Vulnerabilities > CVE-2014-0191 - Denial of Service vulnerability in Oracle Fusion Middleware 11.1.1.7.0/12.1.2.0.0/12.1.3.0.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-1366-1.NASL description This update for libxml2 fixes the following issues : - Fix NULL dereference in xpointer.c when in recovery mode [bsc#1014873] - CVE-2016-9597: An XML document with many opening tags could have caused a overflow of the stack not detected by the recursion limits, allowing for DoS (bsc#1017497) - CVE-2014-0191: External parameter entity loaded when entity substitution is disabled could cause a DoS. (bsc#876652) - CVE-2016-9318: XML External Entity (XXE) could be abused via crafted document. (bsc#1010675) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 100352 published 2017-05-23 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100352 title SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2017:1366-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2017:1366-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(100352); script_version("3.5"); script_cvs_date("Date: 2019/09/11 11:22:15"); script_cve_id("CVE-2014-0191", "CVE-2016-9318", "CVE-2016-9597"); script_bugtraq_id(67233); script_name(english:"SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2017:1366-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for libxml2 fixes the following issues : - Fix NULL dereference in xpointer.c when in recovery mode [bsc#1014873] - CVE-2016-9597: An XML document with many opening tags could have caused a overflow of the stack not detected by the recursion limits, allowing for DoS (bsc#1017497) - CVE-2014-0191: External parameter entity loaded when entity substitution is disabled could cause a DoS. (bsc#876652) - CVE-2016-9318: XML External Entity (XXE) could be abused via crafted document. (bsc#1010675) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1010675" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1013930" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1014873" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1017497" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=876652" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2014-0191/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-9318/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-9597/" ); # https://www.suse.com/support/update/announcement/2017/suse-su-20171366-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?928a1587" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-833=1 SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-833=1 SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-833=1 To bring your system up-to-date, use 'zypper patch'." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxml2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxml2-2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxml2-2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxml2-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxml2-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxml2-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libxml2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libxml2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libxml2-debugsource"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/01/21"); script_set_attribute(attribute:"patch_publication_date", value:"2017/05/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/23"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP1", os_ver + " SP" + sp); if (os_ver == "SLED12" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP1", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"1", reference:"libxml2-2-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libxml2-2-debuginfo-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libxml2-debugsource-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libxml2-tools-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libxml2-tools-debuginfo-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-libxml2-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-libxml2-debuginfo-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-libxml2-debugsource-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libxml2-2-32bit-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libxml2-2-debuginfo-32bit-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libxml2-2-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libxml2-2-32bit-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libxml2-2-debuginfo-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libxml2-2-debuginfo-32bit-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libxml2-debugsource-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libxml2-tools-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libxml2-tools-debuginfo-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"python-libxml2-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"python-libxml2-debuginfo-2.9.1-26.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"python-libxml2-debugsource-2.9.1-26.12.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libxml2"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2015-959.NASL description - update to 2.9.3 - full changelog: http://www.xmlsoft.org/news.html - fixed CVEs: CVE-2015-8242, CVE-2015-7500, CVE-2015-7499, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-8035, CVE-2015-7942, CVE-2015-1819, CVE-2015-7941, CVE-2014-3660, CVE-2014-0191, CVE-2015-8241, CVE-2015-8317 - fixed bugs: [bsc#928193], [bsc#951734], [bsc#951735], [bsc#954429], [bsc#956018], [bsc#956021], [bsc#956260], [bsc#957105], [bsc#957106], [bsc#957107], [bsc#957109], [bsc#957110] last seen 2020-06-05 modified 2015-12-29 plugin id 87631 published 2015-12-29 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/87631 title openSUSE Security Update : libxml2 (openSUSE-2015-959) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2015-959. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(87631); script_version("2.