Vulnerabilities > CVE-2013-1667 - Resource Management Errors vulnerability in Perl

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2013:0685 and 
# Oracle Linux Security Advisory ELSA-2013-0685 respectively.
#

include("compat.inc");

if (description)
{
  script_id(68797);
  script_version("1.20");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/30");

  script_cve_id("CVE-2012-5195", "CVE-2012-5526", "CVE-2012-6329", "CVE-2013-1667");
  script_bugtraq_id(56287, 56562, 56950, 58311);
  script_xref(name:"RHSA", value:"2013:0685");

  script_name(english:"Oracle Linux 5 / 6 : perl (ELSA-2013-0685)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Oracle Linux host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"From Red Hat Security Advisory 2013:0685 :

Updated perl packages that fix multiple security issues now available
for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having
moderate security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.

Perl is a high-level programming language commonly used for system
administration utilities and web programming.

A heap overflow flaw was found in Perl. If a Perl application allowed
user input to control the count argument of the string repeat
operator, an attacker could cause the application to crash or,
potentially, execute arbitrary code with the privileges of the user
running the application. (CVE-2012-5195)

A denial of service flaw was found in the way Perl's rehashing code
implementation, responsible for recalculation of hash keys and
redistribution of hash content, handled certain input. If an attacker
supplied specially crafted input to be used as hash keys by a Perl
application, it could cause excessive memory consumption.
(CVE-2013-1667)

It was found that the Perl CGI module, used to handle Common Gateway
Interface requests and responses, incorrectly sanitized the values for
Set-Cookie and P3P headers. If a Perl application using the CGI module
reused cookies values and accepted untrusted input from web browsers,
a remote attacker could use this flaw to alter member items of the
cookie or add new items. (CVE-2012-5526)

It was found that the Perl Locale::Maketext module, used to localize
Perl applications, did not properly handle backslashes or
fully-qualified method names. An attacker could possibly use this flaw
to execute arbitrary Perl code with the privileges of a Perl
application that uses untrusted Locale::Maketext templates.
(CVE-2012-6329)

Red Hat would like to thank the Perl project for reporting
CVE-2012-5195 and CVE-2013-1667. Upstream acknowledges Tim Brown as
the original reporter of CVE-2012-5195 and Yves Orton as the original
reporter of CVE-2013-1667.

All Perl users should upgrade to these updated packages, which contain
backported patches to correct these issues. All running Perl programs
must be restarted for this update to take effect."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/el-errata/2013-March/003388.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/el-errata/2013-March/003389.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected perl packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"d2_elliot_name", value:"Foswiki 1.1.5 RCE");
  script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'TWiki MAKETEXT Remote Command Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Archive-Extract");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Archive-Tar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-CGI");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-CPAN");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-CPANPLUS");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Compress-Raw-Bzip2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Compress-Raw-Zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Compress-Zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Digest-SHA");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-ExtUtils-CBuilder");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-ExtUtils-Embed");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-ExtUtils-MakeMaker");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-ExtUtils-ParseXS");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-File-Fetch");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-IO-Compress-Base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-IO-Compress-Bzip2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-IO-Compress-Zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-IO-Zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-IPC-Cmd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Locale-Maketext-Simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Log-Message");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Log-Message-Simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Module-Build");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Module-CoreList");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Module-Load");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Module-Load-Conditional");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Module-Loaded");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Module-Pluggable");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Object-Accessor");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Package-Constants");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Params-Check");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Parse-CPAN-Meta");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Pod-Escapes");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Pod-Simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Term-UI");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Test-Harness");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Test-Simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Time-HiRes");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Time-Piece");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-parent");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-suidperl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-version");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/11/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Oracle Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5 / 6", "Oracle Linux " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);

flag = 0;
if (rpm_check(release:"EL5", reference:"perl-5.8.8-40.el5_9")) flag++;
if (rpm_check(release:"EL5", reference:"perl-suidperl-5.8.8-40.el5_9")) flag++;

if (rpm_check(release:"EL6", reference:"perl-5.10.1-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Archive-Extract-0.38-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Archive-Tar-1.58-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-CGI-3.51-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-CPAN-1.9402-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-CPANPLUS-0.88-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Compress-Raw-Bzip2-2.020-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Compress-Raw-Zlib-2.020-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Compress-Zlib-2.020-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Digest-SHA-5.47-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-ExtUtils-CBuilder-0.27-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-ExtUtils-Embed-1.28-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-ExtUtils-MakeMaker-6.55-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-ExtUtils-ParseXS-2.2003.0-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-File-Fetch-0.26-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-IO-Compress-Base-2.020-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-IO-Compress-Bzip2-2.020-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-IO-Compress-Zlib-2.020-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-IO-Zlib-1.09-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-IPC-Cmd-0.56-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Locale-Maketext-Simple-0.18-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Log-Message-0.02-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Log-Message-Simple-0.04-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Module-Build-0.3500-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Module-CoreList-2.18-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Module-Load-0.16-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Module-Load-Conditional-0.30-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Module-Loaded-0.02-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Module-Pluggable-3.90-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Object-Accessor-0.34-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Package-Constants-0.02-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Params-Check-0.26-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Parse-CPAN-Meta-1.40-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Pod-Escapes-1.04-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Pod-Simple-3.13-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Term-UI-0.20-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Test-Harness-3.17-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Test-Simple-0.92-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Time-HiRes-1.9721-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-Time-Piece-1.15-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-core-5.10.1-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-devel-5.10.1-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-libs-5.10.1-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-parent-0.221-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-suidperl-5.10.1-130.el6_4")) flag++;
if (rpm_check(release:"EL6", reference:"perl-version-0.77-130.el6_4")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl / perl-Archive-Extract / perl-Archive-Tar / perl-CGI / etc");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 201401-11.
#
# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include("compat.inc");

if (description)
{
  script_id(72033);
  script_version("1.9");
  script_cvs_date("Date: 2019/08/12 17:35:38");

  script_cve_id("CVE-2011-2728", "CVE-2011-2939", "CVE-2012-5195", "CVE-2013-1667");
  script_bugtraq_id(49858, 56287, 58311);
  script_xref(name:"GLSA", value:"201401-11");

  script_name(english:"GLSA-201401-11 : Perl, Locale Maketext Perl module: Multiple vulnerabilities");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-201401-11
(Perl, Locale Maketext Perl module: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Perl and
      Locale::Maketext Perl module. Please review the CVE identifiers
      referenced below for details.
  
