Vulnerabilities > CVE-2004-0790 - Remote Denial Of Service vulnerability in Multiple Vendor TCP/IP Implementation ICMP

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
microsoft
sun
nessus
exploit available

Summary

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.

Exploit-Db

  • descriptionMultiple Vendor ICMP Message Handling DoS. CVE-2004-0790. Dos exploits for multiple platform
    idEDB-ID:25389
    last seen2016-02-03
    modified2005-04-12
    published2005-04-12
    reporterFernando Gont
    sourcehttps://www.exploit-db.com/download/25389/
    titleMultiple Vendor ICMP Message Handling DoS
  • descriptionMS Windows Malformed IP Options DoS Exploit (MS05-019). CVE-2004-0230,CVE-2004-0790,CVE-2004-1060,CVE-2005-0048,CVE-2005-0688. Dos exploit for windows platform
    idEDB-ID:942
    last seen2016-01-31
    modified2005-04-17
    published2005-04-17
    reporterYuri Gushin
    sourcehttps://www.exploit-db.com/download/942/
    titleMicrosoft Windows - Malformed IP Options DoS Exploit MS05-019
  • descriptionMultiple OS (win32/aix/cisco) Crafted ICMP Messages DoS Exploit. CVE-2004-0790. Dos exploits for multiple platform
    idEDB-ID:948
    last seen2016-01-31
    modified2005-04-20
    published2005-04-20
    reporterhouseofdabus
    sourcehttps://www.exploit-db.com/download/948/
    titleMultiple OS Win32/Aix/Cisco - Crafted ICMP Messages DoS Exploit

Nessus

  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL23440942.NASL
    descriptionThe vulnerability described in this article was initially fixed in earlier versions, but a regression was reintroduced in BIG-IP 12.x through13.x. For information about earlier versions, refer toK4583: Insufficient validation of ICMP error messages - VU#222750 / CVE-2004-0790(9.x - 10.x). Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the
    last seen2020-06-01
    modified2020-06-02
    plugin id100000
    published2017-05-08
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100000
    titleF5 Networks BIG-IP : Insufficient validation of ICMP error messages (K23440942)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from F5 Networks BIG-IP Solution K23440942.
    #
    # The text description of this plugin is (C) F5 Networks.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(100000);
      script_version("3.6");
      script_cvs_date("Date: 2019/05/09  9:52:02");
    
      script_cve_id("CVE-2004-0790", "CVE-2004-0791", "CVE-2004-1060", "CVE-2005-0065", "CVE-2005-0066", "CVE-2005-0067", "CVE-2005-0068");
      script_bugtraq_id(13124);
    
      script_name(english:"F5 Networks BIG-IP : Insufficient validation of ICMP error messages (K23440942)");
      script_summary(english:"Checks the BIG-IP version.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote device is missing a vendor-supplied security patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The vulnerability described in this article was initially fixed in
    earlier versions, but a regression was reintroduced in BIG-IP 12.x
    through13.x. For information about earlier versions, refer toK4583:
    Insufficient validation of ICMP error messages - VU#222750 /
    CVE-2004-0790(9.x - 10.x).
    
    Multiple TCP/IP and ICMP implementations allow remote attackers to
    cause a denial of service (reset TCP connections) via spoofed ICMP
    error messages, aka the 'blind connection-reset attack.' NOTE:
    CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based
    on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and
    CVE-2005-0068 are related identifiers that are SPLIT based on the
    underlying vulnerability. While CVE normally SPLITs based on
    vulnerability, the attack-based identifiers exist due to the variety
    and number of affected implementations and solutions that address the
    attacks instead of the underlying vulnerabilities. (CVE-2004-0790)
    
    Impact
    
    A remote attacker can interfere with the Path MTU Discovery process
    and cause a performance degradation or reset of FastL4 accelerated TCP
    connections by spoofing a specifically craftedInternet Control Message
    Protocol (ICMP) message.
    
    This vulnerability only applies to FastL4 virtual servers on BIG-IP
    platforms with the embedded Packet Velocity Acceleration (ePVA)
    chip.The ePVA chip is a hardware acceleration Field Programmable Gate
    Array (FPGA) that delivers high-performance Layer 4 (L4) IPv4
    throughput. ePVA chips are included on the following BIG-IP 
    platforms :
    
    B2100 Blade in the VIPRION C2400 or C2200 Chassis
    
    B2150 Blade in the VIPRION C2400 or C2200 Chassis
    
    B2250 Blade in the VIPRION C2400 or C2200 Chassis
    
    B4300 Blade in the VIPRION C4480 or C4800 Chassis
    
    B4340 Blade in the VIPRION C4480 or C4800 Chassis
    
    BIG-IP 12000 series
    
    BIG-IP 10000 series
    
    BIG-IP 7000 series
    
    BIG-IP 5000 series
    
    BIG-IP i5000 series
    
    BIG-IP i7000 series
    
    BIG-IP i10000 series"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://support.f5.com/csp/article/K23440942"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://support.f5.com/csp/article/K4583"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade to one of the non-vulnerable versions listed in the F5
    Solution K23440942."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_acceleration_manager");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_visibility_and_reporting");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_policy_enforcement_manager");
      script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2004/04/12");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/05/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/08");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"F5 Networks Local Security Checks");
    
      script_dependencies("f5_bigip_detect.nbin");
      script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version", "Settings/ParanoidReport");
    
      exit(0);
    }
    
    
    include("f5_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    version = get_kb_item("Host/BIG-IP/version");
    if ( ! version ) audit(AUDIT_OS_NOT, "F5 Networks BIG-IP");
    if ( isnull(get_kb_item("Host/BIG-IP/hotfix")) ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/hotfix");
    if ( ! get_kb_item("Host/BIG-IP/modules") ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/modules");
    
    sol = "K23440942";
    vmatrix = make_array();
    
    if (report_paranoia < 2) audit(AUDIT_PARANOID);
    
    # AFM
    vmatrix["AFM"] = make_array();
    vmatrix["AFM"]["affected"  ] = make_list("13.0.0","12.0.0-12.1.2");
    vmatrix["AFM"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1");
    
    # AM
    vmatrix["AM"] = make_array();
    vmatrix["AM"]["affected"  ] = make_list("13.0.0","12.0.0-12.1.2");
    vmatrix["AM"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1");
    
    # APM
    vmatrix["APM"] = make_array();
    vmatrix["APM"]["affected"  ] = make_list("13.0.0","12.0.0-12.1.2");
    vmatrix["APM"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1");
    
    # ASM
    vmatrix["ASM"] = make_array();
    vmatrix["ASM"]["affected"  ] = make_list("13.0.0","12.0.0-12.1.2");
    vmatrix["ASM"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1");
    
    # AVR
    vmatrix["AVR"] = make_array();
    vmatrix["AVR"]["affected"  ] = make_list("13.0.0","12.0.0-12.1.2");
    vmatrix["AVR"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1");
    
    # LC
    vmatrix["LC"] = make_array();
    vmatrix["LC"]["affected"  ] = make_list("13.0.0","12.0.0-12.1.2");
    vmatrix["LC"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1");
    
    # LTM
    vmatrix["LTM"] = make_array();
    vmatrix["LTM"]["affected"  ] = make_list("13.0.0","12.0.0-12.1.2");
    vmatrix["LTM"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1");
    
    # PEM
    vmatrix["PEM"] = make_array();
    vmatrix["PEM"]["affected"  ] = make_list("13.0.0","12.0.0-12.1.2");
    vmatrix["PEM"]["unaffected"] = make_list("13.0.0HF1","12.1.2HF1","11.4.0-11.6.1");
    
    
    if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
    {
      if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = bigip_get_tested_modules();
      audit_extra = "For BIG-IP module(s) " + tested + ",";
      if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
      else audit(AUDIT_HOST_NOT, "running any of the affected modules");
    }
    