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2014-0191", "CVE-2014-3660", "CVE-2015-1819", "CVE-2015-5312", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8241", "CVE-2015-8242", "CVE-2015-8317"); script_name(english:"openSUSE Security Update : libxml2 (openSUSE-2015-959)"); script_summary(english:"Check for the openSUSE-2015-959 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: " - update to 2.9.3 - full changelog: http://www.xmlsoft.org/news.html - fixed CVEs: CVE-2015-8242, CVE-2015-7500, CVE-2015-7499, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-8035, CVE-2015-7942, CVE-2015-1819, CVE-2015-7941, CVE-2014-3660, CVE-2014-0191, CVE-2015-8241, CVE-2015-8317 - fixed bugs: [bsc#928193], [bsc#951734], [bsc#951735], [bsc#954429], [bsc#956018], [bsc#956021], [bsc#956260], [bsc#957105], [bsc#957106], [bsc#957107], [bsc#957109], [bsc#957110]" ); script_set_attribute( attribute:"see_also", value:"http://www.xmlsoft.org/news.html" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=928193" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=951734" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=951735" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=954429" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=956018" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=956021" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=956260" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=957105" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=957106" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=957107" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=957109" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=957110" ); script_set_attribute( attribute:"solution", value:"Update the affected libxml2 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-2-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-libxml2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-libxml2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-libxml2-debugsource"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2"); script_set_attribute(attribute:"patch_publication_date", value:"2015/12/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/29"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE13\.1|SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1 / 13.2", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE13.1", reference:"libxml2-2-2.9.3-2.19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libxml2-2-debuginfo-2.9.3-2.19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libxml2-debugsource-2.9.3-2.19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libxml2-devel-2.9.3-2.19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libxml2-tools-2.9.3-2.19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libxml2-tools-debuginfo-2.9.3-2.19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"python-libxml2-2.9.3-2.19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"python-libxml2-debuginfo-2.9.3-2.19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"python-libxml2-debugsource-2.9.3-2.19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libxml2-2-32bit-2.9.3-2.19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libxml2-2-debuginfo-32bit-2.9.3-2.19.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libxml2-devel-32bit-2.9.3-2.19.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"libxml2-2-2.9.3-7.4.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"libxml2-2-debuginfo-2.9.3-7.4.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"libxml2-debugsource-2.9.3-7.4.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"libxml2-devel-2.9.3-7.4.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"libxml2-tools-2.9.3-7.4.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"libxml2-tools-debuginfo-2.9.3-7.4.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"python-libxml2-2.9.3-7.4.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"python-libxml2-debuginfo-2.9.3-7.4.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"python-libxml2-debugsource-2.9.3-7.4.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libxml2-2-32bit-2.9.3-7.4.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libxml2-2-debuginfo-32bit-2.9.3-7.4.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libxml2-devel-32bit-2.9.3-7.4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libxml2-2 / libxml2-2-32bit / libxml2-2-debuginfo / etc"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-363.NASL description - fix for CVE-2014-0191 (bnc#876652) - libxml2: external parameter entity loaded when entity substitution is disabled - added libxml2-CVE-2014-0191.patch last seen 2020-06-05 modified 2014-06-13 plugin id 75358 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75358 title openSUSE Security Update : libxml2 (openSUSE-SU-2014:0645-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2014-363. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75358); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2014-0191"); script_bugtraq_id(67233); script_name(english:"openSUSE Security Update : libxml2 (openSUSE-SU-2014:0645-1)"); script_summary(english:"Check for the openSUSE-2014-363 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: " - fix for CVE-2014-0191 (bnc#876652) - libxml2: external parameter entity loaded when entity substitution is disabled - added libxml2-CVE-2014-0191.patch" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=876652" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2014-05/msg00043.html" ); script_set_attribute( attribute:"solution", value:"Update the affected libxml2 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-2-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-2-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-libxml2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-libxml2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-libxml2-debugsource"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1"); script_set_attribute(attribute:"patch_publication_date", value:"2014/05/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE12\.3|SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.3 / 13.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE12.3", reference:"libxml2-2-2.9.0-2.21.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"libxml2-2-debuginfo-2.9.0-2.21.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"libxml2-debugsource-2.9.0-2.21.