Impact :

    A context-dependent attacker could possibly execute arbitrary code with
      the privileges of the process or cause a Denial of Service condition.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/201401-11"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All Perl users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=dev-lang/perl-5.16.3'
    All Locale::Maketext users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose
      '>=perl-core/locale-maketext-1.230.0'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:locale-maketext");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:perl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/01/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/01/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/20");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"dev-lang/perl", unaffected:make_list("ge 5.16.3"), vulnerable:make_list("lt 5.16.3"))) flag++;
if (qpkg_check(package:"perl-core/locale-maketext", unaffected:make_list("ge 1.230.0"), vulnerable:make_list("lt 1.230.0"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Perl / Locale Maketext Perl module");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2013-177.
#

include("compat.inc");

if (description)
{
  script_id(69736);
  script_version("1.9");
  script_cvs_date("Date: 2019/02/07  9:34:55");

  script_cve_id("CVE-2012-5195", "CVE-2012-5526", "CVE-2012-6329", "CVE-2013-1667");
  script_xref(name:"ALAS", value:"2013-177");
  script_xref(name:"RHSA", value:"2013:0685");

  script_name(english:"Amazon Linux AMI : perl (ALAS-2013-177)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux AMI host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A heap overflow flaw was found in Perl. If a Perl application allowed
user input to control the count argument of the string repeat
operator, an attacker could cause the application to crash or,
potentially, execute arbitrary code with the privileges of the user
running the application. (CVE-2012-5195)

A denial of service flaw was found in the way Perl's rehashing code
implementation, responsible for recalculation of hash keys and
redistribution of hash content, handled certain input. If an attacker
supplied specially crafted input to be used as hash keys by a Perl
application, it could cause excessive memory consumption.
(CVE-2013-1667)

It was found that the Perl CGI module, used to handle Common Gateway
Interface requests and responses, incorrectly sanitized the values for
Set-Cookie and P3P headers. If a Perl application using the CGI module
reused cookies values and accepted untrusted input from web browsers,
a remote attacker could use this flaw to alter member items of the
cookie or add new items. (CVE-2012-5526)

It was found that the Perl Locale::Maketext module, used to localize
Perl applications, did not properly handle backslashes or
fully-qualified method names. An attacker could possibly use this flaw
to execute arbitrary Perl code with the privileges of a Perl
application that uses untrusted Locale::Maketext templates.
(CVE-2012-6329)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/ALAS-2013-177.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Run 'yum update perl' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"d2_elliot_name", value:"TWiki 5.1.2 RCE");
  script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'TWiki MAKETEXT Remote Command Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Archive-Extract");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Archive-Tar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-CGI");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-CPAN");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-CPANPLUS");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Compress-Raw-Bzip2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Compress-Raw-Zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Compress-Zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Digest-SHA");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-ExtUtils-CBuilder");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-ExtUtils-Embed");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-ExtUtils-MakeMaker");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-ExtUtils-ParseXS");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-File-Fetch");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-IO-Compress-Base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-IO-Compress-Bzip2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-IO-Compress-Zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-IO-Zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-IPC-Cmd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Locale-Maketext-Simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Log-Message");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Log-Message-Simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Module-Build");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Module-CoreList");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Module-Load");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Module-Load-Conditional");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Module-Loaded");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Module-Pluggable");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Object-Accessor");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Package-Constants");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Params-Check");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Parse-CPAN-Meta");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Pod-Escapes");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Pod-Simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Term-UI");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Test-Harness");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Test-Simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Time-HiRes");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-Time-Piece");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-parent");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-suidperl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perl-version");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/11/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/09/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/04");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"perl-5.10.1-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Archive-Extract-0.38-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Archive-Tar-1.58-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-CGI-3.51-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-CPAN-1.9402-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-CPANPLUS-0.88-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Compress-Raw-Bzip2-2.020-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Compress-Raw-Zlib-2.023-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Compress-Zlib-2.020-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Digest-SHA-5.47-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-ExtUtils-CBuilder-0.27-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-ExtUtils-Embed-1.28-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-ExtUtils-MakeMaker-6.55-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-ExtUtils-ParseXS-2.2003.0-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-File-Fetch-0.26-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-IO-Compress-Base-2.020-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-IO-Compress-Bzip2-2.020-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-IO-Compress-Zlib-2.020-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-IO-Zlib-1.09-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-IPC-Cmd-0.56-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Locale-Maketext-Simple-0.18-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Log-Message-0.02-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Log-Message-Simple-0.04-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Module-Build-0.3500-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Module-CoreList-2.18-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Module-Load-0.16-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Module-Load-Conditional-0.30-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Module-Loaded-0.02-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Module-Pluggable-3.90-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Object-Accessor-0.34-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Package-Constants-0.02-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Params-Check-0.26-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Parse-CPAN-Meta-1.40-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Pod-Escapes-1.04-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Pod-Simple-3.13-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Term-UI-0.20-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Test-Harness-3.17-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Test-Simple-0.92-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Time-HiRes-1.9721-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-Time-Piece-1.15-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-core-5.10.1-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-debuginfo-5.10.1-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-devel-5.10.1-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-libs-5.10.1-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-parent-0.221-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-suidperl-5.10.1-130.17.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perl-version-0.77-130.17.amzn1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl / perl-Archive-Extract / perl-Archive-Tar / perl-CGI / etc");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Oracle Third Party software advisories.
#
include("compat.inc");

if (description)
{
  script_id(80729);
  script_version("1.2");
  script_cvs_date("Date: 2018/11/15 20:50:24");

  script_cve_id("CVE-2013-1667");

  script_name(english:"Oracle Solaris Third-Party Patch Update : perl-58 (cve_2013_1667_denial_of)");
  script_summary(english:"Check for the 'entire' version.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Solaris system is missing a security patch for third-party
software."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote Solaris system is missing necessary patches to address
security updates :

