : libgcrypt (SSA:2016-236-02)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New libgcrypt packages are available for Slackware 13.0, 13.1, 13.37,\n14.0, 14.1, 14.2, and -current to fix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.580916\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0162abf0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.0\", pkgname:\"libgcrypt\", pkgver:\"1.5.6\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"libgcrypt\", pkgver:\"1.5.6\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"libgcrypt\", pkgver:\"1.5.6\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"libgcrypt\", pkgver:\"1.5.6\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"libgcrypt\", pkgver:\"1.5.6\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"libgcrypt\", pkgver:\"1.5.6\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"libgcrypt\", pkgver:\"1.5.6\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"libgcrypt\", pkgver:\"1.5.6\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"libgcrypt\", pkgver:\"1.5.6\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"libgcrypt\", pkgver:\"1.5.6\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"libgcrypt\", pkgver:\"1.7.3\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"libgcrypt\", pkgver:\"1.7.3\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"libgcrypt\", pkgver:\"1.7.3\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"libgcrypt\", pkgver:\"1.7.3\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-26T14:20:47", "description": "CVE-2016-6313\n\nFelix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that existing RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely that the private key can be predicted from other public information.\n\nBypassing GnuPG key checking :\n\nWeaknesses have been found in GnuPG signature validation that attackers could exploit thanks to especially forged public keys and under specific hardware-software conditions. While the underlying problem cannot be solved only by software, GnuPG has been strengthened, avoiding to rely on keyring signature caches when verifying keys. Potential specific attacks are not valid any more with the patch of GnuPG\n\nBypassing GnuPG key checking :\n\nVrije Universiteit Amsterdam and Katholieke Universteit Leuven researchers discovered an attack method, known as Flip Feng Shui, that concerns flaws in GnuPG. Researchers found that under specific hardware-software conditions, attackers could bypass the GnuPG signature validation by using forged public keys. While the underlying problem cannot be solved only by software, GnuPG has been made more robust to avoid relying on keyring signature caches when verifying keys.\n\nFor Debian 7 'Wheezy', these issues have been addressed in version 1.4.12-7+deb7u8.\n\nWe recommend that you upgrade your gnupg packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-30T00:00:00", "type": "nessus", "title": "Debian DLA-602-1 : gnupg security and hardening update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:gnupg", "p-cpe:/a:debian:debian_linux:gnupg-curl", "p-cpe:/a:debian:debian_linux:gnupg-udeb", "p-cpe:/a:debian:debian_linux:gpgv", "p-cpe:/a:debian:debian_linux:gpgv-udeb", "p-cpe:/a:debian:debian_linux:gpgv-win32", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-602.NASL", "href": "https://www.tenable.com/plugins/nessus/93199", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-602-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93199);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6313\");\n\n script_name(english:\"Debian DLA-602-1 : gnupg security and hardening update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2016-6313\n\nFelix Doerre and Vladimir Klebanov from the Karlsruhe Institute of\nTechnology discovered a flaw in the mixing functions of GnuPG's random\nnumber generator. An attacker who obtains 4640 bits from the RNG can\ntrivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows\nthat existing RSA keys are not weakened. For DSA and Elgamal\nkeys it is also unlikely that the private key can be\npredicted from other public information.\n\nBypassing GnuPG key checking :\n\nWeaknesses have been found in GnuPG signature validation that\nattackers could exploit thanks to especially forged public keys and\nunder specific hardware-software conditions. While the underlying\nproblem cannot be solved only by software, GnuPG has been\nstrengthened, avoiding to rely on keyring signature caches when\nverifying keys. Potential specific attacks are not valid any more with\nthe patch of GnuPG\n\nBypassing GnuPG key checking :\n\nVrije Universiteit Amsterdam and Katholieke Universteit Leuven\nresearchers discovered an attack method, known as Flip Feng Shui, that\nconcerns flaws in GnuPG. Researchers found that under specific\nhardware-software conditions, attackers could bypass the GnuPG\nsignature validation by using forged public keys. While the underlying\nproblem cannot be solved only by software, GnuPG has been made more\nrobust to avoid relying on keyring signature caches when verifying\nkeys.\n\nFor Debian 7 'Wheezy', these issues have been addressed in version\n1.4.12-7+deb7u8.\n\nWe recommend that you upgrade your gnupg packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/08/msg00030.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/gnupg\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gnupg-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gnupg-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gpgv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gpgv-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gpgv-win32\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"gnupg\", reference:\"1.4.12-7+deb7u8\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"gnupg-curl\", reference:\"1.4.12-7+deb7u8\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"gnupg-udeb\", reference:\"1.4.12-7+deb7u8\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"gpgv\", reference:\"1.4.12-7+deb7u8\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"gpgv-udeb\", reference:\"1.4.12-7+deb7u8\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"gpgv-win32\", reference:\"1.4.12-7+deb7u8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-26T14:20:40", "description": "Werner Koch reports :\n\nThere was a bug in the mixing functions of Libgcrypt's random number generator: An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. This bug exists since 1998 in all GnuPG and Libgcrypt versions.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-18T00:00:00", "type": "nessus", "title": "FreeBSD : gnupg -- attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output (e1c71d8d-64d9-11e6-b38a-25a46b33f2ed)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:gnupg1", "p-cpe:/a:freebsd:freebsd:libgcrypt", "p-cpe:/a:freebsd:freebsd:linux-c6-libgcrypt", "p-cpe:/a:freebsd:freebsd:linux-c7-libgcrypt", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_E1C71D8D64D911E6B38A25A46B33F2ED.NASL", "href": "https://www.tenable.com/plugins/nessus/93023", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93023);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-6313\");\n\n script_name(english:\"FreeBSD : gnupg -- attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output (e1c71d8d-64d9-11e6-b38a-25a46b33f2ed)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Werner Koch reports :\n\nThere was a bug in the mixing functions of Libgcrypt's random number\ngenerator: An attacker who obtains 4640 bits from the RNG can\ntrivially predict the next 160 bits of output. This bug exists since\n1998 in all GnuPG and Libgcrypt versions.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html\"\n );\n # https://vuxml.freebsd.org/freebsd/e1c71d8d-64d9-11e6-b38a-25a46b33f2ed.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e31d624c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gnupg1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-c6-libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-c7-libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gnupg1<1.4.21\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libgcrypt<1.7.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-c6-libgcrypt<1.4.5_4\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-c7-libgcrypt<1.5.3_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T16:53:55", "description": "Important update from upstream which fixes predictability problem in the RNG (CVE-2016-6313).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-09-08T00:00:00", "type": "nessus", "title": "Fedora 23 : libgcrypt (2016-2b4ecfa79f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libgcrypt", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-2B4ECFA79F.NASL", "href": "https://www.tenable.com/plugins/nessus/93355", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-2b4ecfa79f.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93355);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"FEDORA\", value:\"2016-2b4ecfa79f\");\n\n script_name(english:\"Fedora 23 : libgcrypt (2016-2b4ecfa79f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Important update from upstream which fixes predictability problem in\nthe RNG (CVE-2016-6313).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-2b4ecfa79f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"libgcrypt-1.6.6-1.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T17:01:12", "description": "From Red Hat Security Advisory 2016:2674 :\n\nAn update for libgcrypt is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe libgcrypt library provides general-purpose implementations of various cryptographic algorithms.\n\nSecurity Fix(es) :\n\n* A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. (CVE-2016-6313)\n\nRed Hat would like to thank Felix Dorre and Vladimir Klebanov for reporting this issue.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-11-08T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : libgcrypt (ELSA-2016-2674)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libgcrypt", "p-cpe:/a:oracle:linux:libgcrypt-devel", "cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2016-2674.NASL", "href": "https://www.tenable.com/plugins/nessus/94622", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:2674 and \n# Oracle Linux Security Advisory ELSA-2016-2674 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94622);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"RHSA\", value:\"2016:2674\");\n\n script_name(english:\"Oracle Linux 6 / 7 : libgcrypt (ELSA-2016-2674)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2016:2674 :\n\nAn update for libgcrypt is now available for Red Hat Enterprise Linux\n6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe libgcrypt library provides general-purpose implementations of\nvarious cryptographic algorithms.\n\nSecurity Fix(es) :\n\n* A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number\nGenerator). An attacker able to obtain the first 580 bytes of the PRNG\noutput could predict the following 20 bytes. (CVE-2016-6313)\n\nRed Hat would like to thank Felix Dorre and Vladimir Klebanov for\nreporting this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-November/006464.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-November/006499.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libgcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"libgcrypt-1.4.5-12.el6_8\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libgcrypt-devel-1.4.5-12.el6_8\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libgcrypt-1.5.3-13.el7_3.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libgcrypt-devel-1.5.3-13.el7_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt / libgcrypt-devel\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T17:03:17", "description": "Important update from upstream which fixes predictability problem in the RNG (CVE-2016-6313).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-11-15T00:00:00", "type": "nessus", "title": "Fedora 25 : libgcrypt (2016-b66a0aef08)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libgcrypt", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-B66A0AEF08.NASL", "href": "https://www.tenable.com/plugins/nessus/94850", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-b66a0aef08.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94850);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"FEDORA\", value:\"2016-b66a0aef08\");\n\n script_name(english:\"Fedora 25 : libgcrypt (2016-b66a0aef08)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Important update from upstream which fixes predictability problem in\nthe RNG (CVE-2016-6313).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-b66a0aef08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"libgcrypt-1.6.6-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-29T14:44:07", "description": "Felix Dorre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator.\nAn attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-19T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : libgcrypt11, libgcrypt20 vulnerability (USN-3065-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libgcrypt11", "p-cpe:/a:canonical:ubuntu_linux:libgcrypt20", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3065-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93046", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3065-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93046);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"USN\", value:\"3065-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : libgcrypt11, libgcrypt20 vulnerability (USN-3065-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Felix Dorre and Vladimir Klebanov discovered that Libgcrypt\nincorrectly handled mixing functions in the random number generator.\nAn attacker able to obtain 4640 bits from the RNG can trivially\npredict the next 160 bits of output.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3065-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libgcrypt11 and / or libgcrypt20 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgcrypt11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libgcrypt11\", pkgver:\"1.5.0-3ubuntu0.6\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libgcrypt11\", pkgver:\"1.5.3-2ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libgcrypt20\", pkgver:\"1.6.5-2ubuntu0.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt11 / libgcrypt20\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:40:34", "description": "Felix Dorre and Vladimir Klebanov discovered that GnuPG incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-08-19T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : gnupg vulnerability (USN-3064-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gnupg", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3064-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93045", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3064-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93045);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"USN\", value:\"3064-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : gnupg vulnerability (USN-3064-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Felix Dorre and Vladimir Klebanov discovered that GnuPG incorrectly\nhandled mixing functions in the random number generator. An attacker\nable to obtain 4640 bits from the RNG can trivially predict the next\n160 bits of output.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3064-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gnupg package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"gnupg\", pkgver:\"1.4.11-3ubuntu2.10\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"gnupg\", pkgver:\"1.4.16-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"gnupg\", pkgver:\"1.4.20-1ubuntu3.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T17:03:18", "description": "- New upstream v1.4.21\n\n - Fix critical security bug in the RNG [CVE-2016-6313] (#1366105)\n\n - Tweak default options for gpgv\n\n - By default do not anymore emit the GnuPG version with\n --armor\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-11-15T00:00:00", "type": "nessus", "title": "Fedora 25 : gnupg (2016-aab0a156ab)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gnupg", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-AAB0A156AB.NASL", "href": "https://www.tenable.com/plugins/nessus/94847", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-aab0a156ab.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94847);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"FEDORA\", value:\"2016-aab0a156ab\");\n\n script_name(english:\"Fedora 25 : gnupg (2016-aab0a156ab)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - New upstream v1.4.21\n\n - Fix critical security bug in the RNG [CVE-2016-6313]\n (#1366105)\n\n - Tweak default options for gpgv\n\n - By default do not anymore emit the GnuPG version with\n --armor\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-aab0a156ab\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gnupg package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"gnupg-1.4.21-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T17:01:10", "description": "An update for libgcrypt is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe libgcrypt library provides general-purpose implementations of various cryptographic algorithms.\n\nSecurity Fix(es) :\n\n* A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. (CVE-2016-6313)\n\nRed Hat would like to thank Felix Dorre and Vladimir Klebanov for reporting this issue.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-11-14T00:00:00", "type": "nessus", "title": "CentOS 6 / 7 : libgcrypt (CESA-2016:2674)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libgcrypt", "p-cpe:/a:centos:centos:libgcrypt-devel", "cpe:/o:centos:centos:6", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2016-2674.NASL", "href": "https://www.tenable.com/plugins/nessus/94741", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2674 and \n# CentOS Errata and Security Advisory 2016:2674 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94741);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"RHSA\", value:\"2016:2674\");\n\n script_name(english:\"CentOS 6 / 7 : libgcrypt (CESA-2016:2674)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for libgcrypt is now available for Red Hat Enterprise Linux\n6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe libgcrypt library provides general-purpose implementations of\nvarious cryptographic algorithms.\n\nSecurity Fix(es) :\n\n* A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number\nGenerator). An attacker able to obtain the first 580 bytes of the PRNG\noutput could predict the following 20 bytes. (CVE-2016-6313)\n\nRed Hat would like to thank Felix Dorre and Vladimir Klebanov for\nreporting this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-November/022141.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?731d63f6\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2016-November/003680.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f7411ffc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-6313\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libgcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x / 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"libgcrypt-1.4.5-12.el6_8\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libgcrypt-devel-1.4.5-12.el6_8\")) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libgcrypt-1.5.3-13.el7_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libgcrypt-devel-1.5.3-13.el7_3.1\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt / libgcrypt-devel\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:39:04", "description": "The remote host is affected by the vulnerability described in GLSA-201612-01 (GnuPG: RNG output is predictable)\n\n A long standing bug (since 1998) in Libgcrypt (see “GLSA 201610-04”\n below) and GnuPG allows an attacker to predict the output from the standard RNG. Please review the “Entropy Loss and Output Predictability in the Libgcrypt PRNG” paper below for a deep technical analysis.\n Impact :\n\n An attacker who obtains 580 bytes of the random number from the standard RNG can trivially predict the next 20 bytes of output.\n This flaw does not affect the default generation of keys, because running gpg for key creation creates at most 2 keys from the pool. For a single 4096 bit RSA key, 512 bytes of random are required and thus for the second key (encryption subkey), 20 bytes could be predicted from the the first key.\n However, the security of an OpenPGP key depends on the primary key (which was generated first) and thus the 20 predictable bytes should not be a problem. For the default key length of 2048 bit nothing will be predictable.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-12-05T00:00:00", "type": "nessus", "title": "GLSA-201612-01 : GnuPG: RNG output is predictable", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:gnupg", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201612-01.NASL", "href": "https://www.tenable.com/plugins/nessus/95516", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201612-01.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95516);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"GLSA\", value:\"201612-01\");\n\n script_name(english:\"GLSA-201612-01 : GnuPG: RNG output is predictable\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201612-01\n(GnuPG: RNG output is predictable)\n\n A long standing bug (since 1998) in Libgcrypt (see “GLSA 201610-04”\n below) and GnuPG allows an attacker to predict the output from the\n standard RNG. Please review the “Entropy Loss and Output Predictability\n in the Libgcrypt PRNG” paper below for a deep technical analysis.\n \nImpact :\n\n An attacker who obtains 580 bytes of the random number from the standard\n RNG can trivially predict the next 20 bytes of output.\n This flaw does not affect the default generation of keys, because\n running gpg for key creation creates at most 2 keys from the pool. For a\n single 4096 bit RSA key, 512 bytes of random are required and thus for\n the second key (encryption subkey), 20 bytes could be predicted from the\n the first key.\n However, the security of an OpenPGP key depends on the primary key\n (which was generated first) and thus the 20 predictable bytes should not\n be a problem. For the default key length of 2048 bit nothing will be\n predictable.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # http://formal.iti.kit.edu/~klebanov/pubs/libgcrypt-cve-2016-6313.pdf\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://formal.iti.kit.edu/~klebanov/pubs/libgcrypt-cve-2016-6313.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201610-04\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201612-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All GnuPG 1 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-crypt/gnupg-1.4.21'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-crypt/gnupg\", unaffected:make_list(\"ge 1.4.21\"), vulnerable:make_list(\"lt 1.4.21\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GnuPG\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T17:03:56", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - fix CVE-2016-6313 - predictable PRNG output (#1366105)", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-11-09T00:00:00", "type": "nessus", "title": "OracleVM 3.3 / 3.4 : libgcrypt (OVMSA-2016-0156)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:libgcrypt", "cpe:/o:oracle:vm_server:3.3", "cpe:/o:oracle:vm_server:3.4"], "id": "ORACLEVM_OVMSA-2016-0156.NASL", "href": "https://www.tenable.com/plugins/nessus/94650", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2016-0156.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94650);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-6313\");\n\n script_name(english:\"OracleVM 3.3 / 3.4 : libgcrypt (OVMSA-2016-0156)\");\n script_summary(english:\"Checks the RPM output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - fix CVE-2016-6313 - predictable PRNG output (#1366105)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2016-November/000578.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a2e18766\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2016-November/000579.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1cdadbe2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"(3\\.3|3\\.4)\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3 / 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"libgcrypt-1.4.5-12.el6_8\")) flag++;\n\nif (rpm_check(release:\"OVS3.4\", reference:\"libgcrypt-1.4.5-12.el6_8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T17:00:52", "description": "Security Fix(es) :\n\n - A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. (CVE-2016-6313)", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-11-09T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : libgcrypt on SL6.x i386/x86_64 (20161108)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:libgcrypt", "p-cpe:/a:fermilab:scientific_linux:libgcrypt-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libgcrypt-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20161108_LIBGCRYPT_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/94652", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94652);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-6313\");\n\n script_name(english:\"Scientific Linux Security Update : libgcrypt on SL6.x i386/x86_64 (20161108)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - A design flaw was found in the libgcrypt PRNG\n (Pseudo-Random Number Generator). An attacker able to\n obtain the first 580 bytes of the PRNG output could\n predict the following 20 bytes. (CVE-2016-6313)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1611&L=scientific-linux-errata&F=&S=&P=1490\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f80c0690\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libgcrypt, libgcrypt-debuginfo and / or\nlibgcrypt-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libgcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libgcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"libgcrypt-1.4.5-12.el6_8\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libgcrypt-debuginfo-1.4.5-12.el6_8\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libgcrypt-devel-1.4.5-12.el6_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt / libgcrypt-debuginfo / libgcrypt-devel\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-02T16:53:30", "description": "- New upstream v1.4.21\n\n - Fix critical security bug in the RNG [CVE-2016-6313] (#1366105)\n\n - Tweak default options for gpgv\n\n - By default do not anymore emit the GnuPG version with\n --armor\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-09-15T00:00:00", "type": "nessus", "title": "Fedora 23 : gnupg (2016-3a0195918f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gnupg", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-3A0195918F.NASL", "href": "https://www.tenable.com/plugins/nessus/93490", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-3a0195918f.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93490);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"FEDORA\", value:\"2016-3a0195918f\");\n\n script_name(english:\"Fedora 23 : gnupg (2016-3a0195918f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - New upstream v1.4.21\n\n - Fix critical security bug in the RNG [CVE-2016-6313]\n (#1366105)\n\n - Tweak default options for gpgv\n\n - By default do not anymore emit the GnuPG version with\n --armor\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a0195918f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gnupg package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"gnupg-1.4.21-1.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:48:47", "description": "An update of the libgcrypt package has been released.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Libgcrypt PHSA-2017-0013", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2022-05-24T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libgcrypt", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2017-0013_LIBGCRYPT.NASL", "href": "https://www.tenable.com/plugins/nessus/121685", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2017-0013. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121685);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/24\");\n\n script_cve_id(\"CVE-2016-6313\");\n\n script_name(english:\"Photon OS 1.0: Libgcrypt PHSA-2017-0013\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libgcrypt package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-37.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-6313\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"libgcrypt-1.7.6-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"libgcrypt-debuginfo-1.7.6-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"libgcrypt-devel-1.7.6-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:40:35", "description": "- New upstream v1.4.21\n\n - Fix critical security bug in the RNG [CVE-2016-6313] (#1366105)\n\n - Tweak default options for gpgv\n\n - By default do not anymore emit the GnuPG version with\n --armor\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-08-29T00:00:00", "type": "nessus", "title": "Fedora 24 : gnupg (2016-9864953aa3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gnupg", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-9864953AA3.NASL", "href": "https://www.tenable.com/plugins/nessus/93142", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-9864953aa3.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93142);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"FEDORA\", value:\"2016-9864953aa3\");\n\n script_name(english:\"Fedora 24 : gnupg (2016-9864953aa3)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - New upstream v1.4.21\n\n - Fix critical security bug in the RNG [CVE-2016-6313]\n (#1366105)\n\n - Tweak default options for gpgv\n\n - By default do not anymore emit the GnuPG version with\n --armor\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-9864953aa3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gnupg package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"gnupg-1.4.21-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-17T14:23:26", "description": "Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that existing RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely that the private key can be predicted from other public information.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-18T00:00:00", "type": "nessus", "title": "Debian DSA-3649-1 : gnupg - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:gnupg", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3649.NASL", "href": "https://www.tenable.com/plugins/nessus/93018", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3649. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93018);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6313\");\n script_xref(name:\"DSA\", value:\"3649\");\n\n script_name(english:\"Debian DSA-3649-1 : gnupg - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of\nTechnology discovered a flaw in the mixing functions of GnuPG's random\nnumber generator. An attacker who obtains 4640 bits from the RNG can\ntrivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that\nexisting RSA keys are not weakened. For DSA and Elgamal keys it is\nalso unlikely that the private key can be predicted from other public\ninformation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/gnupg\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3649\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the gnupg packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.4.18-7+deb8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"gnupg\", reference:\"1.4.18-7+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"gnupg-curl\", reference:\"1.4.18-7+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"gnupg-udeb\", reference:\"1.4.18-7+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"gpgv\", reference:\"1.4.18-7+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"gpgv-udeb\", reference:\"1.4.18-7+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"gpgv-win32\", reference:\"1.4.18-7+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:22:35", "description": "According to the version of the libgcrypt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.(CVE-2016-6313)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2019-05-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.1.0 : libgcrypt (EulerOS-SA-2019-1448)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6313"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libgcrypt", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1448.NASL", "href": "https://www.tenable.com/plugins/nessus/124951", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124951);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-6313\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.1.0 : libgcrypt (EulerOS-SA-2019-1448)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libgcrypt package installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - A design flaw was found in the libgcrypt PRNG\n (Pseudo-Random Number Generator). An attacker able to\n obtain the first 580 bytes of the PRNG output could\n predict the following 20 bytes.(CVE-2016-6313)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1448\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b4c94c75\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libgcrypt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libgcrypt-1.5.3-14.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:39:24", "description": "Update to Rails 5.0.0.1.\n\nEnable whole test suite in Railties.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2016-11-15T00:00:00", "type": "nessus", "title": "Fedora 25 : 1:rubygem-actionmailer / 1:rubygem-actionpack / etc (2016-5760339e76)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:rubygem-actionmailer", "p-cpe:/a:fedoraproject:fedora:1:rubygem-actionpack", "p-cpe:/a:fedoraproject:fedora:1:rubygem-activerecord", "p-cpe:/a:fedoraproject:fedora:1:rubygem-activesupport", "p-cpe:/a:fedoraproject:fedora:1:rubygem-rails", "p-cpe:/a:fedoraproject:fedora:rubygem-actioncable", "p-cpe:/a:fedoraproject:fedora:rubygem-actionview", "p-cpe:/a:fedoraproject:fedora:rubygem-activejob", "p-cpe:/a:fedoraproject:fedora:rubygem-activemodel", "p-cpe:/a:fedoraproject:fedora:rubygem-railties", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-5760339E76.NASL", "href": "https://www.tenable.com/plugins/nessus/94808", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-5760339e76.