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"libxml2-devel-2.9.0-2.21.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"libxml2-tools-2.9.0-2.21.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"libxml2-tools-debuginfo-2.9.0-2.21.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"python-libxml2-2.9.0-2.21.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"python-libxml2-debuginfo-2.9.0-2.21.1") ) flag++; if ( rpm_check(release:"SUSE12.3", reference:"python-libxml2-debugsource-2.9.0-2.21.1") ) flag++; if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libxml2-2-32bit-2.9.0-2.21.1") ) flag++; if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libxml2-2-debuginfo-32bit-2.9.0-2.21.1") ) flag++; if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libxml2-devel-32bit-2.9.0-2.21.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libxml2-2-2.9.1-2.4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libxml2-2-debuginfo-2.9.1-2.4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libxml2-debugsource-2.9.1-2.4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libxml2-devel-2.9.1-2.4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libxml2-tools-2.9.1-2.4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libxml2-tools-debuginfo-2.9.1-2.4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"python-libxml2-2.9.1-2.4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"python-libxml2-debuginfo-2.9.1-2.4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"python-libxml2-debugsource-2.9.1-2.4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libxml2-2-32bit-2.9.1-2.4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libxml2-2-debuginfo-32bit-2.9.1-2.4.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libxml2-devel-32bit-2.9.1-2.4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libxml2-2 / libxml2-2-32bit / libxml2-2-debuginfo / etc"); }NASL family Misc. NASL id APPLETV_7_2_1.NASL description According to its banner, the remote Apple TV device is a version prior to 7.2.1. It is, therefore, affected by multiple vulnerabilities in the following components : - bootp - CFPreferences - CloudKit - Code Signing - CoreMedia Playback - CoreText - DiskImages - FontParser - ImageIO - IOHIDFamily - IOKit - Kernel - Libc - Libinfo - libpthread - libxml2 - libxpc - libxslt - Location Framework - Office Viewer - QL Office - Sandbox_profiles - WebKit last seen 2020-06-01 modified 2020-06-02 plugin id 90315 published 2016-04-04 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90315 title Apple TV < 7.2.1 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(90315); script_version("1.12"); script_cvs_date("Date: 2019/11/19"); script_cve_id( "CVE-2012-6685", "CVE-2014-0191", "CVE-2014-3660", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3732", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-3750", "CVE-2015-3751", "CVE-2015-3752", "CVE-2015-3753", "CVE-2015-3759", "CVE-2015-3766", "CVE-2015-3768", "CVE-2015-3776", "CVE-2015-3778", "CVE-2015-3782", "CVE-2015-3784", "CVE-2015-3793", "CVE-2015-3795", "CVE-2015-3796", "CVE-2015-3797", "CVE-2015-3798", "CVE-2015-3800", "CVE-2015-3802", "CVE-2015-3803", "CVE-2015-3804", "CVE-2015-3805", "CVE-2015-3806", "CVE-2015-3807", "CVE-2015-5749", "CVE-2015-5755", "CVE-2015-5756", "CVE-2015-5757", "CVE-2015-5758", "CVE-2015-5761", "CVE-2015-5773", "CVE-2015-5774", "CVE-2015-5775", "CVE-2015-5776", "CVE-2015-5777", "CVE-2015-5778", "CVE-2015-5781", "CVE-2015-5782", "CVE-2015-7995" ); script_bugtraq_id( 67233, 70644, 76337, 76338, 76341, 76343, 77325 ); script_xref(name:"APPLE-SA", value:"APPLE-SA-2016-02-25-1"); script_name(english:"Apple TV < 7.2.1 Multiple Vulnerabilities"); script_summary(english:"Checks the version in the banner."); script_set_attribute(attribute:"synopsis", value: "The remote device is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "According to its banner, the remote Apple TV device is a version prior to 7.2.1. It is, therefore, affected by multiple vulnerabilities in the following components : - bootp - CFPreferences - CloudKit - Code Signing - CoreMedia Playback - CoreText - DiskImages - FontParser - ImageIO - IOHIDFamily - IOKit - Kernel - Libc - Libinfo - libpthread - libxml2 - libxpc - libxslt - Location Framework - Office Viewer - QL Office - Sandbox_profiles - WebKit"); script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT205795"); # https://lists.apple.com/archives/security-announce/2016/Feb/msg00000.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d959a1e0"); script_set_attribute(attribute:"solution", value: "Upgrade to Apple TV version 7.2.1 or later. Note that this update is only available for 3rd generation models."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-5757"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/02/25"); script_set_attribute(attribute:"patch_publication_date", value:"2016/02/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/04"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:apple_tv"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("appletv_version.nasl"); script_require_keys("AppleTV/Version", "AppleTV/URL", "AppleTV/Port"); script_require_ports("Services/www", 7000); exit(0); } include("audit.inc"); include("appletv_func.inc"); url = get_kb_item('AppleTV/URL'); if (empty_or_null(url)) exit(0, 'Cannot determine Apple TV URL.'); port = get_kb_item('AppleTV/Port'); if (empty_or_null(port)) exit(0, 'Cannot determine Apple TV port.'); build = get_kb_item('AppleTV/Version'); if (empty_or_null(build)) audit(AUDIT_UNKNOWN_DEVICE_VER, 'Apple TV'); model = get_kb_item('AppleTV/Model'); if (empty_or_null(model)) exit(0, 'Cannot determine Apple TV model.'); fixed_build = "12H523"; tvos_ver = '7.2.1'; gen = APPLETV_MODEL_GEN[model]; appletv_check_version( build : build, fix : fixed_build, affected_gen : 3, model : model, gen : gen, fix_tvos_ver : tvos_ver, port : port, url : url, severity : SECURITY_HOLE );NASL family Debian Local Security Checks NASL id DEBIAN_DLA-16.NASL description Daniel P. Berrange discovered a denial of service vulnerability in libxml2 entity substitution. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2015-03-26 plugin id 82143 published 2015-03-26 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82143 title Debian DLA-16-1 : libxml2 security update code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DLA-16-1. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(82143); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2014-0191"); script_bugtraq_id(67233); script_name(english:"Debian DLA-16-1 : libxml2 security update"); script_summary(english:"Checks dpkg output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security update." ); script_set_attribute( attribute:"description", value: "Daniel P. Berrange discovered a denial of service vulnerability in libxml2 entity substitution. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2014/07/msg00005.html" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze-lts/libxml2" ); script_set_attribute(attribute:"solution", value:"Upgrade the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libxml2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libxml2-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libxml2-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libxml2-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libxml2-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python-libxml2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python-libxml2-dbg"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"patch_publication_date", value:"2014/07/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/26"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"6.0", prefix:"libxml2", reference:"2.7.8.dfsg-2+squeeze9")) flag++; if (deb_check(release:"6.0", prefix:"libxml2-dbg", reference:"2.7.8.dfsg-2+squeeze9")) flag++; if (deb_check(release:"6.0", prefix:"libxml2-dev", reference:"2.7.8.dfsg-2+squeeze9")) flag++; if (deb_check(release:"6.0", prefix:"libxml2-doc", reference:"2.7.8.dfsg-2+squeeze9")) flag++; if (deb_check(release:"6.0", prefix:"libxml2-utils", reference:"2.7.8.dfsg-2+squeeze9")) flag++; if (deb_check(release:"6.0", prefix:"python-libxml2", reference:"2.7.8.dfsg-2+squeeze9")) flag++; if (deb_check(release:"6.0", prefix:"python-libxml2-dbg", reference:"2.7.8.dfsg-2+squeeze9")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2015-111.NASL description Updated libxml2 packages fix security vulnerabilities : It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially crafted XML file that, when processed, would lead to the exhaustion of CPU and memory resources or file descriptors (CVE-2014-0191). A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior (CVE-2014-3660). last seen 2020-06-01 modified 2020-06-02 plugin id 82364 published 2015-03-30 reporter This script is Copyright (C) 2015-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82364 title Mandriva Linux Security Advisory : libxml2 (MDVSA-2015:111) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2015:111. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(82364); script_version("1.3"); script_cvs_date("Date: 2019/08/02 13:32:56"); script_cve_id("CVE-2014-0191", "CVE-2014-3660"); script_xref(name:"MDVSA", value:"2015:111"); script_name(english:"Mandriva Linux Security Advisory : libxml2 (MDVSA-2015:111)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated libxml2 packages fix security vulnerabilities : It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially crafted XML file that, when processed, would lead to the exhaustion of CPU and memory resources or file descriptors (CVE-2014-0191). A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior (CVE-2014-3660)." ); script_set_attribute( attribute:"see_also", value:"http://advisories.mageia.org/MGASA-2014-0214.html" ); script_set_attribute( attribute:"see_also", value:"http://advisories.mageia.org/MGASA-2014-0418.html" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xml2-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xml2_2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxml2-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxml2-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:2"); script_set_attribute(attribute:"patch_publication_date", value:"2015/03/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/30"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK-MBS2", cpu:"x86_64", reference:"lib64xml2-devel-2.9.1-3.1.mbs2")) flag++; if (rpm_check(release:"MDK-MBS2", cpu:"x86_64", reference:"lib64xml2_2-2.9.1-3.1.mbs2")) flag++; if (rpm_check(release:"MDK-MBS2", cpu:"x86_64", reference:"libxml2-python-2.9.1-3.1.mbs2")) flag++; if (rpm_check(release:"MDK-MBS2", cpu:"x86_64", reference:"libxml2-utils-2.9.1-3.1.mbs2")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Web Servers NASL id ORACLE_HTTP_SERVER_CPU_OCT_2015.NASL description The version of Oracle HTTP Server installed on the remote host is affected by multiple vulnerabilities : - (CVE-2003-1418) - A denial of service vulnerability exists in libxml2, related to the xmlParserHandlePEReference() function in file parser.c, due to loading external parameter entities without regard to entity substitution or validation being enabled, as in the case of entity substitution in the doctype prolog. An unauthenticated, remote attacker can exploit this, via specially crafted XML content, to exhaust the system CPU, memory, or file descriptor resources. (CVE-2014-0191) - An unspecified vulnerability exists in the Web Listener component that allows an unauthenticated, remote attacker to impact availability. (CVE-2015-1829) - (CVE-2015-2808) - An unspecified vulnerability exists in the OSSL Module that allows an unauthenticated, remote attacker to impact confidentiality. (CVE-2015-4812) - An unspecified vulnerability exists in the Web Listener component that allows an authenticated, remote attacker to impact confidentiality. (CVE-2015-4914) - (CVE-2016-2183) last seen 2020-03-18 modified 2015-10-23 plugin id 86569 published 2015-10-23 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/86569 title Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (October 2015 CPU) code # # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(86569); script_version("1.19"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/25"); script_cve_id( "CVE-2003-1418", "CVE-2014-0191", "CVE-2015-1829", "CVE-2015-2808", "CVE-2015-4812", "CVE-2015-4914", "CVE-2016-2183" ); script_bugtraq_id( 