  - The rehash mechanism in Perl 5.8.2 through 5.16.x allows
    context-dependent attackers to cause a denial of service
    (memory consumption and crash) via a crafted hash key.
    (CVE-2013-1667)"
  );
  # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?4a913f44"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://blogs.oracle.com/sunsecurity/cve-2013-1667-denial-of-service-dos-vulnerability-in-perl-58"
  );
  script_set_attribute(attribute:"solution", value:"Upgrade to Solaris 11.1.7.5.0.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:11.1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:perl-58");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/05/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/19");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");
  script_family(english:"Solaris Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release", "Host/Solaris11/pkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("solaris.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Solaris11/release");
if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11");
pkg_list = solaris_pkg_list_leaves();
if (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, "Solaris pkg-list packages");

if (empty_or_null(egrep(string:pkg_list, pattern:"^perl-58$"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl-58");

flag = 0;

if (solaris_check_release(release:"0.5.11-0.175.1.7.0.5.0", sru:"SRU 11.1.7.5.0") > 0) flag++;

if (flag)
{
  error_extra = 'Affected package : perl-58\n' + solaris_get_report2();
  error_extra = ereg_replace(pattern:"version", replace:"OS version", string:error_extra);
  if (report_verbosity > 0) security_hole(port:0, extra:error_extra);
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_PACKAGE_NOT_AFFECTED, "perl-58");

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Slackware Security Advisory 2013-072-01. The text 
# itself is copyright (C) Slackware Linux, Inc.
#

include("compat.inc");

if (description)
{
  script_id(65552);
  script_version("1.8");
  script_cvs_date("Date: 2019/01/02 16:37:55");

  script_cve_id("CVE-2013-1667");
  script_bugtraq_id(58311);
  script_xref(name:"SSA", value:"2013-072-01");

  script_name(english:"Slackware 13.1 / 13.37 / 14.0 / current : perl (SSA:2013-072-01)");
  script_summary(english:"Checks for updated package in /var/log/packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Slackware host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"New perl packages are available for Slackware 13.1, 13.37, 14.0, and
-current to fix a security issue."
  );
  # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.424686
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?97db9877"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected perl package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:perl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.37");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/15");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Slackware Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("slackware.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);


flag = 0;
if (slackware_check(osver:"13.1", pkgname:"perl", pkgver:"5.10.1", pkgarch:"i486", pkgnum:"2_slack13.1")) flag++;
if (slackware_check(osver:"13.1", arch:"x86_64", pkgname:"perl", pkgver:"5.10.1", pkgarch:"x86_64", pkgnum:"2_slack13.1")) flag++;

if (slackware_check(osver:"13.37", pkgname:"perl", pkgver:"5.12.3", pkgarch:"i486", pkgnum:"2_slack13.37")) flag++;
if (slackware_check(osver:"13.37", arch:"x86_64", pkgname:"perl", pkgver:"5.12.3", pkgarch:"x86_64", pkgnum:"2_slack13.37")) flag++;

if (slackware_check(osver:"14.0", pkgname:"perl", pkgver:"5.16.3", pkgarch:"i486", pkgnum:"1_slack14.0")) flag++;
if (slackware_check(osver:"14.0", arch:"x86_64", pkgname:"perl", pkgver:"5.16.3", pkgarch:"x86_64", pkgnum:"1_slack14.0")) flag++;

if (slackware_check(osver:"current", pkgname:"perl", pkgver:"5.16.3", pkgarch:"i486", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", arch:"x86_64", pkgname:"perl", pkgver:"5.16.3", pkgarch:"x86_64", pkgnum:"1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2013-3436.
#

include("compat.inc");

if (description)
{
  script_id(65647);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");

  script_cve_id("CVE-2013-1667");
  script_bugtraq_id(58311);
  script_xref(name:"FEDORA", value:"2013-3436");

  script_name(english:"Fedora 18 : perl-5.16.2-240.fc18 (2013-3436)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Fix CVE-2013-1667 (DoS in rehashing code).

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=912276"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/100853.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?e2c59b1a"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected perl package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:18");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/22");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^18([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 18.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC18", reference:"perl-5.16.2-240.fc18")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Oracle Third Party software advisories.
#
include("compat.inc");

if (description)
{
  script_id(80726);
  script_version("1.2");
  script_cvs_date("Date: 2018/11/15 20:50:24");

  script_cve_id("CVE-2013-1667");

  script_name(english:"Oracle Solaris Third-Party Patch Update : perl-512 (cve_2013_1667_denial_of1)");
  script_summary(english:"Check for the 'entire' version.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Solaris system is missing a security patch for third-party
software."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote Solaris system is missing necessary patches to address
security updates :

  - The rehash mechanism in Perl 5.8.2 through 5.16.x allows
    context-dependent attackers to cause a denial of service
    (memory consumption and crash) via a crafted hash key.
    (CVE-2013-1667)"
  );
  # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?4a913f44"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://blogs.oracle.com/sunsecurity/cve-2013-1667-denial-of-service-dos-vulnerability-in-perl-512"
  );
  script_set_attribute(attribute:"solution", value:"Upgrade to Solaris 11.1.7.5.0.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:11.1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:perl-512");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/05/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/19");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");
  script_family(english:"Solaris Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release", "Host/Solaris11/pkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("solaris.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Solaris11/release");
if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11");
pkg_list = solaris_pkg_list_leaves();
if (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, "Solaris pkg-list packages");

if (empty_or_null(egrep(string:pkg_list, pattern:"^perl-512$"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl-512");

flag = 0;

if (solaris_check_release(release:"0.5.11-0.175.1.7.0.5.0", sru:"SRU 11.1.7.5.0") > 0) flag++;

if (flag)
{
  error_extra = 'Affected package : perl-512\n' + solaris_get_report2();
  error_extra = ereg_replace(pattern:"version", replace:"OS version", string:error_extra);
  if (report_verbosity > 0) security_hole(port:0, extra:error_extra);
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_PACKAGE_NOT_AFFECTED, "perl-512");