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94808);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6316\", \"CVE-2016-6317\");\n script_xref(name:\"FEDORA\", value:\"2016-5760339e76\");\n\n script_name(english:\"Fedora 25 : 1:rubygem-actionmailer / 1:rubygem-actionpack / etc (2016-5760339e76)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Rails 5.0.0.1.\n\nEnable whole test suite in Railties.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-5760339e76\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-actionmailer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-actionpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-activerecord\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-activesupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-rails\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-actioncable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-actionview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-activejob\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-activemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-railties\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-actionmailer-5.0.0.1-1.fc25\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-actionpack-5.0.0.1-2.fc25\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-activerecord-5.0.0.1-1.fc25\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-activesupport-5.0.0.1-1.fc25\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-rails-5.0.0.1-1.fc25\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-actioncable-5.0.0.1-1.fc25\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-actionview-5.0.0.1-2.fc25\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-activejob-5.0.0.1-1.fc25\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-activemodel-5.0.0.1-1.fc25\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"rubygem-railties-5.0.0.1-2.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:rubygem-actionmailer / 1:rubygem-actionpack / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:39:51", "description": "The remote host is affected by the vulnerability described in GLSA-201610-04 (libgcrypt: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in libgcrypt. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Side-channel attacks can leak private key information. A separate critical bug allows an attacker who obtains 4640 bits from the RNG to trivially predict the next 160 bits of output.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-10-11T00:00:00", "type": "nessus", "title": "GLSA-201610-04 : libgcrypt: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3591", "CVE-2015-0837", "CVE-2015-7511", "CVE-2016-6313"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:libgcrypt", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201610-04.NASL", "href": "https://www.tenable.com/plugins/nessus/93946", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201610-04.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93946);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3591\", \"CVE-2015-0837\", \"CVE-2015-7511\", \"CVE-2016-6313\");\n script_xref(name:\"GLSA\", value:\"201610-04\");\n\n script_name(english:\"GLSA-201610-04 : libgcrypt: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201610-04\n(libgcrypt: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in libgcrypt. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n Side-channel attacks can leak private key information. A separate\n critical bug allows an attacker who obtains 4640 bits from the RNG to\n trivially predict the next 160 bits of output.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1795184d\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201610-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libgcrypt users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/libgcrypt-1.7.3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/libgcrypt\", unaffected:make_list(\"ge 1.7.3\"), vulnerable:make_list(\"lt 1.7.3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:40:35", "description": "Multiple vulnerabilities have been discovered in ruby-actionpack-3.2, a web-flow and rendering framework and part of Rails :\n\nCVE-2015-7576\n\nA flaw was found in the way the Action Controller component compared user names and passwords when performing HTTP basic authentication.\nTime taken to compare strings could differ depending on input, possibly allowing a remote attacker to determine valid user names and passwords using a timing attack.\n\nCVE-2016-0751\n\nA flaw was found in the way the Action Pack component performed MIME type lookups. Since queries were cached in a global cache of MIME types, an attacker could use this flaw to grow the cache indefinitely, potentially resulting in a denial of service.\n\nCVE-2016-0752\n\nA directory traversal flaw was found in the way the Action View component searched for templates for rendering. If an application passed untrusted input to the 'render' method, a remote, unauthenticated attacker could use this flaw to render unexpected files and, possibly, execute arbitrary code.\n\nCVE-2016-2097\n\nCrafted requests to Action View might result in rendering files from arbitrary locations, including files beyond the application's view directory. This vulnerability is the result of an incomplete fix of CVE-2016-0752. This bug was found by Jyoti Singh and Tobias Kraze from Makandra.\n\nCVE-2016-2098\n\nIf a web applications does not properly sanitize user inputs, an attacker might control the arguments of the render method in a controller or a view, resulting in the possibility of executing arbitrary ruby code. This bug was found by Tobias Kraze from Makandra and joernchen of Phenoelit.\n\nCVE-2016-6316\n\nAndrew Carpenter of Critical Juncture discovered a cross-site scripting vulnerability affecting Action View. Text declared as 'HTML safe' will not have quotes escaped when used as attribute values in tag helpers.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 3.2.6-6+deb7u3.\n\nWe recommend that you upgrade your ruby-actionpack-3.2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2016-08-29T00:00:00", "type": "nessus", "title": "Debian DLA-604-1 : ruby-actionpack-3.2 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7576", "CVE-2016-0751", "CVE-2016-0752", "CVE-2016-2097", "CVE-2016-2098", "CVE-2016-6316"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ruby-actionpack-3.2", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-604.NASL", "href": "https://www.tenable.com/plugins/nessus/93132", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-604-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93132);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7576\", \"CVE-2016-0751\", \"CVE-2016-0752\", \"CVE-2016-2097\", \"CVE-2016-2098\", \"CVE-2016-6316\");\n\n script_name(english:\"Debian DLA-604-1 : ruby-actionpack-3.2 security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in ruby-actionpack-3.2,\na web-flow and rendering framework and part of Rails :\n\nCVE-2015-7576\n\nA flaw was found in the way the Action Controller component compared\nuser names and passwords when performing HTTP basic authentication.\nTime taken to compare strings could differ depending on input,\npossibly allowing a remote attacker to determine valid user names and\npasswords using a timing attack.\n\nCVE-2016-0751\n\nA flaw was found in the way the Action Pack component performed MIME\ntype lookups. Since queries were cached in a global cache of MIME\ntypes, an attacker could use this flaw to grow the cache indefinitely,\npotentially resulting in a denial of service.\n\nCVE-2016-0752\n\nA directory traversal flaw was found in the way the Action View\ncomponent searched for templates for rendering. If an application\npassed untrusted input to the 'render' method, a remote,\nunauthenticated attacker could use this flaw to render unexpected\nfiles and, possibly, execute arbitrary code.\n\nCVE-2016-2097\n\nCrafted requests to Action View might result in rendering files from\narbitrary locations, including files beyond the application's view\ndirectory. This vulnerability is the result of an incomplete fix of\nCVE-2016-0752. This bug was found by Jyoti Singh and Tobias Kraze from\nMakandra.\n\nCVE-2016-2098\n\nIf a web applications does not properly sanitize user inputs, an\nattacker might control the arguments of the render method in a\ncontroller or a view, resulting in the possibility of executing\narbitrary ruby code. This bug was found by Tobias Kraze from Makandra\nand joernchen of Phenoelit.\n\nCVE-2016-6316\n\nAndrew Carpenter of Critical Juncture discovered a cross-site\nscripting vulnerability affecting Action View. Text declared as 'HTML\nsafe' will not have quotes escaped when used as attribute values in\ntag helpers.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n3.2.6-6+deb7u3.\n\nWe recommend that you upgrade your ruby-actionpack-3.2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/08/msg00028.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/ruby-actionpack-3.2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected ruby-actionpack-3.2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Ruby on Rails ActionPack Inline ERB Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby-actionpack-3.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"ruby-actionpack-3.2\", reference:\"3.2.6-6+deb7u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:34", "description": "An update of [cracklib,libevent,libgcrypt,httpd,glibc] packages for PhotonOS has been released.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-17T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Cracklib / Glibc / Httpd / Libevent / Libgcrypt PHSA-2017-0013 (deprecated)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10195", "CVE-2016-10196", "CVE-2016-10197", "CVE-2016-1234", "CVE-2016-1546", "CVE-2016-3075", "CVE-2016-3706", "CVE-2016-4429", "CVE-2016-6313", "CVE-2016-6318"], "modified": "2019-02-07T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:cracklib", "p-cpe:/a:vmware:photonos:glibc", "p-cpe:/a:vmware:photonos:httpd", "p-cpe:/a:vmware:photonos:libevent", "p-cpe:/a:vmware:photonos:libgcrypt", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2017-0013.NASL", "href": "https://www.tenable.com/plugins/nessus/111862", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2/7/2019\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2017-0013. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111862);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/02/07 18:59:50\");\n\n script_cve_id(\n \"CVE-2016-1234\",\n \"CVE-2016-1546\",\n \"CVE-2016-3075\",\n \"CVE-2016-3706\",\n \"CVE-2016-4429\",\n \"CVE-2016-6313\",\n \"CVE-2016-6318\",\n \"CVE-2016-10195\",\n \"CVE-2016-10196\",\n \"CVE-2016-10197\"\n );\n\n script_name(english:\"Photon OS 1.0: Cracklib / Glibc / Httpd / Libevent / Libgcrypt PHSA-2017-0013 (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of [cracklib,libevent,libgcrypt,httpd,glibc] packages for\nPhotonOS has been released.\");\n # https://github.com/vmware/photon/wiki/Security-Updates-37\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d5405b83\");\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4429\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:cracklib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\npkgs = [\n \"cracklib-2.9.6-3.ph1\",\n \"cracklib-debuginfo-2.9.6-3.ph1\",\n \"cracklib-devel-2.9.6-3.ph1\",\n \"cracklib-dicts-2.9.6-3.ph1\",\n \"cracklib-lang-2.9.6-3.ph1\",\n \"cracklib-python-2.9.6-3.ph1\",\n \"glibc-2.22-10.ph1\",\n \"glibc-devel-2.22-10.ph1\",\n \"glibc-lang-2.22-10.ph1\",\n \"httpd-2.4.25-2.ph1\",\n \"httpd-debuginfo-2.4.25-2.ph1\",\n \"httpd-devel-2.4.25-2.ph1\",\n \"httpd-docs-2.4.25-2.ph1\",\n \"httpd-tools-2.4.25-2.ph1\",\n \"libevent-2.1.8-1.ph1\",\n \"libevent-debuginfo-2.1.8-1.ph1\",\n \"libevent-devel-2.1.8-1.ph1\",\n \"libgcrypt-1.7.6-1.ph1\",\n \"libgcrypt-debuginfo-1.7.6-1.ph1\",\n \"libgcrypt-devel-1.7.6-1.ph1\"\n];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"PhotonOS-1.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cracklib / glibc / httpd / libevent / libgcrypt\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "description": "Simple, battle-tested conventions and helpers for building web pages. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-08-26T10:24:48", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: rubygem-actionview-4.2.5.2-3.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2016-08-26T10:24:48", "id": "FEDORA:287396078F7C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4APXKS7NQ42L26TII23EU4OR5UUM7PGI/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Simple, battle-tested conventions and helpers for building web pages. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-08-26T12:50:04", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: rubygem-actionview-4.2.3-6.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2016-08-26T12:50:04", "id": "FEDORA:CDE8860679E9", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WHYGEL6GEXD5GMJSM2FCGFAPH4NJAWH3/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-27T11:09:12", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: libgcrypt-1.6.6-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-27T11:09:12", "id": "FEDORA:3EED4605E1E0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/AQXJOKB7P7YPTKLRYCILWJ5W4H4IWRHI/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with any version of PGP2 (PGP2.x uses only IDEA for symmetric-key encryption, which is patented worldwide). ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-26T10:23:50", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: gnupg-1.4.21-1.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-26T10:23:50", "id": "FEDORA:0547C601363C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/74HLHHOBH7H5SMZTA4NPJSZQKRLUFFVC/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with any version of PGP2 (PGP2.x uses only IDEA for symmetric-key encryption, which is patented worldwide). ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-30T18:22:15", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: gnupg-1.4.21-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-30T18:22:15", "id": "FEDORA:946FE6087AB8", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PH35KIEBPEC7EXIQVGF6WDNPT7T6MGSN/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-09-07T01:52:42", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: libgcrypt-1.6.6-1.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-09-07T01:52:42", "id": "FEDORA:236FE6094918", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6GUKHKI36S47OWTX6VCPNGTCY3LPYQ5M/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with any version of PGP2 (PGP2.x uses only IDEA for symmetric-key encryption, which is patented worldwide). ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-09-14T01:23:53", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: gnupg-1.4.21-1.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-09-14T01:23:53", "id": "FEDORA:9A1E660876A7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JYVFE4GWAXPSAHF5LDITPVADHLY5WCKJ/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Email on Rails. Compose, deliver, receive, and test emails using the famili ar controller/view pattern. First-class support for multipart email and attachments. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-08-27T11:11:22", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: rubygem-actionmailer-5.0.0.1-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "modified": "2016-08-27T11:11:22", "id": "FEDORA:732356042D46", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SVDJLLIW67K6FGDQKQEY6EGTKQ7KXRQU/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: * handles all the bootstrapping process for a Rails application; * manager rails command line interface; * provides Rails generators core; ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-08-27T11:11:22", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: rubygem-railties-5.0.0.1-2.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "modified": "2016-08-27T11:11:22", "id": "FEDORA:335C96042D4E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JWPXPNMF2BDDQ7AGYMPNOYVDE3BN3RFG/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Simple, battle-tested conventions and helpers for building web pages. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-08-27T11:11:22", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: rubygem-actionview-5.0.0.1-2.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "modified": "2016-08-27T11:11:22", "id": "FEDORA:2B7856042D4C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/INSRTFAYYUM2XLIWRMW2ZQBU6VNPXG6B/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Structure many real-time application concerns into channels over a single WebSocket connection. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-08-27T11:11:22", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: rubygem-actioncable-5.0.0.1-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "modified": "2016-08-27T11:11:22", "id": "FEDORA:45DE46042D51", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XOQL7IU7SB6QJRWGKCHRPZQUOIURV63S/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Declare job classes that can be run by a variety of queueing backends. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-08-27T11:11:22", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: rubygem-activejob-5.0.0.1-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "modified": "2016-08-27T11:11:22", "id": "FEDORA:7E33C6042D49", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/R67FRLEDPZRRVMJS3A5LA6YIM5UQO4GY/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "A toolkit for building modeling frameworks like Active Record. Rich support for attributes, callbacks, validations, serialization, internationalization, and testing. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-08-27T11:11:22", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: rubygem-activemodel-5.0.0.1-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "modified": "2016-08-27T11:11:22", "id": "FEDORA:837166087EC2", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JNY6ZLXQZ4GJM4L5Z2JD42S4WMYF75U5/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Ruby on Rails is a full-stack web framework optimized for programmer happin ess and sustainable productivity. It encourages beautiful code by favoring convention over configuration. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-08-27T11:11:22", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: rubygem-rails-5.0.0.1-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "modified": "2016-08-27T11:11:22", "id": "FEDORA:909536087ECC", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WAMEZEEF5UHZPV5IDQY4ZP5VLSRSFHY5/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-08-27T11:11:22", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: rubygem-actionpack-5.0.0.1-2.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "modified": "2016-08-27T11:11:22", "id": "FEDORA:072A56042D49", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7SB36DN7LSLP2GHE4LNAQGWXRMHZEU5F/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-08-27T11:11:22", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: rubygem-activesupport-5.0.0.1-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "modified": "2016-08-27T11:11:22", "id": "FEDORA:9D8B2608A217", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MRQYAVBWV4UNQ5XC3LB5L44OYTI3JZ3W/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Implements the ActiveRecord pattern (Fowler, PoEAA) for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-08-27T11:11:22", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: rubygem-activerecord-5.0.0.1-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316", "CVE-2016-6317"], "modified": "2016-08-27T11:11:22", "id": "FEDORA:3C1406042D4F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5VQDB7AQ3WT2TSLDMYPYKXIMBJ7KYSJ6/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "gitlab": [{"lastseen": "2022-06-09T23:06:28", "description": "There is a possible XSS vulnerability in Action View. Text declared as \"HTML safe\" will not have quotes escaped when used as attribute values in tag helpers.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2016-09-07T00:00:00", "type": "gitlab", "title": "Possible XSS Vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2016-09-07T00:00:00", "id": "GITLAB-4592157653D70634A228B2043D8242B2", "href": "https://gitlab.com/api/v4/projects/12006272/repository/files/gem%2Factionview%2FCVE-2016-6316.yml/raw", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2022-03-23T14:52:15", "description": "Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as \"HTML safe\" and used as attribute values in tag handlers.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2016-09-07T19:28:00", "type": "cve", "title": "CVE-2016-6316", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2019-08-08T15:43:00", "cpe": ["cpe:/a:rubyonrails:rails:3.2.4", "cpe:/a:rubyonrails:ruby_on_rails:4.0.12", "cpe:/a:rubyonrails:rails:3.2.6", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:rubyonrails:rails:3.2.3", "cpe:/a:rubyonrails:rails:4.2.4", "cpe:/a:rubyonrails:rails:3.1.12", "cpe:/a:rubyonrails:ruby_on_rails:3.2.22.1", "cpe:/a:rubyonrails:rails:3.0.17", "cpe:/a:rubyonrails:rails:3.2.2", "cpe:/a:rubyonrails:rails:3.2.0", "cpe:/a:rubyonrails:rails:4.2.3", "cpe:/a:rubyonrails:rails:3.0.7", "cpe:/a:rubyonrails:rails:3.2.5", "cpe:/a:rubyonrails:rails:3.2.17", "cpe:/a:rubyonrails:rails:4.2.1", "cpe:/a:rubyonrails:ruby_on_rails:4.0.11", "cpe:/a:rubyonrails:rails:3.2.21", "cpe:/a:rubyonrails:rails:3.2.1", "cpe:/a:rubyonrails:rails:3.1.8", "cpe:/a:rubyonrails:rails:5.0.0", "cpe:/a:rubyonrails:rails:4.1.8", "cpe:/a:rubyonrails:rails:3.0.8", "cpe:/a:rubyonrails:ruby_on_rails:3.2.19", "cpe:/a:rubyonrails:rails:4.1.13", "cpe:/a:rubyonrails:rails:3.1.10", "cpe:/a:rubyonrails:rails:3.2.10", "cpe:/a:rubyonrails:rails:3.0.4", "cpe:/a:rubyonrails:rails:3.0.19", "cpe:/a:rubyonrails:rails:3.0.13", "cpe:/a:rubyonrails:rails:4.2.7", "cpe:/a:rubyonrails:rails:3.0.11", "cpe:/a:rubyonrails:rails:3.1.3", "cpe:/a:rubyonrails:rails:3.2.9", "cpe:/a:rubyonrails:rails:4.1.14", "cpe:/a:rubyonrails:rails:3.2.12", "cpe:/a:rubyonrails:rails:4.1.7.1", "cpe:/a:rubyonrails:rails:4.1.2", "cpe:/a:rubyonrails:rails:4.2.2", "cpe:/a:rubyonrails:rails:4.0.5", "cpe:/a:rubyonrails:rails:4.0.8", "cpe:/a:rubyonrails:rails:4.0.7", "cpe:/a:rubyonrails:rails:4.0.2", "cpe:/a:rubyonrails:rails:4.0.0", "cpe:/a:rubyonrails:rails:3.0.1", "cpe:/a:rubyonrails:rails:3.0.3", "cpe:/a:rubyonrails:ruby_on_rails:4.1.11", "cpe:/a:rubyonrails:rails:4.1.9", "cpe:/a:rubyonrails:rails:3.1.7", "cpe:/a:rubyonrails:rails:3.2.18", "cpe:/a:rubyonrails:rails:4.2.5", "cpe:/a:rubyonrails:ruby_on_rails:3.0.4", "cpe:/a:rubyonrails:ruby_on_rails:3.2.14", "cpe:/a:rubyonrails:rails:4.1.7", "cpe:/a:rubyonrails:ruby_on_rails:3.2.20", "cpe:/a:rubyonrails:rails:4.1.14.2", "cpe:/a:rubyonrails:rails:4.1.16", "cpe:/a:rubyonrails:rails:3.1.0", "cpe:/a:rubyonrails:rails:4.2.5.1", "cpe:/a:rubyonrails:rails:3.0.0", "cpe:/a:rubyonrails:rails:3.2.16", "cpe:/a:rubyonrails:rails:3.2.11", "cpe:/a:rubyonrails:rails:3.0.2", "cpe:/a:rubyonrails:rails:3.0.16", "cpe:/a:rubyonrails:ruby_on_rails:3.2.22", "cpe:/a:rubyonrails:rails:4.1.12", "cpe:/a:rubyonrails:rails:3.0.9", "cpe:/a:rubyonrails:rails:4.1.6", "cpe:/a:rubyonrails:rails:3.1.2", "cpe:/a:rubyonrails:ruby_on_rails:4.0.11.1", "cpe:/a:rubyonrails:rails:3.1.9", "cpe:/a:rubyonrails:rails:3.0.10", "cpe:/a:rubyonrails:rails:4.1.1", "cpe:/a:rubyonrails:rails:3.0.12", "cpe:/a:rubyonrails:rails:4.1.0", "cpe:/a:rubyonrails:rails:3.1.5", "cpe:/a:rubyonrails:rails:4.0.1", "cpe:/a:rubyonrails:rails:4.0.3", "cpe:/a:rubyonrails:rails:3.2.22.2", "cpe:/a:rubyonrails:rails:3.1.4", "cpe:/a:rubyonrails:rails:3.2.13", "cpe:/a:rubyonrails:ruby_on_rails:4.0.10", "cpe:/a:rubyonrails:rails:4.1.4", "cpe:/a:rubyonrails:rails:4.0.6", "cpe:/a:rubyonrails:rails:3.1.1", "cpe:/a:rubyonrails:rails:3.0.20", "cpe:/a:rubyonrails:rails:3.2.7", "cpe:/a:rubyonrails:rails:4.2.5.2", "cpe:/a:rubyonrails:ruby_on_rails:4.0.13", "cpe:/a:rubyonrails:rails:3.2.15", "cpe:/a:rubyonrails:rails:4.0.4", "cpe:/a:rubyonrails:rails:4.1.15", "cpe:/a:rubyonrails:rails:4.0.9", "cpe:/a:rubyonrails:rails:3.1.6", "cpe:/a:rubyonrails:rails:3.0.5", "cpe:/a:rubyonrails:rails:3.0.14", "cpe:/a:rubyonrails:rails:3.2.8", "cpe:/a:rubyonrails:ruby_on_rails:4.1.14.1", "cpe:/a:rubyonrails:rails:4.0.10", "cpe:/a:rubyonrails:rails:4.1.10", "cpe:/a:rubyonrails:rails:3.0.18", "cpe:/a:rubyonrails:rails:4.2.0", "cpe:/a:rubyonrails:rails:4.1.5", "cpe:/a:rubyonrails:ruby_on_rails:3.2.15", "cpe:/a:rubyonrails:rails:4.1.3", "cpe:/a:rubyonrails:ruby_on_rails:5.0.0", "cpe:/a:rubyonrails:rails:4.2.6", "cpe:/a:rubyonrails:rails:3.0.6"], "id": "CVE-2016-6316", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6316", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:3.2.15:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.14:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:5.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.15:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.6:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.9:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:3.2.14:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:5.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:4.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.13:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.15:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.13:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.13:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.10:rc4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:5.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.8:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.13:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:3.2.22.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:5.0.0:racecar1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.10:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.9:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:5.0.0:beta1.1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:5.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:5.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.12:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.8:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.22.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.10:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.14.2:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:5.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.16:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:4.1.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.10:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.1:rc4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:3.2.15:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.10:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.14:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:ruby_on_rails:3.2.14:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.2.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:rubyonrails:rails:4.1.10:rc1:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:52:13", "description": "The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-12-13T20:59:00", "type": "cve", "title": "CVE-2016-6313", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/a:gnupg:libgcrypt:1.6.0", "cpe:/a:gnupg:libgcrypt:1.7.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:gnupg:libgcrypt:1.7.2", "cpe:/a:gnupg:libgcrypt:1.6.3", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/a:gnupg:libgcrypt:1.6.5", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/a:gnupg:gnupg:1.4.14", "cpe:/a:gnupg:libgcrypt:1.6.1", "cpe:/a:gnupg:libgcrypt:1.6.2", "cpe:/a:gnupg:libgcrypt:1.6.4", "cpe:/a:gnupg:libgcrypt:1.7.1", "cpe:/a:gnupg:libgcrypt:1.5.3", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2016-6313", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6313", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnupg:libgcrypt:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:a:gnupg:gnupg:1.4.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnupg:libgcrypt:1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnupg:libgcrypt:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnupg:libgcrypt:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnupg:libgcrypt:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnupg:libgcrypt:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnupg:libgcrypt:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnupg:libgcrypt:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnupg:libgcrypt:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnupg:libgcrypt:1.7.1:*:*:*:*:*:*:*"]}], "osv": [{"lastseen": "2023-01-31T02:39:45", "description": "Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as \"HTML safe\" and used as attribute values in tag handlers.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2017-10-24T18:33:35", "type": "osv", "title": "actionview Cross-site Scripting vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2023-01-31T02:39:43", "id": "OSV:GHSA-PC3M-V286-2JWJ", "href": "https://osv.dev/vulnerability/GHSA-pc3m-v286-2jwj", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-21T08:25:32", "description": "\nAndrew Carpenter of Critical Juncture discovered a cross-site scripting\nvulnerability affecting Action View in rails, a web application\nframework written in Ruby. Text declared as HTML safe will not have\nquotes escaped when used as attribute values in tag helpers.\n\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2:4.1.8-1+deb8u4.\n\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2:4.2.7.1-1.\n\n\nWe recommend that you upgrade your rails packages.\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2016-08-25T00:00:00", "type": "osv", "title": "rails - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2022-07-21T05:49:10", "id": "OSV:DSA-3651-1", "href": "https://osv.dev/vulnerability/DSA-3651-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-21T08:25:31", "description": "\nFelix Doerre and Vladimir Klebanov from the Karlsruhe Institute of\nTechnology discovered a flaw in the mixing functions of Libgcrypt's\nrandom number generator. An attacker who obtains 4640 bits from the RNG\ncan trivially predict the next 160 bits of output.\n\n\nA first analysis on the impact of this bug for GnuPG shows that existing\nRSA keys are not weakened. For DSA and Elgamal keys it is also unlikely\nthat the private key can be predicted from other public information.\n\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.6.3-2+deb8u2.\n\n\nWe recommend that you upgrade your libgcrypt20 packages.\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-17T00:00:00", "type": "osv", "title": "libgcrypt20 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2022-07-21T05:49:10", "id": "OSV:DSA-3650-1", "href": "https://osv.dev/vulnerability/DSA-3650-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-10T07:11:37", "description": "\nFelix Doerre and Vladimir Klebanov from the Karlsruhe Institute of\nTechnology discovered a flaw in the mixing functions of GnuPG's random\nnumber generator. An attacker who obtains 4640 bits from the RNG can\ntrivially predict the next 160 bits of output.\n\n\nA first analysis on the impact of this bug for GnuPG shows that existing\nRSA keys are not weakened. For DSA and Elgamal keys it is also unlikely\nthat the private key can be predicted from other public information.\n\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.4.18-7+deb8u2.\n\n\nWe recommend that you upgrade your gnupg packages.\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-17T00:00:00", "type": "osv", "title": "gnupg - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2022-08-10T07:11:32", "id": "OSV:DSA-3649-1", "href": "https://osv.dev/vulnerability/DSA-3649-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-05T05:20:09", "description": "\n* [CVE-2016-6313](https://security-tracker.debian.org/tracker/CVE-2016-6313)\nFelix Doerre and Vladimir Klebanov from the Karlsruhe Institute of\n Technology discovered a flaw in the mixing functions of GnuPG's\n random number generator. An attacker who obtains 4640 bits from the RNG\n can trivially predict the next 160 bits of output.\n\n\nA first analysis on the impact of this bug for GnuPG shows that\n existing RSA keys are not weakened. For DSA and Elgamal keys it is also\n unlikely that the private key can be predicted from other public\n information.\n* Bypassing GnuPG key checking\n\n Weaknesses have been found in GnuPG signature validation that\n attackers could exploit thanks to especially forged public keys and\n under specific hardware-software conditions. While the underlying\n problem cannot be solved only by software, GnuPG has been\n strengthened, avoiding to rely on keyring signature caches when\n verifying keys. Potential specific attacks are not valid any more\n with the patch of GnuPG\n* Bypassing GnuPG key checking:\n\n Vrije Universiteit Amsterdam and Katholieke Universteit Leuven\n researchers discovered an attack method, known as Flip Feng Shui,\n that concerns flaws in GnuPG. Researchers found that under specific\n hardware-software conditions, attackers could bypass the GnuPG\n signature validation by using forged public keys. While the\n underlying problem cannot be solved only by software, GnuPG has been\n made more robust to avoid relying on keyring signature caches when\n verifying keys.\n\n\nFor Debian 7 Wheezy, these issues have been addressed in version\n1.4.12-7+deb7u8.\n\n\nWe recommend that you upgrade your gnupg packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-29T00:00:00", "type": "osv", "title": "gnupg - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2022-08-05T05:19:41", "id": "OSV:DLA-602-1", "href": "https://osv.dev/vulnerability/DLA-602-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-05T05:20:09", "description": "\nThe crypto library libgcrypt11 has a weakness in the random number\ngenerator.\n\n\n* [CVE-2016-6313](https://security-tracker.debian.org/tracker/CVE-2016-6313)\nFelix D\u0102\u015brre and Vladimir Klebanov from the Karlsruhe Institute of\n Technology found a bug in the mixing functions of Libgcrypt's random\n number generator. An attacker who obtains 4640 bits from the RNG can\n trivially predict the next 160 bits of output.\n\n\nA first analysis on the impact of this bug in GnuPG shows that existing\nRSA keys are not weakened. For DSA and Elgamal keys it is also unlikely\nthat the private key can be predicted from other public information.