Vulnerabilities > CVE-2009-0688 - Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Carnegie Mellon University Cyrus-Sasl

#%NASL_MIN_LEVEL 999999

# @DEPRECATED@
#
# This script has been deprecated as the associated patch is not
# currently a recommended security fix.
#
# Disabled on 2011/09/17.

#
# (C) Tenable Network Security, Inc.
#
#

if ( ! defined_func("bn_random") ) exit(0);
include("compat.inc");

if(description)
{
 script_id(23506);
 script_version("1.18");

 script_name(english: "Solaris 5.9 (sparc) : 115342-08");
 script_cve_id("CVE-2009-0688");
 script_set_attribute(attribute: "synopsis", value:
"The remote host is missing Sun Security Patch number 115342-08");
 script_set_attribute(attribute: "description", value:
'SASL 2.19.20090601: Simple Authentication and Security Layer.
Date this patch was last updated by Sun : Jul/21/09');
 script_set_attribute(attribute: "solution", value:
"You should install this patch for your system to be up-to-date.");
 script_set_attribute(attribute: "see_also", value:
"https://getupdates.oracle.com/readme/115342-08");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_cwe_id(119);
 script_set_attribute(attribute:"plugin_publication_date", value: "2006/11/06");
 script_cvs_date("Date: 2018/07/20  0:18:53");
 script_end_attributes();

 script_summary(english: "Check for patch 115342-08");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
 family["english"] = "Solaris Local Security Checks";
 script_family(english:family["english"]);
 
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/Solaris/showrev");
 exit(0);
}



# Deprecated.
exit(0, "The associated patch is not currently a recommended security fix.");

include("solaris.inc");

e +=  solaris_check_patch(release:"5.9", arch:"sparc", patch:"115342-08", obsoleted_by:"", package:"SUNWsasl", version:"2.17,REV=2002.10.18.11.13");
e +=  solaris_check_patch(release:"5.9", arch:"sparc", patch:"115342-08", obsoleted_by:"", package:"SUNWsaslx", version:"2.17,REV=2002.10.18.11.13");
if ( e < 0 ) { 
	if ( NASL_LEVEL < 3000 ) 
	   security_hole(0);
	else  
	   security_hole(port:0, extra:solaris_get_report());
	exit(0); 
} 
exit(0, "Host is not affected");

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from the FreeBSD VuXML database :
#
# Copyright 2003-2018 Jacques Vidrine and contributors
#
# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
# HTML, PDF, PostScript, RTF and so forth) with or without modification,
# are permitted provided that the following conditions are met:
# 1. Redistributions of source code (VuXML) must retain the above
#    copyright notice, this list of conditions and the following
#    disclaimer as the first lines of this file unmodified.
# 2. Redistributions in compiled form (transformed to other DTDs,
#    published online in any format, converted to PDF, PostScript,
#    RTF and other formats) must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer
#    in the documentation and/or other materials provided with the
#    distribution.
# 
# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#

include("compat.inc");

if (description)
{
  script_id(38779);
  script_version("1.15");
  script_cvs_date("Date: 2019/08/02 13:32:39");

  script_cve_id("CVE-2009-0688");
  script_xref(name:"CERT", value:"238019");

  script_name(english:"FreeBSD : cyrus-sasl -- buffer overflow vulnerability (14ab174c-40ef-11de-9fd5-001bd3385381)");
  script_summary(english:"Checks for updated package in pkg_info output");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote FreeBSD host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"US-CERT reports :

The sasl_encode64() function converts a string into base64. The Cyrus
SASL library contains buffer overflows that occur because of unsafe
use of the sasl_encode64() function."
  );
  # https://vuxml.freebsd.org/freebsd/14ab174c-40ef-11de-9fd5-001bd3385381.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?ebe78c9b"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:cyrus-sasl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/04/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2009/05/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/15");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"FreeBSD Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");

  exit(0);
}


include("audit.inc");
include("freebsd_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (pkg_test(save_report:TRUE, pkg:"cyrus-sasl<2.1.23")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update cyrus-sasl-880.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(40209);
  script_version("1.13");
  script_cvs_date("Date: 2019/10/25 13:36:34");

  script_cve_id("CVE-2009-0688");