  • NASL familyCISCO
    NASL idCISCO-SA-20050412-ICMP.NASL
    descriptionA document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled
    last seen2020-06-01
    modified2020-06-02
    plugin id48985
    published2010-09-01
    reporterThis script is (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/48985
    titleCrafted ICMP Messages Can Cause Denial of Service - Cisco Systems
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # Security advisory is (C) CISCO, Inc.
    # See https://www.cisco.com/en/US/products/products_security_advisory09186a0080436587.shtml
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
     script_id(48985);
     script_version("1.16");
     script_cve_id(
      "CVE-2004-0790",
      "CVE-2004-0791",
      "CVE-2004-1060",
      "CVE-2005-0065",
      "CVE-2005-0066",
      "CVE-2005-0067",
      "CVE-2005-0068"
     );
     script_bugtraq_id(13124);
     script_xref(name:"CERT", value:"222750");
     script_xref(name:"CISCO-BUG-ID", value:"CSCed78149");
     script_xref(name:"CISCO-BUG-ID", value:"CSCef43691");
     script_xref(name:"CISCO-BUG-ID", value:"CSCef44699");
     script_xref(name:"CISCO-BUG-ID", value:"CSCef45332");
     script_xref(name:"CISCO-BUG-ID", value:"CSCef46728");
     script_xref(name:"CISCO-BUG-ID", value:"CSCef54204");
     script_xref(name:"CISCO-BUG-ID", value:"CSCef54206");
     script_xref(name:"CISCO-BUG-ID", value:"CSCef54947");
     script_xref(name:"CISCO-BUG-ID", value:"CSCef57566");
     script_xref(name:"CISCO-BUG-ID", value:"CSCef60659");
     script_xref(name:"CISCO-BUG-ID", value:"CSCef61610");
     script_xref(name:"CISCO-BUG-ID", value:"CSCeh04183");
     script_xref(name:"CISCO-BUG-ID", value:"CSCeh20083");
     script_xref(name:"CISCO-BUG-ID", value:"CSCeh45454");
     script_xref(name:"CISCO-BUG-ID", value:"CSCeh59823");
     script_xref(name:"CISCO-BUG-ID", value:"CSCeh62307");
     script_xref(name:"CISCO-BUG-ID", value:"CSCeh63449");
     script_xref(name:"CISCO-BUG-ID", value:"CSCeh65337");
     script_xref(name:"CISCO-BUG-ID", value:"CSCsa52807");
     script_xref(name:"CISCO-BUG-ID", value:"CSCsa59600");
     script_xref(name:"CISCO-BUG-ID", value:"CSCsa60692");
     script_xref(name:"CISCO-BUG-ID", value:"CSCsa61864");
     script_xref(name:"CISCO-SA", value:"cisco-sa-20050412-icmp");
    
     script_name(english:"Crafted ICMP Messages Can Cause Denial of Service - Cisco Systems");
     script_set_attribute(attribute:"synopsis", value:
    "The remote device is missing a vendor-supplied security patch" );
     script_set_attribute(attribute:"description", value:
    'A document that describes how the Internet Control Message Protocol
    (ICMP) could be used to perform a number of Denial of Service (DoS)
    attacks against the Transmission Control Protocol (TCP) has been made
    publicly available. This document has been published through the
    Internet Engineering Task Force (IETF) Internet Draft process, and is
    entitled "ICMP Attacks Against TCP"
    (draft-gont-tcpm-icmp-attacks-03.txt ).
    These attacks, which only affect sessions terminating or originating on
    a device itself, can be of three types:
    Successful attacks may cause connection resets or reduction of
    throughput in existing connections, depending on the attack type.
    Multiple Cisco products are affected by the attacks described in this
    Internet draft.
    Cisco has made free software available to address these
    vulnerabilities. In some cases there are workarounds available to
    mitigate the effects of the vulnerability.
    ');
     script_set_attribute(attribute:"see_also", value: "https://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html");
     # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20050412-icmp
     script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?1ba12045");
     # https://www.cisco.com/en/US/products/products_security_advisory09186a0080436587.shtml
     script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?8b803ffb");
     script_set_attribute(attribute:"solution", value:
    "Apply the relevant patch referenced in Cisco Security Advisory
    cisco-sa-20050412-icmp."
     );
     script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
     script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
     script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
     script_set_attribute(attribute:"exploit_available", value:"true");
     script_set_attribute(attribute:"plugin_type", value: "local");
     script_set_attribute(attribute:"cpe", value: "cpe:/o:cisco:ios");
     script_set_attribute(attribute:"vuln_publication_date", value: "2005/04/12");
     script_set_attribute(attribute:"patch_publication_date", value: "2005/04/12");
     script_set_attribute(attribute:"plugin_publication_date", value: "2010/09/01");
     script_cvs_date("Date: 2018/11/15 20:50:20");
    
     script_end_attributes();
     script_summary(english:"Uses SNMP to determine if a flaw is present");
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is (C) 2010-2018 Tenable Network Security, Inc.");
     script_family(english:"CISCO");
     script_dependencie("cisco_ios_version.nasl");
     script_require_keys("Host/Cisco/IOS/Version");
     exit(0);
    }
    include("cisco_func.inc");
    
    #
    
    version = get_kb_item_or_exit("Host/Cisco/IOS/Version");
    