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n1.5.0-5+deb7u5.\n\n\nWe recommend that you upgrade your libgcrypt11 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-23T00:00:00", "type": "osv", "title": "libgcrypt11 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2022-08-05T05:19:41", "id": "OSV:DLA-600-1", "href": "https://osv.dev/vulnerability/DLA-600-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-05T05:19:46", "description": "\nMultiple vulnerabilities have been discovered in ruby-actionpack-3.2, a\nweb-flow and rendering framework and part of Rails:\n\n\n* [CVE-2015-7576](https://security-tracker.debian.org/tracker/CVE-2015-7576)\nA flaw was found in the way the Action Controller component compared\n user names and passwords when performing HTTP basic\n authentication. Time taken to compare strings could differ depending\n on input, possibly allowing a remote attacker to determine valid user\n names and passwords using a timing attack.\n* [CVE-2016-0751](https://security-tracker.debian.org/tracker/CVE-2016-0751)\nA flaw was found in the way the Action Pack component performed MIME\n type lookups. Since queries were cached in a global cache of MIME\n types, an attacker could use this flaw to grow the cache indefinitely,\n potentially resulting in a denial of service.\n* [CVE-2016-0752](https://security-tracker.debian.org/tracker/CVE-2016-0752)\nA directory traversal flaw was found in the way the Action View\n component searched for templates for rendering. If an application\n passed untrusted input to the render method, a remote,\n unauthenticated attacker could use this flaw to render unexpected\n files and, possibly, execute arbitrary code.\n* [CVE-2016-2097](https://security-tracker.debian.org/tracker/CVE-2016-2097)\nCrafted requests to Action View might result in rendering files from\n arbitrary locations, including files beyond the application's view\n directory. This vulnerability is the result of an incomplete fix of\n [CVE-2016-0752](https://security-tracker.debian.org/tracker/CVE-2016-0752). \n This bug was found by Jyoti Singh and Tobias Kraze\n from Makandra.\n* [CVE-2016-2098](https://security-tracker.debian.org/tracker/CVE-2016-2098)\nIf a web applications does not properly sanitize user inputs, an\n attacker might control the arguments of the render method in a\n controller or a view, resulting in the possibility of executing\n arbitrary ruby code. This bug was found by Tobias Kraze from\n Makandra and joernchen of Phenoelit.\n* [CVE-2016-6316](https://security-tracker.debian.org/tracker/CVE-2016-6316)\nAndrew Carpenter of Critical Juncture discovered a cross-site\n scripting vulnerability affecting Action View. Text declared as HTML\n safe will not have quotes escaped when used as attribute values in\n tag helpers.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n3.2.6-6+deb7u3.\n\n\nWe recommend that you upgrade your ruby-actionpack-3.2 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-08-28T00:00:00", "type": "osv", "title": "ruby-actionpack-3.2 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7576", "CVE-2016-0751", "CVE-2016-2098", "CVE-2016-0752", "CVE-2016-6316", "CVE-2016-2097"], "modified": "2022-08-05T05:19:42", "id": "OSV:DLA-604-1", "href": "https://osv.dev/vulnerability/DLA-604-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:32", "description": "\n\nRuby Security team reports:\n\nThere is a possible XSS vulnerability in Action View. Text declared as \"HTML\nsafe\" will not have quotes escaped when used as attribute values in tag\nhelpers. This vulnerability has been assigned the CVE identifier\nCVE-2016-6316.\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-08-11T00:00:00", "type": "freebsd", "title": "Rails 4 -- Possible XSS Vulnerability in Action View", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2016-08-11T00:00:00", "id": "43F1C867-654A-11E6-8286-00248C0C745D", "href": "https://vuxml.freebsd.org/freebsd/43f1c867-654a-11e6-8286-00248c0c745d.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-01-19T15:51:32", "description": "\n\nWerner Koch reports:\n\nThere was a bug in the mixing functions of Libgcrypt's random\n\t number generator: An attacker who obtains 4640 bits from the RNG can\n\t trivially predict the next 160 bits of output. This bug exists since\n\t 1998 in all GnuPG and Libgcrypt versions.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-17T00:00:00", "type": "freebsd", "title": "gnupg -- attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-11-30T00:00:00", "id": "E1C71D8D-64D9-11E6-B38A-25A46B33F2ED", "href": "https://vuxml.freebsd.org/freebsd/e1c71d8d-64d9-11e6-b38a-25a46b33f2ed.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "redhatcve": [{"lastseen": "2021-11-09T01:51:33", "description": "It was discovered that Action View tag helpers did not escape quotes when using strings declared as HTML safe as attribute values. A remote attacker could use this flaw to conduct a cross-site scripting (XSS) attack.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-08-12T06:18:33", "type": "redhatcve", "title": "CVE-2016-6316", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2021-11-08T23:52:14", "id": "RH:CVE-2016-6316", "href": "https://access.redhat.com/security/cve/cve-2016-6316", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-09-02T22:53:32", "description": "A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-18T21:04:33", "type": "redhatcve", "title": "CVE-2016-6313", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2020-08-18T08:31:37", "id": "RH:CVE-2016-6313", "href": "https://access.redhat.com/security/cve/cve-2016-6313", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "debian": [{"lastseen": "2021-10-21T22:25:16", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3651-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nAugust 25, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : rails\nCVE ID : CVE-2016-6316\nDebian Bug : 834155\n\nAndrew Carpenter of Critical Juncture discovered a cross-site scripting\nvulnerability affecting Action View in rails, a web application\nframework written in Ruby. Text declared as "HTML safe" will not have\nquotes escaped when used as attribute values in tag helpers.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2:4.1.8-1+deb8u4.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2:4.2.7.1-1.\n\nWe recommend that you upgrade your rails packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-08-25T16:20:10", "type": "debian", "title": "[SECURITY] [DSA 3651-1] rails security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2016-08-25T16:20:10", "id": "DEBIAN:DSA-3651-1:9DFD3", "href": "https://lists.debian.org/debian-security-announce/2016/msg00229.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-01-31T00:21:42", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3651-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nAugust 25, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : rails\nCVE ID : CVE-2016-6316\nDebian Bug : 834155\n\nAndrew Carpenter of Critical Juncture discovered a cross-site scripting\nvulnerability affecting Action View in rails, a web application\nframework written in Ruby. Text declared as "HTML safe" will not have\nquotes escaped when used as attribute values in tag helpers.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2:4.1.8-1+deb8u4.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2:4.2.7.1-1.\n\nWe recommend that you upgrade your rails packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-08-25T16:20:10", "type": "debian", "title": "[SECURITY] [DSA 3651-1] rails security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6316"], "modified": "2016-08-25T16:20:10", "id": "DEBIAN:DSA-3651-1:ADB0B", "href": "https://lists.debian.org/debian-security-announce/2016/msg00229.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-21T22:25:25", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3649-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nAugust 17, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : gnupg\nCVE ID : CVE-2016-6313\n\nFelix Doerre and Vladimir Klebanov from the Karlsruhe Institute of\nTechnology discovered a flaw in the mixing functions of GnuPG's random\nnumber generator. An attacker who obtains 4640 bits from the RNG can\ntrivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that existing\nRSA keys are not weakened. For DSA and Elgamal keys it is also unlikely\nthat the private key can be predicted from other public information.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.4.18-7+deb8u2.\n\nWe recommend that you upgrade your gnupg packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-17T21:35:30", "type": "debian", "title": "[SECURITY] [DSA 3649-1] gnupg security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-17T21:35:30", "id": "DEBIAN:DSA-3649-1:AE6CF", "href": "https://lists.debian.org/debian-security-announce/2016/msg00227.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-12T11:23:56", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3650-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nAugust 17, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libgcrypt20\nCVE ID : CVE-2016-6313\n\nFelix Doerre and Vladimir Klebanov from the Karlsruhe Institute of\nTechnology discovered a flaw in the mixing functions of Libgcrypt's\nrandom number generator. An attacker who obtains 4640 bits from the RNG\ncan trivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that existing\nRSA keys are not weakened. For DSA and Elgamal keys it is also unlikely\nthat the private key can be predicted from other public information.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.6.3-2+deb8u2.\n\nWe recommend that you upgrade your libgcrypt20 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-17T21:35:36", "type": "debian", "title": "[SECURITY] [DSA 3650-1] libgcrypt20 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-17T21:35:36", "id": "DEBIAN:DSA-3650-1:6E145", "href": "https://lists.debian.org/debian-security-announce/2016/msg00228.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-22T23:03:21", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3649-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nAugust 17, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : gnupg\nCVE ID : CVE-2016-6313\n\nFelix Doerre and Vladimir Klebanov from the Karlsruhe Institute of\nTechnology discovered a flaw in the mixing functions of GnuPG's random\nnumber generator. An attacker who obtains 4640 bits from the RNG can\ntrivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that existing\nRSA keys are not weakened. For DSA and Elgamal keys it is also unlikely\nthat the private key can be predicted from other public information.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.4.18-7+deb8u2.\n\nWe recommend that you upgrade your gnupg packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-17T21:35:30", "type": "debian", "title": "[SECURITY] [DSA 3649-1] gnupg security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-17T21:35:30", "id": "DEBIAN:DSA-3649-1:95408", "href": "https://lists.debian.org/debian-security-announce/2016/msg00227.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-23T21:55:49", "description": "Package : libgcrypt11\nVersion : 1.5.0-5+deb7u5\nCVE ID : CVE-2016-6313\n\nThe crypto library libgcrypt11 has a weakness in the random number\ngenerator.\n\nCVE-2016-6313\n\n Felix D\u00f6rre and Vladimir Klebanov from the Karlsruhe Institute of\n Technology found a bug in the mixing functions of Libgcrypt's random\n number generator. An attacker who obtains 4640 bits from the RNG can\n trivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug in GnuPG shows that existing\nRSA keys are not weakened. For DSA and Elgamal keys it is also unlikely\nthat the private key can be predicted from other public information.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1.5.0-5+deb7u5.\n\nWe recommend that you upgrade your libgcrypt11 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-23T19:52:26", "type": "debian", "title": "[SECURITY] [DLA 600-1] libgcrypt11 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-23T19:52:26", "id": "DEBIAN:DLA-600-1:7BD95", "href": "https://lists.debian.org/debian-lts-announce/2016/08/msg00025.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-23T21:55:35", "description": "Package : gnupg\nVersion : 1.4.12-7+deb7u8\nCVE ID : CVE-2016-6313\nDebian Bug : 834893\n\n\nCVE-2016-6313\n\n Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of\n Technology discovered a flaw in the mixing functions of GnuPG's\n random number generator. An attacker who obtains 4640 bits from the RNG\n can trivially predict the next 160 bits of output.\n\n A first analysis on the impact of this bug for GnuPG shows that\n existing RSA keys are not weakened. For DSA and Elgamal keys it is also\n unlikely that the private key can be predicted from other public\n information.\n\nBypassing GnuPG key checking:\n\n Weaknesses have been found in GnuPG signature validation that\n attackers could exploit thanks to especially forged public keys and\n under specific hardware-software conditions. While the underlying\n problem cannot be solved only by software, GnuPG has been\n strengthened, avoiding to rely on keyring signature caches when\n verifying keys. Potential specific attacks are not valid any more\n with the patch of GnuPG\n\n\nBypassing GnuPG key checking:\n\n Vrije Universiteit Amsterdam and Katholieke Universteit Leuven\n researchers discovered an attack method, known as Flip Feng Shui,\n that concerns flaws in GnuPG. Researchers found that under specific\n hardware-software conditions, attackers could bypass the GnuPG\n signature validation by using forged public keys. While the\n underlying problem cannot be solved only by software, GnuPG has been\n made more robust to avoid relying on keyring signature caches when\n verifying keys.\n\n\nFor Debian 7 "Wheezy", these issues have been addressed in version\n1.4.12-7+deb7u8.\n\nWe recommend that you upgrade your gnupg packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-29T20:25:52", "type": "debian", "title": "[SECURITY] [DLA 602-1] gnupg security and hardening update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-29T20:25:52", "id": "DEBIAN:DLA-602-1:6FA82", "href": "https://lists.debian.org/debian-lts-announce/2016/08/msg00030.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-21T22:25:37", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3650-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nAugust 17, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libgcrypt20\nCVE ID : CVE-2016-6313\n\nFelix Doerre and Vladimir Klebanov from the Karlsruhe Institute of\nTechnology discovered a flaw in the mixing functions of Libgcrypt's\nrandom number generator. An attacker who obtains 4640 bits from the RNG\ncan trivially predict the next 160 bits of output.\n\nA first analysis on the impact of this bug for GnuPG shows that existing\nRSA keys are not weakened. For DSA and Elgamal keys it is also unlikely\nthat the private key can be predicted from other public information.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.6.3-2+deb8u2.\n\nWe recommend that you upgrade your libgcrypt20 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-17T21:35:36", "type": "debian", "title": "[SECURITY] [DSA 3650-1] libgcrypt20 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-17T21:35:36", "id": "DEBIAN:DSA-3650-1:73134", "href": "https://lists.debian.org/debian-security-announce/2016/msg00228.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-23T21:55:51", "description": "Package : ruby-actionpack-3.2\nVersion : 3.2.6-6+deb7u3\nCVE ID : CVE-2015-7576 CVE-2016-0751 CVE-2016-0752 CVE-2016-2097 \n CVE-2016-2098 CVE-2016-6316\n\nMultiple vulnerabilities have been discovered in ruby-actionpack-3.2, a\nweb-flow and rendering framework and part of Rails:\n\nCVE-2015-7576\n\n A flaw was found in the way the Action Controller component compared\n user names and passwords when performing HTTP basic\n authentication. Time taken to compare strings could differ depending\n on input, possibly allowing a remote attacker to determine valid user\n names and passwords using a timing attack.\n\nCVE-2016-0751\n\n A flaw was found in the way the Action Pack component performed MIME\n type lookups. Since queries were cached in a global cache of MIME\n types, an attacker could use this flaw to grow the cache indefinitely,\n potentially resulting in a denial of service.\n\nCVE-2016-0752\n\n A directory traversal flaw was found in the way the Action View\n component searched for templates for rendering. If an application\n passed untrusted input to the 'render' method, a remote,\n unauthenticated attacker could use this flaw to render unexpected\n files and, possibly, execute arbitrary code.\n\nCVE-2016-2097\n\n Crafted requests to Action View might result in rendering files from\n arbitrary locations, including files beyond the application's view\n directory. This vulnerability is the result of an incomplete fix of\n CVE-2016-0752. This bug was found by Jyoti Singh and Tobias Kraze\n from Makandra.\n\nCVE-2016-2098\n\n If a web applications does not properly sanitize user inputs, an\n attacker might control the arguments of the render method in a\n controller or a view, resulting in the possibility of executing\n arbitrary ruby code. This bug was found by Tobias Kraze from\n Makandra and joernchen of Phenoelit.\n\nCVE-2016-6316\n\n Andrew Carpenter of Critical Juncture discovered a cross-site\n scripting vulnerability affecting Action View. Text declared as "HTML\n safe" will not have quotes escaped when used as attribute values in\n tag helpers.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n3.2.6-6+deb7u3.\n\nWe recommend that you upgrade your ruby-actionpack-3.2 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-08-28T18:14:37", "type": "debian", "title": "[SECURITY] [DLA 604-1] ruby-actionpack-3.2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7576", "CVE-2016-0751", "CVE-2016-0752", "CVE-2016-2097", "CVE-2016-2098", "CVE-2016-6316"], "modified": "2016-08-28T18:14:37", "id": "DEBIAN:DLA-604-1:2A425", "href": "https://lists.debian.org/debian-lts-announce/2016/08/msg00028.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "threatpost": [{"lastseen": "2018-10-06T22:54:54", "description": "New versions of Libgcrypt and Gnu Privacy Guard (GnuPG or GPG) released on Wednesday include security fixes for vulnerabilities discovered in the mixing functions of the Libgcrypt random number generator.\n\nThe flaws were privately disclosed by Felix D\u00f6rre and Vladimir Klebanov of Karlsruhe Institute of Technology in Germany, and according to an [advisory](<http://lists.gnu.org/archive/html/info-gnu/2016-08/msg00008.html>) from the GnuPG Project, the bug has been in all GnuPG and Libgcrypt versions since 1998.\n\n\u201cAn attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output,\u201d said Werner Koch, who wrote GPG in 1997.\n\nGPG is a free implementation of OpenPGP, and is used by applications to encrypt and digitally sign data and communication between parties. Libgcrypt is the crypto library used by GPG since version 2.x.\n\nKoch wrote yesterday that all versions on all platforms are affected by the vulnerability.\n\n\u201cA first analysis on the impact of this bug in GnuPG shows that existing RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely that the private key can be predicted from other public information,\u201d Koch wrote in the advisory. \u201cThis needs more research and I would suggest not to overhasty revoke keys.\u201d\n\nA request for additional comment from Koch was not returned in time for publication.\n\nUsers are advised to either wait for a vendor patch, or for home-grown applications using GPG 2.0.x or 2.1.x, Libgcrypt should be updated. For earlier versions of GPG such as 1.4.x, users are urged to immediately update to GPG 1.4.21.\n\nKoch\u2019s financial struggles in keeping GPG afloat were in the news more than a year ago after a [profile](<https://www.propublica.org/article/the-worlds-email-encryption-software-relies-on-one-guy-who-is-going-broke>) in Pro Publica. At the time, the project was running out of money after a fund-raising effort raised $43,000, well short of the $137,000 Koch was hoping for. Koch wanted the money to boost his own salary and hire a developer.\n\nShortly after the Pro Publica article went live, donations poured in to GPG to the tune of [\u20ac120,000 from the Core Infrastructure Initiative and individual donors](<https://threatpost.com/security-tech-communities-rally-to-support-gnupg/110894/>).\n\n\u201cAs the main author of GnuPG, I like to thank everyone for supporting the project, be it small or large individual donations, helping users, providing corporate sponsorship, working on the software, and for all the encouraging words,\u201d Koch said at the time.\n", "cvss3": {}, "published": "2016-08-18T12:39:21", "type": "threatpost", "title": "GPG Patches 18-Year-Old Libgcrypt RNG Bug", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2016-6316"], "modified": "2016-08-23T18:56:40", "id": "THREATPOST:82E1359D397101F2CCA1968657708DB7", "href": "https://threatpost.com/gpg-patches-18-year-old-libgcrypt-rng-bug/119984/", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "slackware": [{"lastseen": "2021-07-28T14:46:50", "description": "New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\n14.2, and -current to fix a security issue.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/gnupg-1.4.21-i586-1_slack14.2.txz: Upgraded.\n Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who\n obtains 580 bytes from the standard RNG can trivially predict the next\n 20 bytes of output. (This is according to the NEWS file included in the\n source. According to the annoucement linked below, an attacker who obtains\n 4640 bits from the RNG can trivially predict the next 160 bits of output.)\n Problem detected by Felix Doerre and Vladimir Klebanov, KIT.\n For more information, see:\n https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/gnupg-1.4.21-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/gnupg-1.4.21-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/gnupg-1.4.21-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/gnupg-1.4.21-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/gnupg-1.4.21-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/gnupg-1.4.21-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gnupg-1.4.21-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gnupg-1.4.21-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/gnupg-1.4.21-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/gnupg-1.4.21-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/gnupg-1.4.21-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/gnupg-1.4.21-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/gnupg-1.4.21-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/gnupg-1.4.21-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 package:\nad17f87851028e4d5cb29676a6fea7f6 gnupg-1.4.21-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n650dde6cc6bcdc6c13da90e6d5ac5f5a gnupg-1.4.21-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\ncb0755d93986a8df059ff531236f5adc gnupg-1.4.21-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n8459f1510a4fe319a42e6f87d7a05600 gnupg-1.4.21-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\nad785789eb17bd355ac9befa05c03905 gnupg-1.4.21-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\nacc63f9119344496925efd85a911f38c gnupg-1.4.21-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\ne7820ceca9a28c2c56929fd464384417 gnupg-1.4.21-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n765c22a321312e0b6a02ed4218e1d2b5 gnupg-1.4.21-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n1c0220324a41709919f77c942e7e8b17 gnupg-1.4.21-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\nb08ee4540ec6552176c322c36c5da3e9 gnupg-1.4.21-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\n5bdc1c890fd2f1bdb63bbd9e47ff5d4f gnupg-1.4.21-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n7088d02a89172c997b799d34f9b84f7c gnupg-1.4.21-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n2808c06200971813a071efae1fb5f03a n/gnupg-1.4.21-i586-1.txz\n\nSlackware x86_64 -current package:\ndb3de668806143ab7a3b05b3af16a91e n/gnupg-1.4.21-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg gnupg-1.4.21-i586-1_slack14.2.txz", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-23T20:58:51", "type": "slackware", "title": "[slackware-security] gnupg", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-23T20:58:51", "id": "SSA-2016-236-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.567121", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "New libgcrypt packages are available for Slackware 13.0, 13.1, 13.37, 14.0,\n14.1, 14.2, and -current to fix a security issue.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/libgcrypt-1.7.3-i586-1_slack14.2.txz: Upgraded.\n Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who\n obtains 580 bytes from the standard RNG can trivially predict the next\n 20 bytes of output. (This is according to the NEWS file included in the\n source. According to the annoucement linked below, an attacker who obtains\n 4640 bits from the RNG can trivially predict the next 160 bits of output.)\n Problem detected by Felix Doerre and Vladimir Klebanov, KIT.\n For more information, see:\n https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/libgcrypt-1.5.6-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/libgcrypt-1.5.6-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/libgcrypt-1.5.6-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/libgcrypt-1.5.6-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/libgcrypt-1.5.6-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/libgcrypt-1.5.6-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libgcrypt-1.5.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libgcrypt-1.5.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/libgcrypt-1.5.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/libgcrypt-1.5.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/libgcrypt-1.7.3-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/libgcrypt-1.7.3-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/libgcrypt-1.7.3-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/libgcrypt-1.7.3-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 package:\n746744e7851ec64143ca9f11d5120916 libgcrypt-1.5.6-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\ndc471573d1de585f6b32dbf44c9171ad libgcrypt-1.5.6-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\nec165ecd16ab861b1bb8b85ac22eda24 libgcrypt-1.5.6-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n22c6a54adafdd6910308f4b8a986739c libgcrypt-1.5.6-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\nc8cb4bf4670f7a2027beb3cac7e42d12 libgcrypt-1.5.6-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n5871b9e016439689a793f079c44abfde libgcrypt-1.5.6-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n5eeaa749b2a610140b6f1f10f0d5229d libgcrypt-1.5.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n836394a52faaf7d29d0622b0cff79464 libgcrypt-1.5.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n57412d10a69f5adbe9c73ff27339fd77 libgcrypt-1.5.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\neab31a839b016bb8cc988a32c0eca984 libgcrypt-1.5.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\n48d41635054a9b27ae35fa64dbb5ae9a libgcrypt-1.7.3-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\nd056790a1a39ee8ba7bd2fdc93b0409a libgcrypt-1.7.3-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n40066b89b5950e4198fbed0eab7eb42e n/libgcrypt-1.7.3-i586-1.txz\n\nSlackware x86_64 -current package:\n7b0c774415b931d2d47a90e45b5f9bbf n/libgcrypt-1.7.3-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg libgcrypt-1.7.3-i586-1_slack14.2.txz", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-23T21:12:28", "type": "slackware", "title": "[slackware-security] libgcrypt", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-23T21:12:28", "id": "SSA-2016-236-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.580916", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "ubuntu": [{"lastseen": "2023-01-26T13:21:49", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * libgcrypt11 \\- LGPL Crypto library\n * libgcrypt20 \\- LGPL Crypto library\n\nFelix D\u00f6rre and Vladimir Klebanov discovered that Libgcrypt incorrectly \nhandled mixing functions in the random number generator. An attacker able \nto obtain 4640 bits from the RNG can trivially predict the next 160 bits of \noutput.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-18T00:00:00", "type": "ubuntu", "title": "Libgcrypt vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-18T00:00:00", "id": "USN-3065-1", "href": "https://ubuntu.com/security/notices/USN-3065-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-26T13:21:52", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * gnupg \\- GNU privacy guard - a free PGP replacement\n\nFelix D\u00f6rre and Vladimir Klebanov discovered that GnuPG incorrectly handled \nmixing functions in the random number generator. An attacker able to obtain \n4640 bits from the RNG can trivially predict the next 160 bits of output.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-08-18T00:00:00", "type": "ubuntu", "title": "GnuPG vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-18T00:00:00", "id": "USN-3064-1", "href": "https://ubuntu.com/security/notices/USN-3064-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:38", "description": "USN-3064-1 GnuPG vulnerability\n\n# \n\nHigh\n\n# Vendor\n\nCanonical Ubuntu, gnupg\n\n# Versions Affected\n\nCanonical Ubuntu 14.04 LTS\n\n# Description\n\nFelix D\u00f6rre and Vladimir Klebanov discovered that GnuPG incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.\n\n# Affected Products and Versions\n\n_Severity is high unless otherwise noted._\n\n * Cloud Foundry BOSH stemcells 3146.x versions prior to 3146.20 AND 3232.x versions prior to 3232.17 AND other versions prior to 3262.8 are vulnerable\n * All versions of Cloud Foundry cflinuxfs2 prior to v.1.77.0\n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * The Cloud Foundry team has released patched BOSH stemcells 3146.20 and 3232.17 with an upgraded Linux kernel that resolves the aforementioned issues. We recommend that Operators upgrade BOSH stemcell 3146.x versions to 3146.20 OR 3232.x versions to 3232.17\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 v.1.77.0 or later versions\n\n# Credit\n\nFelix D\u00f6rre and Vladimir Klebanov\n\n# References\n\n * <http://www.ubuntu.com/usn/usn-3064-1/>\n * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6313.html>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-25T00:00:00", "type": "cloudfoundry", "title": "USN-3064-1 GnuPG vulnerability | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-25T00:00:00", "id": "CFOUNDRY:DF71BD718B40AA273105C1C0F1596B78", "href": "https://www.cloudfoundry.org/blog/usn-3064-1/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:59", "description": "USN-3065-1 Libgcrypt vulnerability\n\n# \n\nHigh\n\n# Vendor\n\nCanonical Ubuntu, libgcrypt\n\n# Versions Affected\n\nCanonical Ubuntu 14.04 LTS\n\n# Description\n\nFelix D\u00f6rre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.\n\n# Affected Products and Versions\n\n_Severity is high unless otherwise noted._\n\n * Cloud Foundry BOSH stemcells 3146.x versions prior to 3146.20 AND 3232.x versions prior to 3232.17 AND other versions prior to 3262.8 are vulnerable\n * All versions of Cloud Foundry cflinuxfs2 prior to v.1.77.0\n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * The Cloud Foundry team has released patched BOSH stemcells 3146.20 and 3232.17 with an upgraded Linux kernel that resolves the aforementioned issues. We recommend that Operators upgrade BOSH stemcell 3146.x versions to 3146.20 OR 3232.x versions to 3232.17\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 v.1.77.0 or later versions\n\n# Credit\n\nFelix D\u00f6rre and Vladimir Klebanov\n\n# References\n\n * <http://www.ubuntu.com/usn/usn-3065-1/>\n * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6313.html>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-08-25T00:00:00", "type": "cloudfoundry", "title": "USN-3065-1 Libgcrypt vulnerability | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2016-08-25T00:00:00", "id": "CFOUNDRY:B3A2912E2A16CBACF55AF388FBE6486C", "href": "https://www.cloudfoundry.org/blog/usn-3065-1/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "ibm": [{"lastseen": "2022-06-28T22:01:11", "description": "## Summary\n\nPowerKVM is affected by a vulnerability in GnuPG (gpg). IBM has now addressed this vulnerability.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6313_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313>)** \nDESCRIPTION:** GnuPG could provide weaker than expected security, caused by an error in the mixing functions when obtaining 4640 bits from the random number generator. A local attacker could exploit this vulnerability to predict the next 160 bits of output. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nPowerKVM 2.1 and PowerKVM 3.1\n\n## Remediation/Fixes\n\nCustomers can update PowerKVM systems by using \"yum update\". \n\nFix images are made available via Fix Central. For version 3.1, see [_https://ibm.biz/BdHggw_](<https://ibm.biz/BdHggw>). This issue is addressed as of 3.1.0.2 update 4 or later.\n\nFor version 2.1, see [_https://ibm.biz/BdEnT8_](<https://ibm.biz/BdEnT8>). This issue is addressed as of PowerKVM 2.1.1.3-65 update 14 or later. Customers running v2.1 are, in any case, encouraged to upgrade to v3.1. \n\nFor v2.1 systems currently running fix levels of PowerKVM prior to 2.1.1, please see <http://download4.boulder.ibm.com/sar/CMA/OSA/05e4c/0/README> for prerequisite fixes and instructions.\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n11 November 2016 - Initial Version\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSZJY4\",\"label\":\"PowerKVM\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"2.1;3.1\",\"Edition\":\"KVM\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-18T01:34:46", "type": "ibm", "title": "Security Bulletin: A vulnerability in GnuPG (gpg) affects PowerKVM", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2018-06-18T01:34:46", "id": "8B4CC73011167596109EFD0BA70C811D59A50965E0AAD7C2D7DA86316FA118D0", "href": "https://www.ibm.com/support/pages/node/630445", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T21:58:51", "description": "## Summary\n\nA security vulnerability has been identified in libgcrypt that is embedded in IBM FSM. This bulletin addresses this issue.