67233, 73684, 75164, 77195, 77201, 92630 ); script_name(english:"Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (October 2015 CPU)"); script_set_attribute(attribute:"synopsis", value: "The remote web server is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Oracle HTTP Server installed on the remote host is affected by multiple vulnerabilities : - (CVE-2003-1418) - A denial of service vulnerability exists in libxml2, related to the xmlParserHandlePEReference() function in file parser.c, due to loading external parameter entities without regard to entity substitution or validation being enabled, as in the case of entity substitution in the doctype prolog. An unauthenticated, remote attacker can exploit this, via specially crafted XML content, to exhaust the system CPU, memory, or file descriptor resources. (CVE-2014-0191) - An unspecified vulnerability exists in the Web Listener component that allows an unauthenticated, remote attacker to impact availability. (CVE-2015-1829) - (CVE-2015-2808) - An unspecified vulnerability exists in the OSSL Module that allows an unauthenticated, remote attacker to impact confidentiality. (CVE-2015-4812) - An unspecified vulnerability exists in the Web Listener component that allows an authenticated, remote attacker to impact confidentiality. (CVE-2015-4914) - (CVE-2016-2183)"); # http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?75a4a4fb"); script_set_attribute(attribute:"solution", value: "Apply the appropriate patch according to the October 2015 Oracle Critical Patch Update advisory."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-2183"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(200); script_set_attribute(attribute:"vuln_publication_date", value:"2014/05/05"); script_set_attribute(attribute:"patch_publication_date", value:"2015/10/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/10/23"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:http_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("oracle_http_server_installed.nbin"); script_require_keys("Oracle/OHS/Installed"); exit(0); } include('oracle_http_server_patch_func.inc'); get_kb_item_or_exit('Oracle/OHS/Installed'); install_list = get_kb_list_or_exit('Oracle/OHS/*/EffectiveVersion'); install = branch(install_list, key:TRUE, value:TRUE); patches = make_array(); patches['10.1.3.5'] = make_array('fix_ver', '10.1.3.5.151020', 'patch', '21845960'); patches['11.1.1.7'] = make_array('fix_ver', '11.1.1.7.151020', 'patch', '21640624'); patches['11.1.1.9'] = make_array('fix_ver', '11.1.1.9.151020', 'patch', '21663064'); patches['12.1.2.0'] = make_array('fix_ver', '12.1.2.0.151120', 'patch', '21768251'); patches['12.1.3.0'] = make_array('fix_ver', '12.1.3.0.160130', 'patch', '21640673'); oracle_http_server_check_vuln( install : install, min_patches : patches, severity : SECURITY_WARNING );NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2014-0513.NASL description From Red Hat Security Advisory 2014:0513 : Updated libxml2 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) An out-of-bounds read flaw was found in the way libxml2 detected the end of an XML file. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to crash. (CVE-2013-2877) The CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat. All libxml2 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 74100 published 2014-05-20 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74100 title Oracle Linux 6 : libxml2 (ELSA-2014-0513) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_EFDD0EDCDA3D11E39ECB2C4138874F7D.NASL description Stefan Cornelius reports : It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substitution in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially crafted XML file that, when processed, would lead to the exhaustion of CPU and memory resources or file descriptors. This issue was discovered by Daniel Berrange of Red Hat. last seen 2020-06-01 modified 2020-06-02 plugin id 73975 published 2014-05-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/73975 title FreeBSD : libxml2 -- entity substitution DoS (efdd0edc-da3d-11e3-9ecb-2c4138874f7d) NASL family AIX Local Security Checks NASL id AIX_U861276.NASL description The remote host is missing AIX PTF U861276, which is related to the security of the package bos.rte.control. Libxml2 is vulnerable to a denial of service, caused by the expansion of internal entities within the xmlParserHandlePEReference(). last seen 2020-06-01 modified 2020-06-02 plugin id 79062 published 2014-11-10 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/79062 title AIX 6.1 TL 9 : bos.rte.control (U861276) NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-409.NASL description Removed fix for CVE-2014-0191. This fix breaks existing applications and there last seen 2020-06-05 modified 2014-06-13 plugin id 75381 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75381 title openSUSE Security Update : libxml2 / python-libxml2 (openSUSE-SU-2014:0753-1) NASL family Fedora Local Security Checks NASL id FEDORA_2014-17609.NASL description Update to libxml2 2.9.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2015-01-02 plugin id 80327 published 2015-01-02 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80327 title Fedora 21 : mingw-libxml2-2.9.2-1.fc21 (2014-17609) NASL family Web Servers NASL id ORACLE_HTTP_SERVER_CPU_JAN_2015.NASL description The version of Oracle HTTP Server installed on the remote host is affected by multiple vulnerabilities in the Web Listener subcomponent : - An integer overflow condition exists in libxml2 within file xpath.c, related to XPath expressions when adding a new namespace note. An unauthenticated, remote attacker can exploit this, via a crafted XML file, to cause a denial of service condition or the execution of arbitary code. (CVE-2011-1944) - An integer overflow condition exists in the HTTP server, specifically in the ap_pregsub() function within file server/util.c, when the mod_setenvif module is enabled. A local attacker can exploit this to gain elevated privileges by using an .htaccess file with a crafted combination of SetEnvIf directives and HTTP request headers. (CVE-2011-3607) - A flaw exists in libxml2, known as the last seen 2020-03-18 modified 2015-01-27 plugin id 81002 published 2015-01-27 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81002 title Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2015 CPU) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2014-0513.NASL description Updated libxml2 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) An out-of-bounds read flaw was found in the way libxml2 detected the end of an XML file. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to crash. (CVE-2013-2877) The CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat. All libxml2 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 74094 published 2014-05-20 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74094 title CentOS 6 : libxml2 (CESA-2014:0513) NASL family AIX Local Security Checks NASL id AIX_IV62447.NASL description Libxml2 is vulnerable to a denial of service, caused by the expansion of internal entities within the xmlParserHandlePEReference(). last seen 2020-06-01 modified 2020-06-02 plugin id 77257 published 2014-08-20 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/77257 title AIX 6.1 TL 8 : libxml2 (IV62447) NASL family Scientific Linux Local Security Checks NASL id SL_20140519_LIBXML2_ON_SL6_X.NASL description It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) An out-of-bounds read flaw was found in the way libxml2 detected the end of an XML file. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to crash. (CVE-2013-2877) The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-03-18 modified 2014-05-20 plugin id 74103 published 2014-05-20 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74103 title Scientific Linux Security Update : libxml2 on SL6.x i386/x86_64 (20140519) NASL family AIX Local Security Checks NASL id AIX_IV62448.NASL description Libxml2 is vulnerable to a denial of service, caused by the expansion of internal entities within the xmlParserHandlePEReference(). last seen 2020-06-01 modified 2020-06-02 plugin id 77258 published 2014-08-20 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/77258 title AIX 6.1 TL 9 : libxml2 (IV62448) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201409-08.NASL description The remote host is affected by the vulnerability described in GLSA-201409-08 (libxml2: Denial of Service) A vulnerability in the xmlParserHandlePEReference() function of parser.c, when expanding entity references, can be exploited to consume large amounts of memory and cause a crash or hang. Impact : A remote attacker may be able to cause Denial of Service via a specially crafted XML file containing malicious attributes. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 77776 published 2014-09-22 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/77776 title GLSA-201409-08 : libxml2: Denial of Service NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-394.NASL description Updated fix for openSUSE-SU-2014:0645-1 because of a regression that caused xmllint to break. last seen 2020-06-05 modified 2014-06-13 plugin id 75373 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75373 title openSUSE Security Update : libxml2 / python-libxml2 (openSUSE-SU-2014:0716-1) NASL family AIX Local Security Checks NASL id AIX_IV62449.NASL description Libxml2 is vulnerable to a denial of service, caused by the expansion of internal entities within the xmlParserHandlePEReference(). last seen 2020-06-01 modified 2020-06-02 plugin id 77259 published 2014-08-20 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/77259 title AIX 7.1 TL 2 : libxml2 (IV62449) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2014-086.NASL description Updated libxml2 packages fix security vulnerability : It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially crafted XML file that, when processed, would lead to the exhaustion of CPU and memory resources or file descriptors (CVE-2014-0191). last seen 2020-06-01 modified 2020-06-02 plugin id 73978 published 2014-05-13 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73978 title Mandriva Linux Security Advisory : libxml2 (MDVSA-2014:086) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2014-341.NASL description It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially crafted XML file that, when processed, would lead to the exhaustion of CPU and memory resources or file descriptors. last seen 2020-06-01 modified 2020-06-02 plugin id 78284 published 2014-10-12 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/78284 title Amazon Linux AMI : libxml2 (ALAS-2014-341) NASL family MacOS X Local Security Checks NASL id MACOSX_10_10_5.NASL description The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.5. It is, therefore, affected by multiple vulnerabilities in the following components : - apache - apache_mod_php - Apple ID OD Plug-in - AppleGraphicsControl - Bluetooth - bootp - CloudKit - CoreMedia Playback - CoreText - curl - Data Detectors Engine - Date & Time pref pane - Dictionary Application - DiskImages - dyld - FontParser - groff - ImageIO - Install Framework Legacy - IOFireWireFamily - IOGraphics - IOHIDFamily - Kernel - Libc - Libinfo - libpthread - libxml2 - libxpc - mail_cmds - Notification Center OSX - ntfs - OpenSSH - OpenSSL - perl - PostgreSQL - python - QL Office - Quartz Composer Framework - Quick Look - QuickTime 7 - SceneKit - Security - SMBClient - Speech UI - sudo - tcpdump - Text Formats - udf Note that successful exploitation of the most serious issues can result in arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 85408 published 2015-08-17 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/85408 title Mac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities NASL family Misc. NASL id VMWARE_ESXI_5_1_BUILD_2323236_REMOTE.NASL description The remote VMware ESXi host is version 5.1 prior to build 2323236. It is, therefore, affected by the following vulnerabilities in bundled third-party libraries : - Multiple vulnerabilities exist in the bundled Python library. (CVE-2011-3389, CVE-2012-0845, CVE-2012-0876, CVE-2012-1150, CVE-2013-1752, CVE-2013-4238) - Multiple vulnerabilities exist in the bundled GNU C Library (glibc). (CVE-2013-0242, CVE-2013-1914, CVE-2013-4332) - Multiple vulnerabilities exist in the