#
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from OracleVM
# Security Advisory OVMSA-2016-0076.
#

include("compat.inc");

if (description)
{
  script_id(91752);
  script_version("2.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/30");

  script_cve_id("CVE-2012-5195", "CVE-2012-5526", "CVE-2012-6329", "CVE-2013-1667");
  script_bugtraq_id(56287, 56562, 56950, 58311);

  script_name(english:"OracleVM 3.2 : perl (OVMSA-2016-0076)");
  script_summary(english:"Checks the RPM output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote OracleVM host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote OracleVM system is missing necessary patches to address
critical security updates :

  - Do not extend allowable epoch values in
    Time::Local::timelocal to remove useless warning on
    64-bit platforms (Resolves: rhbz#1149375)

  - Fix perl segfaults with custom signal handle (Resolves:
    rhbz#991854)

  - Reorder AnyDBM_File back-end preference (Resolves:
    rhbz#1018721)

  - Fix backslash interpolation in Locale::Maketext
    (Resolves: rhbz#1029016)

  - Enable year 2038 for Time::Local on 64-bit platforms
    (Resolves: rhbz#1057047)

  - 800340 - strftime memory leak perl bug (RT#73520)

  - Resolves: rhbz#800340

  - Fix CVE-2012-5195 heap buffer overrun at repeatcpy
    (Resolves: rhbz#915691)

  - Fix CVE-2012-5526 newline injection due to improper CRLF
    escaping in Set-Cookie and P3P headers (Resolves:
    rhbz#915691)

  - Fix CVE-2012-6329 possible arbitrary code execution via
    Locale::Maketext (Resolves: rhbz#915691)

  - Fix CVE-2013-1667 DoS in rehashing code (Resolves:
    rhbz#915691)

  - 848156 - Reverts code of perl-5.8.8-U32019.patch

  - Resolves: rhbz#848156"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/oraclevm-errata/2016-June/000491.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected perl package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"d2_elliot_name", value:"Foswiki 1.1.5 RCE");
  script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'TWiki MAKETEXT Remote Command Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:perl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.2");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/11/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/06/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/06/22");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"OracleVM Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/OracleVM/release");
if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM");
if (! preg(pattern:"^OVS" + "3\.2" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 3.2", "OracleVM " + release);
if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);

flag = 0;
if (rpm_check(release:"OVS3.2", reference:"perl-5.8.8-43.el5_11")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1770-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(65629);
  script_version("1.10");
  script_cvs_date("Date: 2019/09/19 12:54:29");

  script_cve_id("CVE-2013-1667");
  script_bugtraq_id(58311);
  script_xref(name:"USN", value:"1770-1");

  script_name(english:"Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : perl vulnerability (USN-1770-1)");
  script_summary(english:"Checks dpkg output for updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Ubuntu host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Yves Orton discovered that Perl incorrectly handled hashing when using
user-provided hash keys. An attacker could use this flaw to perform a
denial of service attack against software written in Perl.

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/1770-1/"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected perl package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:perl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/03/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/20");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(8\.04|10\.04|11\.10|12\.04|12\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.04 / 10.04 / 11.10 / 12.04 / 12.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"8.04", pkgname:"perl", pkgver:"5.8.8-12ubuntu0.8")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"perl", pkgver:"5.10.1-8ubuntu2.3")) flag++;
if (ubuntu_check(osver:"11.10", pkgname:"perl", pkgver:"5.12.4-4ubuntu0.2")) flag++;
if (ubuntu_check(osver:"12.04", pkgname:"perl", pkgver:"5.14.2-6ubuntu2.3")) flag++;
if (ubuntu_check(osver:"12.10", pkgname:"perl", pkgver:"5.14.2-13ubuntu0.2")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2013:0746. The text 
# itself is copyright (C) Red Hat, Inc.
#

include("compat.inc");

if (description)
{
  script_id(78955);
  script_version("1.11");
  script_cvs_date("Date: 2019/10/24 15:35:37");

  script_cve_id("CVE-2013-1591", "CVE-2013-1796", "CVE-2013-1797", "CVE-2013-1798");
  script_bugtraq_id(58193, 58604, 58605, 58607);
  script_xref(name:"RHSA", value:"2013:0746");

  script_name(english:"RHEL 6 : rhev-hypervisor6 (RHSA-2013:0746)");
  script_summary(english:"Checks the rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"An updated rhev-hypervisor6 package that fixes several security issues
and various bugs is now available.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.

The rhev-hypervisor6 package provides a Red Hat Enterprise
Virtualization Hypervisor ISO disk image. The Red Hat Enterprise
Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine
(KVM) hypervisor. It includes everything necessary to run and manage
virtual machines: A subset of the Red Hat Enterprise Linux operating
environment and the Red Hat Enterprise Virtualization Agent.

Note: Red Hat Enterprise Virtualization Hypervisor is only available
for the Intel 64 and AMD64 architectures with virtualization
extensions.