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6313_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313>)** \nDESCRIPTION:** GnuPG could provide weaker than expected security, caused by an error in the mixing functions when obtaining 4640 bits from the random number generator. A local attacker could exploit this vulnerability to predict the next 160 bits of output. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nFlex System Manager 1.3.4.0 \nFlex System Manager 1.3.3.0 \nFlex System Manager 1.3.2.1 \nFlex System Manager 1.3.2.0\n\n## Remediation/Fixes\n\nIBM recommends updating the FSM using the instructions referenced in this table. \n \n\n\nProduct | \n\nVRMF | \n\nAPAR\n\n| \n\nRemediation \n---|---|---|--- \nFlex System Manager| \n\n1.3.4.0 | \n\nIT18400\n\n| Install [fsmfix1.3.4.0_IT13720_IT13721_IT13722_IT18327_IT18400](<https://www-945.ibm.com/support/fixcentral/systemx/selectFixes?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.4.0_IT13720_IT13721_IT13722_IT18327_IT18400&function=fixId&parent=Flex%20System%20Manager%20NodeFlex%20System%20Manager>) \nFlex System Manager| \n\n1.3.3.0 | \n\nIT18400\n\n| Install [fsmfix1.3.3.0_IT13720_IT13721_IT13722_IT18327_IT18400](<https://www-945.ibm.com/support/fixcentral/systemx/selectFixes?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.3.0_IT13720_IT13721_IT13722_IT18327_IT18400&function=fixId&parent=Flex%20System%20Manager%20NodeFlex%20System%20Manager>) \nFlex System Manager| \n\n1.3.2.1 \n1.3.2.0 | \n\nIT18400\n\n| Install [fsmfix1.3.2.0_IT13720_IT13721_IT13722_IT18327_IT18400](<https://www-945.ibm.com/support/fixcentral/systemx/selectFixes?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.2.0_IT13720_IT13721_IT13722_IT18327_IT18400&function=fixId&parent=Flex%20System%20Manager%20NodeFlex%20System%20Manager>) \n \nFor all VRMF not listed in this table, IBM recommends upgrading to a fixed and supported version/release of the product. \n \nFor a complete list of FSM security bulletins refer to this technote: [http://www-01.ibm.com/support/docview.wss?uid=nas7797054ebc3d9857486258027006ce4a0&myns=purflex&mync=E&cm_sp=purflex-_-NULL-_-E](<http://www-01.ibm.com/support/docview.wss?uid=nas7797054ebc3d9857486258027006ce4a0&myns=purflex&mync=E&cm_sp=purflex-_-NULL-_-E>)\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n9 February 2017 : Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"HW94A\",\"label\":\"Flex System Manager Node\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-18T01:34:54", "type": "ibm", "title": "Security Bulletin: IBM Flex System Manager (FSM) is affected by a libgcrypt vulnerability (CVE-2016-6313)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2018-06-18T01:34:54", "id": "927D213CF016C010F13879F9D8E4AC305BF37EE59B64B1549C0071589F0702F4", "href": "https://www.ibm.com/support/pages/node/630549", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:07:57", "description": "## Summary\n\nA security vulnerability has been discovered in GnuPG libgcrypt, which is used by IBM Security Network Protection.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6313_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313>)** \nDESCRIPTION:** GnuPG could provide weaker than expected security, caused by an error in the mixing functions when obtaining 4640 bits from the random number generator. A local attacker could exploit this vulnerability to predict the next 160 bits of output. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Security Network Protection 5.3.1 \nIBM Security Network Protection 5.3.2 \nIBM Security Network Protection 5.3.3\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Network Protection| Firmware version 5.3.1| Download Firmware 5.3.1.12 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \nIBM Security Network Protection| Firmware version 5.3.2| Install Firmware 5.3.2.6 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \nIBM Security Network Protection| Firmware version 5.3.3| Install Firmware 5.3.3.2 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector. \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n23 January 2017: Original Version Published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSHLHV\",\"label\":\"IBM Security Network Protection\"},\"Business Unit\":{\"code\":\"BU008\",\"label\":\"Security\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"5.3.1;5.3.2;5.3.3\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T21:48:00", "type": "ibm", "title": "Security Bulletin: A vulnerability in GnuPG libgcrypt affects IBM Security Network Protection (CVE-2016-6313)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2018-06-16T21:48:00", "id": "5C12DC641A667DCADAC10263796450E0302631025429D8CEEB90F65ED4829071", "href": "https://www.ibm.com/support/pages/node/556951", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:13:00", "description": "## Summary\n\nA vulnerability has been identified in the libgcrypt library. IBM Security Access Manager appliances use the libgcrypt library and are affected by this vulnerability. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-6313](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313>)** \nDESCRIPTION:** GnuPG could provide weaker than expected security, caused by an error in the mixing functions when obtaining 4640 bits from the random number generator. A local attacker could exploit this vulnerability to predict the next 160 bits of output. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116169> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Security Access Manager for Web 7.0 appliances, all firmware versions. \n\nIBM Security Access Manager for Web 8.0 appliances, all firmware versions.\n\nIBM Security Access Manager for Mobile 8.0 appliances, all firmware versions.\n\nIBM Security Access Manager 9.0 appliances, all firmware versions.\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Security Access Manager for Web| 7.0 (appliance)| IV93302| Apply Interim Fix 28: \n[7.0.0-ISS-WGA-IF0028](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=All&function=all>) \nIBM Security Access Manager for Web| 8.0.0.0 - \n8.0.1.5| IV93202| 1\\. For versions prior to 8.0.1.5, upgrade to 8.0.1.5:[](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0.1.3&platform=All&function=all>) \n[_8.0.1-ISS-WGA-FP0005_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0.1.3&platform=All&function=all>) \n2\\. Upgrade to 8.0.1.5 IF 1: \n[8.0.1.5-ISS-WGA-IF0001](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0.1.3&platform=All&function=all>) \nIBM Security Access Manager for Mobile| 8.0.0.0 - \n8.0.1.5| IV93277| 1\\. For versions prior to 8.0.1.5, upgrade to 8.0.1.5: \n[8.0.1-ISS-ISAM-FP0005](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Security+Access+Manager+for+Mobile&release=8.0&platform=Linux&function=all>) \n2\\. Upgrade to 8.0.1.5 IF 1: \n[8.0.1.5-ISS-ISAM-IF0001](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Security+Access+Manager+for+Mobile&release=8.0&platform=Linux&function=all>) \nIBM Security Access Manager| 9.0 - \n9.0.2.0| IV93202| 1\\. For versions prior to 9.0.2.1, upgrade to 9.0.2.1: \n[9.0.2-ISS-ISAM-FP0001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=All&function=all>) \n2\\. Upgrade to 9.0.2.1 IF 1: \n[9.0.2.1-ISS-ISAM-IF0001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\nMarch 1, 2017: Original version published.\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSZU8Q\",\"label\":\"IBM Security Access Manager\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF004\",\"label\":\"Appliance\"}],\"Version\":\"7.0.0;8.0.0;8.0.0.1;8.0.0.2;8.0.0.3;8.0.0.4;8.0.0.5;8.0.1;8.0.1.2;8.0.1.3;8.0.1.4;8.0.1.5;9.0.0;9.0.0.1;9.0.1.0;9.0.2.0;9.0.2.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}},{\"Product\":{\"code\":\"SSELE6\",\"label\":\"IBM Security Access Manager for Mobile\"},\"Business Unit\":{\"code\":\"BU008\",\"label\":\"Security\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}},{\"Product\":{\"code\":\"SSPREK\",\"label\":\"Tivoli Access Manager for e-business\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T21:50:47", "type": "ibm", "title": "Security Bulletin: IBM Security Access Manager appliances are affected by a vulnerability in the libgcrypt library (CVE-2016-6313)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2018-06-16T21:50:47", "id": "33B6CBB8081412DA408587701C61992C02CC1E10DDB76307EC7B8232686CEBD3", "href": "https://www.ibm.com/support/pages/node/293171", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-27T14:04:34", "description": "## Summary\n\nGnuPG could provide weaker than expected security, caused by an error in the mixing functions when obtaining 4640 bits from the random number generator. \n\n## Vulnerability Details\n\n**CVEID:** CVE-2016-6313 \n**DESCRIPTION: **GnuPG could provide weaker than expected security, caused by an error in the mixing functions when obtaining 4640 bits from the random number generator. A local attacker could exploit this vulnerability to predict the next 160 bits of output. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM SmartCloud Entry 2.3.0 through 2.3.0.4 Appliance fix pack 8, \nIBM SmartCloud Entry 2.4.0 through 2.4.0.4 Appliance fix pack 8, \nIBM SmartCloud Entry 3.1.0 through 3.1.0.4 Appliance fix pack 23, \nIBM SmartCloud Entry 3.2.0 through 3.2.0.4 Appliance fix pack 23\n\n## Remediation/Fixes\n\n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nSmartCloud Entry| 2.3| None| IBM SmartCloud Entry 2.3.0 Appliance Fixpack 9: \n[_http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=2.3.0.4-IBM-SCE_APPL-FP009&source=SAR_](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=2.3.0.4-IBM-SCE_APPL-FP009&source=SAR>) \nSmartCloud Entry| 2.4| None| IBM SmartCloud Entry 2.4.0 Appliance Fixpack 9: \n[_https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=2.4.0.4-IBM-SCE_APPL-FP009&source=SAR&function=fixId&parent=ibm/Other%20software_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=2.4.0.4-IBM-SCE_APPL-FP009&source=SAR&function=fixId&parent=ibm/Other%20software>)[](<https://www-304.ibm.com/support/docview.wss?uid=swg24029672>) \nSmartCloud Entry| 3.1| None| IBM SmartCloud Entry 3.1.0 Appliance Fixpack 24: \n[_http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.1.0.4-IBM-SCE_APPL-FP24&source=SAR_](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.1.0.4-IBM-SCE_APPL-FP24&source=SAR>)[](<https://www-304.ibm.com/support/docview.wss?uid=swg24029672>) \nSmartCloud Entry| 3.2| None| IBM SmartCloud Entry 3.2.1 Appliance Fixpack 24: \n[_https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.2.0.4-IBM-SCE_APPL-FP24&source=SAR&function=fixId&parent=ibm/Other%20software_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.2.0.4-IBM-SCE_APPL-FP24&source=SAR&function=fixId&parent=ibm/Other%20software>)[](<https://www-304.ibm.com/support/docview.wss?uid=swg24029672>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\nInitial draft dated April 20 2017\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/bulletin/#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n[{\"Product\":{\"code\":\"SST55W\",\"label\":\"IBM Cloud Manager with OpenStack\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"2.3;2.4;3.1;3.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-07-19T00:49:12", "type": "ibm", "title": "Security Bulletin: Vulnerability in libgcrypt affects SmartCloud Entry (CVE-2016-6313 )", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6313"], "modified": "2020-07-19T00:49:12", "id": "3748D5D5E28C61B362169801F8AAE3C6357CA051B4D0B3BC3023361E60F00EBD", "href": "https://www.ibm.com/support/pages/node/631009", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-29T02:03:16", "description": "## Summary\n\nMultiple security vulnerabilities have been fixed in products bundled with IBM Security Directory Suite 8.0 and 8.0.1\n\n## Vulnerability Details\n\nCVEID: CVE-2016-0718 \nDESCRIPTION: Expat is vulnerable to a buffer overflow, caused by improper bounds checking when processing malformed XML data. By using the Expat library, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the victim or cause the application to crash. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113408> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \nCVEID: CVE-2016-2834 \nDESCRIPTION: Mozilla Network Security Services (NSS), as used in Mozilla Firefox, could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113870> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \nCVEID: CVE-2016-5285 \nDESCRIPTION: Mozilla Network Security Services (NSS), as used in Mozilla Firefox, is vulnerable to a denial of service, caused by a NULL pointer dereference in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime when handling invalid Diffie-Hellman keys. A remote attacker could exploit this vulnerability to crash a TLS/SSL server. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119189> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \nCVEID: CVE-2016-6313 \nDESCRIPTION: GnuPG could provide weaker than expected security, caused by an error in the mixing functions when obtaining 4640 bits from the random number generator. A local attacker could exploit this vulnerability to predict the next 160 bits of output. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116169> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \nCVEID: CVE-2016-8635 \nDESCRIPTION: Mozilla Network Security Services (NSS), as used in Mozilla Firefox, could allow a remote attacker to obtain sensitive information, caused by a small subgroup confinement attack in Diffie Hellman Client key exchange handling. By confining the client DH key to small subgroup of the desired group, a remote attacker could exploit this vulnerability to recover private keys. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119190> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Security Directory Suite 8.0 and 8.0.1\n\n## Remediation/Fixes\n\n**Product**\n\n| **Remediation** \n---|--- \nIBM Security Directory Suite 8.0| _Contact IBM Support_ \nIBM Security Directory Suite 8.0.1| [IBM Security Directory Suite 8.0.1.1](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FTivoli%2FIBM+Security+Directory+Suite&fixids=8.0.1.1-ISS-ISDS_20170301-2234.pkg&function=fixId&parent=IBM%20Security>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n14 Mar 2017 : Original draft \n17 Mar 2017: Contact support for SDS 8.0 remediation\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SS3Q78\",\"label\":\"IBM Security Directory Suite\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Virtual appliance\",\"Platform\":[{\"code\":\"PF004\",\"label\":\"Appliance\"}],\"Version\":\"8.0;8.0.1\",\"Edition\":\"All Editions\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:51:06", "type": "ibm", "title": "Security Bulletin: Multiple security vulnerabilities have been fixed in products bundled with IBM Security Directory Suite 8.0 and 8.0.1", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0718", "CVE-2016-2834", "CVE-2016-5285", "CVE-2016-6313", "CVE-2016-8635"], "modified": "2018-06-16T21:51:06", "id": "8A062C54043BB0CF7A61252E03FA7EAA12FF8430AE6C1DCE76464220A82D6828", "href": "https://www.ibm.com/support/pages/node/294289", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-28T22:05:21", "description": "## Summary\n\nIBM Security Guardium is affected by Using Components with Known vulnerabilities. IBM Security Guardium has fixed these vulnerabilities\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2014-3584_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3584>)** \nDESCRIPTION:** Apache CXF is vulnerable to a denial of service, caused by the processing of SAML tokens received in the authorization header of a request by the Apache CXF JAX-RS service. By passing malicious values using the SamlHeaderInHandler, an attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/97753_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/97753>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2014-3538_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538>)** \nDESCRIPTION:** Fine Free file is vulnerable to a denial of service, caused by the failure to properly restrict the amount of data read during a regex search. A remote attacker could exploit this vulnerability using a specially-crafted file to consume all available CPU resources. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/94324_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/94324>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2016-9311_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311>)** \nDESCRIPTION:** NTP is vulnerable to a denial of service, caused by a NULL pointer dereference when trap service has been enabled. By sending specially crafted packets, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 4.4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119086_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119086>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-9310_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9310>)** \nDESCRIPTION:** NTP is vulnerable to a denial of service, caused by an error in the control mode (mode 6) functionality. By sending specially crafted control mode packets, a remote attacker could exploit this vulnerability to obtain sensitive information and cause the application to crash. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119087_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119087>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)\n\n**CVEID:** [_CVE-2016-9147_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147>)** \nDESCRIPTION:** ISC BIND is vulnerable to a denial of service, caused by the improper handling of responses containing DNSSEC-related RRsets that are inconsistent with other RRsets in the same query response. By sending a malformed response, a remote attacker could exploit this vulnerability to trigger an assertion failure. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/120473_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/120473>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-8635_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8635>)** \nDESCRIPTION:** Mozilla Network Security Services (NSS), as used in Mozilla Firefox, could allow a remote attacker to obtain sensitive information, caused by a small subgroup confinement attack in Diffie Hellman Client key exchange handling. By confining the client DH key to small subgroup of the desired group, a remote attacker could exploit this vulnerability to recover private keys. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119190_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119190>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-7545_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7545>)** \nDESCRIPTION:** Policycoreutils could allow a remote attacker to execute arbitrary commands on the system, caused by a TIOCSTI ioctl attack in the provided sandbox tool. By persuading a victim to run a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119020_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119020>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-7433_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7433>)** \nDESCRIPTION:** NTP is vulnerable to a denial of service, caused by the inclusion of the root delay allowing for an incorrect root distance calculation. An attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 1.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119095_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119095>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-7429_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7429>)** \nDESCRIPTION:** NTP is vulnerable to a denial of service, caused by an attack on interface selection. By sending specially crafted packets with spoofed source address, a physical attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 1.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119093_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119093>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-7426_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7426>)** \nDESCRIPTION:** NTP is vulnerable to a denial of service, caused by the improper handling of invalid server responses. By sending specially crafted packets with spoofed source address, a remote attacker could exploit this vulnerability to a denial of service. \nCVSS Base Score: 1.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119094_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119094>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-7117_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7117>)** \nDESCRIPTION:** Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in __sys_recvmmsg function in net/socket.c. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117765_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117765>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-7076_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7076>)** \nDESCRIPTION:** Sudo could allow a local authenticated attacker to execute arbitrary commands on the system, caused by the bypass of the sudo noexec restriction. By running an application via sudo executed wordexp() C library function with a user supplied argument, an attacker could exploit this vulnerability to execute arbitrary commands with elevated privileges. \nCVSS Base Score: 6.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119502_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119502>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-7032_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7032>)** \nDESCRIPTION:** Sudo could allow a local authenticated attacker to execute arbitrary commands on the system, caused by the bypass of the sudo noexec restriction. By running an application via sudo executed system() or popen() C library functions with a user supplied argument, an attacker could exploit this vulnerability to execute arbitrary commands with elevated privileges. \nCVSS Base Score: 6.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119500_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119500>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-6313_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313>)** \nDESCRIPTION:** GnuPG could provide weaker than expected security, caused by an error in the mixing functions when obtaining 4640 bits from the random number generator. A local attacker could exploit this vulnerability to predict the next 160 bits of output. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6306_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6304_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6302_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-5699_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699>)** \nDESCRIPTION:** urllib2 and urllib for Python are vulnerable to HTTP header injection, caused by improper validation of input. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to inject arbitrary HTTP headers, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/114200_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114200>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [_CVE-2016-5424_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5424>)** \nDESCRIPTION:** PostgreSQL could allow a remote authenticated attacker to gain elevated privileges on the system, caused by the improper handling of database and role names containing newlines, carriage returns, double quotes, or backslashes. By running certain maintenance programs, an attacker could grant the user superuser privileges. \nCVSS Base Score: 8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116075_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116075>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-5408_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5408>)** \nDESCRIPTION:** SQUID is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the munge_other_line function in the cachemgr.cgi. By sending specially crafted data, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116203_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116203>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-5285_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5285>)** \nDESCRIPTION:** Mozilla Network Security Services (NSS), as used in Mozilla Firefox, is vulnerable to a denial of service, caused by a NULL pointer dereference in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime when handling invalid Diffie-Hellman keys. A remote attacker could exploit this vulnerability to crash a TLS/SSL server. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119189_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119189>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2834_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834>)** \nDESCRIPTION:** Mozilla Network Security Services (NSS), as used in Mozilla Firefox, could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113870_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113870>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-2182_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2181_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2180_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2179_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2178_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-1248_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1248>)** \nDESCRIPTION:** Vim could allow a local attacker to execute arbitrary code on the system, caused by the improper validation of the ''filetype'', ''syntax'' and ''keymap'' options. By using a specially-crafted filee with a malicious modeline, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119191_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119191>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-0787_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787>)** \nDESCRIPTION:** libssh2 could provide weaker than expected security, caused by a type confusion error during the SSHv2 handshake resulting in the generation of a reduced amount of random bits for Diffie-Hellman. An attacker could exploit this vulnerability using the truncated Diffie-Hellman secret to launch further attacks on the system. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111562_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111562>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [_CVE-2016-0772_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0772>)** \nDESCRIPTION:** Python''s smtplib library is vulnerable to a stripping attack. An exception isn''t returned by the Python''s smtplib library if StartTLS fails to establish correctly in the SMTP.starttls() function. An attacker with man-in-the-middle ability could exploit this vulnerability to strip out the STARTTLS command without generating an exception on the python SMTP client application and prevent the establishment of the TLS layer. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/114287_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114287>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [_CVE-2016-0718_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718>)** \nDESCRIPTION:** Expat is vulnerable to a buffer overflow, caused by improper bounds checking when processing malformed XML data. By using the Expat library, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the victim or cause the application to crash. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113408_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113408>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2015-7940_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7940>)** \nDESCRIPTION:** Bouncy Castle could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability using an invalid curve attack to extract private keys used in elliptic curve cryptography and obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107739_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107739>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2015-2575_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2575>)** \nDESCRIPTION:** An unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component has partial confidentiality impact, partial integrity impact, and no availability impact. \nCVSS Base Score: 4.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/102348_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/102348>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:S/C:P/I:P/A:N)\n\n**CVEID:** [_CVE-2015-0254_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254>)** \nDESCRIPTION:** Apache Standard Taglibs could allow a remote attacker to execute arbitrary code on the system, caused by an XML External Entity Injection (XXE) error when processing XML data. By sending specially-crafted XML data, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101550_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101550>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [_CVE-2014-9653_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653>)** \nDESCRIPTION:** file could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in readelf.c. By persuading a victim to open a specially-crafted elf file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/100749_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/100749>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [_CVE-2014-9620_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620>)** \nDESCRIPTION:** File is vulnerable to a denial of service, caused by an error in the ELF parser. A remote attacker could exploit this vulnerability using an overly long string to cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/100258_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/100258>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2014-8117_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117>)** \nDESCRIPTION:** file(1) is vulnerable to a denial of service, caused by an error in the softmagic.c file. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/99419_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/99419>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2014-8116_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116>)** \nDESCRIPTION:** file(1) is vulnerable to a denial of service, caused by an error in the readelf.c file. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/99418_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/99418>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2014-3710_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710>)** \nDESCRIPTION:** PHP is vulnerable to a denial of service, caused by an out-of-bounds read in the donote() function. By persuading a victim to open a specially-crafted elf file, a remote attacker could exploit this vulnerability to cause the executable to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/98385_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/98385>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2014-3587_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587>)** \nDESCRIPTION:** PHP is vulnerable to a denial of service, caused by an incomplete fix related to the cdf_read_property_info() function. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/95408_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/95408>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nIBM Security Guardium V10.0, 10.0.1, 10.1, 10.1.2 \n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Guardium| 10x| [_https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p230_GPU_Jun-2017-V10.1.3&includeSupersedes=0&source=fc_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p230_GPU_Jun-2017-V10.1.3&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n08/17/2017: Original publish date\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSMPHH\",\"label\":\"IBM Security Guardium\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"10.0;10.0.1;10.1;10.1.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T22:02:01", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by Using Components with Known vulnerabilities (multiple CVEs)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3538", "CVE-2014-3584", "CVE-2014-3587", "CVE-2014-3710", "CVE-2014-8116", "CVE-2014-8117", "CVE-2014-9620", "CVE-2014-9653", "CVE-2015-0254", "CVE-2015-2575", "CVE-2015-7940", "CVE-2016-0718", "CVE-2016-0772", "CVE-2016-0787", "CVE-2016-1248", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2834", "CVE-2016-5285", "CVE-2016-5408", "CVE-2016-5424", "CVE-2016-5699", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6313", "CVE-2016-7032", "CVE-2016-7076", "CVE-2016-7117", "CVE-2016-7426", "CVE-2016-7429", "CVE-2016-7433", "CVE-2016-7545", "CVE-2016-8635", "CVE-2016-9147", "CVE-2016-9310", "CVE-2016-9311"], "modified": "2018-06-16T22:02:01", "id": "A9C254F86614D2334E5A1624EEBD7497A5FA74BEC3159FA2530927B6C4A89585", "href": "https://www.ibm.com/support/pages/node/566897", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-28T21:59:33", "description": "## Summary\n\nIBM Security Guardium is affected by Using Components with Known Vulnerabilities. IBM Security Guardium has fixed these vulnerabilities \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2014-3584_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3584>)** \nDESCRIPTION:** Apache CXF is vulnerable to a denial of service, caused by the processing of SAML tokens received in the authorization header of a request by the Apache CXF JAX-RS service. By passing malicious values using the SamlHeaderInHandler, an attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/97753_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/97753>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n\n**CVEID:** [_CVE-2014-3538_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538>)** \nDESCRIPTION:** Fine Free file is vulnerable to a denial of service, caused by the failure to properly restrict the amount of data read during a regex search. A remote attacker could exploit this vulnerability using a specially-crafted file to consume all available CPU resources. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/94324_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/94324>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2016-9311_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311>)** \nDESCRIPTION:** NTP is vulnerable to a denial of service, caused by a NULL pointer dereference when trap service has been enabled. By sending specially crafted packets, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 4.4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119086_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119086>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-9310_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9310>)** \nDESCRIPTION:** NTP is vulnerable to a denial of service, caused by an error in the control mode (mode 6) functionality. By sending specially crafted control mode packets, a remote attacker could exploit this vulnerability to obtain sensitive information and cause the application to crash. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119087_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119087>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)\n\n**CVEID:** [_CVE-2016-9147_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147>)** \nDESCRIPTION:** ISC BIND is vulnerable to a denial of service, caused by the improper handling of responses containing DNSSEC-related RRsets that are inconsistent with other RRsets in the same query response. By sending a malformed response, a remote attacker could exploit this vulnerability to trigger an assertion failure. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/120473_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/120473>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-8635_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8635>)** \nDESCRIPTION:** Mozilla Network Security Services (NSS), as used in Mozilla Firefox, could allow a remote attacker to obtain sensitive information, caused by a small subgroup confinement attack in Diffie Hellman Client key exchange handling. By confining the client DH key to small subgroup of the desired group, a remote attacker could exploit this vulnerability to recover private keys. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119190_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119190>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-7545_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7545>)** \nDESCRIPTION:** Policycoreutils could allow a remote attacker to execute arbitrary commands on the system, caused by a TIOCSTI ioctl attack in the provided sandbox tool. By persuading a victim to run a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119020_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119020>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-7433_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7433>)** \nDESCRIPTION:** NTP is vulnerable to a denial of service, caused by the inclusion of the root delay allowing for an incorrect root distance calculation. An attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 1.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119095_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119095>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-7429_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7429>)** \nDESCRIPTION:** NTP is vulnerable to a denial of service, caused by an attack on interface selection. By sending specially crafted packets with spoofed source address, a physical attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 1.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119093_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119093>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-7426_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7426>)** \nDESCRIPTION:** NTP is vulnerable to a denial of service, caused by the improper handling of invalid server responses. By sending specially crafted packets with spoofed source address, a remote attacker could exploit this vulnerability to a denial of service. \nCVSS Base Score: 1.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119094_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119094>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-7117_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7117>)** \nDESCRIPTION:** Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in __sys_recvmmsg function in net/socket.c. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117765_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117765>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-7076_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7076>)** \nDESCRIPTION:** Sudo could allow a local authenticated attacker to execute arbitrary commands on the system, caused by the bypass of the sudo noexec restriction. By running an application via sudo executed wordexp() C library function with a user supplied argument, an attacker could exploit this vulnerability to execute arbitrary commands with elevated privileges. \nCVSS Base Score: 6.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119502_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119502>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-7032_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7032>)** \nDESCRIPTION:** Sudo could allow a local authenticated attacker to execute arbitrary commands on the system, caused by the bypass of the sudo noexec restriction. By running an application via sudo executed system() or popen() C library functions with a user supplied argument, an attacker could exploit this vulnerability to execute arbitrary commands with elevated privileges. \nCVSS Base Score: 6.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119500_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119500>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-6313_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313>)** \nDESCRIPTION:** GnuPG could provide weaker than expected security, caused by an error in the mixing functions when obtaining 4640 bits from the random number generator. A local attacker could exploit this vulnerability to predict the next 160 bits of output. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116169_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116169>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6306_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6304_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6302_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-5699_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699>)** \nDESCRIPTION:** urllib2 and urllib for Python are vulnerable to HTTP header injection, caused by improper validation of input. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to inject arbitrary HTTP headers, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/114200_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114200>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [_CVE-2016-5424_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5424>)** \nDESCRIPTION:** PostgreSQL could allow a remote authenticated attacker to gain elevated privileges on the system, caused by the improper handling of database and role names containing newlines, carriage returns, double quotes, or backslashes. By running certain maintenance programs, an attacker could grant the user superuser privileges. \nCVSS Base Score: 8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116075_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116075>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-5408_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5408>)** \nDESCRIPTION:** SQUID is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the munge_other_line function in the cachemgr.cgi. By sending specially crafted data, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116203_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116203>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-5285_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5285>)** \nDESCRIPTION:** Mozilla Network Security Services (NSS), as used in Mozilla Firefox, is vulnerable to a denial of service, caused by a NULL pointer dereference in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime when handling invalid Diffie-Hellman keys. A remote attacker could exploit this vulnerability to crash a TLS/SSL server. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119189_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119189>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2834_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834>)** \nDESCRIPTION:** Mozilla Network Security Services (NSS), as used in Mozilla Firefox, could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113870_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113870>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-2182_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2181_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2180_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2179_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2178_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-1248_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1248>)** \nDESCRIPTION:** Vim could allow a local attacker to execute arbitrary code on the system, caused by the improper validation of the ''filetype'', ''syntax'' and ''keymap'' options. By using a specially-crafted filee with a malicious modeline, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119191_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119191>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-0787_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787>)** \nDESCRIPTION:** libssh2 could provide weaker than expected security, caused by a type confusion error during the SSHv2 handshake resulting in the generation of a reduced amount of random bits for Diffie-Hellman. An attacker could exploit this vulnerability using the truncated Diffie-Hellman secret to launch further attacks on the system. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111562_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111562>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [_CVE-2016-0772_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0772>)** \nDESCRIPTION:** Python''s smtplib library is vulnerable to a stripping attack. An exception isn''t returned by the Python''s smtplib library if StartTLS fails to establish correctly in the SMTP.starttls() function. An attacker with man-in-the-middle ability could exploit this vulnerability to strip out the STARTTLS command without generating an exception on the python SMTP client application and prevent the establishment of the TLS layer. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/114287_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114287>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [_CVE-2016-0718_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718>)** \nDESCRIPTION:** Expat is vulnerable to a buffer overflow, caused by improper bounds checking when processing malformed XML data. By using the Expat library, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the victim or cause the application to crash. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113408_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113408>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2015-7940_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7940>)** \nDESCRIPTION:** Bouncy Castle could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability using an invalid curve attack to extract private keys used in elliptic curve cryptography and obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/107739_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107739>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2015-2575_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2575>)** \nDESCRIPTION:** An unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component has partial confidentiality impact, partial integrity impact, and no availability impact. \nCVSS Base Score: 4.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/102348_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/102348>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:S/C:P/I:P/A:N)\n\n**CVEID:** [_CVE-2015-0254_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254>)** \nDESCRIPTION:** Apache Standard Taglibs could allow a remote attacker to execute arbitrary code on the system, caused by an XML External Entity Injection (XXE) error when processing XML data. By sending specially-crafted XML data, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101550_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101550>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [_CVE-2014-9653_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653>)** \nDESCRIPTION:** file could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in readelf.c. By persuading a victim to open a specially-crafted elf file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/100749_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/100749>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [_CVE-2014-9620_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620>)** \nDESCRIPTION:** File is vulnerable to a denial of service, caused by an error in the ELF parser. A remote attacker could exploit this vulnerability using an overly long string to cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/100258_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/100258>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2014-8117_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117>)** \nDESCRIPTION:** file(1) is vulnerable to a denial of service, caused by an error in the softmagic.c file. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/99419_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/99419>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2014-8116_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116>)** \nDESCRIPTION:** file(1) is vulnerable to a denial of service, caused by an error in the readelf.c file. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/99418_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/99418>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2014-3710_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710>)** \nDESCRIPTION:** PHP is vulnerable to a denial of service, caused by an out-of-bounds read in the donote() function. By persuading a victim to open a specially-crafted elf file, a remote attacker could exploit this vulnerability to cause the executable to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/98385_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/98385>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [_CVE-2014-3587_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587>)** \nDESCRIPTION:** PHP is vulnerable to a denial of service, caused by an incomplete fix related to the cdf_read_property_info() function. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/95408_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/95408>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n## Affected Products and Versions\n\nIBM Security Guardium V10.0, 10.0.1, 10.1, 10.1.2, 10.1.3\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Guardium| 10.0-10.1.3| [www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=Linux&function=fixId&fixids=SqlGuard_10.0p400_GPU_Dec-2017-V10.1.4&includeSupersedes=0&source=fc](<www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=Linux&function=fixId&fixids=SqlGuard_10.0p400_GPU_Dec-2017-V10.1.4&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n12/19/17: Original Version Published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSMPHH\",\"label\":\"IBM Security Guardium\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"10.0;10.0.1;10.1;10.1.2;10.1.3\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T22:03:01", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by Using Components with Known Vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3538", "CVE-2014-3584", "CVE-2014-3587", "CVE-2014-3710", "CVE-2014-8116", "CVE-2014-8117", "CVE-2014-9620", "CVE-2014-9653", "CVE-2015-0254", "CVE-2015-2575", "CVE-2015-7940", "CVE-2016-0718", "CVE-2016-0772", "CVE-2016-0787", "CVE-2016-1248", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2834", "CVE-2016-5285", "CVE-2016-5408", "CVE-2016-5424", "CVE-2016-5699", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6313", "CVE-2016-7032", "CVE-2016-7076", "CVE-2016-7117", "CVE-2016-7426", "CVE-2016-7429", "CVE-2016-7433", "CVE-2016-7545", "CVE-2016-8635", "CVE-2016-9147", "CVE-2016-9310", "CVE-2016-9311"], "modified": "2018-06-16T22:03:01", "id": "233226C0332001C81596C237819F64BB35F4B49297346F216B4DC90C72D26485", "href": "https://www.ibm.com/support/pages/node/297165", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-28T22:07:08", "description": "## Question\n\nWhat Technotes exist for the IBM Security Network Protection / IBM QRadar Network Security (XGS) sensor?\n\n## Answer\n\nThe content below includes a list of all technical notes published under IBM Security Network Protection / IBM QRadar Network Security by category and sorted by popularity. Users can expand or collapse each section below using the + / - buttons. As new documentation is released, this content will be updated and new articles added. Click Expand All prior to starting a CTRL-F search. \n\n## IBM QRadar Network Security, IBM Security Network Protection\n\nExpand All\n\n\\+ \\--\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[7047980](<http://www.ibm.com/support/docview.wss?uid=swg27047980>) | [May 2018 Newsletter from Infrastructure Security Support ](<http://www.ibm.com/support/docview.wss?uid=swg27047980>) | 2018-05-24 | 1 \n[1998843](<http://www.ibm.com/support/docview.wss?uid=swg21998843>) | [IBM QRadar Network Security firmware update 5.4.0 release notes](<http://www.ibm.com/support/docview.wss?uid=swg21998843>) | 2017-05-08 | 2 \n[2010305](<http://www.ibm.com/support/docview.wss?uid=swg22010305>) | [Security Bulletin: IBM Security Network Protection is affected by vulnerabilities in OpenSSH (CVE-2016-6210 CVE-2016-6515 CVE-2016-10009 CVE-2016-10011)](<http://www.ibm.com/support/docview.wss?uid=swg22010305>) | 2018-02-15 | 3 \n[1902736](<http://www.ibm.com/support/docview.wss?uid=swg21902736>) | [System requirements for IBM QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21902736>) | 2017-04-14 | 4 \n[2003331](<http://www.ibm.com/support/docview.wss?uid=swg22003331>) | [5.3.3.2-ISS-XGS-All-Models-Hotfix-IF0007](<http://www.ibm.com/support/docview.wss?uid=swg22003331>) | 2017-05-15 | 5 \n[2008340](<http://www.ibm.com/support/docview.wss?uid=swg22008340>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in openssh (CVE-2016-10009 CVE-2016-10011 CVE-2016-10012 CVE-2016-6210 CVE-2016-6515)](<http://www.ibm.com/support/docview.wss?uid=swg22008340>) | 2018-02-15 | 6 \n[2008339](<http://www.ibm.com/support/docview.wss?uid=swg22008339>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in tcpdump](<http://www.ibm.com/support/docview.wss?uid=swg22008339>) | 2018-02-15 | 7 \n[2008854](<http://www.ibm.com/support/docview.wss?uid=swg22008854>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel](<http://www.ibm.com/support/docview.wss?uid=swg22008854>) | 2018-02-15 | 8 \n[2008853](<http://www.ibm.com/support/docview.wss?uid=swg22008853>) | [Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in glibc](<http://www.ibm.com/support/docview.wss?uid=swg22008853>) | 2018-02-15 | 9 \n[2009835](<http://www.ibm.com/support/docview.wss?uid=swg22009835>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerability in subversion (CVE-2017-9800)](<http://www.ibm.com/support/docview.wss?uid=swg22009835>) | 2018-02-15 | 10 \n[2007316](<http://www.ibm.com/support/docview.wss?uid=swg22007316>) | [5.4.0.1-ISS-XGS-All-Models-Hotfix-IF0004](<http://www.ibm.com/support/docview.wss?uid=swg22007316>) | 2017-08-24 | 11 \n[2001911](<http://www.ibm.com/support/docview.wss?uid=swg22001911>) | [Unable to upgrade IBM QRadar Network Security firmware version 5.3.x to 5.4.x from the inserted USB flash drive.](<http://www.ibm.com/support/docview.wss?uid=swg22001911>) | 2017-12-11 | 12 \n[2007535](<http://www.ibm.com/support/docview.wss?uid=swg22007535>) | [Security Bulletin: IBM QRadar Network Security is affected by a less-secure algorithm during negotiations vulnerability (CVE-2017-1491)](<http://www.ibm.com/support/docview.wss?uid=swg22007535>) | 2018-02-15 | 13 \n[1996987](<http://www.ibm.com/support/docview.wss?uid=swg21996987>) | [IBM QRadar Network Security 5.4 Web Services API ](<http://www.ibm.com/support/docview.wss?uid=swg21996987>) | 2017-04-18 | 14 \n[2007918](<http://www.ibm.com/support/docview.wss?uid=swg22007918>) | [Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg22007918>) | 2018-02-15 | 15 \n[1988573](<http://www.ibm.com/support/docview.wss?uid=swg21988573>) | [IBM QRadar Network Security (XGS) Web Services API](<http://www.ibm.com/support/docview.wss?uid=swg21988573>) | 2017-04-14 | 16 \n[2007554](<http://www.ibm.com/support/docview.wss?uid=swg22007554>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in bash (CVE-2016-9401, CVE-2016-7543, CVE-2016-0634)](<http://www.ibm.com/support/docview.wss?uid=swg22007554>) | 2018-02-15 | 17 \n[1995440](<http://www.ibm.com/support/docview.wss?uid=swg21995440>) | [Security Bulletin: A vulnerability in Expat XML parser affects IBM Security Network Protection (CVE-2016-0718) ](<http://www.ibm.com/support/docview.wss?uid=swg21995440>) | 2018-02-15 | 18 \n[7049539](<http://www.ibm.com/support/docview.wss?uid=swg27049539>) | [Open Mic replay: What is new in the latest XGS firmware updates - 29 March 2017 (Includes link to video; presentation is attached)](<http://www.ibm.com/support/docview.wss?uid=swg27049539>) | 2017-04-15 | 19 \n[2007557](<http://www.ibm.com/support/docview.wss?uid=swg22007557>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in libtasn1 (CVE-2015-3622, CVE-2015-2806)](<http://www.ibm.com/support/docview.wss?uid=swg22007557>) | 2018-02-15 | 20 \n[2003343](<http://www.ibm.com/support/docview.wss?uid=swg22003343>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22003343>) | 2018-02-15 | 21 \n[2007551](<http://www.ibm.com/support/docview.wss?uid=swg22007551>) | [Security Bulletin: IBM QRadar Network Security is affected by potential issues of XML External Entity Injection (CVE-2017-1458)](<http://www.ibm.com/support/docview.wss?uid=swg22007551>) | 2018-02-15 | 22 \n[2004744](<http://www.ibm.com/support/docview.wss?uid=swg22004744>) | [Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities in Linux Kernel](<http://www.ibm.com/support/docview.wss?uid=swg22004744>) | 2018-02-15 | 23 \n[2007315](<http://www.ibm.com/support/docview.wss?uid=swg22007315>) | [5.4.0.1-ISS-XGS-All-Models-Hotfix-IF0003 ](<http://www.ibm.com/support/docview.wss?uid=swg22007315>) | 2017-08-24 | 24 \n[2007550](<http://www.ibm.com/support/docview.wss?uid=swg22007550>) | [Security Bulletin: IBM QRadar Network Security is affected by potential issues of Cross-Site Scripting (CVE-2017-1457)](<http://www.ibm.com/support/docview.wss?uid=swg22007550>) | 2018-02-15 | 25 \n[2007539](<http://www.ibm.com/support/docview.wss?uid=swg22007539>) | [Security Bulletin: IBM QRadar Network Security has updated commons-fileupload for known vulnerabilities (CVE-2016-3092)](<http://www.ibm.com/support/docview.wss?uid=swg22007539>) | 2018-02-15 | 26 \n[2007553](<http://www.ibm.com/support/docview.wss?uid=swg22007553>) | [Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in Curl (CVE-2016-7167)](<http://www.ibm.com/support/docview.wss?uid=swg22007553>) | 2018-02-15 | 27 \n[1987978](<http://www.ibm.com/support/docview.wss?uid=swg21987978>) | [Security Bulletin: Vulnerabilities in OpenSSH affect IBM Security Network Protection (CVE-2015-5352, CVE-2015-6563, and CVE-2015-6564) ](<http://www.ibm.com/support/docview.wss?uid=swg21987978>) | 2018-02-15 | 28 \n[2005764](<http://www.ibm.com/support/docview.wss?uid=swg22005764>) | [Security Bulletin: IBM Security Network Protection is affected by a vulnerability in glibc](<http://www.ibm.com/support/docview.wss?uid=swg22005764>) | 2018-02-15 | 29 \n[1979372](<http://www.ibm.com/support/docview.wss?uid=swg21979372>) | [Security Bulletin: A vulnerability in libssh2 affects IBM Security Network Protection (CVE-2016-0787) ](<http://www.ibm.com/support/docview.wss?uid=swg21979372>) | 2018-02-15 | 30 \n[1996290](<http://www.ibm.com/support/docview.wss?uid=swg21996290>) | [5.3.3-ISS-XGS-All-Models-Hotfix-IF0007](<http://www.ibm.com/support/docview.wss?uid=swg21996290>) | 2017-04-14 | 31 \n[2007552](<http://www.ibm.com/support/docview.wss?uid=swg22007552>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel](<http://www.ibm.com/support/docview.wss?uid=swg22007552>) | 2018-02-15 | 32 \n[1988243](<http://www.ibm.com/support/docview.wss?uid=swg21988243>) | [5.3.2.3-ISS-XGS-All-Models-Hotfix-IF0007](<http://www.ibm.com/support/docview.wss?uid=swg21988243>) | 2017-04-14 | 33 \n[1993670](<http://www.ibm.com/support/docview.wss?uid=swg21993670>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection (CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554, and CVE-2016-5542)](<http://www.ibm.com/support/docview.wss?uid=swg21993670>) | 2018-02-15 | 34 \n[1996808](<http://www.ibm.com/support/docview.wss?uid=swg21996808>) | [5.3.1.11-ISS-XGS-All-Models-Hotfix-IF0002](<http://www.ibm.com/support/docview.wss?uid=swg21996808>) | 2017-04-14 | 35 \n[2001802](<http://www.ibm.com/support/docview.wss?uid=swg22001802>) | [5.3.3.2-ISS-XGS-All-Models-Hotfix-IF0005](<http://www.ibm.com/support/docview.wss?uid=swg22001802>) | 2017-04-18 | 36 \n[1980157](<http://www.ibm.com/support/docview.wss?uid=swg21980157>) | [Security Bulletin: Vulnerabilities in Kerberos (krb5) affect IBM Security Network Protection (CVE-2015-8629, and CVE-2015-8631) ](<http://www.ibm.com/support/docview.wss?uid=swg21980157>) | 2018-02-15 | 37 \n[1991724](<http://www.ibm.com/support/docview.wss?uid=swg21991724>) | [Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection ](<http://www.ibm.com/support/docview.wss?uid=swg21991724>) | 2018-02-15 | 38 \n[1999248](<http://www.ibm.com/support/docview.wss?uid=swg21999248>) | [Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Protection (CVE-2015-8325)](<http://www.ibm.com/support/docview.wss?uid=swg21999248>) | 2018-02-15 | 39 \n[2003045](<http://www.ibm.com/support/docview.wss?uid=swg22003045>) | [Security Bulletin: IBM Security Network Protection is affected by Vulnerabilities in GNU Bash](<http://www.ibm.com/support/docview.wss?uid=swg22003045>) | 2018-02-15 | 40 \n[2003046](<http://www.ibm.com/support/docview.wss?uid=swg22003046>) | [Security Bulletin: IBM Security Network Protection is affected by a vulnerability in coreutils (util-linux)](<http://www.ibm.com/support/docview.wss?uid=swg22003046>) | 2018-02-15 | 41 \n[2003341](<http://www.ibm.com/support/docview.wss?uid=swg22003341>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection ](<http://www.ibm.com/support/docview.wss?uid=swg22003341>) | 2018-02-15 | 42 \n[7049549](<http://www.ibm.com/support/docview.wss?uid=swg27049549>) | [IBM Infrastructure Security Support February 2017 Newsletter ](<http://www.ibm.com/support/docview.wss?uid=swg27049549>) | 2017-04-15 | 43 \n[2005379](<http://www.ibm.com/support/docview.wss?uid=swg22005379>) | [Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in glibc (CVE-2017-1000366)](<http://www.ibm.com/support/docview.wss?uid=swg22005379>) | 2018-02-15 | 44 \n[7050074](<http://www.ibm.com/support/docview.wss?uid=swg27050074>) | [IBM Infrastructure Security Support June 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050074>) | 2017-07-17 | 45 \n[1961717](<http://www.ibm.com/support/docview.wss?uid=swg21961717>) | [Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Network Protection (CVE-2015-4000) ](<http://www.ibm.com/support/docview.wss?uid=swg21961717>) | 2018-02-15 | 46 \n[1992187](<http://www.ibm.com/support/docview.wss?uid=swg21992187>) | [IBM QRadar Network Security XGS 5200/7100 fails to start](<http://www.ibm.com/support/docview.wss?uid=swg21992187>) | 2017-05-16 | 47 \n[7050656](<http://www.ibm.com/support/docview.wss?uid=swg27050656>) | [IBM Infrastructure Security Support November 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050656>) | 2017-12-18 | 48 \n[1984583](<http://www.ibm.com/support/docview.wss?uid=swg21984583>) | [Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21984583>) | 2018-02-15 | 49 \n[2000992](<http://www.ibm.com/support/docview.wss?uid=swg22000992>) | [Blocking tunneled packets in IBM QRadar Network Security XGS appliance](<http://www.ibm.com/support/docview.wss?uid=swg22000992>) | 2017-07-16 | 50 \n[2001907](<http://www.ibm.com/support/docview.wss?uid=swg22001907>) | [Security Bulletin: Vulnerabilities in GNU C library (glibc) affect IBM Security Network Protection ](<http://www.ibm.com/support/docview.wss?uid=swg22001907>) | 2018-02-15 | 51 \n[2003633](<http://www.ibm.com/support/docview.wss?uid=swg22003633>) | [Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in coreutils (util-linux)](<http://www.ibm.com/support/docview.wss?uid=swg22003633>) | 2018-02-15 | 52 \n[7049861](<http://www.ibm.com/support/docview.wss?uid=swg27049861>) | [IBM Infrastructure Security Support April 2017 Newsletter ](<http://www.ibm.com/support/docview.wss?uid=swg27049861>) | 2017-05-20 | 53 \n[7050269](<http://www.ibm.com/support/docview.wss?uid=swg27050269>) | [IBM Infrastructure Security Support August 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050269>) | 2017-09-18 | 54 \n[1961447](<http://www.ibm.com/support/docview.wss?uid=swg21961447>) | [Security Bulletin: Multiple vulnerabilities in IBM Java affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21961447>) | 2018-02-15 | 55 \n[1985122](<http://www.ibm.com/support/docview.wss?uid=swg21985122>) | [Security Bulletin: Multiple vulnerabilities in NTP affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21985122>) | 2018-02-15 | 56 \n[1985753](<http://www.ibm.com/support/docview.wss?uid=swg21985753>) | [Security Bulletin: Multiple vulnerabilities in file affect IBM Security Network Protection ](<http://www.ibm.com/support/docview.wss?uid=swg21985753>) | 2018-02-15 | 57 \n[1990083](<http://www.ibm.com/support/docview.wss?uid=swg21990083>) | [Security Bulletin: Vulnerabilities in busybox affect IBM Security Network Protection (CVE-2014-4607, and CVE-2014-9645 ) ](<http://www.ibm.com/support/docview.wss?uid=swg21990083>) | 2018-02-15 | 58 \n[1994071](<http://www.ibm.com/support/docview.wss?uid=swg21994071>) | [Security Bulletin: A vulnerability in GnuPG libgcrypt affects IBM Security Network Protection (CVE-2016-6313) ](<http://www.ibm.com/support/docview.wss?uid=swg21994071>) | 2018-02-15 | 59 \n[1997604](<http://www.ibm.com/support/docview.wss?uid=swg21997604>) | [Network interface module population changes on the XGS appliance are not reflected on the managing SiteProtector System](<http://www.ibm.com/support/docview.wss?uid=swg21997604>) | 2017-04-18 | 60 \n[1999246](<http://www.ibm.com/support/docview.wss?uid=swg21999246>) | [Security Bulletin: Multiple vulnerabilities in NTP affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21999246>) | 2018-02-15 | 61 \n[2001184](<http://www.ibm.com/support/docview.wss?uid=swg22001184>) | [Pressing and holding the power button does not shut down the IBM QRadar Network Security XGS 5200 appliance](<http://www.ibm.com/support/docview.wss?uid=swg22001184>) | 2017-06-19 | 62 \n[2002507](<http://www.ibm.com/support/docview.wss?uid=swg22002507>) | [Security Bulletin: A vulnerability has been discovered in 40-GbE network interface modules for the IBM Security Network Protection XGS 7100 appliance (CVE-2016-8106)](<http://www.ibm.com/support/docview.wss?uid=swg22002507>) | 2018-02-15 | 63 \n[7039297](<http://www.ibm.com/support/docview.wss?uid=swg27039297>) | [Network Protection documentation update: Setting up SSL inspection for the Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg27039297>) | 2017-08-09 | 64 \n[7049965](<http://www.ibm.com/support/docview.wss?uid=swg27049965>) | [IBM Infrastructure Security Support May 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27049965>) | 2017-06-27 | 65 \n[7050550](<http://www.ibm.com/support/docview.wss?uid=swg27050550>) | [IBM Infrastructure Security Support October 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050550>) | 2018-05-24 | 66 \n[1903520](<http://www.ibm.com/support/docview.wss?uid=swg21903520>) | [Microsoft Update fails when Outbound SSL inspection is enabled](<http://www.ibm.com/support/docview.wss?uid=swg21903520>) | 2018-05-01 | 67 \n[1961467](<http://www.ibm.com/support/docview.wss?uid=swg21961467>) | [Security Bulletin: Vulnerabilities in GNU glibc affect IBM Security Network Protection (CVE-2013-7423, and CVE-2015-1781) ](<http://www.ibm.com/support/docview.wss?uid=swg21961467>) | 2018-02-15 | 68 \n[1964040](<http://www.ibm.com/support/docview.wss?uid=swg21964040>) | [Known Issues for IBM Security Network Protection firmware update 5.3.1.3](<http://www.ibm.com/support/docview.wss?uid=swg21964040>) | 2017-07-17 | 69 \n[1984424](<http://www.ibm.com/support/docview.wss?uid=swg21984424>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21984424>) | 2018-02-15 | 70 \n[1986974](<http://www.ibm.com/support/docview.wss?uid=swg21986974>) | [Security Bulletin: Multiple vulnerabilities in libxml2 affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21986974>) | 2018-02-15 | 71 \n[1989336](<http://www.ibm.com/support/docview.wss?uid=swg21989336>) | [Security Bulletin: Multiple Denial of Service vulnerabilities with Expat might affect IBM HTTP Server used with IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21989336>) | 2018-02-15 | 72 \n[1995885](<http://www.ibm.com/support/docview.wss?uid=swg21995885>) | [5.3.1.11-XGS-All-Models-Hotfix-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21995885>) | 2017-04-14 | 73 \n[1999162](<http://www.ibm.com/support/docview.wss?uid=swg21999162>) | [Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Network Protection (CVE-2016-8610, and CVE-2017-3731)](<http://www.ibm.com/support/docview.wss?uid=swg21999162>) | 2018-02-15 | 74 \n[1999513](<http://www.ibm.com/support/docview.wss?uid=swg21999513>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21999513>) | 2018-02-15 | 75 \n[2002624](<http://www.ibm.com/support/docview.wss?uid=swg22002624>) | [Security Bulletin: A vulnerability has been discovered in 40-GbE network interface modules for the IBM QRadar Network Security XGS 7100 appliance (CVE-2016-8106)](<http://www.ibm.com/support/docview.wss?uid=swg22002624>) | 2018-02-15 | 76 \n[2011746](<http://www.ibm.com/support/docview.wss?uid=swg22011746>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel](<http://www.ibm.com/support/docview.wss?uid=swg22011746>) | 2018-05-01 | 77 \n[2011787](<http://www.ibm.com/support/docview.wss?uid=swg22011787>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg22011787>) | 2018-05-01 | 78 \n[2016549](<http://www.ibm.com/support/docview.wss?uid=swg22016549>) | [Security Bulletin: IBM Security Network Protection is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg22016549>) | 2018-06-03 | 79 \n[7049238](<http://www.ibm.com/support/docview.wss?uid=swg27049238>) | [IBM Infrastructure Security Support November 2016 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27049238>) | 2017-10-17 | 80 \n[7049645](<http://www.ibm.com/support/docview.wss?uid=swg27049645>) | [IBM Infrastructure Security Support March 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27049645>) | 2018-05-24 | 81 \n[7050420](<http://www.ibm.com/support/docview.wss?uid=swg27050420>) | [IBM Infrastructure Security Support September 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050420>) | 2018-01-15 | 82 \n[7050716](<http://www.ibm.com/support/docview.wss?uid=swg27050716>) | [IBM Infrastructure Security Support December 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050716>) | 2018-05-24 | 83 \n[7050809](<http://www.ibm.com/support/docview.wss?uid=swg27050809>) | [IBM Infrastructure Security Support January 2018 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050809>) | 2018-05-24 | 84 \n[7050900](<http://www.ibm.com/support/docview.wss?uid=swg27050900>) | [February 2018 Newsletter from Infrastructure Security Support ](<http://www.ibm.com/support/docview.wss?uid=swg27050900>) | 2018-05-24 | 85 \n[7050972](<http://www.ibm.com/support/docview.wss?uid=swg27050972>) | [March 2018 Newsletter from Infrastructure Security Support ](<http://www.ibm.com/support/docview.wss?uid=swg27050972>) | 2018-05-24 | 86 \n[7051105](<http://www.ibm.com/support/docview.wss?uid=swg27051105>) | [April 2018 Newsletter from Infrastructure Security Support ](<http://www.ibm.com/support/docview.wss?uid=swg27051105>) | 2018-05-25 | 87 \n \n\\+ Backups and Recovery\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1669579](<http://www.ibm.com/support/docview.wss?uid=swg21669579>) | [Creating snapshots and options on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21669579>) | 2018-05-01 | 1 \n[1974662](<http://www.ibm.com/support/docview.wss?uid=swg21974662>) | [Restoring a QRadar Network Security sensor to factory defaults settings](<http://www.ibm.com/support/docview.wss?uid=swg21974662>) | 2017-08-06 | 2 \n[1695898](<http://www.ibm.com/support/docview.wss?uid=swg21695898>) | [Reimaging the Security Network Protection (XGS) appliance using the PXE image](<http://www.ibm.com/support/docview.wss?uid=swg21695898>) | 2017-04-14 | 3 \n[1437385](<http://www.ibm.com/support/docview.wss?uid=swg21437385>) | [Accessing a recovery CD or DVD for a Proventia or IBM Security appliance](<http://www.ibm.com/support/docview.wss?uid=swg21437385>) | 2018-05-01 | 4 \n \n\\+ Bypass\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1882622](<http://www.ibm.com/support/docview.wss?uid=swg21882622>) | [Security Network Protection built-in bypass general information](<http://www.ibm.com/support/docview.wss?uid=swg21882622>) | 2018-05-01 | 1 \n[1695421](<http://www.ibm.com/support/docview.wss?uid=swg21695421>) | [Protection interfaces on Network Protection flapping in firmware 5.3.0.2 and earlier](<http://www.ibm.com/support/docview.wss?uid=swg21695421>) | 2018-01-29 | 2 \n[1988927](<http://www.ibm.com/support/docview.wss?uid=swg21988927>) | [Hardware bypass can cause port channel to go down on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21988927>) | 2017-09-26 | 3 \n \n\\+ Command Line Interface (CLI)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1984900](<http://www.ibm.com/support/docview.wss?uid=swg21984900>) | [Security Network Protection Command Line Interface (CLI) troubleshooting commands](<http://www.ibm.com/support/docview.wss?uid=swg21984900>) | 2018-05-01 | 1 \n[1883213](<http://www.ibm.com/support/docview.wss?uid=swg21883213>) | [Capturing network traffic on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21883213>) | 2017-10-30 | 2 \n[1903461](<http://www.ibm.com/support/docview.wss?uid=swg21903461>) | [Affected processes when restarting services from the CLI on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21903461>) | 2017-08-28 | 3 \n[7045931](<http://www.ibm.com/support/docview.wss?uid=swg27045931>) | [Open Mic Webcast: Making use of logs and captures on the XGS - Wednesday, 24 June 2015 [includes link to recording; presentation slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27045931>) | 2018-05-23 | 4 \n[1990297](<http://www.ibm.com/support/docview.wss?uid=swg21990297>) | [DPI reenabled after manually disabling it on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21990297>) | 2017-11-06 | 5 \n[1966577](<http://www.ibm.com/support/docview.wss?uid=swg21966577>) | [\"Command failure\" when checking interface status on Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21966577>) | 2017-04-14 | 6 \n[1970266](<http://www.ibm.com/support/docview.wss?uid=swg21970266>) | [System shutdown produces irq 16 error on XGS 7100 sensors](<http://www.ibm.com/support/docview.wss?uid=swg21970266>) | 2017-04-14 | 7 \n \n\\+ Documentation\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1974231](<http://www.ibm.com/support/docview.wss?uid=swg21974231>) | [Security Bulletin: CBC mode ciphers, weak MD5 and MAC algorithms vulnerabilities in OpenSSH affect IBM Security Network Protection (CVE-2008-5161) ](<http://www.ibm.com/support/docview.wss?uid=swg21974231>) | 2018-02-15 | 1 \n[1986450](<http://www.ibm.com/support/docview.wss?uid=swg21986450>) | [IBM Security Network Protection firmware update 5.3.3 release notes ](<http://www.ibm.com/support/docview.wss?uid=swg21986450>) | 2018-05-28 | 2 \n[1996724](<http://www.ibm.com/support/docview.wss?uid=swg21996724>) | [IBM Security Network Protection firmware update 5.3.3.2 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21996724>) | 2017-04-14 | 3 \n[1993418](<http://www.ibm.com/support/docview.wss?uid=swg21993418>) | [Stacking IBM Security Network Protection XGS Appliance 7100 ](<http://www.ibm.com/support/docview.wss?uid=swg21993418>) | 2017-07-12 | 4 \n[1984078](<http://www.ibm.com/support/docview.wss?uid=swg21984078>) | [IBM Security Network Protection firmware update 5.3.2.3 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21984078>) | 2017-05-10 | 5 \n[1687204](<http://www.ibm.com/support/docview.wss?uid=swg21687204>) | [IBM Security Network Protection 5.3 Web Services API](<http://www.ibm.com/support/docview.wss?uid=swg21687204>) | 2017-10-16 | 6 \n[1993057](<http://www.ibm.com/support/docview.wss?uid=swg21993057>) | [IBM Security Network Protection firmware update 5.3.3.1 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21993057>) | 2017-04-14 | 7 \n[1986529](<http://www.ibm.com/support/docview.wss?uid=swg21986529>) | [IBM Security Network Protection XGS Appliance Machine Code Updates for the firmware update 5.3.3.](<http://www.ibm.com/support/docview.wss?uid=swg21986529>) | 2018-05-27 | 8 \n[1968171](<http://www.ibm.com/support/docview.wss?uid=swg21968171>) | [IBM Security Network Protection firmware update 5.3.2 release notes](<http://www.ibm.com/support/docview.wss?uid=swg21968171>) | 2017-04-14 | 9 \n[1997036](<http://www.ibm.com/support/docview.wss?uid=swg21997036>) | [Optimizing packet processing for an IBM Security Network Protection XGS 7100 appliance with network interface module (NIM) bays partially populated](<http://www.ibm.com/support/docview.wss?uid=swg21997036>) | 2017-04-14 | 10 \n[1902372](<http://www.ibm.com/support/docview.wss?uid=swg21902372>) | [Using the Infrastructure Security support forum in dW Answers](<http://www.ibm.com/support/docview.wss?uid=swg21902372>) | 2018-05-01 | 11 \n[1996693](<http://www.ibm.com/support/docview.wss?uid=swg21996693>) | [Blocking HTTPS websites using domain category objects on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21996693>) | 2018-05-23 | 12 \n[1996771](<http://www.ibm.com/support/docview.wss?uid=swg21996771>) | [IBM Security Network Protection firmware update 5.3.2.6 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21996771>) | 2017-04-14 | 13 \n[1988993](<http://www.ibm.com/support/docview.wss?uid=swg21988993>) | [IBM Security Network Protection firmware update 5.3.2.4 Readme ](<http://www.ibm.com/support/docview.wss?uid=swg21988993>) | 2017-04-14 | 14 \n[1993417](<http://www.ibm.com/support/docview.wss?uid=swg21993417>) | [Configuring IBM Security Network Protection 5.3.3.1 to use flow data collector mode](<http://www.ibm.com/support/docview.wss?uid=swg21993417>) | 2017-04-14 | 15 \n[1694966](<http://www.ibm.com/support/docview.wss?uid=swg21694966>) | [IBM Security Network Protection 5.3.1 Web Services API](<http://www.ibm.com/support/docview.wss?uid=swg21694966>) | 2017-06-27 | 16 \n[1968449](<http://www.ibm.com/support/docview.wss?uid=swg21968449>) | [IBM Security Network Protection firmware update 5.3.1.5 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21968449>) | 2017-04-14 | 17 \n[1978185](<http://www.ibm.com/support/docview.wss?uid=swg21978185>) | [IBM Security Network Protection firmware update 5.3.2.2 Readme ](<http://www.ibm.com/support/docview.wss?uid=swg21978185>) | 2017-04-14 | 18 \n[1974242](<http://www.ibm.com/support/docview.wss?uid=swg21974242>) | [Security Bulletin: A vulnerability in the GSKit component of IBM Security Network Protection Why (CVE-2016-0201)](<http://www.ibm.com/support/docview.wss?uid=swg21974242>) | 2017-04-14 | 19 \n[1993327](<http://www.ibm.com/support/docview.wss?uid=swg21993327>) | [IBM Security Network Protection firmware update 5.3.2.5 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21993327>) | 2017-04-14 | 20 \n[1971777](<http://www.ibm.com/support/docview.wss?uid=swg21971777>) | [Automated Service and Support on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21971777>) | 2017-04-14 | 21 \n[1986088](<http://www.ibm.com/support/docview.wss?uid=swg21986088>) | [Configuring Address objects for the Management Access Policy on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21986088>) | 2017-08-24 | 22 \n[1997651](<http://www.ibm.com/support/docview.wss?uid=swg21997651>) | [Configuring Remote Syslog over TLS for IBM Security Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21997651>) | 2018-01-08 | 23 \n[1688361](<http://www.ibm.com/support/docview.wss?uid=swg21688361>) | [Understanding the term User Overridden in regard to security event configurations on GX and XGS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21688361>) | 2018-05-01 | 24 \n[1971601](<http://www.ibm.com/support/docview.wss?uid=swg21971601>) | [IBM Security Network Protection firmware update 5.3.1.6 Readme ](<http://www.ibm.com/support/docview.wss?uid=swg21971601>) | 2017-10-17 | 25 \n[1974524](<http://www.ibm.com/support/docview.wss?uid=swg21974524>) | [IBM Security Network Protection firmware update 5.3.1.7 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21974524>) | 2017-04-14 | 26 \n[1975225](<http://www.ibm.com/support/docview.wss?uid=swg21975225>) | [Security Bulletin: Multiple vulnerabilities in Libxml2 affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21975225>) | 2017-04-14 | 27 \n[1989026](<http://www.ibm.com/support/docview.wss?uid=swg21989026>) | [IBM Security Network Protection firmware update 5.3.1.10 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21989026>) | 2017-04-14 | 28 \n[2003106](<http://www.ibm.com/support/docview.wss?uid=swg22003106>) | [Reduce link propagation duration on IBM QRadar Network Security (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg22003106>) | 2017-09-13 | 29 \n[1683071](<http://www.ibm.com/support/docview.wss?uid=swg21683071>) | [Security Network Protection Appliance (XGS) stuck in debug mode](<http://www.ibm.com/support/docview.wss?uid=swg21683071>) | 2018-05-01 | 30 \n[1977808](<http://www.ibm.com/support/docview.wss?uid=swg21977808>) | [IBM Security Network Protection 5.3.3 Web Services API](<http://www.ibm.com/support/docview.wss?uid=swg21977808>) | 2018-05-01 | 31 \n[1990337](<http://www.ibm.com/support/docview.wss?uid=swg21990337>) | [Using RESTful API to modify policies on the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21990337>) | 2017-04-14 | 32 \n[1993329](<http://www.ibm.com/support/docview.wss?uid=swg21993329>) | [IBM Security Network Protection firmware update 5.3.1.11 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21993329>) | 2017-04-14 | 33 \n[1966695](<http://www.ibm.com/support/docview.wss?uid=swg21966695>) | [Security Bulletin: A vulnerability in net-snmp affects IBM Security Network Protection (CVE-2015-5621) ](<http://www.ibm.com/support/docview.wss?uid=swg21966695>) | 2017-04-14 | 34 \n[1966972](<http://www.ibm.com/support/docview.wss?uid=swg21966972>) | [Security Bulletin: Vulnerabilities in curl affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21966972>) | 2017-04-14 | 35 \n[1977281](<http://www.ibm.com/support/docview.wss?uid=swg21977281>) | [Security Bulletin: GNU C library (glibc) vulnerability affects IBM Security Network Protection (CVE-2015-7547)](<http://www.ibm.com/support/docview.wss?uid=swg21977281>) | 2017-04-14 | 36 \n[1692722](<http://www.ibm.com/support/docview.wss?uid=swg21692722>) | [Requirement for managing the IBM Security Network Protection appliance in a NAT environment using the IBM Security SiteProtector system](<http://www.ibm.com/support/docview.wss?uid=swg21692722>) | 2017-04-14 | 37 \n[1996773](<http://www.ibm.com/support/docview.wss?uid=swg21996773>) | [IBM Security Network Protection firmware update 5.3.1.12 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21996773>) | 2017-04-14 | 38 \n[2004898](<http://www.ibm.com/support/docview.wss?uid=swg22004898>) | [SNMP interface name association on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22004898>) | 2017-10-02 | 39 \n[1965877](<http://www.ibm.com/support/docview.wss?uid=swg21965877>) | [Security Bulletin: A vulnerability in net-snmp affects IBM Security Network Protection (CVE-2014-3565) ](<http://www.ibm.com/support/docview.wss?uid=swg21965877>) | 2017-04-14 | 40 \n[1967057](<http://www.ibm.com/support/docview.wss?uid=swg21967057>) | [Security Bulletin: Vulnerabilities in IBM HTTP Server affect IBM Security Network Protection (CVE-2015-3183, and CVE-2015-1283)](<http://www.ibm.com/support/docview.wss?uid=swg21967057>) | 2017-04-14 | 41 \n[1978181](<http://www.ibm.com/support/docview.wss?uid=swg21978181>) | [IBM Security Network Protection firmware update 5.3.1.8 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21978181>) | 2017-04-14 | 42 \n[1978438](<http://www.ibm.com/support/docview.wss?uid=swg21978438>) | [Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21978438>) | 2017-04-14 | 43 \n[1662537](<http://www.ibm.com/support/docview.wss?uid=swg21662537>) | [Fingerprint USB flash drives are unable to reimage an XGS appliance](<http://www.ibm.com/support/docview.wss?uid=swg21662537>) | 2017-04-14 | 44 \n[1665106](<http://www.ibm.com/support/docview.wss?uid=swg21665106>) | [5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0002 ](<http://www.ibm.com/support/docview.wss?uid=swg21665106>) | 2017-04-14 | 45 \n[1964539](<http://www.ibm.com/support/docview.wss?uid=swg21964539>) | [Security Bulletin: Vulnerabilities in libuser affect IBM Security Network Protection (CVE-2015-3245, CVE-2015-3246) ](<http://www.ibm.com/support/docview.wss?uid=swg21964539>) | 2017-04-14 | 46 \n[1966578](<http://www.ibm.com/support/docview.wss?uid=swg21966578>) | [Security Bulletin: Vulnerabilities in NTP affect IBM Security Network Protection (CVE-2015-1798, CVE-2015-1799, and CVE-2015-3405) ](<http://www.ibm.com/support/docview.wss?uid=swg21966578>) | 2017-04-14 | 47 \n[1967169](<http://www.ibm.com/support/docview.wss?uid=swg21967169>) | [Security Bulletin: A vulnerability in GNU glibc affects IBM Security Network Protection (CVE-2014-8121) ](<http://www.ibm.com/support/docview.wss?uid=swg21967169>) | 2017-04-14 | 48 \n[1969664](<http://www.ibm.com/support/docview.wss?uid=swg21969664>) | [Security Bulletin: A vulnerability in Libxml affects IBM Security Network Protection (CVE-2015-1819) ](<http://www.ibm.com/support/docview.wss?uid=swg21969664>) | 2017-04-14 | 49 \n[1972209](<http://www.ibm.com/support/docview.wss?uid=swg21972209>) | [Security Bulletin: Vulnerabilities in GNU grep utility affect IBM Security Network Protection (CVE-2012-5667, and CVE-2015-1345) ](<http://www.ibm.com/support/docview.wss?uid=swg21972209>) | 2017-04-14 | 50 \n[1972382](<http://www.ibm.com/support/docview.wss?uid=swg21972382>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21972382>) | 2017-04-14 | 51 \n[1974423](<http://www.ibm.com/support/docview.wss?uid=swg21974423>) | [5.3.1.6-ISS-XGS-All-Models-Hotfix-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21974423>) | 2017-12-11 | 52 \n[1974550](<http://www.ibm.com/support/docview.wss?uid=swg21974550>) | [Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Network Protection (CVE-2015-3194, CVE-2015-3195, and CVE-2015-3196) ](<http://www.ibm.com/support/docview.wss?uid=swg21974550>) | 2017-04-14 | 53 \n[1974989](<http://www.ibm.com/support/docview.wss?uid=swg21974989>) | [Security Bulletin: A vulnerability in SQLite affects IBM Security Network Protection (CVE-2015-3416) ](<http://www.ibm.com/support/docview.wss?uid=swg21974989>) | 2017-04-14 | 54 \n[1975835](<http://www.ibm.com/support/docview.wss?uid=swg21975835>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21975835>) | 2017-04-14 | 55 \n[1979393](<http://www.ibm.com/support/docview.wss?uid=swg21979393>) | [Security Bulletin: Vulnerabilities in NTP affect IBM Security Network Protection (CVE-2015-5300, CVE-2015-7704, and CVE-2015-8138)](<http://www.ibm.com/support/docview.wss?uid=swg21979393>) | 2017-04-14 | 56 \n[1984069](<http://www.ibm.com/support/docview.wss?uid=swg21984069>) | [IBM Security Network Protection firmware update 5.3.1.9 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21984069>) | 2017-05-09 | 57 \n[1993419](<http://www.ibm.com/support/docview.wss?uid=swg21993419>) | [Configuring logon session limit for IBM Security Network Protection 5.3.3.1](<http://www.ibm.com/support/docview.wss?uid=swg21993419>) | 2017-04-14 | 58 \n \n\\+ Firmware\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1688434](<http://www.ibm.com/support/docview.wss?uid=swg21688434>) | [Generating a support file on the IBM Security Network Protection appliance (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21688434>) | 2017-04-14 | 1 \n[1883739](<http://www.ibm.com/support/docview.wss?uid=swg21883739>) | [SNMP OID list for IBM Security Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21883739>) | 2018-05-01 | 2 \n[1685000](<http://www.ibm.com/support/docview.wss?uid=swg21685000>) | [IBM Security Network Protection (XGS) appliance reimage instructions using the USB device](<http://www.ibm.com/support/docview.wss?uid=swg21685000>) | 2017-04-14 | 3 \n[2010780](<http://www.ibm.com/support/docview.wss?uid=swg22010780>) | [IBM QRadar Network Security firmware update 5.4.0.3 readme](<http://www.ibm.com/support/docview.wss?uid=swg22010780>) | 2017-12-13 | 4 \n[2007210](<http://www.ibm.com/support/docview.wss?uid=swg22007210>) | [IBM QRadar Network Security firmware update 5.4.0.2 readme](<http://www.ibm.com/support/docview.wss?uid=swg22007210>) | 2017-12-05 | 5 \n[1959896](<http://www.ibm.com/support/docview.wss?uid=swg21959896>) | [Migrate policies before running Security Network Protection firmware updates](<http://www.ibm.com/support/docview.wss?uid=swg21959896>) | 2018-01-29 | 6 \n[2002664](<http://www.ibm.com/support/docview.wss?uid=swg22002664>) | [IBM QRadar Network Security firmware update 5.4.0.1 readme](<http://www.ibm.com/support/docview.wss?uid=swg22002664>) | 2017-12-05 | 7 \n[2010783](<http://www.ibm.com/support/docview.wss?uid=swg22010783>) | [IBM Security Network Protection firmware update 5.3.3.5 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22010783>) | 2017-12-13 | 8 \n[2002662](<http://www.ibm.com/support/docview.wss?uid=swg22002662>) | [IBM Security Network Protection firmware update 5.3.3.3 Readme ](<http://www.ibm.com/support/docview.wss?uid=swg22002662>) | 2017-06-19 | 9 \n[2007211](<http://www.ibm.com/support/docview.wss?uid=swg22007211>) | [IBM Security Network Protection firmware update 5.3.3.4 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22007211>) | 2017-09-28 | 10 \n[1681609](<http://www.ibm.com/support/docview.wss?uid=swg21681609>) | [Mapping SiteProtector IBM QRadar Network Security IQNS (XGS) policy names to local appliance XML files](<http://www.ibm.com/support/docview.wss?uid=swg21681609>) | 2018-05-01 | 11 \n[2010784](<http://www.ibm.com/support/docview.wss?uid=swg22010784>) | [IBM Security Network Protection firmware update 5.3.1.15 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22010784>) | 2017-12-13 | 12 \n[1691157](<http://www.ibm.com/support/docview.wss?uid=swg21691157>) | [Security Network protection (XGS) Shared Object policies that are replaced after upgrade DBSP 3.1.1.2 and 3.1.1.3](<http://www.ibm.com/support/docview.wss?uid=swg21691157>) | 2018-05-01 | 13 \n[1964460](<http://www.ibm.com/support/docview.wss?uid=swg21964460>) | [IBM Security Network Protection Firmware Version 5.3.1.3 Release Notes](<http://www.ibm.com/support/docview.wss?uid=swg21964460>) | 2017-08-24 | 14 \n[1961419](<http://www.ibm.com/support/docview.wss?uid=swg21961419>) | [IBM Security Network Protection Firmware Version 5.3.1.2 Release Notes](<http://www.ibm.com/support/docview.wss?uid=swg21961419>) | 2017-10-16 | 15 \n[1990406](<http://www.ibm.com/support/docview.wss?uid=swg21990406>) | [Upgrade to IBM Security Network Protection (XGS) Firmware version 5.3.3 fails and causes the appliance un-configured.](<http://www.ibm.com/support/docview.wss?uid=swg21990406>) | 2017-04-14 | 16 \n[2007212](<http://www.ibm.com/support/docview.wss?uid=swg22007212>) | [IBM Security Network Protection firmware update 5.3.1.14 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22007212>) | 2017-09-28 | 17 \n[1902801](<http://www.ibm.com/support/docview.wss?uid=swg21902801>) | [IBM Infrastructure Security versioning information](<http://www.ibm.com/support/docview.wss?uid=swg21902801>) | 2017-08-24 | 18 \n[1961660](<http://www.ibm.com/support/docview.wss?uid=swg21961660>) | [Security Bulletin: Vulnerabilities in unzip affect IBM Security Network Protection (CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, and CVE-2014-9636 ) ](<http://www.ibm.com/support/docview.wss?uid=swg21961660>) | 2018-02-15 | 19 \n[7047165](<http://www.ibm.com/support/docview.wss?uid=swg27047165>) | [Open Mic Webcast: What is new in the XGS v5.3.2 firmware release? - 9 December 2015 [includes link to replay] [presentation is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27047165>) | 2017-04-15 | 20 \n[1691283](<http://www.ibm.com/support/docview.wss?uid=swg21691283>) | [Missing SiteProtector Management page after updating to 5.3 firmware](<http://www.ibm.com/support/docview.wss?uid=swg21691283>) | 2018-05-01 | 21 \n[1961670](<http://www.ibm.com/support/docview.wss?uid=swg21961670>) | [Security Bulletin: Vulnerabilities in Kerberos (krb5) affect IBM Security Network Protection (CVE-2014-5352, CVE-2014-5353, CVE-2014-5355, CVE-2014-9421, and CVE-2014-9422) ](<http://www.ibm.com/support/docview.wss?uid=swg21961670>) | 2018-02-15 | 22 \n[7048510](<http://www.ibm.com/support/docview.wss?uid=swg27048510>) | [Open Mic Webcast: About the XGS 5.3.3 firmware release - 25 August 2016 [includes link to replay] [presentation is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27048510>) | 2017-04-15 | 23 \n[1957677](<http://www.ibm.com/support/docview.wss?uid=swg21957677>) | [Upgrading multiple firmware versions at one time on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21957677>) | 2017-08-09 | 24 \n[1959774](<http://www.ibm.com/support/docview.wss?uid=swg21959774>) | [IBM Security Network Protection Firmware Version 5.3.1.1 Release Notes](<http://www.ibm.com/support/docview.wss?uid=swg21959774>) | 2018-05-01 | 25 \n[1961454](<http://www.ibm.com/support/docview.wss?uid=swg21961454>) | [Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21961454>) | 2018-02-15 | 26 \n[1965761](<http://www.ibm.com/support/docview.wss?uid=swg21965761>) | [Network Protection Firmware Version 5.3.1.4 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21965761>) | 2017-08-24 | 27 \n[1989974](<http://www.ibm.com/support/docview.wss?uid=swg21989974>) | [Unconfigured state after upgrading from 5.2 or 5.3.0.x to 5.3.3 on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21989974>) | 2017-10-02 | 28 \n[2002663](<http://www.ibm.com/support/docview.wss?uid=swg22002663>) | [IBM Security Network Protection firmware update 5.3.1.13 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22002663>) | 2017-06-19 | 29 \n[2014163](<http://www.ibm.com/support/docview.wss?uid=swg22014163>) | [IBM Security Network Protection firmware update 5.3.1.16 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22014163>) | 2018-05-01 | 30 \n[2014164](<http://www.ibm.com/support/docview.wss?uid=swg22014164>) | [IBM Security Network Protection firmware update 5.3.3.6 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22014164>) | 2018-05-01 | 31 \n[2014165](<http://www.ibm.com/support/docview.wss?uid=swg22014165>) | [IBM QRadar Network Security firmware update 5.4.0.4 readme](<http://www.ibm.com/support/docview.wss?uid=swg22014165>) | 2018-05-01 | 32 \n[2015856](<http://www.ibm.com/support/docview.wss?uid=swg22015856>) | [End of support (EOS) announcement: IBM Security Network Protection (XGS) firmware versions 5.3.1 and 5.3.3](<http://www.ibm.com/support/docview.wss?uid=swg22015856>) | 2018-05-13 | 33 \n \n\\+ Fix Packs\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1696498](<http://www.ibm.com/support/docview.wss?uid=swg21696498>) | [5.3.0.4-ISS-XGS-All-Models-Hotfix-FP0001](<http://www.ibm.com/support/docview.wss?uid=swg21696498>) | 2017-04-14 | 1 \n \n\\+ General Information\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1644709](<http://www.ibm.com/support/docview.wss?uid=swg21644709>) | [IBM Security Network Protection XGS Appliance Support Lifecycle](<http://www.ibm.com/support/docview.wss?uid=swg21644709>) | 2018-05-15 | 1 \n[1993939](<http://www.ibm.com/support/docview.wss?uid=swg21993939>) | [IBM Qradar Network Security (IQNS) is Unhealthy in SiteProtector, with health check message: \"Management Certificate Authorities Status\"](<http://www.ibm.com/support/docview.wss?uid=swg21993939>) | 2018-05-01 | 2 \n[1994106](<http://www.ibm.com/support/docview.wss?uid=swg21994106>) | [Error: \"BUG: soft lockup - CPU#1 stuck for 67s!\" on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21994106>) | 2018-05-23 | 3 \n[1662575](<http://www.ibm.com/support/docview.wss?uid=swg21662575>) | [Configuring the IBM Security Network Protection (XGS) remote syslog to send events to QRadar SIEM](<http://www.ibm.com/support/docview.wss?uid=swg21662575>) | 2017-04-14 | 4 \n[1970829](<http://www.ibm.com/support/docview.wss?uid=swg21970829>) | [Call home server IP addresses for automated Service and Support requests](<http://www.ibm.com/support/docview.wss?uid=swg21970829>) | 2017-10-06 | 5 \n[7050516](<http://www.ibm.com/support/docview.wss?uid=swg27050516>) | [Open Mic Webcast: Frequently asked How-to questions for XGS - Thursday, 7 December 2017 (Includes link to replay; presentation is attached)](<http://www.ibm.com/support/docview.wss?uid=swg27050516>) | 2017-12-14 | 6 \n[1683796](<http://www.ibm.com/support/docview.wss?uid=swg21683796>) | [Configuring the management IP on the QRadar Network Security (XGS) appliance via serial console](<http://www.ibm.com/support/docview.wss?uid=swg21683796>) | 2018-05-01 | 7 \n[1639239](<http://www.ibm.com/support/docview.wss?uid=swg21639239>) | [ISS.mib file download](<http://www.ibm.com/support/docview.wss?uid=swg21639239>) | 2017-08-24 | 8 \n[1980543](<http://www.ibm.com/support/docview.wss?uid=swg21980543>) | [Checking the health of Security Network Protection and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21980543>) | 2018-05-29 | 9 \n[1969670](<http://www.ibm.com/support/docview.wss?uid=swg21969670>) | [Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Protection (CVE-2015-5600) ](<http://www.ibm.com/support/docview.wss?uid=swg21969670>) | 2017-04-14 | 10 \n[1608008](<http://www.ibm.com/support/docview.wss?uid=swg21608008>) | [IBM Security Network Protection XGS 5000 Appliance Support Lifecycle](<http://www.ibm.com/support/docview.wss?uid=swg21608008>) | 2018-05-01 | 11 \n[1983893](<http://www.ibm.com/support/docview.wss?uid=swg21983893>) | [XFF header configuration on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21983893>) | 2018-06-01 | 12 \n[1690064](<http://www.ibm.com/support/docview.wss?uid=swg21690064>) | [The Security Network Protection appliance Certificate Authority expires soon](<http://www.ibm.com/support/docview.wss?uid=swg21690064>) | 2018-05-01 | 13 \n[1687475](<http://www.ibm.com/support/docview.wss?uid=swg21687475>) | [Some XGS events are being allowed after setting the Block response](<http://www.ibm.com/support/docview.wss?uid=swg21687475>) | 2017-09-04 | 14 \n[1972163](<http://www.ibm.com/support/docview.wss?uid=swg21972163>) | [Security Network Protection (XGS) is in Offline status but events are seen in the SiteProtector Console](<http://www.ibm.com/support/docview.wss?uid=swg21972163>) | 2017-04-14 | 15 \n[1715537](<http://www.ibm.com/support/docview.wss?uid=swg21715537>) | [Known issues for IBM Security Network Protection version 5.3.1](<http://www.ibm.com/support/docview.wss?uid=swg21715537>) | 2018-05-04 | 16 \n[1667625](<http://www.ibm.com/support/docview.wss?uid=swg21667625>) | [Packet flow through the Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21667625>) | 2018-05-01 | 17 \n[1973893](<http://www.ibm.com/support/docview.wss?uid=swg21973893>) | [Resolving \"certificate is invalid\" errors between SiteProtector and Security Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21973893>) | 2017-04-14 | 18 \n[1981483](<http://www.ibm.com/support/docview.wss?uid=swg21981483>) | [Resetting admin account credentials on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21981483>) | 2017-08-02 | 19 \n[1972077](<http://www.ibm.com/support/docview.wss?uid=swg21972077>) | [Registering a Security Network Protection appliance to SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21972077>) | 2017-04-14 | 20 \n[1980541](<http://www.ibm.com/support/docview.wss?uid=swg21980541>) | [Create alerts based on specific Security Network Protection (XGS) system alerts](<http://www.ibm.com/support/docview.wss?uid=swg21980541>) | 2017-04-14 | 21 \n[1981030](<http://www.ibm.com/support/docview.wss?uid=swg21981030>) | [OpenSignature setup and rule creation for IBM Security Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21981030>) | 2017-04-14 | 22 \n[2001013](<http://www.ibm.com/support/docview.wss?uid=swg22001013>) | [How to verify if FIPS mode is enabled on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22001013>) | 2018-05-01 | 23 \n[1983883](<http://www.ibm.com/support/docview.wss?uid=swg21983883>) | [Changing the hostname and agent name of a Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21983883>) | 2017-08-09 | 24 \n[7046863](<http://www.ibm.com/support/docview.wss?uid=swg27046863>) | [Open Mic Webcast: XGS High Availability and Bypass - 28 October 2015 [presentation is attached; includes link to replay]](<http://www.ibm.com/support/docview.wss?uid=swg27046863>) | 2017-04-15 | 25 \n[1968313](<http://www.ibm.com/support/docview.wss?uid=swg21968313>) | [Unable to open or edit Security Network Protection (XGS) policies from SiteProtector Console.](<http://www.ibm.com/support/docview.wss?uid=swg21968313>) | 2017-09-04 | 26 \n[7046480](<http://www.ibm.com/support/docview.wss?uid=swg27046480>) | [Open Mic Webcast: Configuring OpenSignature (SNORT) on XGS - 23 September 2015 [presentation slides are attached; includes link to replay]](<http://www.ibm.com/support/docview.wss?uid=swg27046480>) | 2017-04-15 | 27 \n[1695933](<http://www.ibm.com/support/docview.wss?uid=swg21695933>) | [Determining the hostname, MAC, and IP address of a QRadar Network Security appliance from a support file](<http://www.ibm.com/support/docview.wss?uid=swg21695933>) | 2018-05-23 | 28 \n[1982555](<http://www.ibm.com/support/docview.wss?uid=swg21982555>) | [Network Time Policy (NTP) cannot be modified](<http://www.ibm.com/support/docview.wss?uid=swg21982555>) | 2018-05-01 | 29 \n[1995795](<http://www.ibm.com/support/docview.wss?uid=swg21995795>) | [Replacing the self-signed certificate on Security Network Protection appliances](<http://www.ibm.com/support/docview.wss?uid=swg21995795>) | 2018-03-05 | 30 \n[1974447](<http://www.ibm.com/support/docview.wss?uid=swg21974447>) | [Exporting a previous policy version for QRadar Network Security in SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21974447>) | 2018-02-25 | 31 \n[1981482](<http://www.ibm.com/support/docview.wss?uid=swg21981482>) | [Hardening the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21981482>) | 2018-05-21 | 32 \n[2008040](<http://www.ibm.com/support/docview.wss?uid=swg22008040>) | [Support for defanged IP addresses and URLs on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22008040>) | 2017-09-13 | 33 \n[2003988](<http://www.ibm.com/support/docview.wss?uid=swg22003988>) | [Troubleshooting and tuning the Malware Analysis feature in QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22003988>) | 2018-05-28 | 34 \n[2011003](<http://www.ibm.com/support/docview.wss?uid=swg22011003>) | [Verifying that NTP is working on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22011003>) | 2018-05-01 | 35 \n[1984940](<http://www.ibm.com/support/docview.wss?uid=swg21984940>) | [The number of concurrent sessions of IBM Security Network Protection differs from that on the data sheet.](<http://www.ibm.com/support/docview.wss?uid=swg21984940>) | 2017-05-24 | 36 \n[2010544](<http://www.ibm.com/support/docview.wss?uid=swg22010544>) | [Error: \"anyAddress: required field is null\" when saving a Host Address object for QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22010544>) | 2017-12-13 | 37 \n[1970499](<http://www.ibm.com/support/docview.wss?uid=swg21970499>) | [QRadar Network Security is Unhealthy in SiteProtector due to disconnected monitoring interfaces](<http://www.ibm.com/support/docview.wss?uid=swg21970499>) | 2017-09-26 | 38 \n[1977762](<http://www.ibm.com/support/docview.wss?uid=swg21977762>) | [Inspecting IPv6 traffic that uses the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21977762>) | 2018-05-01 | 39 \n[2002825](<http://www.ibm.com/support/docview.wss?uid=swg22002825>) | [Troubleshooting email responses not working on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22002825>) | 2018-05-01 | 40 \n[7049119](<http://www.ibm.com/support/docview.wss?uid=swg27049119>) | [Open Mic Webcast: XGS version 5.3.3.1 - Wednesday, December 14, 2016 (Includes link to replay and corrected slide deck)](<http://www.ibm.com/support/docview.wss?uid=swg27049119>) | 2017-04-15 | 41 \n[1959895](<http://www.ibm.com/support/docview.wss?uid=swg21959895>) | [Locating CVE-related bulletins for your Infrastructure Security product](<http://www.ibm.com/support/docview.wss?uid=swg21959895>) | 2017-08-24 | 42 \n[1994079](<http://www.ibm.com/support/docview.wss?uid=swg21994079>) | [ISNP/IQNS (XGS) Open Mic Presentation Index ](<http://www.ibm.com/support/docview.wss?uid=swg21994079>) | 2017-06-05 | 43 \n[7048201](<http://www.ibm.com/support/docview.wss?uid=swg27048201>) | [Open Mic Webcast: A new vulnerability has been discovered - How do I protect my network using IBM Network Security Protection? Thursday, 30 June 2016 [Includes link to replay. Presentation is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27048201>) | 2017-04-15 | 44 \n[1688889](<http://www.ibm.com/support/docview.wss?uid=swg21688889>) | [XGS reports an event matching a non-existent rule in the Network Access Policy ](<http://www.ibm.com/support/docview.wss?uid=swg21688889>) | 2017-08-04 | 45 \n[1690336](<http://www.ibm.com/support/docview.wss?uid=swg21690336>) | [Migrate XGS policies before running 5.3 firmware update](<http://www.ibm.com/support/docview.wss?uid=swg21690336>) | 2017-09-04 | 46 \n[1967068](<http://www.ibm.com/support/docview.wss?uid=swg21967068>) | [\"Verifying checksums...