    # Affected: 12.0
    if (check_release(version: version,
                      patched: make_list("12.0(28c)") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0DA")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(12)DA8 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0DB")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0DC")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0);
    }
    # Affected: 12.0S
    if (check_release(version: version,
                      patched: make_list("12.0(27)S5", "12.0(28)S3", "12.0(30)S1", "12.0(31)S"))) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0SC")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0SL")) {
     security_warning(port:0, extra: '\nUpdate to 12.0(31)S or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0SP")) {
     security_warning(port:0, extra: '\nUpdate to 12.0(31)S or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0ST")) {
     security_warning(port:0, extra: '\nUpdate to 12.0(31)S or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0SX")) {
     security_warning(port:0, extra: '\nNo fixes are planned for 12.0SX releases. Upgrade to a supported release\n'); exit(0);
    }
    if (deprecated_version(version, "12.0SZ")) {
     security_warning(port:0, extra: '\nUpdate to 12.0(31)S or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0T")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    # Affected: 12.0W5
    if ("W5" >< version &&
        check_release(version: version,
                      patched: make_list("12.0(25)W5(27c)", "12.0(28)W5(31a)") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    # Affected: 12.0WC
    if (check_release(version: version,
                      patched: make_list("12.0(5)WC12") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XA")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XB")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XC")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XD")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XE")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(26)E1 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XF")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XG")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XH")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XI")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XJ")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XK")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XL")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XM")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XN")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XQ")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XR")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XS")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(26)E1 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.0XV")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(27) or later\n'); exit(0);
    }
    # Affected: 12.1
    if (check_release(version: version,
                      patched: make_list("12.1(27)"))) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1AA")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1AX")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(25)EY or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1AZ")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(22)EA4 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1DA")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(12)DA8 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1DB")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1DC")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0);
    }
    # Affected: 12.1E
    if (check_release(version: version,
                      patched: make_list("12.1(22)E6", "12.1(23)E3", "12.1(26)E1") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    # Affected: 12.1EA
    if (check_release(version: version,
                      patched: make_list("12.1(22)EA4") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1EB")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.1EB releases. Upgrade to a supported release\n'); exit(0);
    }
    if (deprecated_version(version, "12.1EC")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0);
    }
    # Affected: 12.1EO
    if (check_release(version: version,
                      patched: make_list("12.1(19)EO4") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1EU")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(20)EU or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1EV")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.1EV releases. Upgrade to a supported release\n'); exit(0);
    }
    if (deprecated_version(version, "12.1EW")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(18)EW3 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1EX")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(26)E1 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1EY")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(26)E1 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1T")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XA")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XB")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XC")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XD")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XE")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(26)E1 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XF")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XG")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XH")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XI")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(28) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XJ")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XL")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XM")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XP")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XQ")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XR")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XT")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XU")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1XV")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1YA")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1YB")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1YC")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1YD")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1YE")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1YF")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1YH")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1YI")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.1YJ")) {
     security_warning(port:0, extra: '\nUpdate to 12.1(22)EA4 or later\n'); exit(0);
    }
    # Affected: 12.2
    if (check_release(version: version,
                      patched: make_list("12.2(28)"))) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2B")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    # Affected: 12.2BC
    if (check_release(version: version,
                      patched: make_list("12.2(15)BC2f") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2BW")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2BY")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2BZ")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(7)XI5 or later\n'); exit(0);
    }
    # Affected: 12.2CX
    if (deprecated_version(version, "12.2CX")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0);
    }
    # Affected: 12.2CY
    if (deprecated_version(version, "12.2CY")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2CZ")) {
     security_warning(port:0, extra: '\nNo fix is planned for 12.2CZ releases. Upgrade to a supported release\n'); exit(0);
    }
    # Affected: 12.2DA
    if (check_release(version: version,
                      patched: make_list("12.2(12)DA8") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2DD")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2DX")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    # Affected: 12.2EU
    if (check_release(version: version,
                      patched: make_list("12.2(20)EU"))) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    # Affected: 12.2EW
    if (check_release(version: version,
                      patched: make_list("12.2(18)EW3") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    # Affected: 12.2EWA
    if (check_release(version: version,
                      patched: make_list("12.2(25)EWA") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2EX")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(25)SEB or later\n'); exit(0);
    }
    # Affected: 12.2EY
    if (check_release(version: version,
                      patched: make_list("12.2(25)EY") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2JA")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(4)JA or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2JK")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.2JK releases. Upgrade to a supported release\n'); exit(0);
    }
    if (deprecated_version(version, "12.2MB")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.2MB releases. Upgrade to a supported release\n'); exit(0);
    }
    if (deprecated_version(version, "12.2MC")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    # Affected: 12.2S
    if (check_release(version: version,
                      patched: make_list("12.2(14)S13", "12.2(18)S8", "12.2(20)S7", "12.2(25)S3") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    # Affected: 12.2SE
    if (check_release(version: version,
                      patched: make_list("12.2(25)SEB"))) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    # Affected: 12.2SO
    if (check_release(version: version,
                      patched: make_list("12.2(18)SO1") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2SU")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.2SU releases. Upgrade to a supported release\n'); exit(0);
    }
    if (deprecated_version(version, "12.2SV")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(25)S3 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2SW")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.2SU releases. Upgrade to a supported release\n'); exit(0);
    }
    if (deprecated_version(version, "12.2SX")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(17d)SXB7 or later\n'); exit(0);
    }
    # Affected: 12.2SXA and 12.2SXB
    if (("SXA" >< version || "SXB" >< version) &&
        check_release(version: version,
                      patched: make_list("12.2(17d)SXB7") )) {
     security_warning(port:0, extra: '\nUpdate to 12.2(17d)SXB7 or later\n'); exit(0);
    }
    # Affected: 12.2SXD
    if ("SXD" >< version &&
        check_release(version: version,
                      patched: make_list("12.2(18)SXD4") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2SY")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(17d)SXB7 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2SZ")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(20)S7 or later\n'); exit(0);
    }
    # Affected: 12.2T
    if (check_release(version: version,
                      patched: make_list("12.2(15)T15") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XA")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XB")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XC")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XD")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XE")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XF")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(15)BC2f or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XG")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XH")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XI")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XJ")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XK")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XL")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XM")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XN")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XQ")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XR")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(4)JA or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XT")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XU")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2XW")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    # Affected: 12.2YA
    if (check_release(version: version,
                      patched: make_list("12.2(4)YA9") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YB")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YC")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YD")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YE")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(25)S3 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YF")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YG")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YH")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YJ")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YK")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YL")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YM")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YN")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YO")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(17d)SXB7 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YQ")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YR")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YT")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YU")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YV")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YW")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YX")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.2YX releases. Upgrade to a supported release\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YY")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2YZ")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(20)S7 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2ZA")) {
     security_warning(port:0, extra: '\nUpdate to 12.2(17d)SXB7 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2ZB")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2ZC")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2ZD")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2ZE")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(13) or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2ZF")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2ZG")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    # Affected: 12.2ZH
    if (check_release(version: version,
                      patched: make_list("12.2(13)ZH6") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2ZJ")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2ZK")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    # Affected: 12.2ZL
    if (check_release(version: version,
                      patched: make_list("12.2(15)ZL2") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2ZN")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.2ZP")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.2ZP releases. Upgrade to a supported release\n'); exit(0);
    }
    # Affected: 12.3
    if (check_release(version: version,
                      patched: make_list("12.3(3h)", "12.3(5e)", "12.3(6e)", "12.3(9d)", "12.3(10c)", "12.3(12b)", "12.3(13a)", "12.3(13)"))) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3B")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    # Affected: 12.3BC
    if (check_release(version: version,
                      patched: make_list("12.3(9a)BC2") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3BW")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(7)T8 or later\n'); exit(0);
    }
    # Affected: 12.3JA
    if (check_release(version: version,
                      patched: make_list("12.3(4)JA"))) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    # Affected: 12.3T
    if (check_release(version: version,
                      patched: make_list("12.3(7)T8", "12.3(8)T7", "12.3(11)T4", "12.3(14)T"))) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XA")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XB")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    # Affected: 12.3XC
    if (check_release(version: version,
                      patched: make_list("12.3(2)XC3") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XD")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XE")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XF")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XG")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.3XG releases. Upgrade to a supported release\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XH")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    # Affected: 12.3XI
    if (check_release(version: version,
                      patched: make_list("12.3(7)XI3") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XJ")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.3XJ releases. Upgrade to a supported release\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XK")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XL")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XM")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XQ")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XR")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XS")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XT")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(4)JA or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XU")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.3XU releases. Upgrade to a supported release\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XW")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(11)YF2 or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3XX")) {
     security_warning(port:0, extra: '\nUpdate to 12.3(14)T or later\n'); exit(0);
    }
    # Affected: 12.3XY
    if (check_release(version: version,
                      patched: make_list("12.3(8)XY4") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3YA")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.3YA releases. Upgrade to a supported release\n'); exit(0);
    }
    if (deprecated_version(version, "12.3YD")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.3YD releases. Upgrade to a supported release\n'); exit(0);
    }
    # Affected: 12.3YF
    if (check_release(version: version,
                      patched: make_list("12.3(11)YF2") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    # Affected: 12.3YG
    if (check_release(version: version,
                      patched: make_list("12.3(8)YG1") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3YH")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.3YH releases. Upgrade to a supported release\n'); exit(0);
    }
    # Affected: 12.3YI
    if (check_release(version: version,
                      patched: make_list("12.3(8)YI"))) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    if (deprecated_version(version, "12.3YJ")) {
     security_warning(port:0, extra: '\nNo fixes are available for 12.3YJ releases. Upgrade to a supported release\n'); exit(0);
    }
    # Affected: 12.3YK
    if (check_release(version: version,
                      patched: make_list("12.3(11)YK"))) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    # Affected: TCPv6
    if (check_release(version: version,
                      patched: make_list("12.3(11)YK") )) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    # Affected: 12.3YN
    if (check_release(version: version,
                      patched: make_list("12.3(11)YN"))) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    # Affected: 12.3YQ
    if (check_release(version: version,
                      patched: make_list("12.3(14)YQ"))) {
     security_warning(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
    }
    
    exit(0, "The remote host is not affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_117470.NASL
    descriptionSunOS 5.9_x86: tcp Patch. Date this patch was last updated by Sun : Jul/09/07
    last seen2016-09-26
    modified2011-09-18
    plugin id18079
    published2005-04-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=18079
    titleSolaris 9 (x86) : 117470-09
    code
    #%NASL_MIN_LEVEL 999999
    
    # @DEPRECATED@
    #
    # This script has been deprecated as the associated patch is not
    # currently a recommended security fix.
    #
    # Disabled on 2011/09/17.
    
    #
    # (C) Tenable Network Security, Inc.
    #
    #
    
    if ( ! defined_func("bn_random") ) exit(0);
    include("compat.inc");
    
    if(description)
    {
     script_id(18079);
     script_version("1.30");
    
     script_name(english: "Solaris 9 (x86) : 117470-09");
     script_cve_id("CVE-2004-0790", "CVE-2004-0791", "CVE-2006-3920");
     script_set_attribute(attribute: "synopsis", value:
    "The remote host is missing Sun Security Patch number 117470-09");
     script_set_attribute(attribute: "description", value:
    'SunOS 5.9_x86: tcp Patch.
    Date this patch was last updated by Sun : Jul/09/07');
     script_set_attribute(attribute: "solution", value:
    "You should install this patch for your system to be up-to-date.");
     script_set_attribute(attribute: "see_also", value:
    "https://getupdates.oracle.com/readme/117470-09");
     script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
     script_set_attribute(attribute:"plugin_publication_date", value: "2005/04/17");
     script_cvs_date("Date: 2018/08/13 14:32:38");
     script_set_attribute(attribute:"vuln_publication_date", value: "2005/09/07");
     script_end_attributes();
    
     script_summary(english: "Check for patch 117470-09");
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
     family["english"] = "Solaris Local Security Checks";
     script_family(english:family["english"]);
     
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/Solaris/showrev");
     exit(0);
    }
    
    
    