  script_name(english:"openSUSE Security Update : cyrus-sasl (cyrus-sasl-880)");
  script_summary(english:"Check for the cyrus-sasl-880 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update of cyrus-sasl improves the output of function
sasl_encode64() by appending a 0 for string termination. The impact
depends on the application that uses sasl_encode64(). (CVE-2009-0688)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=499104"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected cyrus-sasl packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-crammd5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-crammd5-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-devel-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-digestmd5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-digestmd5-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-gssapi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-gssapi-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-ntlm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-otp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-otp-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-plain");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-plain-32bit");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/05/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE11.1", reference:"cyrus-sasl-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"cyrus-sasl-crammd5-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"cyrus-sasl-devel-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"cyrus-sasl-digestmd5-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"cyrus-sasl-gssapi-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"cyrus-sasl-ntlm-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"cyrus-sasl-otp-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"cyrus-sasl-plain-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"cyrus-sasl-32bit-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"cyrus-sasl-crammd5-32bit-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"cyrus-sasl-devel-32bit-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"cyrus-sasl-digestmd5-32bit-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"cyrus-sasl-gssapi-32bit-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"cyrus-sasl-otp-32bit-2.1.22-182.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"cyrus-sasl-plain-32bit-2.1.22-182.2.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cyrus_sasl");
}

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text in this plugin was
# extracted from the Oracle SunOS Patch Updates.
#
include("compat.inc");

if (description)
{
  script_id(107531);
  script_version("1.5");
  script_cvs_date("Date: 2019/10/25 13:36:25");

  script_cve_id("CVE-2009-0688");

  script_name(english:"Solaris 10 (sparc) : 141930-01");
  script_summary(english:"Check for patch 141930-01");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote host is missing Sun Security Patch number 141930-01"
  );
  script_set_attribute(
    attribute:"description", 
    value:
"SunOS 5.10: libsasl.so.1 patch.
Date this patch was last updated by Sun : Jul/24/09"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://download.oracle.com/sunalerts/1020474.1.html"
  );
  script_set_attribute(attribute:"solution", value:"Install patch 141930-01");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:141930");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/07/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Solaris Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("solaris.inc");

showrev = get_kb_item("Host/Solaris/showrev");
if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris");
os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev);
if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris");
full_ver = os_ver[1];
os_level = os_ver[2];
if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level);
package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev);
if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);
package_arch = package_arch[1];
if (package_arch != "sparc") audit(AUDIT_ARCH_NOT, "sparc", package_arch);
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"141930-01", obsoleted_by:"142397-01 ", package:"SUNWlibsasl", version:"11.10.0,REV=2005.01.21.15.53") < 0) flag++;

if (flag) {
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : solaris_get_report()
  );
} else {
  patch_fix = solaris_patch_fix_get();
  if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10");
  tested = solaris_pkg_tests_get();
  if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWlibsasl");
}

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200907-09.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include("compat.inc");

if (description)
{
  script_id(39780);
  script_version("1.13");
  script_cvs_date("Date: 2019/08/02 13:32:45");

  script_cve_id("CVE-2009-0688");
  script_xref(name:"GLSA", value:"200907-09");

  script_name(english:"GLSA-200907-09 : Cyrus-SASL: Execution of arbitrary code");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200907-09
(Cyrus-SASL: Execution of arbitrary code)

    James Ralston reported that in certain situations, Cyrus-SASL does not
    properly terminate strings which can result in buffer overflows when
    performing Base64 encoding.
  
Impact :

    A remote unauthenticated user might send specially crafted packets to a
    daemon using Cyrus-SASL, possibly resulting in the execution of
    arbitrary code with the privileges of the user running the daemon or a
    Denial of Service.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200907-09"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All Cyrus-SASL users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=dev-libs/cyrus-sasl-2.1.23'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:cyrus-sasl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/07/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"dev-libs/cyrus-sasl", unaffected:make_list("ge 2.1.23"), vulnerable:make_list("lt 2.1.23"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Cyrus-SASL");
}