A flaw was found in the way KVM handled guest time updates when the
buffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME
machine state register (MSR) crossed a page boundary. A privileged
guest user could use this flaw to crash the host or, potentially,
escalate their privileges, allowing them to execute arbitrary code at
the host kernel level. (CVE-2013-1796)

A potential use-after-free flaw was found in the way KVM handled guest
time updates when the GPA (guest physical address) the guest
registered by writing to the MSR_KVM_SYSTEM_TIME machine state
register (MSR) fell into a movable or removable memory region of the
hosting user-space process (by default, QEMU-KVM) on the host. If that
memory region is deregistered from KVM using
KVM_SET_USER_MEMORY_REGION and the allocated virtual memory reused, a
privileged guest user could potentially use this flaw to escalate
their privileges on the host. (CVE-2013-1797)

A flaw was found in the way KVM emulated IOAPIC (I/O Advanced
Programmable Interrupt Controller). A missing validation check in the
ioapic_read_indirect() function could allow a privileged guest user to
crash the host, or read a substantial portion of host kernel memory.
(CVE-2013-1798)

An integer overflow flaw was discovered in one of pixman's
manipulation routines. If a remote attacker could trick an application
using pixman into performing a certain manipulation, it could cause
the application to crash or, possibly, execute arbitrary code with the
privileges of the user running the application. (CVE-2013-1591)

Red Hat would like to thank Andrew Honig of Google for reporting
CVE-2013-1796, CVE-2013-1797, and CVE-2013-1798.

This updated package provides updated components that include fixes
for various security issues. These issues have no security impact on
Red Hat Enterprise Virtualization Hypervisor itself, however. The
security fixes included in this update address the following CVE
numbers :

CVE-2013-2266 (a bind issue)

CVE-2012-5195, CVE-2012-5526, CVE-2012-6329, and CVE-2013-1667 (perl
issues)

This update contains the fixes from the following errata :

ovirt-node: RHBA-2013:0745 libvirt: RHBA-2013:0725 vdsm:
RHBA-2013:0704 kernel: RHSA-2013:0744

Users of the Red Hat Enterprise Virtualization Hypervisor are advised
to upgrade to this updated package, which corrects these issues."
  );
  # https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?c6b506c4"
  );
  # https://rhn.redhat.com/errata/RHBA-2013-0745.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHBA-2013:0745"
  );
  # https://rhn.redhat.com/errata/RHBA-2013-0725.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHBA-2013:0725"
  );
  # https://rhn.redhat.com/errata/RHBA-2013-0704.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHBA-2013:0704"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://rhn.redhat.com/errata/RHSA-2013-0744.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2013:0746"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2013-1591"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2013-1798"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2013-1796"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2013-1797"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected rhev-hypervisor6 package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/01/31");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/04/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/08");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2013:0746";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL6", reference:"rhev-hypervisor6-6.4-20130415.0.el6_4")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rhev-hypervisor6");
  }
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution K15867.
#
# The text description of this plugin is (C) F5 Networks.
#

include("compat.inc");

if (description)
{
  script_id(85945);
  script_version("2.21");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/30");

  script_cve_id("CVE-2012-5195", "CVE-2012-5526", "CVE-2012-6329", "CVE-2013-1667");
  script_bugtraq_id(56287, 56562, 56950, 58311);

  script_name(english:"F5 Networks BIG-IP : Perl vulnerabilities (K15867)");
  script_summary(english:"Checks the BIG-IP version.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote device is missing a vendor-supplied security patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"CVE-2012-5195 Heap-based buffer overflow in the Perl_repeatcpy
function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3,
and 5.15.x before 15.15.5 allows context-dependent attackers to cause
a denial of service (memory consumption and crash) or possibly execute
arbitrary code via the 'x' string repeat operator.

CVE-2012-5526 CGI.pm module before 3.63 for Perl does not properly
escape newlines in (1) Set-Cookie or (2) P3P headers, which might
allow remote attackers to inject arbitrary headers into responses from
applications that use CGI.pm.

CVE-2012-6329 The _compile function in Maketext.pm in the
Locale::Maketext implementation in Perl before 5.17.7 does not
properly handle backslashes and fully qualified method names during
compilation of bracket notation, which allows context-dependent
attackers to execute arbitrary commands via crafted input to an
application that accepts translation strings from users, as
demonstrated by the TWiki application before 5.1.3, and the Foswiki
application 1.0.x through 1.0.10 and 1.1.x through 1.1.6.

CVE-2013-1667 The rehash mechanism in Perl 5.8.2 through 5.16.x allows
context-dependent attackers to cause a denial of service (memory
consumption and crash) via a crafted hash key."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://support.f5.com/csp/article/K15867"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade to one of the non-vulnerable versions listed in the F5
Solution K15867."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"d2_elliot_name", value:"Foswiki 1.1.5 RCE");
  script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'TWiki MAKETEXT Remote Command Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_acceleration_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_visibility_and_reporting");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_global_traffic_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_policy_enforcement_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_wan_optimization_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_webaccelerator");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip_protocol_security_manager");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/11/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/11/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/16");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"F5 Networks Local Security Checks");

  script_dependencies("f5_bigip_detect.nbin");
  script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version", "Settings/ParanoidReport");

  exit(0);
}


include("f5_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
version = get_kb_item("Host/BIG-IP/version");
if ( ! version ) audit(AUDIT_OS_NOT, "F5 Networks BIG-IP");
if ( isnull(get_kb_item("Host/BIG-IP/hotfix")) ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/hotfix");
if ( ! get_kb_item("Host/BIG-IP/modules") ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/modules");

sol = "K15867";
vmatrix = make_array();

if (report_paranoia < 2) audit(AUDIT_PARANOID);

# AFM
vmatrix["AFM"] = make_array();
vmatrix["AFM"]["affected"  ] = make_list("11.3.0-11.6.1");
vmatrix["AFM"]["unaffected"] = make_list("12.0.0-12.1.2","11.6.1HF1","11.5.4HF4");

# AM
vmatrix["AM"] = make_array();
vmatrix["AM"]["affected"  ] = make_list("11.4.0-11.6.1");
vmatrix["AM"]["unaffected"] = make_list("12.0.0-12.1.2","11.6.1HF1","11.5.4HF4");

# APM
vmatrix["APM"] = make_array();
vmatrix["APM"]["affected"  ] = make_list("11.0.0-11.6.1","10.1.0-10.2.4");
vmatrix["APM"]["unaffected"] = make_list("12.0.0-12.1.2","11.6.1HF1","11.5.4HF4");