    # Deprecated.
    exit(0, "The associated patch is not currently a recommended security fix.");
    
    include("solaris.inc");
    
    e +=  solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"117470-09", obsoleted_by:"119435-20 ", package:"SUNWcsr", version:"11.9.0,REV=2002.11.04.02.51");
    e +=  solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"117470-09", obsoleted_by:"119435-20 ", package:"SUNWcsu", version:"11.9.0,REV=2002.11.04.02.51");
    e +=  solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"117470-09", obsoleted_by:"119435-20 ", package:"SUNWhea", version:"11.9.0,REV=2002.11.04.02.51");
    if ( e < 0 ) { 
    	if ( NASL_LEVEL < 3000 ) 
    	   security_warning(0);
    	else  
    	   security_warning(port:0, extra:solaris_get_report());
    	exit(0); 
    } 
    exit(0, "Host is not affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_25644.NASL
    descriptions700_800 11.11 cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884) - An HP-UX 11.11 machine with TRANSPORT patches PHNE_24211, PHNE_24506, PHNE_25134, or PHNE_25642 may be exposed to a denial of service through the malicious use of the
    last seen2020-06-01
    modified2020-06-02
    plugin id16508
    published2005-02-16
    reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/16508
    titleHP-UX PHNE_25644 : s700_800 11.11 cumulative ARPA Transport patch
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHNE_25644. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(16508);
      script_version("1.25");
      script_cvs_date("Date: 2018/07/12 19:01:15");
    
      script_cve_id("CVE-2001-0328", "CVE-2004-0790", "CVE-2004-0791", "CVE-2004-1060");
      script_bugtraq_id(13124);
      script_xref(name:"CERT-CC", value:"2001-09");
      script_xref(name:"CERT", value:"532967");
      script_xref(name:"HP", value:"emr_na-c00576017");
      script_xref(name:"HP", value:"emr_na-c00994439");
      script_xref(name:"HP", value:"emr_na-c01336000");
      script_xref(name:"HP", value:"HPSBUX00192");
      script_xref(name:"HP", value:"HPSBUX00205");
      script_xref(name:"HP", value:"HPSBUX01164");
      script_xref(name:"HP", value:"SSRT071390");
      script_xref(name:"HP", value:"SSRT080009");
      script_xref(name:"HP", value:"SSRT4884");
    
      script_name(english:"HP-UX PHNE_25644 : s700_800 11.11 cumulative ARPA Transport patch");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.11 cumulative ARPA Transport patch : 
    
    The remote HP-UX host is affected by multiple vulnerabilities :
    
      - A potential security vulnerability has been identified
        with HP-UX running TCP/IP. This vulnerability could be
        remotely exploited by an unauthorized user to cause a
        Denial of Service(DoS). References: NISCC VU#532967,
        CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
        (HPSBUX01164 SSRT4884)
    
      - An HP-UX 11.11 machine with TRANSPORT patches
        PHNE_24211, PHNE_24506, PHNE_25134, or PHNE_25642 may be
        exposed to a denial of service through the malicious use
        of the 'ndd' command. (HPSBUX00192 SSRT071390)
    
      - TCP Initial Sequence Number (ISN) randomization
        specified in RFC 1948 is available for HP-UX.
        References: CVE-2001-0328, CERT CA-2001-09. (HPSBUX00205
        SSRT080009)"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00994439
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?b75e5227"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01336000
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?47614ae6"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00576017
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3a3e8ad7"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHNE_25644 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2002/04/26");
      script_set_attribute(attribute:"patch_modification_date", value:"2006/01/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/16");
      script_set_attribute(attribute:"vuln_publication_date", value:"2005/04/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.11"))
    {
      exit(0, "The host is not affected since PHNE_25644 applies to a different OS release.");
    }
    
    patches = make_list("PHNE_25644", "PHNE_27063", "PHNE_28089", "PHNE_28895", "PHNE_29887", "PHNE_31247", "PHNE_33159", "PHNE_33628", "PHNE_34135", "PHNE_34672", "PHNE_35183", "PHNE_35351", "PHNE_36125", "PHNE_37671", "PHNE_37898", "PHNE_38678", "PHNE_39386", "PHNE_42029");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"Networking.NET-KRN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"Networking.NET-PRG", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"Networking.NET-RUN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"Networking.NET-RUN-64", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"Networking.NET2-KRN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"Networking.NMS2-KRN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"Networking.NW-ENG-A-MAN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"OS-Core.CORE-KRN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"OS-Core.CORE2-KRN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"OS-Core.SYS-ADMIN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"ProgSupport.C-INC", version:"B.11.11")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_32606.NASL
    descriptions700_800 11.23 cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884) - A potential security vulnerability has been identified with HP-UX running TCP/IP (IPv4). This vulnerability could be remotely exploited to cause a Denial of Service (DoS). (HPSBUX01137 SSRT5954)
    last seen2020-06-01
    modified2020-06-02
    plugin id19362
    published2005-08-01
    reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/19362
    titleHP-UX PHNE_32606 : s700_800 11.23 cumulative ARPA Transport patch
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHNE_32606. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(19362);
      script_version("1.27");
      script_cvs_date("Date: 2018/07/12 19:01:15");
    
      script_cve_id("CVE-2004-0790", "CVE-2004-0791", "CVE-2004-1060", "CVE-2005-1192");
      script_bugtraq_id(13124);
      script_xref(name:"CERT", value:"532967");
      script_xref(name:"HP", value:"emr_na-c00571568");
      script_xref(name:"HP", value:"emr_na-c00576017");
      script_xref(name:"HP", value:"HPSBUX01137");
      script_xref(name:"HP", value:"HPSBUX01164");
      script_xref(name:"HP", value:"SSRT4884");
      script_xref(name:"HP", value:"SSRT5954");
    
      script_name(english:"HP-UX PHNE_32606 : s700_800 11.23 cumulative ARPA Transport patch");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.23 cumulative ARPA Transport patch : 
    
    The remote HP-UX host is affected by multiple vulnerabilities :
    
      - A potential security vulnerability has been identified
        with HP-UX running TCP/IP. This vulnerability could be
        remotely exploited by an unauthorized user to cause a
        Denial of Service(DoS). References: NISCC VU#532967,
        CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
        (HPSBUX01164 SSRT4884)
    
      - A potential security vulnerability has been identified
        with HP-UX running TCP/IP (IPv4). This vulnerability
        could be remotely exploited to cause a Denial of Service
        (DoS). (HPSBUX01137 SSRT5954)"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00571568
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?9aacfc53"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00576017
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3a3e8ad7"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHNE_32606 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2005/06/30");
      script_set_attribute(attribute:"patch_modification_date", value:"2006/01/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/08/01");
      script_set_attribute(attribute:"vuln_publication_date", value:"2005/04/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.23"))
    {
      exit(0, "The host is not affected since PHNE_32606 applies to a different OS release.");
    }
    
    patches = make_list("PHNE_32606", "PHNE_33798", "PHNE_34671", "PHNE_35182", "PHNE_35765", "PHNE_35766", "PHNE_37395", "PHNE_37670", "PHNE_37897", "PHNE_38679", "PHNE_39387", "PHNE_41436", "PHNE_42094", "PHNE_43215");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"Networking.NET-PRG", version:"B.11.23")) flag++;
    if (hpux_check_patch(app:"Networking.NET-RUN", version:"B.11.23")) flag++;
    if (hpux_check_patch(app:"Networking.NET2-KRN", version:"B.11.23")) flag++;
    if (hpux_check_patch(app:"Networking.NET2-RUN", version:"B.11.23")) flag++;
    if (hpux_check_patch(app:"Networking.NMS2-KRN", version:"B.11.23")) flag++;
    if (hpux_check_patch(app:"Networking.NW-ENG-A-MAN", version:"B.11.23")) flag++;
    if (hpux_check_patch(app:"OS-Core.CORE2-KRN", version:"B.11.23")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyWindows
    NASL idSMB_KB893066.NASL
    descriptionThe remote host runs a version of Windows that has a flaw in its TCP/IP stack. The flaw may allow an attacker to execute arbitrary code with SYSTEM privileges on the remote host or to perform a denial of service attack against the remote host. Proof of concept code is available to perform a denial of service attack against a vulnerable system.
    last seen2020-06-01
    modified2020-06-02
    plugin id18028
    published2005-04-12
    reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18028
    titleMS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution (893066) (uncredentialed check)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
     script_id(18028);
     script_version("1.37");
     script_cvs_date("Date: 2018/11/15 20:50:28");
    
     script_cve_id("CVE-2005-0048", "CVE-2004-0790", "CVE-2004-1060", "CVE-2004-0230", "CVE-2005-0688");
     script_bugtraq_id(13124, 13116);
     script_xref(name:"MSFT", value:"MS05-019");
     script_xref(name:"MSKB", value:"893066");
    
     script_name(english:"MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution (893066) (uncredentialed check)");
     script_summary(english:"Checks for hotfix KB893066");
    
     script_set_attribute(attribute:"synopsis", value:
    "Arbitrary code can be executed on the remote host due to a flaw in the
    TCP/IP stack.");
     script_set_attribute(attribute:"description", value:
    "The remote host runs a version of Windows that has a flaw in its
    TCP/IP stack.
    
    The flaw may allow an attacker to execute arbitrary code with SYSTEM
    privileges on the remote host or to perform a denial of service attack
    against the remote host.
    