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update cyrus-sasl-6249.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(38946);
  script_version ("1.10");
  script_cvs_date("Date: 2019/10/25 13:36:36");

  script_cve_id("CVE-2009-0688");

  script_name(english:"openSUSE 10 Security Update : cyrus-sasl (cyrus-sasl-6249)");
  script_summary(english:"Check for the cyrus-sasl-6249 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update of cyrus-sasl improves the output of function
sasl_encode64() by appending a 0 for string termination. The impact
depends on the application that uses sasl_encode64(). (CVE-2009-0688)"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected cyrus-sasl packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-crammd5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-crammd5-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-devel-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-digestmd5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-digestmd5-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-gssapi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-gssapi-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-otp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-otp-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-plain");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-plain-32bit");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/05/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/28");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE10.3", reference:"cyrus-sasl-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"cyrus-sasl-crammd5-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"cyrus-sasl-devel-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"cyrus-sasl-digestmd5-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"cyrus-sasl-gssapi-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"cyrus-sasl-otp-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"cyrus-sasl-plain-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", cpu:"x86_64", reference:"cyrus-sasl-32bit-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", cpu:"x86_64", reference:"cyrus-sasl-crammd5-32bit-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", cpu:"x86_64", reference:"cyrus-sasl-devel-32bit-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", cpu:"x86_64", reference:"cyrus-sasl-digestmd5-32bit-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", cpu:"x86_64", reference:"cyrus-sasl-gssapi-32bit-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", cpu:"x86_64", reference:"cyrus-sasl-otp-32bit-2.1.22-82.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", cpu:"x86_64", reference:"cyrus-sasl-plain-32bit-2.1.22-82.2") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cyrus_sasl");
}

#%NASL_MIN_LEVEL 80502

# @DEPRECATED@
#
# This script has been deprecated as the associated patch is not
# currently a recommended security fix.
#
# Disabled on 2011/10/24.
#

#
# (C) Tenable Network Security, Inc.
#
#

if ( ! defined_func("bn_random") ) exit(0);
include("compat.inc");

if(description)
{
 script_id(40369);
 script_version("1.16");

 script_name(english: "Solaris 10 (x86) : 141931-01");
 script_cve_id("CVE-2009-0688");
 script_set_attribute(attribute: "synopsis", value:
"The remote host is missing Sun Security Patch number 141931-01");
 script_set_attribute(attribute: "description", value:
'SunOS 5.10_x86: libsasl.so.1 patch.
Date this patch was last updated by Sun : Jul/24/09');
 script_set_attribute(attribute: "solution", value:
"You should install this patch for your system to be up-to-date.");
 script_set_attribute(attribute: "see_also", value:
"http://download.oracle.com/sunalerts/1020474.1.html");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_cwe_id(119);
 script_set_attribute(attribute:"plugin_publication_date", value: "2009/07/27");
 script_cvs_date("Date: 2019/10/25 13:36:25");
 script_end_attributes();

 script_summary(english: "Check for patch 141931-01");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
 family["english"] = "Solaris Local Security Checks";
 script_family(english:family["english"]);
 
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/Solaris/showrev");
 exit(0);
}

# Deprecated.
exit(0, "The associated patch is not currently a recommended security fix.");

#%NASL_MIN_LEVEL 999999

# @DEPRECATED@
#
# This script has been deprecated as the associated patch is not
# currently a recommended security fix.
#
# Disabled on 2011/09/17.

#
# (C) Tenable Network Security, Inc.
#
#

if ( ! defined_func("bn_random") ) exit(0);
include("compat.inc");

if(description)
{
 script_id(23579);
 script_version("1.16");

 script_name(english: "Solaris 5.9 (x86) : 115343-08");
 script_cve_id("CVE-2009-0688");
 script_set_attribute(attribute: "synopsis", value:
"The remote host is missing Sun Security Patch number 115343-08");
 script_set_attribute(attribute: "description", value:
'SASL 2.19.20090601_x86: Simple Authentication and Security Layer.
Date this patch was last updated by Sun : Jul/21/09');
 script_set_attribute(attribute: "solution", value:
"You should install this patch for your system to be up-to-date.");
 script_set_attribute(attribute: "see_also", value:
"https://getupdates.oracle.com/readme/115343-08");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_cwe_id(119);
 script_set_attribute(attribute:"plugin_publication_date", value: "2006/11/06");
 script_cvs_date("Date: 2018/07/20  0:18:53");
 script_end_attributes();

 script_summary(english: "Check for patch 115343-08");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
 family["english"] = "Solaris Local Security Checks";
 script_family(english:family["english"]);
 
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/Solaris/showrev");
 exit(0);
}



# Deprecated.
exit(0, "The associated patch is not currently a recommended security fix.");

include("solaris.inc");

e +=  solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115343-08", obsoleted_by:"", package:"SUNWsasl", version:"2.17,REV=2003.07.18.13.13");
if ( e < 0 ) { 
	if ( NASL_LEVEL < 3000 ) 
	   security_hole(0);
	else  
	   security_hole(port:0, extra:solaris_get_report());
	exit(0); 
} 
exit(0, "Host is not affected");

#%NASL_MIN_LEVEL 80502

# @DEPRECATED@
#
# This script has been deprecated as the associated patch is not
# currently a recommended security fix.
#
# Disabled on 2011/09/17.