# ASM
vmatrix["ASM"] = make_array();
vmatrix["ASM"]["affected"  ] = make_list("11.0.0-11.6.1","10.0.0-10.2.4");
vmatrix["ASM"]["unaffected"] = make_list("12.0.0-12.1.2","11.6.1HF1","11.5.4HF4");

# AVR
vmatrix["AVR"] = make_array();
vmatrix["AVR"]["affected"  ] = make_list("11.0.0-11.6.1");
vmatrix["AVR"]["unaffected"] = make_list("12.0.0-12.1.2","11.6.1HF1","11.5.4HF4");

# GTM
vmatrix["GTM"] = make_array();
vmatrix["GTM"]["affected"  ] = make_list("11.0.0-11.6.1","10.0.0-10.2.4");
vmatrix["GTM"]["unaffected"] = make_list("11.6.1HF1","11.5.4HF4");

# LC
vmatrix["LC"] = make_array();
vmatrix["LC"]["affected"  ] = make_list("11.0.0-11.6.1","10.0.0-10.2.4");
vmatrix["LC"]["unaffected"] = make_list("12.0.0-12.1.2","11.6.1HF1","11.5.4HF4");

# LTM
vmatrix["LTM"] = make_array();
vmatrix["LTM"]["affected"  ] = make_list("11.0.0-11.6.1","10.0.0-10.2.4");
vmatrix["LTM"]["unaffected"] = make_list("12.0.0-12.1.2","11.6.1HF1","11.5.4HF4");

# PEM
vmatrix["PEM"] = make_array();
vmatrix["PEM"]["affected"  ] = make_list("11.3.0-11.6.1");
vmatrix["PEM"]["unaffected"] = make_list("12.0.0-12.1.2","11.6.1HF1","11.5.4HF4");


if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
  if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = bigip_get_tested_modules();
  audit_extra = "For BIG-IP module(s) " + tested + ",";
  if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
  else audit(AUDIT_HOST_NOT, "running any of the affected modules");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from the FreeBSD VuXML database :
#
# Copyright 2003-2019 Jacques Vidrine and contributors
#
# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
# HTML, PDF, PostScript, RTF and so forth) with or without modification,
# are permitted provided that the following conditions are met:
# 1. Redistributions of source code (VuXML) must retain the above
#    copyright notice, this list of conditions and the following
#    disclaimer as the first lines of this file unmodified.
# 2. Redistributions in compiled form (transformed to other DTDs,
#    published online in any format, converted to PDF, PostScript,
#    RTF and other formats) must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer
#    in the documentation and/or other materials provided with the
#    distribution.
# 
# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#

include("compat.inc");

if (description)
{
  script_id(65199);
  script_version("1.8");
  script_cvs_date("Date: 2019/07/10 16:04:13");

  script_cve_id("CVE-2013-1667");

  script_name(english:"FreeBSD : perl -- denial of service via algorithmic complexity attack on hashing routines (68c1f75b-8824-11e2-9996-c48508086173)");
  script_summary(english:"Checks for updated packages in pkg_info output");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote FreeBSD host is missing one or more security-related
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Perl developers report :

In order to prevent an algorithmic complexity attack against its
hashing mechanism, perl will sometimes recalculate keys and
redistribute the contents of a hash. This mechanism has made perl
robust against attacks that have been demonstrated against other
systems.

Research by Yves Orton has recently uncovered a flaw in the rehashing
code which can result in pathological behavior. This flaw could be
exploited to carry out a denial of service attack against code that
uses arbitrary user input as hash keys.

Because using user-provided strings as hash keys is a very common
operation, we urge users of perl to update their perl executable as
soon as possible."
  );
  # http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?ed817f26"
  );
  # https://vuxml.freebsd.org/freebsd/68c1f75b-8824-11e2-9996-c48508086173.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?9ea930fe"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:perl-threaded");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/03/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"FreeBSD Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");

  exit(0);
}


include("audit.inc");
include("freebsd_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (pkg_test(save_report:TRUE, pkg:"perl<5.12.4_5")) flag++;
if (pkg_test(save_report:TRUE, pkg:"perl>=5.14.0<5.14.2_3")) flag++;
if (pkg_test(save_report:TRUE, pkg:"perl>=5.16.0<5.16.2_1")) flag++;
if (pkg_test(save_report:TRUE, pkg:"perl-threaded<5.12.4_5")) flag++;
if (pkg_test(save_report:TRUE, pkg:"perl-threaded>=5.14.0<5.14.2_3")) flag++;
if (pkg_test(save_report:TRUE, pkg:"perl-threaded>=5.16.0<5.16.2_1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(70561);
  script_version("1.11");
  script_cvs_date("Date: 2018/07/14  1:59:36");