bundled XML Parser library (libxml2). (CVE-2013-2877, CVE-2014-0191) - Multiple vulnerabilities exist in the bundled cURL library (libcurl). (CVE-2014-0015, CVE-2014-0138) last seen 2020-06-01 modified 2020-06-02 plugin id 79862 published 2014-12-12 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/79862 title ESXi 5.1 < Build 2323236 Third-Party Libraries Multiple Vulnerabilities (remote check) (BEAST) NASL family AIX Local Security Checks NASL id AIX_U862099.NASL description The remote host is missing AIX PTF U862099, which is related to the security of the package bos.rte.control. Libxml2 is vulnerable to a denial of service, caused by the expansion of internal entities within the xmlParserHandlePEReference(). last seen 2020-06-01 modified 2020-06-02 plugin id 79063 published 2014-11-10 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/79063 title AIX 7.1 TL 3 : bos.rte.control (U862099) NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2015-006.NASL description The remote host is running a version of Mac OS X 10.8.5 or 10.9.5 that is missing Security Update 2015-006. It is, therefore, affected by multiple vulnerabilities in the following components : - apache - apache_mod_php - CoreText - FontParser - Libinfo - libxml2 - OpenSSL - perl - PostgreSQL - QL Office - Quartz Composer Framework - QuickTime 7 - SceneKit Note that successful exploitation of the most serious issues can result in arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 85409 published 2015-08-17 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85409 title Mac OS X Multiple Vulnerabilities (Security Update 2015-006) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2015-0749.NASL description From Red Hat Security Advisory 2015:0749 : Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) The CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat. All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 82464 published 2015-03-31 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82464 title Oracle Linux 7 : libxml2 (ELSA-2015-0749) NASL family Scientific Linux Local Security Checks NASL id SL_20150330_LIBXML2_ON_SL7_X.NASL description It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-03-18 modified 2015-03-31 plugin id 82468 published 2015-03-31 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82468 title Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20150330) NASL family Fedora Local Security Checks NASL id FEDORA_2015-4658.NASL description fixes built in also added a couple of other entities related patches including a fix to CVE-2014-3660 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2015-04-08 plugin id 82627 published 2015-04-08 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82627 title Fedora 21 : libxml2-2.9.1-7.fc21 (2015-4658) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-151.NASL description It was discovered that the update released for libxml2 in DSA 2978 fixing CVE-2014-0191 was incomplete. This caused libxml2 to still fetch external entities regardless of whether entity substitution or validation is enabled. In addition, this update addresses a regression introduced in DSA 3057 by the patch fixing CVE-2014-3660. This caused libxml2 to not parse an entity when it last seen 2020-03-17 modified 2015-03-26 plugin id 82134 published 2015-03-26 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82134 title Debian DLA-151-1 : libxml2 security update NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2015-0749.NASL description Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) The CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat. All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 82476 published 2015-04-01 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82476 title CentOS 7 : libxml2 (CESA-2015:0749) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2978.NASL description Daniel P. Berrange discovered a denial of service vulnerability in libxml2 entity substitution. last seen 2020-03-17 modified 2014-07-15 plugin id 76499 published 2014-07-15 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76499 title Debian DSA-2978-1 : libxml2 - security update NASL family Solaris Local Security Checks NASL id SOLARIS11_LIBXML2_20140819.NASL description The remote Solaris system is missing necessary patches to address security updates. last seen 2020-06-01 modified 2020-06-02 plugin id 80692 published 2015-01-19 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80692 title Oracle Solaris Third-Party Patch Update : libxml2 (cve_2014_0191_denial_of) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2214-1.NASL description Daniel Berrange discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 74035 published 2014-05-16 reporter Ubuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74035 title Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : libxml2 vulnerability (USN-2214-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-0513.NASL description Updated libxml2 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) An out-of-bounds read flaw was found in the way libxml2 detected the end of an XML file. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to crash. (CVE-2013-2877) The CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat. All libxml2 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 74102 published 2014-05-20 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74102 title RHEL 6 : libxml2 (RHSA-2014:0513) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-80.NASL description Sogeti found a denial of service flaw in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. (CVE-2014-3660) In addition, this update addresses a misapplied chunk for a patch released the previous version (#762864). NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2015-03-26 plugin id 82225 published 2015-03-26 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82225 title Debian DLA-80-1 : libxml2 security update NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2014-0031.