#
# (C) Tenable Network Security, Inc.
#
#

if ( ! defined_func("bn_random") ) exit(0);
include("compat.inc");

if(description)
{
 script_id(25456);
 script_version("1.15");

 script_name(english: "Solaris 5.10 (sparc) : 119345-07");
 script_cve_id("CVE-2009-0688");
 script_set_attribute(attribute: "synopsis", value:
"The remote host is missing Sun Security Patch number 119345-07");
 script_set_attribute(attribute: "description", value:
'SASL 2.19.20090601: Simple Authentication and Security Layer.
Date this patch was last updated by Sun : Jul/21/09');
 script_set_attribute(attribute: "solution", value:
"You should install this patch for your system to be up-to-date.");
 script_set_attribute(attribute: "see_also", value:
"https://getupdates.oracle.com/readme/119345-07");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_cwe_id(119);
 script_set_attribute(attribute:"plugin_publication_date", value: "2007/06/08");
 script_cvs_date("Date: 2019/10/25 13:36:23");
 script_end_attributes();

 script_summary(english: "Check for patch 119345-07");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
 family["english"] = "Solaris Local Security Checks";
 script_family(english:family["english"]);
 
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/Solaris/showrev");
 exit(0);
}



# Deprecated.
exit(0, "The associated patch is not currently a recommended security fix.");

#%NASL_MIN_LEVEL 999999

# @DEPRECATED@
#
# This script has been deprecated as the associated patch is not
# currently a recommended security fix.
#
# Disabled on 2011/09/17.

#
# (C) Tenable Network Security, Inc.
#
#

if ( ! defined_func("bn_random") ) exit(0);
include("compat.inc");

if(description)
{
 script_id(23370);
 script_version("1.16");

 script_name(english: "Solaris 5.8 (sparc) : 115328-08");
 script_cve_id("CVE-2009-0688");
 script_set_attribute(attribute: "synopsis", value:
"The remote host is missing Sun Security Patch number 115328-08");
 script_set_attribute(attribute: "description", value:
'SASL 2.19.20090601: Simple Authentication and Security Layer.
Date this patch was last updated by Sun : Jul/21/09');
 script_set_attribute(attribute: "solution", value:
"You should install this patch for your system to be up-to-date.");
 script_set_attribute(attribute: "see_also", value:
"https://getupdates.oracle.com/readme/115328-08");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_cwe_id(119);
 script_set_attribute(attribute:"plugin_publication_date", value: "2006/11/06");
 script_cvs_date("Date: 2018/07/20  0:18:53");
 script_end_attributes();

 script_summary(english: "Check for patch 115328-08");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
 family["english"] = "Solaris Local Security Checks";
 script_family(english:family["english"]);
 
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/Solaris/showrev");
 exit(0);
}



# Deprecated.
exit(0, "The associated patch is not currently a recommended security fix.");

include("solaris.inc");

e +=  solaris_check_patch(release:"5.8", arch:"sparc", patch:"115328-08", obsoleted_by:"", package:"SUNWsasl", version:"2.17,REV=2002.10.18.11.13");
e +=  solaris_check_patch(release:"5.8", arch:"sparc", patch:"115328-08", obsoleted_by:"", package:"SUNWsaslx", version:"2.17,REV=2002.10.18.11.13");
if ( e < 0 ) { 
	if ( NASL_LEVEL < 3000 ) 
	   security_hole(0);
	else  
	   security_hole(port:0, extra:solaris_get_report());
	exit(0); 
} 
exit(0, "Host is not affected");