    Proof of concept code is available to perform a denial of service
    attack against a vulnerable system.");
     script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2005/ms05-019");
     script_set_attribute(attribute:"solution", value:"Microsoft has released a set of patches for Windows 2000, XP and 2003.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
     script_set_attribute(attribute:"vuln_publication_date", value:"2004/04/20");
     script_set_attribute(attribute:"plugin_publication_date", value:"2005/04/12");
    
     script_set_attribute(attribute:"potential_vulnerability", value:"true");
     script_set_attribute(attribute:"plugin_type", value:"remote");
     script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
     script_end_attributes();
    
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
     script_family(english:"Windows");
    
     script_dependencies("tcp_seq_window.nasl", "os_fingerprint.nasl");
     script_require_keys("TCP/seq_window_flaw", "Host/OS", "Settings/ParanoidReport");
     exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    
    if (report_paranoia < 2) audit(AUDIT_PARANOID);
    
    os = get_kb_item_or_exit("Host/OS") ;
    
    conf = get_kb_item_or_exit("Host/OS/Confidence");
    if (conf <= 70) exit(1, "Can't determine the host's OS with sufficient confidence.");
    
    if ("Windows" >!< os) exit(0, "The host is not running Windows.");
    if ("Windows 4.0" >< os) exit(0, "Windows NT is not reported to be affected.");
    if ("Windows Server 2003 Service Pack" >< os) exit(0, "Windows 2003 SP1 and later are not reported to be affected.");
    
    if (ereg(pattern:"Windows (95|98|ME|XP|Server 2003)", string:os))
    {
      if (get_kb_item("TCP/seq_window_flaw"))
      {
       security_hole(port:get_kb_item("SMB/transport"));
       exit(0);
      }
      else exit(0, "The host is not affected.");
    }
    else exit(0, "The host is not running one of the versions of Windows reportedly affected.");
    
  • NASL familyWindows : Microsoft Bulletins
    NASL idSMB_NT_MS05-019.NASL
    descriptionThe remote host runs a version of Windows that has a flaw in its TCP/IP stack. The flaw could allow an attacker to execute arbitrary code with SYSTEM privileges on the remote host, or to perform a denial of service attack against the remote host. Proof of concept code is available to perform a Denial of Service against a vulnerable system.
    last seen2020-06-01
    modified2020-06-02
    plugin id18023
    published2005-04-12
    reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18023
    titleMS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution (893066)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
     script_id(18023);
     script_version("1.43");
     script_cvs_date("Date: 2018/11/15 20:50:29");
    
     script_cve_id(
      "CVE-2004-0230",
      "CVE-2004-0790",
      "CVE-2004-1060",
      "CVE-2005-0048",
      "CVE-2005-0065",
      "CVE-2005-0066",
      "CVE-2005-0067",
      "CVE-2005-0068",
      "CVE-2005-0688"
     );
     script_bugtraq_id(13116, 13124, 13658);
     script_xref(name:"MSFT", value:"MS05-019");
     script_xref(name:"CERT", value:"222750");
     script_xref(name:"CERT", value:"233754");
     script_xref(name:"CERT", value:"396645");
     script_xref(name:"CERT", value:"415294");
     script_xref(name:"EDB-ID", value:"276");
     script_xref(name:"EDB-ID", value:"291");
     script_xref(name:"EDB-ID", value:"861");
     script_xref(name:"EDB-ID", value:"948");
     script_xref(name:"EDB-ID", value:"24030");
     script_xref(name:"EDB-ID", value:"24031");
     script_xref(name:"EDB-ID", value:"24032");
     script_xref(name:"EDB-ID", value:"24033");
     script_xref(name:"EDB-ID", value:"25383");
     script_xref(name:"EDB-ID", value:"25388");
     script_xref(name:"EDB-ID", value:"25389");
     script_xref(name:"MSKB", value:"893066");
    
     script_name(english:"MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution (893066)");
     script_summary(english:"Checks the remote registry for 893066");
    
     script_set_attribute(attribute:"synopsis", value:
    "Arbitrary code can be executed on the remote host due to a flaw in the
    TCP/IP stack.");
     script_set_attribute(attribute:"description", value:
    "The remote host runs a version of Windows that has a flaw in its TCP/IP
    stack.
    
    The flaw could allow an attacker to execute arbitrary code with SYSTEM
    privileges on the remote host, or to perform a denial of service attack
    against the remote host.
    
    Proof of concept code is available to perform a Denial of Service
    against a vulnerable system.");
     script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2005/ms05-019");
     script_set_attribute(attribute:"solution", value:
    "Microsoft has released a set of patches for Windows 2000, XP and
    2003.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
     script_set_attribute(attribute:"vuln_publication_date", value:"2005/03/05");
     script_set_attribute(attribute:"patch_publication_date", value:"2005/04/12");
     script_set_attribute(attribute:"plugin_publication_date", value:"2005/04/12");
    
     script_set_attribute(attribute:"plugin_type", value:"local");
     script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
     script_end_attributes();
    
     script_category(ACT_GATHER_INFO);
    
     script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
     script_family(english:"Windows : Microsoft Bulletins");
    
     script_dependencies("smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
     script_require_keys("SMB/MS_Bulletin_Checks/Possible");
     script_require_ports(139, 445, 'Host/patch_management_checks');
     exit(0);
    }
    
    include("audit.inc");
    include("smb_hotfixes_fcheck.inc");
    include("smb_hotfixes.inc");
    include("smb_func.inc");
    include("misc_func.inc");
    
    get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible");
    
    bulletin = 'MS05-019';
    kb = '893066';
    
    kbs = make_list(kb);
    if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);
    
    get_kb_item_or_exit("SMB/Registry/Enumerated");
    get_kb_item_or_exit("SMB/WindowsVersion", exit_code:1);
    
    if (hotfix_check_sp_range(win2k:'3,4', xp:'1,2', win2003:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);
    
    rootfile = hotfix_get_systemroot();
    if (!rootfile) exit(1, "Failed to get the system root.");
    
    share = hotfix_path2share(path:rootfile);
    if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);
    
    if (
      hotfix_is_vulnerable(os:"5.2", sp:0, file:"Tcpip.sys", version:"5.2.3790.336", dir:"\system32\drivers", bulletin:bulletin, kb:kb) ||
      hotfix_is_vulnerable(os:"5.1", sp:1, file:"Tcpip.sys", version:"5.1.2600.1693", dir:"\system32\drivers", bulletin:bulletin, kb:kb) ||
      hotfix_is_vulnerable(os:"5.1", sp:2, file:"Tcpip.sys", version:"5.1.2600.2685", dir:"\system32\drivers", bulletin:bulletin, kb:kb) ||
      hotfix_is_vulnerable(os:"5.0", file:"Tcpip.sys", version:"5.0.2195.7049", dir:"\system32\drivers", bulletin:bulletin, kb:kb)
    )
    {
      set_kb_item(name:"SMB/Missing/"+bulletin, value:TRUE);
      hotfix_security_hole();
      hotfix_check_fversion_end();
      exit(0);
    }
    else
    {
      hotfix_check_fversion_end();
      audit(AUDIT_HOST_NOT, 'affected');
    }
    
  • NASL familyWindows : Microsoft Bulletins
    NASL idSMB_NT_MS06-064.NASL
    descriptionThe remote host runs a version of Windows that has a flaw in its TCP/IP IPv6 stack. The flaw could allow an attacker to perform a denial of service attack against the remote host. To exploit this vulnerability, an attacker needs to send a specially crafted ICMP or TCP packet to the remote host.
    last seen2020-06-01
    modified2020-06-02
    plugin id22537
    published2006-10-10
    reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22537
    titleMS06-064: Vulnerability in TCP/IP IPv6 Could Allow Denial of Service (922819)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
     script_id(22537);
     script_version("1.31");
     script_cvs_date("Date: 2018/11/15 20:50:30");
    
     script_cve_id("CVE-2004-0790","CVE-2004-0230","CVE-2005-0688");
     script_bugtraq_id(13124, 13658);
     script_xref(name:"CERT", value:"415294");
     script_xref(name:"CERT", value:"222750");
     script_xref(name:"CERT", value:"396645");
     script_xref(name:"MSFT", value:"MS06-064");
     script_xref(name:"MSKB", value:"922819");
    
     script_name(english:"MS06-064: Vulnerability in TCP/IP IPv6 Could Allow Denial of Service (922819)");
     script_summary(english:"Checks the remote registry for 922819");
    
     script_set_attribute(attribute:"synopsis", value:
    "It is possible to crash the remote host due to a flaw in the TCP/IP
    IPv6 stack.");
     script_set_attribute(attribute:"description", value:
    "The remote host runs a version of Windows that has a flaw in its
    TCP/IP IPv6 stack.
    