\" displayed on the LCD of the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21967068>) | 2017-10-17 | 47 \n[1996658](<http://www.ibm.com/support/docview.wss?uid=swg21996658>) | [IBM Security Network Protection (XGS) generated support file has 0 Kb file size](<http://www.ibm.com/support/docview.wss?uid=swg21996658>) | 2018-05-01 | 48 \n[7048226](<http://www.ibm.com/support/docview.wss?uid=swg27048226>) | [IBM Support Open Mic Replay: Ask the InfraStructure Security Experts - 27 July 2016 [OpenSignature presentation is attached] ](<http://www.ibm.com/support/docview.wss?uid=swg27048226>) | 2017-04-15 | 49 \n[1645456](<http://www.ibm.com/support/docview.wss?uid=swg21645456>) | [Must exclude protection interface IP address from proxy configuration for IBM Security Network Protection appliances placed between users and proxy servers](<http://www.ibm.com/support/docview.wss?uid=swg21645456>) | 2017-04-14 | 50 \n[1685118](<http://www.ibm.com/support/docview.wss?uid=swg21685118>) | [Issues with Firefox version 31.x and 32.x and outbound SSL inspection using the IBM Security Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21685118>) | 2017-08-29 | 51 \n[1697063](<http://www.ibm.com/support/docview.wss?uid=swg21697063>) | [Fixes included in 5.3.0.4-ISS-XGS-All-Models-Hotfix-FP0002 ](<http://www.ibm.com/support/docview.wss?uid=swg21697063>) | 2017-04-14 | 52 \n[1701033](<http://www.ibm.com/support/docview.wss?uid=swg21701033>) | [SNMP traffic lists protection interface address as source IP address](<http://www.ibm.com/support/docview.wss?uid=swg21701033>) | 2017-04-14 | 53 \n[1884020](<http://www.ibm.com/support/docview.wss?uid=swg21884020>) | [SiteProtector System does not display correct IP address for Network Security appliance in NAT environment](<http://www.ibm.com/support/docview.wss?uid=swg21884020>) | 2017-04-14 | 54 \n[1993269](<http://www.ibm.com/support/docview.wss?uid=swg21993269>) | [Firewall rules necessary to ensure X-Force Exchange site access](<http://www.ibm.com/support/docview.wss?uid=swg21993269>) | 2017-04-14 | 55 \n[1993349](<http://www.ibm.com/support/docview.wss?uid=swg21993349>) | [Impact of the 2016-12-31 leap second IBM Security Infrastructure products](<http://www.ibm.com/support/docview.wss?uid=swg21993349>) | 2018-05-23 | 56 \n[2002060](<http://www.ibm.com/support/docview.wss?uid=swg22002060>) | [ISNP/IQNS (XGS) YouTube Video Index](<http://www.ibm.com/support/docview.wss?uid=swg22002060>) | 2017-07-05 | 57 \n[7046993](<http://www.ibm.com/support/docview.wss?uid=swg27046993>) | [Open Mic Webcast: So I just deployed the IBM Security Network Protection Appliance - what do I do next? 18 November 2015 [Includes link to replay] [Slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27046993>) | 2017-06-05 | 58 \n[1599354](<http://www.ibm.com/support/docview.wss?uid=swg21599354>) | [Security Systems My Notifications subscription instructions](<http://www.ibm.com/support/docview.wss?uid=swg21599354>) | 2017-04-14 | 59 \n[1655377](<http://www.ibm.com/support/docview.wss?uid=swg21655377>) | [Security Bulletin: Security Network Protection is affected by a cross-site scripting vulnerability (CVE-2013-5442)](<http://www.ibm.com/support/docview.wss?uid=swg21655377>) | 2018-02-15 | 60 \n[1667602](<http://www.ibm.com/support/docview.wss?uid=swg21667602>) | [Encryption used by the Network Protection (XGS) when communicating with ibmxpu.flexnetoperations.com](<http://www.ibm.com/support/docview.wss?uid=swg21667602>) | 2018-05-01 | 61 \n[1688002](<http://www.ibm.com/support/docview.wss?uid=swg21688002>) | [Known Issues for IBM Security Network Protection Firmware Version 5.3](<http://www.ibm.com/support/docview.wss?uid=swg21688002>) | 2017-04-14 | 62 \n[1692094](<http://www.ibm.com/support/docview.wss?uid=swg21692094>) | [Network Protection policies are missing from SiteProtector after upgrading firmware to 5.3 or 5.3.0.1](<http://www.ibm.com/support/docview.wss?uid=swg21692094>) | 2018-05-01 | 63 \n[1697667](<http://www.ibm.com/support/docview.wss?uid=swg21697667>) | [5.3.0.1-ISS-XGS-All-Models-Hotfix-FP0001 ](<http://www.ibm.com/support/docview.wss?uid=swg21697667>) | 2017-04-14 | 64 \n[1963637](<http://www.ibm.com/support/docview.wss?uid=swg21963637>) | [Disabling QRadar Network Security event posting to SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21963637>) | 2017-09-26 | 65 \n[1966075](<http://www.ibm.com/support/docview.wss?uid=swg21966075>) | [Severity-based event responses on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21966075>) | 2017-09-11 | 66 \n[1969771](<http://www.ibm.com/support/docview.wss?uid=swg21969771>) | [Security Bulletin: A vulnerability in Pluggable Authentication Modules (PAM) affects IBM Security Network Protection (CVE-2015-3238)](<http://www.ibm.com/support/docview.wss?uid=swg21969771>) | 2017-04-14 | 67 \n[1980537](<http://www.ibm.com/support/docview.wss?uid=swg21980537>) | [Disabling TCP timestamps on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21980537>) | 2018-05-28 | 68 \n[1984726](<http://www.ibm.com/support/docview.wss?uid=swg21984726>) | [Security Network Protection (XGS) appliances send packets out of order](<http://www.ibm.com/support/docview.wss?uid=swg21984726>) | 2018-05-01 | 69 \n[1988858](<http://www.ibm.com/support/docview.wss?uid=swg21988858>) | [Determine whether the XGS 5100 requires a 5.3.2.3 LCD Hotfix](<http://www.ibm.com/support/docview.wss?uid=swg21988858>) | 2017-08-24 | 70 \n[7048767](<http://www.ibm.com/support/docview.wss?uid=swg27048767>) | [Open Mic replay: Basic Troubleshooting of XGS - 22 September 2016 ](<http://www.ibm.com/support/docview.wss?uid=swg27048767>) | 2017-04-15 | 71 \n[1643250](<http://www.ibm.com/support/docview.wss?uid=swg21643250>) | [IBM Security Systems Infrastructure product aliases](<http://www.ibm.com/support/docview.wss?uid=swg21643250>) | 2017-09-04 | 72 \n[1665279](<http://www.ibm.com/support/docview.wss?uid=swg21665279>) | [Security Bulletin: IBM Security Network Protection System can be affected by vulnerabilities in Ruby on Rails and the Ruby language (CVE-2013-4492, CVE-2013-4164)](<http://www.ibm.com/support/docview.wss?uid=swg21665279>) | 2018-02-15 | 73 \n[1686343](<http://www.ibm.com/support/docview.wss?uid=swg21686343>) | [Confirm user name and reset password for the Logon-event Scanner](<http://www.ibm.com/support/docview.wss?uid=swg21686343>) | 2018-05-01 | 74 \n[1689782](<http://www.ibm.com/support/docview.wss?uid=swg21689782>) | [System Error Top 10 Applications: Unable to retrieve the data requested](<http://www.ibm.com/support/docview.wss?uid=swg21689782>) | 2017-04-14 | 75 \n[1987547](<http://www.ibm.com/support/docview.wss?uid=swg21987547>) | [Where can a customer obtain information about new network attacks? ](<http://www.ibm.com/support/docview.wss?uid=swg21987547>) | 2017-07-08 | 76 \n[1987984](<http://www.ibm.com/support/docview.wss?uid=swg21987984>) | [System Event code list for IBM Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21987984>) | 2018-06-03 | 77 \n[1988153](<http://www.ibm.com/support/docview.wss?uid=swg21988153>) | [Obtaining information about protection against new network attacks](<http://www.ibm.com/support/docview.wss?uid=swg21988153>) | 2017-09-18 | 78 \n[2011432](<http://www.ibm.com/support/docview.wss?uid=swg22011432>) | [FNXUD0002I system events in Monitoring mode on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22011432>) | 2018-02-19 | 79 \n \n\\+ Hardware\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1680286](<http://www.ibm.com/support/docview.wss?uid=swg21680286>) | [IBM QRadar Network Security IQNS (XGS) 3100/4100/5100/7100 hardware comparison and NIM configurations](<http://www.ibm.com/support/docview.wss?uid=swg21680286>) | 2018-05-01 | 1 \n[1455876](<http://www.ibm.com/support/docview.wss?uid=swg21455876>) | [Obtaining the serial number and model number from an IBM Security or Proventia appliance](<http://www.ibm.com/support/docview.wss?uid=swg21455876>) | 2018-01-01 | 2 \n[1684986](<http://www.ibm.com/support/docview.wss?uid=swg21684986>) | [Running Platform Hardware Diagnostics utility on the Security Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21684986>) | 2018-05-01 | 3 \n[1691051](<http://www.ibm.com/support/docview.wss?uid=swg21691051>) | [IBM QRadar Network Security IQNS (XGS) appliance High Availability (HA) cabling guide](<http://www.ibm.com/support/docview.wss?uid=swg21691051>) | 2018-05-01 | 4 \n[1697576](<http://www.ibm.com/support/docview.wss?uid=swg21697576>) | [IBM Security RMA form](<http://www.ibm.com/support/docview.wss?uid=swg21697576>) | 2018-05-01 | 5 \n[1962052](<http://www.ibm.com/support/docview.wss?uid=swg21962052>) | [Customer Replaceable Unit (CRU) parts for IBM Infrastructure Security products](<http://www.ibm.com/support/docview.wss?uid=swg21962052>) | 2017-04-14 | 6 \n[1959769](<http://www.ibm.com/support/docview.wss?uid=swg21959769>) | [LED status indicators on the IBM Security Network Protection (XGS) and IBM Security Network Intrusion Prevention System (GX) appliances](<http://www.ibm.com/support/docview.wss?uid=swg21959769>) | 2018-05-01 | 7 \n[1959487](<http://www.ibm.com/support/docview.wss?uid=swg21959487>) | [Locating the serial number on IBM Security Network Protection (XGS) appliances](<http://www.ibm.com/support/docview.wss?uid=swg21959487>) | 2018-05-01 | 8 \n[1984376](<http://www.ibm.com/support/docview.wss?uid=swg21984376>) | [The Security Network Protection XGS 5100 10G NIMs are not recognized ](<http://www.ibm.com/support/docview.wss?uid=swg21984376>) | 2017-08-28 | 9 \n[1964988](<http://www.ibm.com/support/docview.wss?uid=swg21964988>) | [Configuring management interface link speed and duplex settings for QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21964988>) | 2017-09-04 | 10 \n[1980532](<http://www.ibm.com/support/docview.wss?uid=swg21980532>) | [IBM Security Network Protection (XGS) 7100 requires Network Interface Modules (NIM) with firmware 1.6.0 or higher](<http://www.ibm.com/support/docview.wss?uid=swg21980532>) | 2017-04-14 | 11 \n[2004899](<http://www.ibm.com/support/docview.wss?uid=swg22004899>) | [Hardware health check interval on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22004899>) | 2017-11-10 | 12 \n[1977921](<http://www.ibm.com/support/docview.wss?uid=swg21977921>) | [Speed and duplex settings are grayed out when using a 10G NIM module on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21977921>) | 2018-05-06 | 13 \n[2004680](<http://www.ibm.com/support/docview.wss?uid=swg22004680>) | [Manufacturing information for IBM Security hardware](<http://www.ibm.com/support/docview.wss?uid=swg22004680>) | 2018-05-21 | 14 \n[1883752](<http://www.ibm.com/support/docview.wss?uid=swg21883752>) | [Fiber optic cable types that can be used with the Security Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21883752>) | 2017-04-14 | 15 \n[1903077](<http://www.ibm.com/support/docview.wss?uid=swg21903077>) | [Log information indicating A/C power reset is needed on IQNS](<http://www.ibm.com/support/docview.wss?uid=swg21903077>) | 2018-05-01 | 16 \n[1987913](<http://www.ibm.com/support/docview.wss?uid=swg21987913>) | [Link down to the network switch after restarting IBM Security Network Protection XGS 7100](<http://www.ibm.com/support/docview.wss?uid=swg21987913>) | 2017-04-14 | 17 \n[2001134](<http://www.ibm.com/support/docview.wss?uid=swg22001134>) | [Securely wipe a QRadar Network Security appliance](<http://www.ibm.com/support/docview.wss?uid=swg22001134>) | 2018-05-06 | 18 \n[1977445](<http://www.ibm.com/support/docview.wss?uid=swg21977445>) | [QRadar Network Security support for USB 3.0](<http://www.ibm.com/support/docview.wss?uid=swg21977445>) | 2018-05-01 | 19 \n \n\\+ Identity\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1667633](<http://www.ibm.com/support/docview.wss?uid=swg21667633>) | [Policy differences between the Security Network IPS and Security Network Protection System](<http://www.ibm.com/support/docview.wss?uid=swg21667633>) | 2018-05-01 | 1 \n[1980526](<http://www.ibm.com/support/docview.wss?uid=swg21980526>) | [Error: \"side-by-side configuration is incorrect\" when starting Security Logon Event Scanner](<http://www.ibm.com/support/docview.wss?uid=swg21980526>) | 2017-06-10 | 2 \n[1593164](<http://www.ibm.com/support/docview.wss?uid=swg21593164>) | [Downloading the Security Logon-event Scanner software](<http://www.ibm.com/support/docview.wss?uid=swg21593164>) | 2017-06-10 | 3 \n[1981955](<http://www.ibm.com/support/docview.wss?uid=swg21981955>) | [Common issues when configuring Passive Authentication and the Logon-event Scanner for the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21981955>) | 2017-04-23 | 4 \n[1980531](<http://www.ibm.com/support/docview.wss?uid=swg21980531>) | [Security Network Protection Passive Authentication is logging events from authenticated users as \"unauthenticated user\"](<http://www.ibm.com/support/docview.wss?uid=swg21980531>) | 2017-08-02 | 5 \n[1990089](<http://www.ibm.com/support/docview.wss?uid=swg21990089>) | [Installing Logon-event Scanner version 7.0](<http://www.ibm.com/support/docview.wss?uid=swg21990089>) | 2017-05-24 | 6 \n[1667487](<http://www.ibm.com/support/docview.wss?uid=swg21667487>) | [Authentication portal session timeout information for the Security Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21667487>) | 2018-05-01 | 7 \n[1698729](<http://www.ibm.com/support/docview.wss?uid=swg21698729>) | [Error when adding Remote Identity Objects on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21698729>) | 2017-04-14 | 8 \n[1990094](<http://www.ibm.com/support/docview.wss?uid=swg21990094>) | [No active sessions in Security Network Protection (XGS) after installing Logon-event Scanner version 7.0](<http://www.ibm.com/support/docview.wss?uid=swg21990094>) | 2017-07-12 | 9 \n[2004901](<http://www.ibm.com/support/docview.wss?uid=swg22004901>) | [Active Directory authentication fails on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22004901>) | 2017-12-13 | 10 \n[1695029](<http://www.ibm.com/support/docview.wss?uid=swg21695029>) | [Configuring protection interfaces for the Captive Authentication portal](<http://www.ibm.com/support/docview.wss?uid=swg21695029>) | 2018-05-01 | 11 \n[1672960](<http://www.ibm.com/support/docview.wss?uid=swg21672960>) | [Error when trying to add Remote Identity objects on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21672960>) | 2017-09-26 | 12 \n[1696727](<http://www.ibm.com/support/docview.wss?uid=swg21696727>) | [Logon-event Scanner service stops on the Active Directory server](<http://www.ibm.com/support/docview.wss?uid=swg21696727>) | 2018-05-01 | 13 \n[1990090](<http://www.ibm.com/support/docview.wss?uid=swg21990090>) | [Managing Logon-event Scanner Version 7.0](<http://www.ibm.com/support/docview.wss?uid=swg21990090>) | 2017-04-14 | 14 \n[1649622](<http://www.ibm.com/support/docview.wss?uid=swg21649622>) | [Inbound connections fail when user authentication does not include a destination object specifying which adapters are external](<http://www.ibm.com/support/docview.wss?uid=swg21649622>) | 2017-04-14 | 15 \n[1696728](<http://www.ibm.com/support/docview.wss?uid=swg21696728>) | [Logon-event Scanner is unable to process Russian characters](<http://www.ibm.com/support/docview.wss?uid=swg21696728>) | 2017-04-14 | 16 \n[1973114](<http://www.ibm.com/support/docview.wss?uid=swg21973114>) | [Security Logon-event Scanner does not report active sessions when domain names do not match](<http://www.ibm.com/support/docview.wss?uid=swg21973114>) | 2017-04-23 | 17 \n[1975846](<http://www.ibm.com/support/docview.wss?uid=swg21975846>) | [Network Protection (XGS) - Passively authenticated users or group-based NAP rules do not match](<http://www.ibm.com/support/docview.wss?uid=swg21975846>) | 2018-05-01 | 18 \n[1980530](<http://www.ibm.com/support/docview.wss?uid=swg21980530>) | [Security Logon-event Scanner Domain Administrator account is not seen as an active session by the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21980530>) | 2018-05-28 | 19 \n[1980552](<http://www.ibm.com/support/docview.wss?uid=swg21980552>) | [Logon-event Scanner can no longer communicate with the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21980552>) | 2017-05-28 | 20 \n \n\\+ Installation\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1964546](<http://www.ibm.com/support/docview.wss?uid=swg21964546>) | [IBM QRadar Network Security IQNS (XGS) and Security Network IPS (GX) cabling guidelines](<http://www.ibm.com/support/docview.wss?uid=swg21964546>) | 2018-05-01 | 1 \n[1964989](<http://www.ibm.com/support/docview.wss?uid=swg21964989>) | [Error: \"Character content other than whitespace\" after reimaging or updating an XGS sensor](<http://www.ibm.com/support/docview.wss?uid=swg21964989>) | 2017-09-04 | 2 \n[1962633](<http://www.ibm.com/support/docview.wss?uid=swg21962633>) | [IBM Security Network Protection (XGS) and Network Intrusion Prevention (IPS) install guidelines after a replacement unit (RMA) was received](<http://www.ibm.com/support/docview.wss?uid=swg21962633>) | 2017-06-19 | 3 \n[1962593](<http://www.ibm.com/support/docview.wss?uid=swg21962593>) | [Moving Security Network Protection policies to a new SiteProtector system](<http://www.ibm.com/support/docview.wss?uid=swg21962593>) | 2017-04-14 | 4 \n[1694346](<http://www.ibm.com/support/docview.wss?uid=swg21694346>) | [Security Network Protection (XGS) System error when registing with SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21694346>) | 2018-05-01 | 5 \n \n\\+ Interim Fixes\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1966077](<http://www.ibm.com/support/docview.wss?uid=swg21966077>) | [Certificate \"expired or is near expiration\" message after you import a new LMI certificate on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21966077>) | 2017-09-18 | 1 \n[1677166](<http://www.ibm.com/support/docview.wss?uid=swg21677166>) | [Fixes and patches available for IBM Security products](<http://www.ibm.com/support/docview.wss?uid=swg21677166>) | 2018-05-13 | 2 \n[1700713](<http://www.ibm.com/support/docview.wss?uid=swg21700713>) | [IBM Security Network Protection (XGS) firmware 5.3.0.5 release notes](<http://www.ibm.com/support/docview.wss?uid=swg21700713>) | 2018-05-01 | 3 \n[1961507](<http://www.ibm.com/support/docview.wss?uid=swg21961507>) | [Security Network Protection sensor vulnerability to CVE-2014-2532](<http://www.ibm.com/support/docview.wss?uid=swg21961507>) | 2017-10-23 | 4 \n[1902778](<http://www.ibm.com/support/docview.wss?uid=swg21902778>) | [Security Network Protection firmware 5.3.1 release notes](<http://www.ibm.com/support/docview.wss?uid=swg21902778>) | 2018-05-01 | 5 \n[1960788](<http://www.ibm.com/support/docview.wss?uid=swg21960788>) | [5.3.1.1-ISS-XGS-All-Models-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21960788>) | 2018-05-01 | 6 \n[2000334](<http://www.ibm.com/support/docview.wss?uid=swg22000334>) | [5.3.3.2-ISS-XGS-All-Models-Hotfix-IF0003](<http://www.ibm.com/support/docview.wss?uid=swg22000334>) | 2017-06-30 | 7 \n[1959193](<http://www.ibm.com/support/docview.wss?uid=swg21959193>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0009 ](<http://www.ibm.com/support/docview.wss?uid=swg21959193>) | 2018-05-13 | 8 \n[1959666](<http://www.ibm.com/support/docview.wss?uid=swg21959666>) | [5.3.0.6-ISS-XGS-All-Models-IF0002](<http://www.ibm.com/support/docview.wss?uid=swg21959666>) | 2018-05-21 | 9 \n[1972784](<http://www.ibm.com/support/docview.wss?uid=swg21972784>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0013](<http://www.ibm.com/support/docview.wss?uid=swg21972784>) | 2017-04-14 | 10 \n[1690659](<http://www.ibm.com/support/docview.wss?uid=swg21690659>) | [5.3.0.0-ISS-XGS-All-Models-Hotfix-FP0001](<http://www.ibm.com/support/docview.wss?uid=swg21690659>) | 2017-04-14 | 11 \n[1664576](<http://www.ibm.com/support/docview.wss?uid=swg21664576>) | [5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0002](<http://www.ibm.com/support/docview.wss?uid=swg21664576>) | 2017-04-14 | 12 \n[1681073](<http://www.ibm.com/support/docview.wss?uid=swg21681073>) | [5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0006](<http://www.ibm.com/support/docview.wss?uid=swg21681073>) | 2017-06-24 | 13 \n[1685298](<http://www.ibm.com/support/docview.wss?uid=swg21685298>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0004](<http://www.ibm.com/support/docview.wss?uid=swg21685298>) | 2018-05-01 | 14 \n[1685299](<http://www.ibm.com/support/docview.wss?uid=swg21685299>) | [5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0012](<http://www.ibm.com/support/docview.wss?uid=swg21685299>) | 2018-05-01 | 15 \n[1685300](<http://www.ibm.com/support/docview.wss?uid=swg21685300>) | [5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0007](<http://www.ibm.com/support/docview.wss?uid=swg21685300>) | 2018-05-01 | 16 \n[1685301](<http://www.ibm.com/support/docview.wss?uid=swg21685301>) | [5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0008](<http://www.ibm.com/support/docview.wss?uid=swg21685301>) | 2018-05-01 | 17 \n[1685302](<http://www.ibm.com/support/docview.wss?uid=swg21685302>) | [5.1.2.1-ISS-XGS-All-Models-Hotfix-FP0004](<http://www.ibm.com/support/docview.wss?uid=swg21685302>) | 2018-05-01 | 18 \n[1690850](<http://www.ibm.com/support/docview.wss?uid=swg21690850>) | [5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0013](<http://www.ibm.com/support/docview.wss?uid=swg21690850>) | 2017-04-14 | 19 \n[1690851](<http://www.ibm.com/support/docview.wss?uid=swg21690851>) | [5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0008](<http://www.ibm.com/support/docview.wss?uid=swg21690851>) | 2017-04-14 | 20 \n[1693604](<http://www.ibm.com/support/docview.wss?uid=swg21693604>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0006](<http://www.ibm.com/support/docview.wss?uid=swg21693604>) | 2017-04-14 | 21 \n[1696054](<http://www.ibm.com/support/docview.wss?uid=swg21696054>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0007](<http://www.ibm.com/support/docview.wss?uid=swg21696054>) | 2018-05-01 | 22 \n[1700617](<http://www.ibm.com/support/docview.wss?uid=swg21700617>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0008](<http://www.ibm.com/support/docview.wss?uid=swg21700617>) | 2017-04-23 | 23 \n[1903749](<http://www.ibm.com/support/docview.wss?uid=swg21903749>) | [5.3.0.6-ISS-XGS-All-Models-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21903749>) | 2018-05-01 | 24 \n[1960784](<http://www.ibm.com/support/docview.wss?uid=swg21960784>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP00010](<http://www.ibm.com/support/docview.wss?uid=swg21960784>) | 2018-05-01 | 25 \n[1960785](<http://www.ibm.com/support/docview.wss?uid=swg21960785>) | [5.3.0.6-ISS-XGS-All-Models-IF0003](<http://www.ibm.com/support/docview.wss?uid=swg21960785>) | 2018-05-21 | 26 \n[1968790](<http://www.ibm.com/support/docview.wss?uid=swg21968790>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0012](<http://www.ibm.com/support/docview.wss?uid=swg21968790>) | 2017-09-26 | 27 \n[1975563](<http://www.ibm.com/support/docview.wss?uid=swg21975563>) | [5.3.1.7-ISS-XGS-All-Models-Hotfix-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21975563>) | 2017-04-14 | 28 \n \n\\+ Intrusion Prevention Module (IPM)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1680386](<http://www.ibm.com/support/docview.wss?uid=swg21680386>) | [Migrating existing Security Network IPS policies to the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21680386>) | 2018-05-01 | 1 \n[1962048](<http://www.ibm.com/support/docview.wss?uid=swg21962048>) | [Difference between Allow and Ignore in the IPS Event Filter Policy on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21962048>) | 2017-09-04 | 2 \n[1695087](<http://www.ibm.com/support/docview.wss?uid=swg21695087>) | [Warning: RSYSLOG response: LEEF message is truncated, IBM QRadar Network Security IQNS (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21695087>) | 2018-05-01 | 3 \n[1958077](<http://www.ibm.com/support/docview.wss?uid=swg21958077>) | [XML content of policy export on Network IPS and Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21958077>) | 2017-08-02 | 4 \n[1660083](<http://www.ibm.com/support/docview.wss?uid=swg21660083>) | [QRadar SIEM only logging Network Access events but not IPS Security Events from Security Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21660083>) | 2017-04-14 | 5 \n[1687457](<http://www.ibm.com/support/docview.wss?uid=swg21687457>) | [Certain security events can only be used in the Default IPS policy object on the IBM QRadar Network Security IQNS/XGS sensor](<http://www.ibm.com/support/docview.wss?uid=swg21687457>) | 2018-05-01 | 6 \n[7047767](<http://www.ibm.com/support/docview.wss?uid=swg27047767>) | [XGS Open Mic Webcast: Application Control and IP Reputation Demystified! Thursday, 31 March 2016 [Includes attached presentation and link to replay]](<http://www.ibm.com/support/docview.wss?uid=swg27047767>) | 2017-04-15 | 7 \n[1682385](<http://www.ibm.com/support/docview.wss?uid=swg21682385>) | [IBM Qradar Network Security -IQNS (XGS) not firing IPS events after being registered in SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21682385>) | 2018-05-01 | 8 \n[1963728](<http://www.ibm.com/support/docview.wss?uid=swg21963728>) | [IBM Security Network Protection (XGS) security events UNIX timestamp conversion tool](<http://www.ibm.com/support/docview.wss?uid=swg21963728>) | 2017-04-16 | 9 \n[1696200](<http://www.ibm.com/support/docview.wss?uid=swg21696200>) | [Logging URL data from Network Access events](<http://www.ibm.com/support/docview.wss?uid=swg21696200>) | 2018-05-01 | 10 \n[1699305](<http://www.ibm.com/support/docview.wss?uid=swg21699305>) | [System error shows \"Issue ID: value already exists\" when attempting to add/edit IPS Event Filter rules](<http://www.ibm.com/support/docview.wss?uid=swg21699305>) | 2017-04-14 | 11 \n \n\\+ Licensing and Updates (LUM)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1679077](<http://www.ibm.com/support/docview.wss?uid=swg21679077>) | [Steps to generate or regenerate license keys from the IBM License Key Center](<http://www.ibm.com/support/docview.wss?uid=swg21679077>) | 2018-05-01 | 1 \n[1680383](<http://www.ibm.com/support/docview.wss?uid=swg21680383>) | [IBM QRadar Network Security IQNS (XGS) licensing summary](<http://www.ibm.com/support/docview.wss?uid=swg21680383>) | 2018-05-01 | 2 \n[1437057](<http://www.ibm.com/support/docview.wss?uid=swg21437057>) | [Firewall rules necessary to ensure that IBM Security and Lotus Protector for Mail Security Products can update](<http://www.ibm.com/support/docview.wss?uid=swg21437057>) | 2017-09-10 | 3 \n[1965396](<http://www.ibm.com/support/docview.wss?uid=swg21965396>) | [Best practices for firmware upgrades on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21965396>) | 2017-06-10 | 4 \n[1961077](<http://www.ibm.com/support/docview.wss?uid=swg21961077>) | [Manually applying updates on the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21961077>) | 2017-05-13 | 5 \n[1678995](<http://www.ibm.com/support/docview.wss?uid=swg21678995>) | [IBM QRadar Network Security IQNS (XGS) does not apply all currently entitled licenses after it is registered with SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21678995>) | 2018-05-01 | 6 \n[1964486](<http://www.ibm.com/support/docview.wss?uid=swg21964486>) | [Internet access configuration for Application Database updates on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21964486>) | 2018-05-01 | 7 \n[1693920](<http://www.ibm.com/support/docview.wss?uid=swg21693920>) | [Network Protection (XGS) firmware update fails to install](<http://www.ibm.com/support/docview.wss?uid=swg21693920>) | 2018-05-01 | 8 \n[1610380](<http://www.ibm.com/support/docview.wss?uid=swg21610380>) | [Adding or Changing Registered End Users (REUs) in Flexera Licensing Key Center (LKC)](<http://www.ibm.com/support/docview.wss?uid=swg21610380>) | 2017-09-07 | 9 \n[1988156](<http://www.ibm.com/support/docview.wss?uid=swg21988156>) | [Security Network Protection license refresh timing in SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21988156>) | 2017-04-14 | 10 \n[1996659](<http://www.ibm.com/support/docview.wss?uid=swg21996659>) | [GLGUP1012E alerts on IBM Security Network Protection (XGS) not configured for internet access](<http://www.ibm.com/support/docview.wss?uid=swg21996659>) | 2018-05-01 | 11 \n[1970863](<http://www.ibm.com/support/docview.wss?uid=swg21970863>) | [Possible memory leak in 5.3.1.5 firmware release](<http://www.ibm.com/support/docview.wss?uid=swg21970863>) | 2017-04-14 | 12 \n[1986089](<http://www.ibm.com/support/docview.wss?uid=swg21986089>) | [License expiration date does not change after adding a new license to the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21986089>) | 2017-08-28 | 13 \n[1975847](<http://www.ibm.com/support/docview.wss?uid=swg21975847>) | [Unable to find recently purchased licenses for IBM Security products](<http://www.ibm.com/support/docview.wss?uid=swg21975847>) | 2018-05-01 | 14 \n \n\\+ Local Management Interface (LMI)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[2007513](<http://www.ibm.com/support/docview.wss?uid=swg22007513>) | [Error: \"Failed to find an app server\" and web interface not accessible on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg22007513>) | 2017-09-08 | 1 \n[1976862](<http://www.ibm.com/support/docview.wss?uid=swg21976862>) | [LMI certificate management on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21976862>) | 2018-02-26 | 2 \n[1983851](<http://www.ibm.com/support/docview.wss?uid=swg21983851>) | [Change the Security Network Protection (XGS) default administrator password in the Local Management Interface (LMI)](<http://www.ibm.com/support/docview.wss?uid=swg21983851>) | 2018-05-01 | 3 \n[1766545](<http://www.ibm.com/support/docview.wss?uid=swg21766545>) | [Configuring multiple accounts for LMI and CLI on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21766545>) | 2018-05-20 | 4 \n[1983880](<http://www.ibm.com/support/docview.wss?uid=swg21983880>) | [Token-based two-factor authentication on QRadar Network Security and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21983880>) | 2017-05-28 | 5 \n[1883738](<http://www.ibm.com/support/docview.wss?uid=swg21883738>) | [Disabling weak ciphers for the LMI of the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21883738>) | 2018-02-01 | 6 \n[1988154](<http://www.ibm.com/support/docview.wss?uid=swg21988154>) | [Internet Explorer Compatibility View mode causes LMI issues on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21988154>) | 2017-08-28 | 7 \n[1969071](<http://www.ibm.com/support/docview.wss?uid=swg21969071>) | [LMI is inaccessible after replacing the certificate on QRadar Network Protection (XGS) sensors](<http://www.ibm.com/support/docview.wss?uid=swg21969071>) | 2017-10-01 | 8 \n[1990349](<http://www.ibm.com/support/docview.wss?uid=swg21990349>) | [Error: \"The page you were looking for doesn't exist\" on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21990349>) | 2017-04-14 | 9 \n[1595890](<http://www.ibm.com/support/docview.wss?uid=swg21595890>) | [Supported Browsers for the IBM Security Network Protection Appliance](<http://www.ibm.com/support/docview.wss?uid=swg21595890>) | 2017-04-14 | 10 \n[1682813](<http://www.ibm.com/support/docview.wss?uid=swg21682813>) | [Blank Interface Statistics Graphs in the Local Management Interface (LMI)](<http://www.ibm.com/support/docview.wss?uid=swg21682813>) | 2018-05-01 | 11 \n[1970018](<http://www.ibm.com/support/docview.wss?uid=swg21970018>) | [Certficate in Awaiting CA Certificate Upload status for the Security Network Protection LMI](<http://www.ibm.com/support/docview.wss?uid=swg21970018>) | 2017-04-14 | 12 \n[1983898](<http://www.ibm.com/support/docview.wss?uid=swg21983898>) | [Unable to access LMI after applying fix pack 5.3.X-ISS-XGS-Remove-LMI-Certs to a Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21983898>) | 2017-04-14 | 13 \n[1968985](<http://www.ibm.com/support/docview.wss?uid=swg21968985>) | [Unable to access the LMI in Firefox after configuring FIPS on the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21968985>) | 2017-04-14 | 14 \n[2000598](<http://www.ibm.com/support/docview.wss?uid=swg22000598>) | [Unable to add SNMP object to Security Network Protection at firmware 5.3.3.2](<http://www.ibm.com/support/docview.wss?uid=swg22000598>) | 2018-05-01 | 15 \n[1713633](<http://www.ibm.com/support/docview.wss?uid=swg21713633>) | [Local event data retention settings on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21713633>) | 2018-05-28 | 16 \n[1963516](<http://www.ibm.com/support/docview.wss?uid=swg21963516>) | [System Error when using a third-party certificate in QRadar Network Security LMI](<http://www.ibm.com/support/docview.wss?uid=swg21963516>) | 2017-09-26 | 17 \n[1989975](<http://www.ibm.com/support/docview.wss?uid=swg21989975>) | [Hardcoding speed and duplex on M.1 might not work on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21989975>) | 2017-10-02 | 18 \n[1987436](<http://www.ibm.com/support/docview.wss?uid=swg21987436>) | [Access to captive portal using IPv6 address fails on IBM Security Network Protection appliances (XGS). ](<http://www.ibm.com/support/docview.wss?uid=swg21987436>) | 2017-04-14 | 19 \n[1661873](<http://www.ibm.com/support/docview.wss?uid=swg21661873>) | [Unable to download support files from an QRadar Network Security with IE Enhanced Security Configuration installed](<http://www.ibm.com/support/docview.wss?uid=swg21661873>) | 2018-05-01 | 20 \n[1983889](<http://www.ibm.com/support/docview.wss?uid=swg21983889>) | [HTTP 500 Internal Server Error when accessing the Security Network Protection (XGS) Local Management Interface (LMI)](<http://www.ibm.com/support/docview.wss?uid=swg21983889>) | 2018-05-01 | 21 \n[1597885](<http://www.ibm.com/support/docview.wss?uid=swg21597885>) | [Multiselect does not work properly](<http://www.ibm.com/support/docview.wss?uid=swg21597885>) | 2017-04-14 | 22 \n[1598332](<http://www.ibm.com/support/docview.wss?uid=swg21598332>) | [System Error - Tried to register widget with id==logdb_edit_dialog but that id is already registered](<http://www.ibm.com/support/docview.wss?uid=swg21598332>) | 2017-04-14 | 23 \n[1686991](<http://www.ibm.com/support/docview.wss?uid=swg21686991>) | [Captive authentication page occasionally fails to redirect the user on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21686991>) | 2018-05-01 | 24 \n[1986359](<http://www.ibm.com/support/docview.wss?uid=swg21986359>) | [The search bar in the IBM Security Network Protection Local Management Interface (LMI) help is not responding and searches can not be made.](<http://www.ibm.com/support/docview.wss?uid=swg21986359>) | 2017-04-14 | 25 \n[1999059](<http://www.ibm.com/support/docview.wss?uid=swg21999059>) | [LMI network graphs unreadable when using Chrome 56 on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21999059>) | 2017-06-10 | 26 \n[1999115](<http://www.ibm.com/support/docview.wss?uid=swg21999115>) | [Unable to access LMI after modifying the management IP address on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21999115>) | 2018-01-01 | 27 \n \n\\+ Network Access Policy\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1961068](<http://www.ibm.com/support/docview.wss?uid=swg21961068>) | [Blocking IP spoofed traffic with a QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21961068>) | 2017-08-28 | 1 \n[1983899](<http://www.ibm.com/support/docview.wss?uid=swg21983899>) | [Security Network Protection (XGS) Network Access Policy rules not working](<http://www.ibm.com/support/docview.wss?uid=swg21983899>) | 2017-06-19 | 2 \n[1961506](<http://www.ibm.com/support/docview.wss?uid=swg21961506>) | [IP reputation and geolocation information in NAP events on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21961506>) | 2017-10-16 | 3 \n[1990362](<http://www.ibm.com/support/docview.wss?uid=swg21990362>) | [Default IPS policy usage in NAP rules on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21990362>) | 2017-04-14 | 4 \n[1995199](<http://www.ibm.com/support/docview.wss?uid=swg21995199>) | [Configure Network Access Policies for the IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21995199>) | 2017-04-14 | 5 \n[1962639](<http://www.ibm.com/support/docview.wss?uid=swg21962639>) | [Security Network Protection and Security Network IPS remote syslog logging facility](<http://www.ibm.com/support/docview.wss?uid=swg21962639>) | 2017-06-19 | 6 \n[1968101](<http://www.ibm.com/support/docview.wss?uid=swg21968101>) | [Drop or Reject Actions do not appear to apply for some rules on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21968101>) | 2017-10-17 | 7 \n[1974709](<http://www.ibm.com/support/docview.wss?uid=swg21974709>) | [Remote Syslog over TLS setup](<http://www.ibm.com/support/docview.wss?uid=swg21974709>) | 2017-12-12 | 8 \n[1990338](<http://www.ibm.com/support/docview.wss?uid=swg21990338>) | [Custom NAP rule naming on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21990338>) | 2018-05-23 | 9 \n[1698766](<http://www.ibm.com/support/docview.wss?uid=swg21698766>) | [Blocking specific ports by using Network Access policy on the Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21698766>) | 2018-05-01 | 10 \n[1750419](<http://www.ibm.com/support/docview.wss?uid=swg21750419>) | [Security Network Protection (XGS) is not blocking a URL with \"?