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

include("compat.inc");

if (description)
{
  script_id(41301);
  script_version("1.10");
  script_cvs_date("Date: 2019/10/25 13:36:33");

  script_cve_id("CVE-2009-0688");

  script_name(english:"SuSE9 Security Update : cyrus-sasl (YOU Patch Number 12419)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 9 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update of cyrus-sasl improves the output of function
sasl_encode64() by appending a 0 for string termination. The impact
depends on the application that uses sasl_encode64(). (CVE-2009-0688)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2009-0688.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12419.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/05/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SUSE9", reference:"cyrus-sasl-2.1.18-33.14")) flag++;
if (rpm_check(release:"SUSE9", reference:"cyrus-sasl-crammd5-2.1.18-33.14")) flag++;
if (rpm_check(release:"SUSE9", reference:"cyrus-sasl-devel-2.1.18-33.14")) flag++;
if (rpm_check(release:"SUSE9", reference:"cyrus-sasl-digestmd5-2.1.18-33.14")) flag++;
if (rpm_check(release:"SUSE9", reference:"cyrus-sasl-gssapi-2.1.18-33.14")) flag++;
if (rpm_check(release:"SUSE9", reference:"cyrus-sasl-otp-2.1.18-33.14")) flag++;
if (rpm_check(release:"SUSE9", reference:"cyrus-sasl-plain-2.1.18-33.14")) flag++;
if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"cyrus-sasl-32bit-9-200905141649")) flag++;
if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"cyrus-sasl-devel-32bit-9-200905141649")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else exit(0, "The host is not affected.");

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include("compat.inc");

if (description)
{
  script_id(60601);
  script_version("1.4");
  script_cvs_date("Date: 2019/10/25 13:36:18");

  script_cve_id("CVE-2009-0688");

  script_name(english:"Scientific Linux Security Update : cyrus-imapd on SL4.x, SL5.x i386/x86_64");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"It was discovered that the Cyrus SASL library (cyrus-sasl) does not
always reliably terminate output from the sasl_encode64() function
used by programs using this library. The Cyrus IMAP server
(cyrus-imapd) relied on this function's output being properly
terminated. Under certain conditions, improperly terminated output
from sasl_encode64() could, potentially, cause cyrus-imapd to crash,
disclose portions of its memory, or lead to SASL authentication
failures. (CVE-2009-0688)

After installing the update, cyrus-imapd will be restarted
automatically."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0906&L=scientific-linux-errata&T=0&P=1449
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?2f1c6252"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/06/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL4", reference:"cyrus-imapd-2.2.12-10.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"cyrus-imapd-devel-2.2.12-10.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"cyrus-imapd-murder-2.2.12-10.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"cyrus-imapd-nntp-2.2.12-10.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"cyrus-imapd-utils-2.2.12-10.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"perl-Cyrus-2.2.12-10.el4_8.1")) flag++;

if (rpm_check(release:"SL5", reference:"cyrus-imapd-2.3.7-2.el5_3.2")) flag++;
if (rpm_check(release:"SL5", reference:"cyrus-imapd-devel-2.3.7-2.el5_3.2")) flag++;
if (rpm_check(release:"SL5", reference:"cyrus-imapd-perl-2.3.7-2.el5_3.2")) flag++;
if (rpm_check(release:"SL5", reference:"cyrus-imapd-utils-2.3.7-2.el5_3.2")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update cyrus-sasl-880.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(39946);
  script_version("1.13");
  script_cvs_date("Date: 2019/10/25 13:36:34");

  script_cve_id("CVE-2009-0688");

  script_name(english:"openSUSE Security Update : cyrus-sasl (cyrus-sasl-880)");
  script_summary(english:"Check for the cyrus-sasl-880 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update of cyrus-sasl improves the output of function
sasl_encode64() by appending a 0 for string termination. The impact
depends on the application that uses sasl_encode64(). (CVE-2009-0688)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=499104"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected cyrus-sasl packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-crammd5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-crammd5-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-devel-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-digestmd5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-digestmd5-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-gssapi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-gssapi-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-ntlm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-otp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-otp-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-plain");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cyrus-sasl-plain-32bit");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/05/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE11.0", reference:"cyrus-sasl-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"cyrus-sasl-crammd5-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"cyrus-sasl-devel-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"cyrus-sasl-digestmd5-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"cyrus-sasl-gssapi-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"cyrus-sasl-ntlm-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"cyrus-sasl-otp-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"cyrus-sasl-plain-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", cpu:"x86_64", reference:"cyrus-sasl-32bit-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", cpu:"x86_64", reference:"cyrus-sasl-crammd5-32bit-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", cpu:"x86_64", reference:"cyrus-sasl-devel-32bit-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", cpu:"x86_64", reference:"cyrus-sasl-digestmd5-32bit-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", cpu:"x86_64", reference:"cyrus-sasl-gssapi-32bit-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", cpu:"x86_64", reference:"cyrus-sasl-otp-32bit-2.1.22-140.2") ) flag++;
if ( rpm_check(release:"SUSE11.0", cpu:"x86_64", reference:"cyrus-sasl-plain-32bit-2.1.22-140.2") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cyrus_sasl");
}