    The flaw could allow an attacker to perform a denial of service attack
    against the remote host.
    
    To exploit this vulnerability, an attacker needs to send a specially
    crafted ICMP or TCP packet to the remote host.");
     script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2006/ms06-064");
     script_set_attribute(attribute:"solution", value:"Microsoft has released a set of patches for Windows XP and 2003.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
     script_set_attribute(attribute:"vuln_publication_date", value:"2003/12/22");
     script_set_attribute(attribute:"patch_publication_date", value:"2006/10/10");
     script_set_attribute(attribute:"plugin_publication_date", value:"2006/10/10");
    
     script_set_attribute(attribute:"plugin_type", value:"local");
     script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
     script_end_attributes();
    
     script_category(ACT_GATHER_INFO);
    
     script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
     script_family(english:"Windows : Microsoft Bulletins");
    
     script_dependencies("smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
     script_require_keys("SMB/MS_Bulletin_Checks/Possible");
     script_require_ports(139, 445, 'Host/patch_management_checks');
     exit(0);
    }
    
    include("audit.inc");
    include("smb_hotfixes_fcheck.inc");
    include("smb_hotfixes.inc");
    include("smb_func.inc");
    include("misc_func.inc");
    
    get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible");
    
    bulletin = 'MS06-064';
    kb = '922819';
    
    kbs = make_list(kb);
    if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);
    
    get_kb_item_or_exit("SMB/Registry/Enumerated");
    get_kb_item_or_exit("SMB/WindowsVersion", exit_code:1);
    
    if (hotfix_check_sp_range(xp:'1,2', win2003:'0,1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);
    
    rootfile = hotfix_get_systemroot();
    if (!rootfile) exit(1, "Failed to get the system root.");
    
    share = hotfix_path2share(path:rootfile);
    if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);
    
    if ( hotfix_is_vulnerable(os:"5.2", sp:0, file:"Tcpip6.sys", version:"5.2.3790.576", dir:"\system32\drivers", bulletin:bulletin, kb:kb) ||
         hotfix_is_vulnerable(os:"5.2", sp:1, file:"Tcpip6.sys", version:"5.2.3790.2771", dir:"\system32\drivers", bulletin:bulletin, kb:kb) ||
         hotfix_is_vulnerable(os:"5.1", sp:1, file:"Tcpip6.sys", version:"5.1.2600.1886", dir:"\system32\drivers", bulletin:bulletin, kb:kb) ||
         hotfix_is_vulnerable(os:"5.1", sp:2, file:"Tcpip6.sys", version:"5.1.2600.2975", dir:"\system32\drivers", bulletin:bulletin, kb:kb) )
    {
      set_kb_item(name:"SMB/Missing/"+bulletin, value:TRUE);
      hotfix_security_warning();
    
      hotfix_check_fversion_end();
      exit(0);
    }
    else
    {
      hotfix_check_fversion_end();
      audit(AUDIT_HOST_NOT, 'affected');
    }
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_118822.NASL
    descriptionSunOS 5.10: kernel Patch. Date this patch was last updated by Sun : Feb/23/06
    last seen2018-09-02
    modified2018-08-13
    plugin id19367
    published2005-08-02
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=19367
    titleSolaris 10 (sparc) : 118822-30
    code
    #%NASL_MIN_LEVEL 80502
    
    # @DEPRECATED@
    #
    # This script has been deprecated as the associated patch is not
    # currently a recommended security fix.
    #
    # Disabled on 2011/09/17.
    
    #
    # (C) Tenable Network Security, Inc.
    #
    #
    
    if ( ! defined_func("bn_random") ) exit(0);
    include("compat.inc");
    
    if(description)
    {
     script_id(19367);
     script_version("1.38");
    
     script_name(english: "Solaris 10 (sparc) : 118822-30");
     script_cve_id("CVE-2004-0790", "CVE-2004-0791", "CVE-2005-3250", "CVE-2005-4701", "CVE-2008-1095");
     script_set_attribute(attribute: "synopsis", value:
    "The remote host is missing Sun Security Patch number 118822-30");
     script_set_attribute(attribute: "description", value:
    'SunOS 5.10: kernel Patch.
    Date this patch was last updated by Sun : Feb/23/06');
     script_set_attribute(attribute: "solution", value:
    "You should install this patch for your system to be up-to-date.");
     script_set_attribute(attribute: "see_also", value:
    "https://getupdates.oracle.com/readme/118822-30");
     script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
     script_cwe_id(264);
     script_set_attribute(attribute:"plugin_publication_date", value: "2005/08/02");
     script_cvs_date("Date: 2019/10/25 13:36:22");
     script_set_attribute(attribute:"vuln_publication_date", value: "2005/10/13");
     script_end_attributes();
    
     script_summary(english: "Check for patch 118822-30");
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.");
     family["english"] = "Solaris Local Security Checks";
     script_family(english:family["english"]);
     
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/Solaris/showrev");
     exit(0);
    }
    
    
    
    # Deprecated.
    exit(0, "The associated patch is not currently a recommended security fix.");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_33395.NASL
    descriptions700_800 11.00 cumulative ARPA Transport patch : A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
    last seen2020-06-01
    modified2020-06-02
    plugin id19363
    published2005-08-01
    reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/19363
    titleHP-UX PHNE_33395 : HP-UX TCP/IP Remote Denial of Service (DoS) (HPSBUX01164 SSRT4884 rev.9)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHNE_33395. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(19363);
      script_version("1.20");
      script_cvs_date("Date: 2018/07/12 19:01:15");
    
      script_cve_id("CVE-2004-0790", "CVE-2004-0791", "CVE-2004-1060");
      script_bugtraq_id(13124);
      script_xref(name:"CERT", value:"532967");
      script_xref(name:"HP", value:"emr_na-c00576017");
      script_xref(name:"HP", value:"HPSBUX01164");
      script_xref(name:"HP", value:"SSRT4884");
    
      script_name(english:"HP-UX PHNE_33395 : HP-UX TCP/IP Remote Denial of Service (DoS) (HPSBUX01164 SSRT4884 rev.9)");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.00 cumulative ARPA Transport patch : 
    
    A potential security vulnerability has been identified with HP-UX
    running TCP/IP. This vulnerability could be remotely exploited by an
    unauthorized user to cause a Denial of Service(DoS). References: NISCC
    VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060."
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00576017
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3a3e8ad7"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHNE_33395 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2005/07/19");
      script_set_attribute(attribute:"patch_modification_date", value:"2006/01/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/08/01");
      script_set_attribute(attribute:"vuln_publication_date", value:"2005/04/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.00"))
    {
      exit(0, "The host is not affected since PHNE_33395 applies to a different OS release.");
    }
    
    patches = make_list("PHNE_33395", "PHNE_35729");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"Networking.NET-KRN", version:"B.11.00")) flag++;
    if (hpux_check_patch(app:"Networking.NET-PRG", version:"B.11.00")) flag++;
    if (hpux_check_patch(app:"Networking.NET-RUN", version:"B.11.00")) flag++;
    if (hpux_check_patch(app:"Networking.NET2-KRN", version:"B.11.00")) flag++;
    if (hpux_check_patch(app:"Networking.NMS2-KRN", version:"B.11.00")) flag++;
    if (hpux_check_patch(app:"OS-Core.CORE2-KRN", version:"B.11.00")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS7_106541.NASL
    descriptionSunOS 5.7: Kernel Update Patch. Date this patch was last updated by Sun : Dec/06/06
    last seen2016-09-26
    modified2011-10-24
    plugin id13086
    published2004-07-12
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=13086
    titleSolaris 7 (sparc) : 106541-44
    code
    #%NASL_MIN_LEVEL 999999
    
    # @DEPRECATED@
    #
    # This script has been deprecated as the associated patch is not
    # currently a recommended security fix.
    #
    # Disabled on 2011/10/24.
    #
    
    #
    # (C) Tenable Network Security, Inc.
    #
    #
    
    if ( ! defined_func("bn_random") ) exit(0);
    include("compat.inc");
    
    if(description)
    {
     script_id(13086);
     script_version("1.33");
    
     script_name(english: "Solaris 7 (sparc) : 106541-44");
     script_cve_id("CVE-2004-0790", "CVE-2004-0791");
     script_set_attribute(attribute: "synopsis", value:
    "The remote host is missing Sun Security Patch number 106541-44");
     script_set_attribute(attribute: "description", value:
    'SunOS 5.7: Kernel Update Patch.
    Date this patch was last updated by Sun : Dec/06/06');
     script_set_attribute(attribute: "solution", value:
    "You should install this patch for your system to be up-to-date.");
     script_set_attribute(attribute: "see_also", value:
    "http://download.oracle.com/sunalerts/1001318.1.html");
     script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
     script_set_attribute(attribute:"plugin_publication_date", value: "2004/07/12");
     script_cvs_date("Date: 2018/07/20  0:18:53");
     script_end_attributes();
    
     script_summary(english: "Check for patch 106541-44");
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
     family["english"] = "Solaris Local Security Checks";
     script_family(english:family["english"]);
     