  script_cve_id(
    "CVE-2011-2391",
    "CVE-2011-3389",
    "CVE-2011-3427",
    "CVE-2011-4944",
    "CVE-2012-0845",
    "CVE-2012-0876",
    "CVE-2012-1150",
    "CVE-2013-0249",
    "CVE-2013-1667",
    "CVE-2013-1944",
    "CVE-2013-3950",
    "CVE-2013-3954",
    "CVE-2013-4073",
    "CVE-2013-5135",
    "CVE-2013-5138",
    "CVE-2013-5139",
    "CVE-2013-5141",
    "CVE-2013-5142",
    "CVE-2013-5145",
    "CVE-2013-5165",
    "CVE-2013-5166",
    "CVE-2013-5167",
    "CVE-2013-5168",
    "CVE-2013-5169",
    "CVE-2013-5170",
    "CVE-2013-5171",
    "CVE-2013-5172",
    "CVE-2013-5173",
    "CVE-2013-5174",
    "CVE-2013-5175",
    "CVE-2013-5176",
    "CVE-2013-5177",
    "CVE-2013-5178",
    "CVE-2013-5179",
    "CVE-2013-5180",
    "CVE-2013-5181",
    "CVE-2013-5182",
    "CVE-2013-5183",
    "CVE-2013-5184",
    "CVE-2013-5185",
    "CVE-2013-5186",
    "CVE-2013-5187",
    "CVE-2013-5188",
    "CVE-2013-5189",
    "CVE-2013-5190",
    "CVE-2013-5191",
    "CVE-2013-5192",
    "CVE-2013-5229"
  );
  script_bugtraq_id(
    49778,
    51239,
    51996,
    52379,
    52732,
    57842,
    58311,
    59058,
    60437,
    60444,
    60843,
    62520,
    62522,
    62523,
    62529,
    62531,
    62536,
    63284,
    63290,
    63311,
    63312,
    63313,
    63314,
    63316,
    63317,
    63319,
    63320,
    63321,
    63322,
    63329,
    63330,
    63331,
    63332,
    63335,
    63336,
    63339,
    63343,
    63344,
    63345,
    63346,
    63347,
    63348,
    63349,
    63350,
    63351,
    63352,
    63353
  );
  script_xref(name:"APPLE-SA", value:"APPLE-SA-2013-10-22-3");
  script_xref(name:"CERT", value:"864643");

  script_name(english:"Mac OS X 10.x < 10.9 Multiple Vulnerabilities (BEAST)");
  script_summary(english:"Check the version of Mac OS X.");

  script_set_attribute(
    attribute:"synopsis",
    value:
"The remote host is missing a Mac OS X update that fixes multiple
security vulnerabilities."
  );
  script_set_attribute(
    attribute:"description",
    value:
"The remote host is running a version of Mac OS X 10.x that is prior
to version 10.9. The newer version contains multiple security-related
fixes for the following components :

  - Application Firewall
  - App Sandbox
  - Bluetooth
  - CFNetwork
  - CFNetwork SSL
  - Console
  - CoreGraphics
  - curl
  - dyld
  - IOKitUser
  - IOSerialFamily
  - Kernel
  - Kext Management
  - LaunchServices
  - Libc
  - Mail Accounts
  - Mail Header Display
  - Mail Networking
  - OpenLDAP
  - perl
  - Power Management
  - python
  - ruby
  - Security
  - Security - Authorization
  - Security - Smart Card Services
  - Screen Lock
  - Screen Sharing Server
  - syslog
  - USB"
  );
  script_set_attribute(attribute:"see_also", value:"http://support.apple.com/kb/HT6011");
  script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html");
  script_set_attribute(attribute:"see_also", value:"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html");
  script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/~bodo/tls-cbc.txt");
  script_set_attribute(attribute:"solution", value:"Upgrade to Mac OS X 10.9 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2011/08/31");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/10/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/10/23");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
  script_set_attribute(attribute:"in_the_news", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl");
  script_require_ports("Host/MacOSX/Version", "Host/OS");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

os = get_kb_item("Host/MacOSX/Version");
if (!os)
{
  os = get_kb_item_or_exit("Host/OS");
  if ("Mac OS X" >!< os) audit(AUDIT_OS_NOT, "Mac OS X");

  c = get_kb_item("Host/OS/Confidence");
  if (c <= 70) exit(1, "Can't determine the host's OS with sufficient confidence.");
}
if (!os) audit(AUDIT_OS_NOT, "Mac OS X");

match = eregmatch(pattern:"Mac OS X (10\.[0-9.]+)", string:os);
if (!isnull(match))
{
  version = match[1];
  fixed_version = "10.9";

  if (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)
  {
    if (report_verbosity > 0)
    {
      report = '\n  Installed version : ' + version +
               '\n  Fixed version     : ' + fixed_version +
               '\n';
      security_hole(port:0, extra:report);
    }
    else security_hole(0);
    exit(0);
  }
}

exit(0, "The host is not affected as it is running "+os+".");

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2013:0685 and 
# CentOS Errata and Security Advisory 2013:0685 respectively.
#

include("compat.inc");

if (description)
{
  script_id(65694);
  script_version("1.26");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/30");

  script_cve_id("CVE-2012-5195", "CVE-2012-5526", "CVE-2012-6329", "CVE-2013-1667");
  script_bugtraq_id(56287, 56562, 56950, 58311);
  script_xref(name:"RHSA", value:"2013:0685");

  script_name(english:"CentOS 5 / 6 : perl (CESA-2013:0685)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote CentOS host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated perl packages that fix multiple security issues now available
for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having
moderate security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.

Perl is a high-level programming language commonly used for system
administration utilities and web programming.

A heap overflow flaw was found in Perl. If a Perl application allowed
user input to control the count argument of the string repeat
operator, an attacker could cause the application to crash or,
potentially, execute arbitrary code with the privileges of the user
running the application. (CVE-2012-5195)

A denial of service flaw was found in the way Perl's rehashing code
implementation, responsible for recalculation of hash keys and
redistribution of hash content, handled certain input. If an attacker
supplied specially crafted input to be used as hash keys by a Perl
application, it could cause excessive memory consumption.
(CVE-2013-1667)

It was found that the Perl CGI module, used to handle Common Gateway
Interface requests and responses, incorrectly sanitized the values for
Set-Cookie and P3P headers. If a Perl application using the CGI module
reused cookies values and accepted untrusted input from web browsers,
a remote attacker could use this flaw to alter member items of the
cookie or add new items. (CVE-2012-5526)

It was found that the Perl Locale::Maketext module, used to localize
Perl applications, did not properly handle backslashes or
fully-qualified method names. An attacker could possibly use this flaw
to execute arbitrary Perl code with the privileges of a Perl
application that uses untrusted Locale::Maketext templates.
(CVE-2012-6329)

Red Hat would like to thank the Perl project for reporting
CVE-2012-5195 and CVE-2013-1667. Upstream acknowledges Tim Brown as
the original reporter of CVE-2012-5195 and Yves Orton as the original
reporter of CVE-2013-1667.