#%NASL_MIN_LEVEL 80502

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2009:113. 
# The text itself is copyright (C) Mandriva S.A.
#

include("compat.inc");

if (description)
{
  script_id(38814);
  script_version ("1.16");
  script_cvs_date("Date: 2019/08/02 13:32:51");

  script_cve_id("CVE-2009-0688");
  script_xref(name:"MDVSA", value:"2009:113-1");

  script_name(english:"Mandriva Linux Security Advisory : cyrus-sasl (MDVSA-2009:113-1)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23
might allow remote attackers to execute arbitrary code or cause a
denial of service application crash) via strings that are used as
input to the sasl_encode64 function in lib/saslutil.c (CVE-2009-0688).

The updated packages have been patched to prevent this.

Update :

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cyrus-sasl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2-plug-anonymous");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2-plug-crammd5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2-plug-digestmd5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2-plug-gssapi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2-plug-ldapdb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2-plug-login");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2-plug-ntlm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2-plug-otp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2-plug-plain");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2-plug-sasldb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sasl2-plug-sql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2-plug-anonymous");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2-plug-crammd5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2-plug-digestmd5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2-plug-gssapi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2-plug-ldapdb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2-plug-login");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2-plug-ntlm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2-plug-otp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2-plug-plain");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2-plug-sasldb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libsasl2-plug-sql");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/12/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/19");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2008.0", reference:"cyrus-sasl-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-devel-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-plug-anonymous-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-plug-crammd5-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-plug-digestmd5-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-plug-gssapi-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-plug-ldapdb-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-plug-login-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-plug-ntlm-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-plug-otp-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-plug-plain-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-plug-sasldb-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64sasl2-plug-sql-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-devel-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-plug-anonymous-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-plug-crammd5-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-plug-digestmd5-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-plug-gssapi-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-plug-ldapdb-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-plug-login-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-plug-ntlm-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-plug-otp-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-plug-plain-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-plug-sasldb-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libsasl2-plug-sql-2.1.22-23.1mdv2008.0", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text in this plugin was
# extracted from the Oracle SunOS Patch Updates.
#
include("compat.inc");

if (description)
{
  script_id(108030);
  script_version("1.5");
  script_cvs_date("Date: 2019/10/25 13:36:25");

  script_cve_id("CVE-2009-0688");

  script_name(english:"Solaris 10 (x86) : 141931-01");
  script_summary(english:"Check for patch 141931-01");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote host is missing Sun Security Patch number 141931-01"
  );
  script_set_attribute(
    attribute:"description", 
    value:
"SunOS 5.10_x86: libsasl.so.1 patch.
Date this patch was last updated by Sun : Jul/24/09"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://download.oracle.com/sunalerts/1020474.1.html"
  );
  script_set_attribute(attribute:"solution", value:"Install patch 141931-01");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:141931");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/07/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Solaris Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("solaris.inc");

showrev = get_kb_item("Host/Solaris/showrev");
if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris");
os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev);
if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris");
full_ver = os_ver[1];
os_level = os_ver[2];
if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level);
package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev);
if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);
package_arch = package_arch[1];
if (package_arch != "i386") audit(AUDIT_ARCH_NOT, "i386", package_arch);
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"141931-01", obsoleted_by:"142398-01 ", package:"SUNWlibsasl", version:"11.10.0,REV=2005.01.21.16.34") < 0) flag++;

if (flag) {
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : solaris_get_report()
  );
} else {
  patch_fix = solaris_patch_fix_get();
  if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10");
  tested = solaris_pkg_tests_get();
  if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWlibsasl");
}

#
# (C) Tenable Network Security, Inc.
#


if (!defined_func("bn_random")) exit(0);
if (NASL_LEVEL < 3000) exit(0);


include("compat.inc");


if (description)
{
  script_id(45373);
  script_version("1.29");
  script_cvs_date("Date: 2018/07/16 12:48:31");