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/Solaris/showrev");
     exit(0);
    }
    
    # Deprecated.
    exit(0, "The associated patch is not currently a recommended security fix.");
    
    
    
    
    include("solaris.inc");
    
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"FJSVhea", version:"1.0,REV=1998.11.16.20.05");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWarc", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWarcx", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWatfsr", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcar", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcar", version:"11.7.0,REV=1999.01.11.15.30");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcarx", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcarx", version:"11.7.0,REV=1998.11.30.15.02");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcpr", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcpr", version:"11.7.0,REV=1998.11.16.20.05");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcprx", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcprx", version:"11.7.0,REV=1998.11.16.20.05");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcsl", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcslx", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcsr", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcsu", version:"11.7.0,REV=1998.10.06.00.59");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcsxu", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcvc", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWcvcx", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWdpl", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWdplx", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWdrr", version:"11.7.0,REV=1999.03.09.04.51");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWdrrx", version:"11.7.0,REV=1999.03.09.04.51");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWesu", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWesxu", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWhea", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWipc", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWkvm", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWkvm", version:"11.7.0,REV=1999.01.11.15.30");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWkvmx", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWkvmx", version:"11.7.0,REV=1998.11.16.20.05");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWnisu", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWpcmci", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWpcmcu", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWpcmcx", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWscpu", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWscpux", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWssad", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWssadx", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWsxr", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWtnfc", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWtnfcx", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWtoo", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWtoox", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWvolr", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWvolu", version:"11.7.0,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"106541-44", obsoleted_by:"", package:"SUNWypu", version:"11.7.0,REV=1998.09.01.04.16");
    if ( e < 0 ) { 
    	if ( NASL_LEVEL < 3000 ) 
    	   security_warning(0);
    	else  
    	   security_warning(port:0, extra:solaris_get_report());
    	exit(0); 
    } 
    exit(0, "Host is not affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_33159.NASL
    descriptions700_800 11.11 cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP (IPv4). This vulnerability could be remotely exploited to cause a Denial of Service (DoS). (HPSBUX01137 SSRT5954) - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884)
    last seen2020-06-01
    modified2020-06-02
    plugin id18608
    published2005-07-05
    reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18608
    titleHP-UX PHNE_33159 : s700_800 11.11 cumulative ARPA Transport patch
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHNE_33159. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(18608);
      script_version("1.24");
      script_cvs_date("Date: 2018/07/12 19:01:15");
    
      script_cve_id("CVE-2004-0790", "CVE-2004-0791", "CVE-2004-1060", "CVE-2005-1192");
      script_bugtraq_id(13124);
      script_xref(name:"CERT", value:"532967");
      script_xref(name:"HP", value:"emr_na-c00571568");
      script_xref(name:"HP", value:"emr_na-c00576017");
      script_xref(name:"HP", value:"HPSBUX01137");
      script_xref(name:"HP", value:"HPSBUX01164");
      script_xref(name:"HP", value:"SSRT4884");
      script_xref(name:"HP", value:"SSRT5954");
    
      script_name(english:"HP-UX PHNE_33159 : s700_800 11.11 cumulative ARPA Transport patch");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.11 cumulative ARPA Transport patch : 
    
    The remote HP-UX host is affected by multiple vulnerabilities :
    
      - A potential security vulnerability has been identified
        with HP-UX running TCP/IP (IPv4). This vulnerability
        could be remotely exploited to cause a Denial of Service
        (DoS). (HPSBUX01137 SSRT5954)
    
      - A potential security vulnerability has been identified
        with HP-UX running TCP/IP. This vulnerability could be
        remotely exploited by an unauthorized user to cause a
        Denial of Service(DoS). References: NISCC VU#532967,
        CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
        (HPSBUX01164 SSRT4884)"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00571568
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?9aacfc53"
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00576017
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3a3e8ad7"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHNE_33159 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2005/06/24");
      script_set_attribute(attribute:"patch_modification_date", value:"2006/01/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/07/05");
      script_set_attribute(attribute:"vuln_publication_date", value:"2005/04/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.11"))
    {
      exit(0, "The host is not affected since PHNE_33159 applies to a different OS release.");
    }
    
    patches = make_list("PHNE_33159", "PHNE_33628", "PHNE_34135", "PHNE_34672", "PHNE_35183", "PHNE_35351", "PHNE_36125", "PHNE_37671", "PHNE_37898", "PHNE_38678", "PHNE_39386", "PHNE_42029");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"Networking.NET-KRN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"Networking.NET-PRG", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"Networking.NET-RUN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"Networking.NET-RUN-64", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"Networking.NET2-KRN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"Networking.NMS2-KRN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"Networking.NW-ENG-A-MAN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"OS-Core.CORE-KRN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"OS-Core.CORE2-KRN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"OS-Core.SYS-ADMIN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"ProgSupport.C-INC", version:"B.11.11")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS7_X86_106542.NASL
    descriptionSunOS 5.7_x86: Kernel Update Patch. Date this patch was last updated by Sun : Nov/27/06
    last seen2016-09-26
    modified2011-10-24
    plugin id13193
    published2004-07-12
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=13193
    titleSolaris 7 (x86) : 106542-43
    code
    #%NASL_MIN_LEVEL 999999
    
    # @DEPRECATED@
    #
    # This script has been deprecated as the associated patch is not
    # currently a recommended security fix.
    #
    # Disabled on 2011/10/24.
    #
    
    #
    # (C) Tenable Network Security, Inc.
    #
    #
    
    if ( ! defined_func("bn_random") ) exit(0);
    include("compat.inc");
    
    if(description)
    {
     script_id(13193);
     script_version("1.29");
    
     script_name(english: "Solaris 7 (x86) : 106542-43");
     script_cve_id("CVE-2004-0790", "CVE-2004-0791");
     script_set_attribute(attribute: "synopsis", value:
    "The remote host is missing Sun Security Patch number 106542-43");
     script_set_attribute(attribute: "description", value:
    'SunOS 5.7_x86: Kernel Update Patch.
    Date this patch was last updated by Sun : Nov/27/06');
     script_set_attribute(attribute: "solution", value:
    "You should install this patch for your system to be up-to-date.");
     script_set_attribute(attribute: "see_also", value:
    "http://download.oracle.com/sunalerts/1001318.1.html");
     script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
     script_set_attribute(attribute:"plugin_publication_date", value: "2004/07/12");
     script_cvs_date("Date: 2018/07/20  0:18:53");
     script_end_attributes();
    
     script_summary(english: "Check for patch 106542-43");
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
     family["english"] = "Solaris Local Security Checks";
     script_family(english:family["english"]);
     
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/Solaris/showrev");
     exit(0);
    }
    
    # Deprecated.
    exit(0, "The associated patch is not currently a recommended security fix.");
    
    
    
    
    include("solaris.inc");
    