\" parameter value](<http://www.ibm.com/support/docview.wss?uid=swg21750419>) | 2017-04-14 | 11 \n[1968211](<http://www.ibm.com/support/docview.wss?uid=swg21968211>) | [Default behavior for traffic that does not match any NAP rule on Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21968211>) | 2017-10-23 | 12 \n[1435089](<http://www.ibm.com/support/docview.wss?uid=swg21435089>) | [Unable to see newly added Network Objects or Response Objects in XGS Response Rules](<http://www.ibm.com/support/docview.wss?uid=swg21435089>) | 2017-04-14 | 13 \n[1700929](<http://www.ibm.com/support/docview.wss?uid=swg21700929>) | [Security Network Protection (XGS) block page is not found for NAP rules by using domain category and domain list objects](<http://www.ibm.com/support/docview.wss?uid=swg21700929>) | 2018-05-01 | 14 \n[1986086](<http://www.ibm.com/support/docview.wss?uid=swg21986086>) | [Error: \"Field must be between 0 and 255 in length\" when adding a rule to a QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21986086>) | 2017-08-28 | 15 \n[1644712](<http://www.ibm.com/support/docview.wss?uid=swg21644712>) | [LMI allows deletion of remote directory server that is referenced in an identity object](<http://www.ibm.com/support/docview.wss?uid=swg21644712>) | 2017-04-14 | 16 \n[1698149](<http://www.ibm.com/support/docview.wss?uid=swg21698149>) | [Error: \"Invalid scope\" on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21698149>) | 2017-04-14 | 17 \n[1644593](<http://www.ibm.com/support/docview.wss?uid=swg21644593>) | [IBM Security Network Protection does not detect ping echo replies](<http://www.ibm.com/support/docview.wss?uid=swg21644593>) | 2017-09-06 | 18 \n[1683989](<http://www.ibm.com/support/docview.wss?uid=swg21683989>) | [Some Network Access policy events don't contain URL Categories or Web Application information](<http://www.ibm.com/support/docview.wss?uid=swg21683989>) | 2018-05-01 | 19 \n[1975227](<http://www.ibm.com/support/docview.wss?uid=swg21975227>) | [Multiple changes to the Network Access Policy may cause a network interruption on the Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21975227>) | 2018-05-01 | 20 \n[1976509](<http://www.ibm.com/support/docview.wss?uid=swg21976509>) | [Using geolocation objects on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21976509>) | 2017-08-24 | 21 \n[1983886](<http://www.ibm.com/support/docview.wss?uid=swg21983886>) | [Creating Geolocation objects in the Event Filter policy](<http://www.ibm.com/support/docview.wss?uid=swg21983886>) | 2018-05-01 | 22 \n[2013039](<http://www.ibm.com/support/docview.wss?uid=swg22013039>) | [Stateful inspection on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22013039>) | 2018-02-19 | 23 \n \n\\+ Network Interface Module (NIM)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1698147](<http://www.ibm.com/support/docview.wss?uid=swg21698147>) | [Replacing network interface modules (NIMs) in the XGS appliance](<http://www.ibm.com/support/docview.wss?uid=swg21698147>) | 2018-01-29 | 1 \n[1666254](<http://www.ibm.com/support/docview.wss?uid=swg21666254>) | [Network Protection (XGS) policy changes that cause a link state change](<http://www.ibm.com/support/docview.wss?uid=swg21666254>) | 2018-05-01 | 2 \n[1987202](<http://www.ibm.com/support/docview.wss?uid=swg21987202>) | [40Gb Network Interface Module (NIM) update IBM QRadar Network Security (IQNS) 7100](<http://www.ibm.com/support/docview.wss?uid=swg21987202>) | 2018-05-01 | 3 \n \n\\+ Not Applicable\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1662387](<http://www.ibm.com/support/docview.wss?uid=swg21662387>) | [Agent Alert POST](<http://www.ibm.com/support/docview.wss?uid=swg21662387>) | 2017-08-24 | 1 \n[7045692](<http://www.ibm.com/support/docview.wss?uid=swg27045692>) | [Open Mic Webcast: How to Deploy and Configure the XGS - Wednesday, 20 May 2015 [includes link to recorded session; presentation slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27045692>) | 2018-05-23 | 2 \n[1689158](<http://www.ibm.com/support/docview.wss?uid=swg21689158>) | [Security Bulletin: Vulnerability in SSLv3 affects multiple IBM Security Infrastructure appliances (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21689158>) | 2018-02-15 | 3 \n[2001436](<http://www.ibm.com/support/docview.wss?uid=swg22001436>) | [PAM Statistics info and OID listing for QRadar Network Security (XGS) at XPU 37.030](<http://www.ibm.com/support/docview.wss?uid=swg22001436>) | 2018-05-01 | 4 \n[1987437](<http://www.ibm.com/support/docview.wss?uid=swg21987437>) | [Receiving warning messages when deploying policies that require restarting Analysis Daemon](<http://www.ibm.com/support/docview.wss?uid=swg21987437>) | 2017-04-14 | 5 \n[7047367](<http://www.ibm.com/support/docview.wss?uid=swg27047367>) | [Open Mic Webcast: XGS: Advanced Threat Protection Integration Options (QRadar export) - 28 January 2016 [Includes link to replay. Presentation is attached.]](<http://www.ibm.com/support/docview.wss?uid=swg27047367>) | 2017-04-15 | 6 \n[7045508](<http://www.ibm.com/support/docview.wss?uid=swg27045508>) | [Open Mic Webcast: Policy Migration from GX to XGS - Tuesday, 28 April 2015 [includes link to recorded event; presentation slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27045508>) | 2018-05-23 | 7 \n[7049643](<http://www.ibm.com/support/docview.wss?uid=swg27049643>) | [Open Mic: IQNS (XGS) X-Force Malware Analysis on the Cloud - 24 May 2017 (Includes link to replay. Slides are attached.)](<http://www.ibm.com/support/docview.wss?uid=swg27049643>) | 2017-06-05 | 8 \n[1690823](<http://www.ibm.com/support/docview.wss?uid=swg21690823>) | [Security Bulletin: IBM Security Network Protection is affected by Shell Command Injection vulnerability (CVE-2014-6183)](<http://www.ibm.com/support/docview.wss?uid=swg21690823>) | 2018-02-15 | 9 \n[7047876](<http://www.ibm.com/support/docview.wss?uid=swg27047876>) | [Infrastructure Support Open Mic Webcast: IBM Threat Protection System with XGS-QRadar Integration - 25 May 2016 [includes link to replay; presentation is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27047876>) | 2018-02-15 | 10 \n[1974288](<http://www.ibm.com/support/docview.wss?uid=swg21974288>) | [IBM Security Network Protection 5.3.2 Web Services API ](<http://www.ibm.com/support/docview.wss?uid=swg21974288>) | 2017-04-14 | 11 \n[7044438](<http://www.ibm.com/support/docview.wss?uid=swg27044438>) | [Open Mic Webcast for IBM Security Network Protection: Troubleshooting the XGS appliance - 20 January 2015 [includes link to replay; presentation slides are attached] ](<http://www.ibm.com/support/docview.wss?uid=swg27044438>) | 2018-05-23 | 12 \n[1690822](<http://www.ibm.com/support/docview.wss?uid=swg21690822>) | [Security Bulletin: Vulnerability in SSLv3 affects Network Protection (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21690822>) | 2018-02-15 | 13 \n[1696131](<http://www.ibm.com/support/docview.wss?uid=swg21696131>) | [Security Bulletin: GNU C library (glibc) vulnerability affects IBM Security Network Protection (CVE-2015-0235)](<http://www.ibm.com/support/docview.wss?uid=swg21696131>) | 2018-02-15 | 14 \n[7045078](<http://www.ibm.com/support/docview.wss?uid=swg27045078>) | [Open Mic Webcast for controlling internet access with XGS: a configuration walkthrough of user authentication - Wednesday, 4 March 2015 [inclues link to recording; slide deck is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27045078>) | 2018-05-23 | 15 \n[7046280](<http://www.ibm.com/support/docview.wss?uid=swg27046280>) | [Open Mic Webcast: XGS - Keeping up with threat infrastructure by using alerts and audits - 26 August 2015 [presentation slides are attached; includes link to replay]](<http://www.ibm.com/support/docview.wss?uid=swg27046280>) | 2017-04-15 | 16 \n[1676529](<http://www.ibm.com/support/docview.wss?uid=swg21676529>) | [Security Bulletin: IBM Security Network Protection is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470 ](<http://www.ibm.com/support/docview.wss?uid=swg21676529>) | 2018-02-15 | 17 \n[1680803](<http://www.ibm.com/support/docview.wss?uid=swg21680803>) | [Security Bulletin: IBM Security Network Protection System CPU Utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21680803>) | 2018-02-15 | 18 \n[1693542](<http://www.ibm.com/support/docview.wss?uid=swg21693542>) | [Security Bulletin: IBM Security Network Protection is affected by ClickJacking vulnerability CVE-2014-6197](<http://www.ibm.com/support/docview.wss?uid=swg21693542>) | 2018-02-15 | 19 \n[1958090](<http://www.ibm.com/support/docview.wss?uid=swg21958090>) | [Security Bulletin: IBM Security Network Protection contains a Cross-Site Request Forgery vulnerability. ](<http://www.ibm.com/support/docview.wss?uid=swg21958090>) | 2018-02-15 | 20 \n[2002436](<http://www.ibm.com/support/docview.wss?uid=swg22002436>) | [Increased memory utilization in QRadar Network Security firmware 5.4](<http://www.ibm.com/support/docview.wss?uid=swg22002436>) | 2018-05-01 | 21 \n[1684903](<http://www.ibm.com/support/docview.wss?uid=swg21684903>) | [Security Bulletin: Network Protection is affected by multiple OpenSSL vulnerabilities (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511) ](<http://www.ibm.com/support/docview.wss?uid=swg21684903>) | 2018-02-15 | 22 \n[1696906](<http://www.ibm.com/support/docview.wss?uid=swg21696906>) | [Security Bulletin: IBM Security Network Protection is affected by OpenSSL vulnerabilities (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, and CVE-2015-0206)](<http://www.ibm.com/support/docview.wss?uid=swg21696906>) | 2018-02-15 | 23 \n[1697248](<http://www.ibm.com/support/docview.wss?uid=swg21697248>) | [Security Bulletin: IBM Security Network Protection is vulnerable to Cross-Site Scripting. (CVE-2014-6189)](<http://www.ibm.com/support/docview.wss?uid=swg21697248>) | 2018-02-15 | 24 \n[7047473](<http://www.ibm.com/support/docview.wss?uid=swg27047473>) | [Open Mic Webcast: Why you need to use Automated Service and Support on the XGS - 25 February 2016 [Includes link to replay] [Presentation slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27047473>) | 2018-02-15 | 25 \n[7050149](<http://www.ibm.com/support/docview.wss?uid=swg27050149>) | [IBM Infrastructure Security Support July 2017 Newsletter ](<http://www.ibm.com/support/docview.wss?uid=swg27050149>) | 2017-08-24 | 26 \n[1675355](<http://www.ibm.com/support/docview.wss?uid=swg21675355>) | [Security Bulletin: IBM Security Network Protection System CPU utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21675355>) | 2018-02-15 | 27 \n[1676875](<http://www.ibm.com/support/docview.wss?uid=swg21676875>) | [Security Bulletin: IBM Security Network Protection is affected by the following IBM\u00c2\u00ae SDK, Java\u00e2\u0084\u00a2 Technology Edition vulnerability (CVE-2014-2414) ](<http://www.ibm.com/support/docview.wss?uid=swg21676875>) | 2018-02-15 | 28 \n[1693657](<http://www.ibm.com/support/docview.wss?uid=swg21693657>) | [Security Bulletin: TLS padding vulnerability affects IBM Security Network Protection (CVE-2014-8730) ](<http://www.ibm.com/support/docview.wss?uid=swg21693657>) | 2018-02-15 | 29 \n[1696265](<http://www.ibm.com/support/docview.wss?uid=swg21696265>) | [Security Bulletin: Multiple vulnerabilities in IBM Security Network Protection (CVE-2014-3567, CVE-2014-4877, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21696265>) | 2018-02-15 | 30 \n[1696521](<http://www.ibm.com/support/docview.wss?uid=swg21696521>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection (CVE-2014-6512, CVE-2014-6457, CVE-2014-6558, CVE-2014-3065) ](<http://www.ibm.com/support/docview.wss?uid=swg21696521>) | 2018-02-15 | 31 \n[1696811](<http://www.ibm.com/support/docview.wss?uid=swg21696811>) | [Security Bulletin: IBM Security Network Protection is affected by a NSS vulnerability (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21696811>) | 2018-02-15 | 32 \n[1701264](<http://www.ibm.com/support/docview.wss?uid=swg21701264>) | [Security Bulletin: Vulnerability in GSKit affects IBM Security Network Protection (CVE-2015-0138) ](<http://www.ibm.com/support/docview.wss?uid=swg21701264>) | 2018-02-15 | 33 \n[1962064](<http://www.ibm.com/support/docview.wss?uid=swg21962064>) | [Security Bulletin: A vulnerability in GSKit affects IBM Security Network Protection (CVE-2015-1788)](<http://www.ibm.com/support/docview.wss?uid=swg21962064>) | 2018-02-15 | 34 \n[1963297](<http://www.ibm.com/support/docview.wss?uid=swg21963297>) | [Security Bulletin: A vulnerability in GNU glibc affects IBM Security Network Protection (CVE-2013-7424) ](<http://www.ibm.com/support/docview.wss?uid=swg21963297>) | 2017-04-14 | 35 \n[2011740](<http://www.ibm.com/support/docview.wss?uid=swg22011740>) | [Security Bulletin: IBM QRadar Network Security is affected by a denial of service vulnerability in cURL (CVE-2017-1000257) ](<http://www.ibm.com/support/docview.wss?uid=swg22011740>) | 2018-05-01 | 36 \n[2016575](<http://www.ibm.com/support/docview.wss?uid=swg22016575>) | [Impact of the Japanese era calendar change on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22016575>) | 2018-05-26 | 37 \n \n\\+ Operating system (OS)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1980551](<http://www.ibm.com/support/docview.wss?uid=swg21980551>) | [Interpreting LEEF formatting in syslog events on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21980551>) | 2018-05-01 | 1 \n[1986090](<http://www.ibm.com/support/docview.wss?uid=swg21986090>) | [Warning: \"User allocated memory\" on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21986090>) | 2017-08-24 | 2 \n[1972161](<http://www.ibm.com/support/docview.wss?uid=swg21972161>) | [Allowed Characters for the Security Network Protection admin password](<http://www.ibm.com/support/docview.wss?uid=swg21972161>) | 2017-04-16 | 3 \n[1966576](<http://www.ibm.com/support/docview.wss?uid=swg21966576>) | [High disk usage on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21966576>) | 2018-05-06 | 4 \n[1983875](<http://www.ibm.com/support/docview.wss?uid=swg21983875>) | [MTU as defined on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21983875>) | 2017-08-02 | 5 \n[1698146](<http://www.ibm.com/support/docview.wss?uid=swg21698146>) | [Kernel debug procedures for the XGS appliance](<http://www.ibm.com/support/docview.wss?uid=swg21698146>) | 2017-10-30 | 6 \n[1978425](<http://www.ibm.com/support/docview.wss?uid=swg21978425>) | [Unable to SSH in to the Securty Network Protection (XGS) with error: failed to start sshd ](<http://www.ibm.com/support/docview.wss?uid=swg21978425>) | 2018-05-01 | 7 \n[1705154](<http://www.ibm.com/support/docview.wss?uid=swg21705154>) | [IBM Security Network Protection (XGS) firmware 5.3 \"Kernel Soft Lockup\"](<http://www.ibm.com/support/docview.wss?uid=swg21705154>) | 2018-05-06 | 8 \n[1996695](<http://www.ibm.com/support/docview.wss?uid=swg21996695>) | [Error: \"Allocated user memory\" in SiteProtector for Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21996695>) | 2018-05-23 | 9 \n[1959380](<http://www.ibm.com/support/docview.wss?uid=swg21959380>) | [CVE-2002-0510 vulnerability on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21959380>) | 2017-09-04 | 10 \n[1599917](<http://www.ibm.com/support/docview.wss?uid=swg21599917>) | [Changing Time Settings Causes Gaps or Missing Data in Statistics Display](<http://www.ibm.com/support/docview.wss?uid=swg21599917>) | 2017-04-14 | 11 \n \n\\+ Performance\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1968189](<http://www.ibm.com/support/docview.wss?uid=swg21968189>) | [Security Network Protection (XGS) SensorStatistics](<http://www.ibm.com/support/docview.wss?uid=swg21968189>) | 2018-05-01 | 1 \n[1701480](<http://www.ibm.com/support/docview.wss?uid=swg21701480>) | [Network Interface Module (NIM) ports perform better than built-in gigabit ports on XGS 5100 sensors](<http://www.ibm.com/support/docview.wss?uid=swg21701480>) | 2018-05-01 | 2 \n[1959239](<http://www.ibm.com/support/docview.wss?uid=swg21959239>) | [Packet delay or loss while making changes to XGS policies](<http://www.ibm.com/support/docview.wss?uid=swg21959239>) | 2017-04-14 | 3 \n[1902773](<http://www.ibm.com/support/docview.wss?uid=swg21902773>) | [Policy migration limitations and facts to consider](<http://www.ibm.com/support/docview.wss?uid=swg21902773>) | 2018-05-01 | 4 \n[1667527](<http://www.ibm.com/support/docview.wss?uid=swg21667527>) | [Session ID Resumption and SSL decryption](<http://www.ibm.com/support/docview.wss?uid=swg21667527>) | 2018-05-01 | 5 \n[1683772](<http://www.ibm.com/support/docview.wss?uid=swg21683772>) | [Experiencing latency while using the Security Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21683772>) | 2018-05-01 | 6 \n[1903622](<http://www.ibm.com/support/docview.wss?uid=swg21903622>) | [Security Network Protection (XGS) email alerts do not include hostname or IP address of the reporting appliance](<http://www.ibm.com/support/docview.wss?uid=swg21903622>) | 2018-05-01 | 7 \n[1698814](<http://www.ibm.com/support/docview.wss?uid=swg21698814>) | [Forced speed/duplex interface settings not working with XGS Firmware 5.3](<http://www.ibm.com/support/docview.wss?uid=swg21698814>) | 2017-04-14 | 8 \n[1987354](<http://www.ibm.com/support/docview.wss?uid=swg21987354>) | [IBM QRadar Network Security (IQNS) no System Alerts seen in System Events](<http://www.ibm.com/support/docview.wss?uid=swg21987354>) | 2018-05-01 | 9 \n[1962510](<http://www.ibm.com/support/docview.wss?uid=swg21962510>) | [\"Timer expiration\" error when deploying a policy change on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21962510>) | 2017-08-24 | 10 \n[1977325](<http://www.ibm.com/support/docview.wss?uid=swg21977325>) | [Storage Limits and Allocation on the IBM Security Network Protection Appliance](<http://www.ibm.com/support/docview.wss?uid=swg21977325>) | 2017-04-14 | 11 \n[1999124](<http://www.ibm.com/support/docview.wss?uid=swg21999124>) | [Asymmetric traffic across NIMs for XGS7100 appliances](<http://www.ibm.com/support/docview.wss?uid=swg21999124>) | 2018-01-01 | 12 \n[1682809](<http://www.ibm.com/support/docview.wss?uid=swg21682809>) | [Unable to deploy policy to IBM QRadar Network Security IQNS (XGS) in SiteProtector.](<http://www.ibm.com/support/docview.wss?uid=swg21682809>) | 2018-05-01 | 13 \n[1667817](<http://www.ibm.com/support/docview.wss?uid=swg21667817>) | [Network Protection (XGS) unable to read or parse EEPROM data from selected slot](<http://www.ibm.com/support/docview.wss?uid=swg21667817>) | 2018-05-01 | 14 \n \n\\+ Protocol Analysis Module (PAM)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1498057](<http://www.ibm.com/support/docview.wss?uid=swg21498057>) | [X-Force Protocol Analysis Module (PAM) signature information](<http://www.ibm.com/support/docview.wss?uid=swg21498057>) | 2018-01-01 | 1 \n[1436125](<http://www.ibm.com/support/docview.wss?uid=swg21436125>) | [Configuring a sensor to ignore or allowlist traffic from certain IP addresses](<http://www.ibm.com/support/docview.wss?uid=swg21436125>) | 2018-05-01 | 2 \n[1973599](<http://www.ibm.com/support/docview.wss?uid=swg21973599>) | [Protection against DoS and DDoS with IBM QRadar Network Security IQNS (XGS) and Network IPS (GX) appliances](<http://www.ibm.com/support/docview.wss?uid=swg21973599>) | 2018-05-01 | 3 \n[1962049](<http://www.ibm.com/support/docview.wss?uid=swg21962049>) | [Information about the coalescer on QRadar Network Security and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21962049>) | 2017-09-26 | 4 \n[1435809](<http://www.ibm.com/support/docview.wss?uid=swg21435809>) | [Some traffic allowed despite a configured Block response on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21435809>) | 2018-05-28 | 5 \n[1987735](<http://www.ibm.com/support/docview.wss?uid=swg21987735>) | [IBM X-Force introduces version scheme change for X-Press Updates (XPU) - June 2017](<http://www.ibm.com/support/docview.wss?uid=swg21987735>) | 2017-08-24 | 6 \n[1965579](<http://www.ibm.com/support/docview.wss?uid=swg21965579>) | [Bypassing inspection on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21965579>) | 2017-10-09 | 7 \n[1986647](<http://www.ibm.com/support/docview.wss?uid=swg21986647>) | [Severity levels for IBM X-Force security signatures](<http://www.ibm.com/support/docview.wss?uid=swg21986647>) | 2018-05-28 | 8 \n[1988495](<http://www.ibm.com/support/docview.wss?uid=swg21988495>) | [Flood protection behavior on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21988495>) | 2017-09-04 | 9 \n[1437359](<http://www.ibm.com/support/docview.wss?uid=swg21437359>) | [IEEE 802.3ad (EtherChannel) support on XGS and GX sensors](<http://www.ibm.com/support/docview.wss?uid=swg21437359>) | 2017-09-11 | 10 \n[1515937](<http://www.ibm.com/support/docview.wss?uid=swg21515937>) | [Two events generated for the same signature (one as Detected and other as Blocked) on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21515937>) | 2017-09-04 | 11 \n[1643272](<http://www.ibm.com/support/docview.wss?uid=swg21643272>) | [How to determine whether there is coverage for a particular CVE](<http://www.ibm.com/support/docview.wss?uid=swg21643272>) | 2017-08-24 | 12 \n[1701441](<http://www.ibm.com/support/docview.wss?uid=swg21701441>) | [X-Force Virtual Patch Protection Levels for QRadar Network Security and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21701441>) | 2018-05-07 | 13 \n[1975854](<http://www.ibm.com/support/docview.wss?uid=swg21975854>) | [PAM reports Akamai's IP instead of the 'True-Client-IP' HTTP header](<http://www.ibm.com/support/docview.wss?uid=swg21975854>) | 2017-08-09 | 14 \n[1962594](<http://www.ibm.com/support/docview.wss?uid=swg21962594>) | [Enabling or disabling inspection of X-Forward headers on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21962594>) | 2017-10-16 | 15 \n[1976382](<http://www.ibm.com/support/docview.wss?uid=swg21976382>) | [Unable to access live.com (Hotmail/Outlook) when Outbound SSL is enabled on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21976382>) | 2018-05-01 | 16 \n[1434828](<http://www.ibm.com/support/docview.wss?uid=swg21434828>) | [False positive on IBM host or network based IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21434828>) | 2017-06-26 | 17 \n[1999450](<http://www.ibm.com/support/docview.wss?uid=swg21999450>) | [Find PAM signature by issue ID on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21999450>) | 2018-05-01 | 18 \n[1683773](<http://www.ibm.com/support/docview.wss?uid=swg21683773>) | [Multiple false positives on Java-based security events on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21683773>) | 2017-09-26 | 19 \n[1624060](<http://www.ibm.com/support/docview.wss?uid=swg21624060>) | [Ignoring vulnerability scanner traffic on the Security Network IPS and Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21624060>) | 2018-05-01 | 20 \n[1468847](<http://www.ibm.com/support/docview.wss?uid=swg21468847>) | [Event and Response Filters with port ranges do not work with TCP_Port_Scan and UDP_Port_Scan](<http://www.ibm.com/support/docview.wss?uid=swg21468847>) | 2018-05-01 | 21 \n[1436031](<http://www.ibm.com/support/docview.wss?uid=swg21436031>) | [Determing the release date and coverage information for an XPU](<http://www.ibm.com/support/docview.wss?uid=swg21436031>) | 2017-04-14 | 22 \n[1643931](<http://www.ibm.com/support/docview.wss?uid=swg21643931>) | [HTTP HEAD and PUT methods not detected (blocked)](<http://www.ibm.com/support/docview.wss?uid=swg21643931>) | 2017-04-14 | 23 \n[1692287](<http://www.ibm.com/support/docview.wss?uid=swg21692287>) | [Signature coverage for SSLv3 (Poodle) on Security Network Protection and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21692287>) | 2017-09-04 | 24 \n[1697527](<http://www.ibm.com/support/docview.wss?uid=swg21697527>) | [Error: \"FNXPM1003E...\" trons interface errors on Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21697527>) | 2017-05-13 | 25 \n[1967067](<http://www.ibm.com/support/docview.wss?uid=swg21967067>) | [Compressed file traffic inspection by QRadar Network Security and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21967067>) | 2017-10-04 | 26 \n[1968099](<http://www.ibm.com/support/docview.wss?uid=swg21968099>) | [SMTP_Command_Binary_Overflow signature can cause a large number of events on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21968099>) | 2017-10-17 | 27 \n[1976381](<http://www.ibm.com/support/docview.wss?uid=swg21976381>) | [Skype traffic not being blocked by Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21976381>) | 2018-05-01 | 28 \n[1996694](<http://www.ibm.com/support/docview.wss?uid=swg21996694>) | [Security Network Protection treatment for \"iv-remote-address\" header information](<http://www.ibm.com/support/docview.wss?uid=swg21996694>) | 2018-05-23 | 29 \n[1435997](<http://www.ibm.com/support/docview.wss?uid=swg21435997>) | [User Defined Event compiler limitations for the Protocol Analysis Module](<http://www.ibm.com/support/docview.wss?uid=swg21435997>) | 2017-04-23 | 30 \n[1626557](<http://www.ibm.com/support/docview.wss?uid=swg21626557>) | [Tuning the DNS_Bind_OPT_DOS signature on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21626557>) | 2017-04-14 | 31 \n[1883737](<http://www.ibm.com/support/docview.wss?uid=swg21883737>) | [Skype UDP traffic is not recognized by the Protocol Analysis Module on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21883737>) | 2017-05-13 | 32 \n[1966581](<http://www.ibm.com/support/docview.wss?uid=swg21966581>) | [Analysis of DECNET traffic on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21966581>) | 2017-10-23 | 33 \n[1968561](<http://www.ibm.com/support/docview.wss?uid=swg21968561>) | [Inspection of duplicate packets by QRadar Network Security sensors with different interface modes](<http://www.ibm.com/support/docview.wss?uid=swg21968561>) | 2017-10-23 | 34 \n[1983891](<http://www.ibm.com/support/docview.wss?uid=swg21983891>) | [TCP_Probe_XXXX events do not fire when TCP_Port_Scan triggers on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21983891>) | 2018-05-28 | 35 \n[1983900](<http://www.ibm.com/support/docview.wss?uid=swg21983900>) | [SNMP_Activity version detection](<http://www.ibm.com/support/docview.wss?uid=swg21983900>) | 2018-05-01 | 36 \n \n\\+ SSL Inspection\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1960119](<http://www.ibm.com/support/docview.wss?uid=swg21960119>) | [Inspecting inbound SSL traffic on an internal server](<http://www.ibm.com/support/docview.wss?uid=swg21960119>) | 2017-05-12 | 1 \n[1666241](<http://www.ibm.com/support/docview.wss?uid=swg21666241>) | [SSL traffic protection on the Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21666241>) | 2018-05-01 | 2 \n[1964212](<http://www.ibm.com/support/docview.wss?uid=swg21964212>) | [Diffie-Hellman and inbound SSL inspection on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21964212>) | 2017-04-14 | 3 \n[1666913](<http://www.ibm.com/support/docview.wss?uid=swg21666913>) | [Inbound SSL inspection on the XGS appliance when operating in HA mode](<http://www.ibm.com/support/docview.wss?uid=swg21666913>) | 2018-05-01 | 4 \n[1986092](<http://www.ibm.com/support/docview.wss?uid=swg21986092>) | [Support for TLS Extended Master Secret on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21986092>) | 2018-05-13 | 5 \n[7046102](<http://www.ibm.com/support/docview.wss?uid=swg27046102>) | [Open Mic replay: Overview of how SSL Inspection works on the XGS - 29 July 2015 [includes link to recording; presentation and speaker notes are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27046102>) | 2018-05-23 | 6 \n[1967118](<http://www.ibm.com/support/docview.wss?uid=swg21967118>) | [Security Network Protection (XGS) inbound and outbound SSL inspection session resumption](<http://www.ibm.com/support/docview.wss?uid=swg21967118>) | 2017-06-19 | 7 \n[1986091](<http://www.ibm.com/support/docview.wss?uid=swg21986091>) | [GLG license messages on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21986091>) | 2017-08-24 | 8 \n[2004900](<http://www.ibm.com/support/docview.wss?uid=swg22004900>) | [Inbound SSL analysis of SSLv2 traffic might cause inspection engine crashes on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22004900>) | 2017-12-08 | 9 \n[1650197](<http://www.ibm.com/support/docview.wss?uid=swg21650197>) | [SSL Inspection - Frequently Asked Questions](<http://www.ibm.com/support/docview.wss?uid=swg21650197>) | 2017-04-14 | 10 \n[1958051](<http://www.ibm.com/support/docview.wss?uid=swg21958051>) | [Outbound SSL use of certificates on the XGS](<http://www.ibm.com/support/docview.wss?uid=swg21958051>) | 2018-05-01 | 11 \n[1666891](<http://www.ibm.com/support/docview.wss?uid=swg21666891>) | [Network Protection (XGS) use of multiple SSL certificates](<http://www.ibm.com/support/docview.wss?uid=swg21666891>) | 2018-05-01 | 12 \n[1666909](<http://www.ibm.com/support/docview.wss?uid=swg21666909>) | [Network Protection (XGS) SSL decryption and passive monitoring mode](<http://www.ibm.com/support/docview.wss?uid=swg21666909>) | 2018-05-01 | 13 \n[1666889](<http://www.ibm.com/support/docview.wss?uid=swg21666889>) | [Network Protection (XGS): Impact of adding, deleting, and renewing SSL inspection certificates](<http://www.ibm.com/support/docview.wss?uid=swg21666889>) | 2018-05-01 | 14 \n[2008309](<http://www.ibm.com/support/docview.wss?uid=swg22008309>) | [Error: \"packet rewriting error\" on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22008309>) | 2017-12-13 | 15 \n[1903062](<http://www.ibm.com/support/docview.wss?uid=swg21903062>) | [Windows Updates fail with Outbound SSL inspection enabled on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21903062>) | 2018-05-01 | 16 \n[1700438](<http://www.ibm.com/support/docview.wss?uid=swg21700438>) | [IBM Security Network Protection Response to \u00e2\u0080\u009cThe Risks of SSL Inspection\u00e2\u0080\u009d CERT/CC Blog Post](<http://www.ibm.com/support/docview.wss?uid=swg21700438>) | 2018-05-21 | 17 \n[1972184](<http://www.ibm.com/support/docview.wss?uid=swg21972184>) | [Using domain certificate objects for Outbound SSL Inspection Policy on IBM Qradar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21972184>) | 2018-05-01 | 18 \n[1987355](<http://www.ibm.com/support/docview.wss?uid=swg21987355>) | [IBM QRadar Network Security (IQNS) 4096 bit encryption for inbound SSL inspection](<http://www.ibm.com/support/docview.wss?uid=swg21987355>) | 2018-05-01 | 19 \n[1667164](<http://www.ibm.com/support/docview.wss?uid=swg21667164>) | [Network Protection (XGS) - Creating a private key with a passphrase when generating a certificate for SSL decryption](<http://www.ibm.com/support/docview.wss?uid=swg21667164>) | 2018-05-01 | 20 \n[1903522](<http://www.ibm.com/support/docview.wss?uid=swg21903522>) | [Traffic using SPDY protocol is not analyzed by Outbound SSL inspection](<http://www.ibm.com/support/docview.wss?uid=swg21903522>) | 2017-05-08 | 21 \n[1977446](<http://www.ibm.com/support/docview.wss?uid=swg21977446>) | [Analysis daemon crash due to Outbound SSL rules on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21977446>) | 2017-04-23 | 22 \n[1666906](<http://www.ibm.com/support/docview
CVE-2016-6316