  script_cve_id(
    "CVE-2003-0063",
    "CVE-2006-1329",
    "CVE-2008-0564",
    "CVE-2008-0888",
    "CVE-2008-2712",
    "CVE-2008-4101",
    "CVE-2008-5302",
    "CVE-2008-5303",
    "CVE-2008-5515",
    "CVE-2009-0033",
    "CVE-2009-0037",
    "CVE-2009-0316",
    "CVE-2009-0580",
    "CVE-2009-0688",
    "CVE-2009-0689",
    "CVE-2009-0781",
    "CVE-2009-0783",
    "CVE-2009-1904",
    "CVE-2009-2042",
    "CVE-2009-2417",
    "CVE-2009-2422",
    "CVE-2009-2632",
    "CVE-2009-2693",
    "CVE-2009-2801",
    "CVE-2009-2901",
    "CVE-2009-2902",
    "CVE-2009-2906",
    "CVE-2009-3009",
    "CVE-2009-3095",
    "CVE-2009-3557",
    "CVE-2009-3558",
    "CVE-2009-3559",
    "CVE-2009-4142",
    "CVE-2009-4143",
    "CVE-2009-4214",
    "CVE-2010-0041",
    "CVE-2010-0042",
    "CVE-2010-0055",
    "CVE-2010-0056",
    "CVE-2010-0057",
    "CVE-2010-0058",
    "CVE-2010-0063",
    "CVE-2010-0065",
    "CVE-2010-0393",
    "CVE-2010-0497",
    "CVE-2010-0498",
    "CVE-2010-0500",
    "CVE-2010-0501",
    "CVE-2010-0502",
    "CVE-2010-0503",
    "CVE-2010-0504",
    "CVE-2010-0505",
    "CVE-2010-0506",
    "CVE-2010-0507",
    "CVE-2010-0508",
    "CVE-2010-0509",
    "CVE-2010-0510",
    "CVE-2010-0513",
    "CVE-2010-0521",
    "CVE-2010-0522",
    "CVE-2010-0523",
    "CVE-2010-0524",
    "CVE-2010-0525",
    "CVE-2010-0533"
  );
  script_bugtraq_id(
    6940,
    12767,
    17155,
    27630,
    28288,
    29715,
    30795,
    33447,
    33962,
    34961,
    35193,
    35196,
    35233,
    35263,
    35278,
    35416,
    35510,
    35579,
    36032,
    36278,
    36296,
    36377,
    36554,
    36555,
    36573,
    37142,
    37389,
    37390,
    37942,
    37944,
    37945,
    38524,
    38676,
    38677,
    39151,
    39156,
    39157,
    39169,
    39170,
    39171,
    39172,
    39175,
    39194,
    39231,
    39232,
    39234,
    39245,
    39252,
    39255,
    39256,
    39264,
    39268,
    39273,
    39274,
    39277,
    39279,
    39281,
    39289,
    39290,
    39292
  );

  script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2010-002)");
  script_summary(english:"Check for the presence of Security Update 2010-002");

  script_set_attribute(
    attribute:"synopsis",
    value:
"The remote host is missing a Mac OS X update that fixes various
security issues."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is running a version of Mac OS X 10.5 that does not
have Security Update 2010-002 applied.

This security update contains fixes for the following products :

  - AppKit
  - Application Firewall
  - AFP Server
  - Apache
  - ClamAV
  - CoreTypes
  - CUPS
  - curl
  - Cyrus IMAP
  - Cyrus SASL
  - Disk Images
  - Directory Services
  - Event Monitor
  - FreeRADIUS
  - FTP Server
  - iChat Server
  - Image RAW
  - Libsystem
  - Mail
  - Mailman
  - OS Services
  - Password Server
  - perl
  - PHP
  - PS Normalizer
  - Ruby
  - Server Admin
  - SMB
  - Tomcat
  - unzip
  - vim
  - Wiki Server
  - X11
  - xar"
  );
  script_set_attribute(
    attribute:"see_also", 
    value:"http://support.apple.com/kb/HT4077"
  );
  script_set_attribute(
    attribute:"see_also", 
    value:"http://lists.apple.com/archives/security-announce/2010/Mar/msg00001.html"
  );
  script_set_attribute(
    attribute:"see_also", 
    value:"http://www.securityfocus.com/advisories/19364"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Install Security Update 2010-002 or later."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'D2ExploitPack');
  script_cwe_id(20, 22, 79, 119, 189, 200, 264, 287, 310, 352, 362);
script_set_attribute(attribute:"vuln_publication_date", value:"2010/03/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/03/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/29");
  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");
  script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/MacOSX/packages", "Host/uname");

  exit(0);
}


uname = get_kb_item("Host/uname");
if (!uname) exit(1, "The 'Host/uname' KB item is missing.");