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWarc", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWatfsr", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWcar", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWcsl", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWcsr", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWcsu", version:"11.7.0,REV=1998.10.06.01.22");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWdpl", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWesu", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWhea", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWipc", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWkvm", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWnisu", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWpcmci", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWpcmcu", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWscpu", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWtnfc", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWtoo", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWvolr", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWvolu", version:"11.7.0,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"106542-43", obsoleted_by:"", package:"SUNWypu", version:"11.7.0,REV=1998.09.01.04.53");
    if ( e < 0 ) { 
    	if ( NASL_LEVEL < 3000 ) 
    	   security_warning(0);
    	else  
    	   security_warning(port:0, extra:solaris_get_report());
    	exit(0); 
    } 
    exit(0, "Host is not affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_26125.NASL
    descriptions700_800 11.00 ndd(1M) cumulative patch : A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
    last seen2020-06-01
    modified2020-06-02
    plugin id18399
    published2005-05-30
    reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18399
    titleHP-UX PHNE_26125 : HP-UX TCP/IP Remote Denial of Service (DoS) (HPSBUX01164 SSRT4884 rev.9)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_118844.NASL
    descriptionSunOS 5.10_x86: kernel Patch. Date this patch was last updated by Sun : Oct/28/05 This plugin has been deprecated and either replaced with individual 118844 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id19370
    published2005-08-02
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=19370
    titleSolaris 10 (x86) : 118844-20 (deprecated)
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_26076.NASL
    descriptions700_800 11.04 (VVOS) ndd(1M) cumulative patch : A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
    last seen2020-06-01
    modified2020-06-02
    plugin id18398
    published2005-05-30
    reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18398
    titleHP-UX PHNE_26076 : HP-UX TCP/IP Remote Denial of Service (DoS) (HPSBUX01164 SSRT4884 rev.9)
  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL4583.NASL
    descriptionThe remote BIG-IP device is missing a patch required by a security advisory.
    last seen2020-06-01
    modified2020-06-02
    plugin id86016
    published2015-09-18
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86016
    titleF5 Networks BIG-IP : Insufficient validation of ICMP error messages (SOL4583)
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_33427.NASL
    descriptions700_800 11.04 (VVOS) cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884) - A potential security vulnerability has been identified with HP-UX running TCP/IP. The potential vulnerability could be exploited remotely to cause a Denial of Service (DoS). (HPSBUX02087 SSRT4728)
    last seen2020-06-01
    modified2020-06-02
    plugin id19486
    published2005-08-23
    reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/19486
    titleHP-UX PHNE_33427 : s700_800 11.04 (VVOS) cumulative ARPA Transport patch
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_118305.NASL
    descriptionSunOS 5.9: tcp Patch. Date this patch was last updated by Sun : Jul/09/07
    last seen2016-09-26
    modified2011-09-18
    plugin id18075
    published2005-04-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=18075
    titleSolaris 9 (sparc) : 118305-10

Oval

  • accepted2014-03-24T04:00:12.352-04:00
    classvulnerability
    contributors
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameNabil Ouchn
      organizationSecurity-Database
    • nameMatthew Wojcik
      organizationThe MITRE Corporation
    • nameTodd Dolinsky
      organizationOpsware, Inc.
    • nameShane Shaffer
      organizationG2, Inc.
    • nameSushant Kumar Singh
      organizationHewlett-Packard
    descriptionMultiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    familyunix
    idoval:org.mitre.oval:def:1177
    statusaccepted
    submitted2006-09-22T05:48:00.000-04:00
    titleHP-UX 11.11 Blind Connection Reset Attack Vulnerability
    version42
  • accepted2011-05-09T04:01:19.783-04:00
    classvulnerability
    contributors
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMatthew Wojcik
      organizationThe MITRE Corporation
    • nameTodd Dolinsky
      organizationOpsware, Inc.
    • nameShane Shaffer
      organizationG2, Inc.
    descriptionMultiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    familyunix
    idoval:org.mitre.oval:def:176
    statusaccepted
    submitted2006-09-22T05:48:00.000-04:00
    titleHP-UX 11.00 Blind Connection Reset Attack Vulnerability
    version40
  • accepted2011-05-16T04:02:04.059-04:00
    classvulnerability
    contributors
    • nameMatthew Burton
      organizationThe MITRE Corporation
    • nameJohn Hoyland
      organizationCentennial Software
    • nameDragos Prisaca
      organizationGideon Technologies, Inc.
    • nameBrendan Miles
      organizationThe MITRE Corporation
    • nameSudhir Gandhe
      organizationTelos
    • nameShane Shaffer
      organizationG2, Inc.
    descriptionMultiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    familywindows
    idoval:org.mitre.oval:def:1910
    statusaccepted
    submitted2005-08-18T04:00:00.000-04:00
    titleWinXP Blind Connection Reset Attack Vulnerability
    version42
  • accepted2014-03-10T04:00:34.539-04:00
    classvulnerability
    contributors
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMatthew Wojcik
      organizationThe MITRE Corporation
    • nameTodd Dolinsky
      organizationOpsware, Inc.
    • nameShane Shaffer
      organizationG2, Inc.
    • nameSushant Kumar Singh
      organizationHewlett-Packard
    descriptionMultiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    familyunix
    idoval:org.mitre.oval:def:211
    statusaccepted
    submitted2006-09-22T05:48:00.000-04:00
    titleHP-UX 11.23 Blind Connection Reset Attack Vulnerability
    version44
  • accepted2011-05-16T04:02:47.049-04:00
    classvulnerability
    contributors
    • nameMatthew Burton
      organizationThe MITRE Corporation
    • nameJohn Hoyland
      organizationCentennial Software
    • nameSudhir Gandhe
      organizationTelos
    • nameShane Shaffer
      organizationG2, Inc.
    descriptionMultiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    familywindows
    idoval:org.mitre.oval:def:3458
    statusaccepted
    submitted2005-04-22T12:00:00.000-04:00
    titleWin2k Blind Connection Reset Attack Vulnerability
    version39
  • accepted2011-05-09T04:01:32.572-04:00
    classvulnerability
    contributors
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMatthew Wojcik
      organizationThe MITRE Corporation
    • nameTodd Dolinsky
      organizationOpsware, Inc.
    • nameShane Shaffer
      organizationG2, Inc.
    descriptionMultiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    familyunix
    idoval:org.mitre.oval:def:412
    statusaccepted
    submitted2006-09-22T05:48:00.000-04:00
    titleHP-UX 11.04 Blind Connection Reset Attack Vulnerability
    version40
  • accepted2013-09-02T04:05:46.405-04:00
    classvulnerability
    contributors
    • nameMatthew Burton
      organizationThe MITRE Corporation
    • nameJohn Hoyland
      organizationCentennial Software
    • nameSudhir Gandhe
      organizationTelos
    • nameShane Shaffer
      organizationG2, Inc.
    • nameDragos Prisaca
      organizationG2, Inc.
    descriptionMultiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    familywindows
    idoval:org.mitre.oval:def:4804
    statusaccepted
    submitted2005-08-18T04:00:00.000-04:00
    titleServer 2003 Blind Connection Reset Attack Vulnerability
    version42
  • accepted2014-03-24T04:01:39.608-04:00
    classvulnerability
    contributors
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMatthew Wojcik
      organizationThe MITRE Corporation
    • nameShane Shaffer
      organizationG2, Inc.
    • nameSushant Kumar Singh
      organizationHewlett-Packard
    • nameSushant Kumar Singh
      organizationHewlett-Packard
    descriptionMultiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    familyunix
    idoval:org.mitre.oval:def:514
    statusaccepted
    submitted2006-09-22T05:48:00.000-04:00
    titleHP-UX 11.11, 11.23 Blind Connection Reset Attack Vulnerability
    version43
  • accepted2011-05-09T04:01:36.564-04:00
    classvulnerability
    contributors
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMatthew Wojcik
      organizationThe MITRE Corporation
    • nameJeff Ito
      organizationSecure Elements, Inc.
    • nameShane Shaffer
      organizationG2, Inc.
    definition_extensions
    • commentMicrosoft Windows XP SP1 (32-bit) is installed
      ovaloval:org.mitre.oval:def:1
    • commentMicrosoft Windows XP SP2 or later is installed
      ovaloval:org.mitre.oval:def:521
    • commentMicrosoft Windows XP SP1 (64-bit) is installed
      ovaloval:org.mitre.oval:def:480
    • commentMicrosoft Windows Server 2003 (x86) Gold is installed
      ovaloval:org.mitre.oval:def:165
    • commentMicrosoft Windows Server 2003 SP1 (x86) is installed
      ovaloval:org.mitre.oval:def:565
    descriptionMultiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    familywindows
    idoval:org.mitre.oval:def:53
    statusaccepted
    submitted2006-10-11T05:29:41
    titleWindows XP, Windows Server 2003 Blind Connection Reset Attack Vulnerability
    version45
  • accepted2011-05-09T04:01:38.771-04:00
    classvulnerability
    contributors
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameNabil Ouchn
      organizationSecurity-Database
    • nameMatthew Wojcik
      organizationThe MITRE Corporation
    • namePai Peng
      organizationOpsware, Inc.
    • nameShane Shaffer
      organizationG2, Inc.
    descriptionMultiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    familyunix
    idoval:org.mitre.oval:def:622
    statusaccepted
    submitted2006-09-22T05:52:00.000-04:00
    titleSolaris 8, 9, 10 Blind Connection Reset Attack Vulnerability
    version40

Seebug

  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:63076
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-63076
    titleMultiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages DoS Exploit
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:79052
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-79052
    titleMultiple Vendor ICMP Message Handling DoS
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:79051
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-79051
    titleMultiple Vendor ICMP Implementation Malformed Path MTU DoS
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:79050
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-79050
    titleMultiple Vendor ICMP Implementation Spoofed Source Quench Packet DoS
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:15543
    last seen2017-11-19
    modified2005-04-20
    published2005-04-20
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-15543
    titleMultiple OS (win32/aix/cisco) Crafted ICMP Messages DoS Exploit

References