All Perl users should upgrade to these updated packages, which contain
backported patches to correct these issues. All running Perl programs
must be restarted for this update to take effect."
  );
  # https://lists.centos.org/pipermail/centos-announce/2013-March/019668.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?fae8bbce"
  );
  # https://lists.centos.org/pipermail/centos-announce/2013-March/019669.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?0fe51482"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected perl packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-5195");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"d2_elliot_name", value:"Foswiki 1.1.5 RCE");
  script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'TWiki MAKETEXT Remote Command Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Archive-Extract");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Archive-Tar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-CGI");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-CPAN");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-CPANPLUS");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Compress-Raw-Bzip2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Compress-Raw-Zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Compress-Zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Digest-SHA");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-ExtUtils-CBuilder");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-ExtUtils-Embed");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-ExtUtils-MakeMaker");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-ExtUtils-ParseXS");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-File-Fetch");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-IO-Compress-Base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-IO-Compress-Bzip2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-IO-Compress-Zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-IO-Zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-IPC-Cmd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Locale-Maketext-Simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Log-Message");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Log-Message-Simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Module-Build");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Module-CoreList");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Module-Load");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Module-Load-Conditional");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Module-Loaded");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Module-Pluggable");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Object-Accessor");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Package-Constants");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Params-Check");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Parse-CPAN-Meta");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Pod-Escapes");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Pod-Simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Term-UI");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Test-Harness");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Test-Simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Time-HiRes");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Time-Piece");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-parent");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-suidperl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-version");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/11/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/27");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"CentOS Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x / 6.x", "CentOS " + os_ver);

if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);


flag = 0;
if (rpm_check(release:"CentOS-5", reference:"perl-5.8.8-40.el5_9")) flag++;
if (rpm_check(release:"CentOS-5", reference:"perl-suidperl-5.8.8-40.el5_9")) flag++;

if (rpm_check(release:"CentOS-6", reference:"perl-5.10.1-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Archive-Extract-0.38-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Archive-Tar-1.58-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-CGI-3.51-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-CPAN-1.9402-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-CPANPLUS-0.88-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Compress-Raw-Bzip2-2.020-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Compress-Raw-Zlib-2.020-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Compress-Zlib-2.020-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Digest-SHA-5.47-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-ExtUtils-CBuilder-0.27-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-ExtUtils-Embed-1.28-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-ExtUtils-MakeMaker-6.55-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-ExtUtils-ParseXS-2.2003.0-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-File-Fetch-0.26-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-IO-Compress-Base-2.020-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-IO-Compress-Bzip2-2.020-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-IO-Compress-Zlib-2.020-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-IO-Zlib-1.09-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-IPC-Cmd-0.56-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Locale-Maketext-Simple-0.18-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Log-Message-0.02-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Log-Message-Simple-0.04-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Module-Build-0.3500-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Module-CoreList-2.18-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Module-Load-0.16-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Module-Load-Conditional-0.30-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Module-Loaded-0.02-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Module-Pluggable-3.90-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Object-Accessor-0.34-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Package-Constants-0.02-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Params-Check-0.26-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Parse-CPAN-Meta-1.40-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Pod-Escapes-1.04-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Pod-Simple-3.13-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Term-UI-0.20-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Test-Harness-3.17-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Test-Simple-0.92-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Time-HiRes-1.9721-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-Time-Piece-1.15-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-core-5.10.1-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-devel-5.10.1-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-libs-5.10.1-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-parent-0.221-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-suidperl-5.10.1-130.el6_4")) flag++;
if (rpm_check(release:"CentOS-6", reference:"perl-version-0.77-130.el6_4")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl / perl-Archive-Extract / perl-Archive-Tar / perl-CGI / etc");
}

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include("compat.inc");

if (description)
{
  script_id(65247);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");

  script_cve_id("CVE-2011-2728", "CVE-2012-5526", "CVE-2012-6329", "CVE-2013-1667");

  script_name(english:"SuSE 11.2 Security Update : Perl (SAT Patch Number 7439)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 11 host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update of Perl 5 fixes the following security issues :

  - fix rehash DoS [bnc#804415] [CVE-2013-1667]

  - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]

  - fix glob denial of service [bnc#796014] [CVE-2011-2728]

  - sanitize input in Maketext.pm [bnc#797060]
    [CVE-2012-6329]"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=789994"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=796014"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=797060"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=804415"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-2728.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5526.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-6329.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-1667.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply SAT patch number 7439.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"d2_elliot_name", value:"TWiki 5.1.2 RCE");
  script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'TWiki MAKETEXT Remote Command Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:perl-doc");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");


flag = 0;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"perl-5.10.0-64.61.61.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"perl-base-5.10.0-64.61.61.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"perl-doc-5.10.0-64.61.61.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"perl-5.10.0-64.61.61.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"perl-32bit-5.10.0-64.61.61.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"perl-base-5.10.0-64.61.61.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"perl-doc-5.10.0-64.61.61.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"perl-5.10.0-64.61.61.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"perl-base-5.10.0-64.61.61.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"perl-doc-5.10.0-64.61.61.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"s390x", reference:"perl-32bit-5.10.0-64.61.61.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"perl-32bit-5.10.0-64.61.61.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2013-3673.
#

include("compat.inc");

if (description)
{
  script_id(65772);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");

  script_cve_id("CVE-2013-1667");
  script_bugtraq_id(58311);
  script_xref(name:"FEDORA", value:"2013-3673");

  script_name(english:"Fedora 17 : perl-5.14.4-224.fc17 (2013-3673)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Update to Perl 5.14.4 Fix CVE-2013-1667 (DoS in rehashing code). Add
NAME section to perl-CPAN manual pages to build whatis database
properly.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=912276"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2013-April/101381.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?43583af5"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected perl package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:perl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:17");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/04/03");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^17([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 17.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC17", reference:"perl-5.14.4-224.fc17")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl");
}