pat = "^.+Darwin.* ([0-9]+\.[0-9.]+).*$";
if (!ereg(pattern:pat, string:uname)) exit(1, "Can't identify the Darwin kernel version from the uname output ("+uname+").");


darwin = ereg_replace(pattern:pat, replace:"\1", string:uname);
if (ereg(pattern:"^9\.[0-8]\.", string:darwin))
{
  packages = get_kb_item("Host/MacOSX/packages/boms");
  if (!packages) exit(1, "The 'Host/MacOSX/packages/boms' KB item is missing.");

  if (egrep(pattern:"^com\.apple\.pkg\.update\.security\.(2010\.00[2-9]|201[1-9]\.[0-9]+)(\.leopard)?\.bom", string:packages)) 
    exit(0, "The host has Security Update 2010-002 or later installed and therefore is not affected.");
  else 
    security_hole(0);
}
else exit(0, "The host is running Darwin kernel version "+darwin+" and therefore is not affected.");

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2009:1116 and 
# CentOS Errata and Security Advisory 2009:1116 respectively.
#

include("compat.inc");

if (description)
{
  script_id(43759);
  script_version("1.14");
  script_cvs_date("Date: 2019/10/25 13:36:04");

  script_cve_id("CVE-2009-0688");
  script_xref(name:"RHSA", value:"2009:1116");

  script_name(english:"CentOS 5 : cyrus-imapd (CESA-2009:1116)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote CentOS host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated cyrus-imapd packages that fix a security issue are now
available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having important security impact by the
Red Hat Security Response Team.

The cyrus-imapd packages contain a high-performance mail server with
IMAP, POP3, NNTP, and SIEVE support.

It was discovered that the Cyrus SASL library (cyrus-sasl) does not
always reliably terminate output from the sasl_encode64() function
used by programs using this library. The Cyrus IMAP server
(cyrus-imapd) relied on this function's output being properly
terminated. Under certain conditions, improperly terminated output
from sasl_encode64() could, potentially, cause cyrus-imapd to crash,
disclose portions of its memory, or lead to SASL authentication
failures. (CVE-2009-0688)

Users of cyrus-imapd are advised to upgrade to these updated packages,
which resolve this issue. After installing the update, cyrus-imapd
will be restarted automatically."
  );
  # https://lists.centos.org/pipermail/centos-announce/2009-June/015977.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?58f97b5b"
  );
  # https://lists.centos.org/pipermail/centos-announce/2009-June/015978.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?42ba9f6b"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected cyrus-imapd packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:cyrus-imapd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:cyrus-imapd-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:cyrus-imapd-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:cyrus-imapd-utils");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/05/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2009/06/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/06");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"CentOS Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x", "CentOS " + os_ver);

if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);


flag = 0;
if (rpm_check(release:"CentOS-5", reference:"cyrus-imapd-2.3.7-2.el5_3.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"cyrus-imapd-devel-2.3.7-2.el5_3.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"cyrus-imapd-perl-2.3.7-2.el5_3.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"cyrus-imapd-utils-2.3.7-2.el5_3.2")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cyrus-imapd / cyrus-imapd-devel / cyrus-imapd-perl / etc");
}

• name	Aharon Chernin
  organization	SCAP.com, LLC

• name	Dragos Prisaca
  organization	G2, Inc.

• comment	The operating system installed on the system is Red Hat Enterprise Linux 4
  oval	oval:org.mitre.oval:def:11831

• comment	CentOS Linux 4.x
  oval	oval:org.mitre.oval:def:16636

• comment	Oracle Linux 4.x
  oval	oval:org.mitre.oval:def:15990

• comment	The operating system installed on the system is Red Hat Enterprise Linux 5
  oval	oval:org.mitre.oval:def:11414

• comment	The operating system installed on the system is CentOS Linux 5.x
  oval	oval:org.mitre.oval:def:15802

• comment	Oracle Linux 5.x
  oval	oval:org.mitre.oval:def:15459

• comment	Solaris 8 (SPARC) is installed
  oval	oval:org.mitre.oval:def:1539

• comment	Solaris 9 (SPARC) is installed
  oval	oval:org.mitre.oval:def:1457

• comment	Solaris 10 (SPARC) is installed
  oval	oval:org.mitre.oval:def:1440

• comment	Solaris 9 (x86) is installed
  oval	oval:org.mitre.oval:def:1683

• comment	Solaris 10 (x86) is installed
  oval	oval:org.mitre.oval:def:1926