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball - CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149085) - Fix a set of regressions introduced in CVE-2014-0191 (rhbz#1105011) - Improve handling of xmlStopParser(CVE-2013-2877) - Do not fetch external parameter entities (CVE-2014-0191) - Fix a regression in 2.9.0 breaking validation while streaming (rhbz#863166) - detect and stop excessive entities expansion upon replacement (rhbz#912575) last seen 2020-06-01 modified 2020-06-02 plugin id 79546 published 2014-11-26 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79546 title OracleVM 3.3 : libxml2 (OVMSA-2014-0031) NASL family Fedora Local Security Checks NASL id FEDORA_2014-17573.NASL description Update to libxml2 2.9.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2015-01-02 plugin id 80318 published 2015-01-02 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80318 title Fedora 20 : mingw-libxml2-2.9.2-1.fc20 (2014-17573) NASL family AIX Local Security Checks NASL id AIX_IV62450.NASL description Libxml2 is vulnerable to a denial of service, caused by the expansion of internal entities within the xmlParserHandlePEReference(). last seen 2020-06-01 modified 2020-06-02 plugin id 77260 published 2014-08-20 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/77260 title AIX 7.1 TL 3 : libxml2 (IV62450) NASL family Misc. NASL id VMWARE_VMSA-2014-0012_REMOTE.NASL description The remote VMware ESXi host is affected by multiple vulnerabilities : - Multiple denial of service vulnerabilities exist in Python function _read_status() in library httplib and in function readline() in libraries smtplib, ftplib, nntplib, imaplib, and poplib. A remote attacker can exploit these vulnerabilities to crash the module. (CVE-2013-1752) - A out-of-bounds read error exists in file parser.c in library libxml2 due to a failure to properly check the XML_PARSER_EOF state. An unauthenticated, remote attacker can exploit this, via a crafted document that abruptly ends, to cause a denial of service. (CVE-2013-2877) - A spoofing vulnerability exists in the Python SSL module in the ssl.match_hostname() function due to improper handling of the NULL character ( last seen 2020-06-01 modified 2020-06-02 plugin id 87681 published 2015-12-30 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/87681 title VMware ESXi Multiple Vulnerabilities (VMSA-2014-0012) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2015-0749.NASL description Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) The CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat. All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 82427 published 2015-03-30 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82427 title RHEL 7 : libxml2 (RHSA-2015:0749) NASL family Misc. NASL id VMWARE_VCENTER_VMSA-2014-0012.NASL description The VMware vCenter Server installed on the remote host is version 5.0 prior to Update 3c, 5.1 prior to Update 3, or 5.5 prior to Update 2. It is, therefore, affected by multiple vulnerabilities in third party libraries : - Due to improper certificate validation when connecting to a CIM server on an ESXi host, an attacker can perform man-in-the-middle attacks. (CVE-2014-8371) - The bundled version of Oracle JRE is prior to 1.6.0_81 and thus is affected by multiple vulnerabilities. Note that this only affects version 5.1 and 5.0 of vCenter but is only fixed in 5.1 Update 3. last seen 2020-06-01 modified 2020-06-02 plugin id 79865 published 2014-12-12 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/79865 title VMware Security Updates for vCenter Server (VMSA-2014-0012) NASL family Fedora Local Security Checks NASL id FEDORA_2015-4719.NASL description fixes built in also added a couple of other entities related patches including a fix to CVE-2014-3660 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2015-04-13 plugin id 82728 published 2015-04-13 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82728 title Fedora 20 : libxml2-2.9.1-4.fc20 (2015-4719) NASL family VMware ESX Local Security Checks NASL id VMWARE_VMSA-2014-0012.NASL description a. VMware vCSA cross-site scripting vulnerability VMware vCenter Server Appliance (vCSA) contains a vulnerability that may allow for Cross Site Scripting. Exploitation of this vulnerability in vCenter Server requires tricking a user to click on a malicious link or to open a malicious web page. VMware would like to thank Tanya Secker of Trustwave SpiderLabs for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-3797 to this issue. b. vCenter Server certificate validation issue vCenter Server does not properly validate the presented certificate when establishing a connection to a CIM Server residing on an ESXi host. This may allow for a Man-in-the-middle attack against the CIM service. VMware would like to thank The Google Security Team for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2014-8371 to this issue. c. Update to ESXi libxml2 package libxml2 is updated to address multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-2877 and CVE-2014-0191 to these issues. d. Update to ESXi Curl package Curl is updated to address multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-0015 and CVE-2014-0138 to these issues. e. Update to ESXi Python package Python is updated to address multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-1752 and CVE-2013-4238 to these issues. f. vCenter and Update Manager, Oracle JRE 1.6 Update 81 Oracle has documented the CVE identifiers that are addressed in JRE 1.6.0 update 81 in the Oracle Java SE Critical Patch Update Advisory of July 2014. The References section provides a link to this advisory. last seen 2020-06-01 modified 2020-06-02 plugin id 79762 published 2014-12-06 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79762 title VMSA-2014-0012 : VMware vSphere product updates address security vulnerabilities
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
- http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
- http://rhn.redhat.com/errata/RHSA-2015-0749.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
- http://www.securityfocus.com/bid/67233
- http://www-01.ibm.com/support/docview.wss?uid=swg21678183
- http://xmlsoft.org/news.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1090976
- https://exchange.xforce.ibmcloud.com/vulnerabilities/93092
- https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df
- https://support.apple.com/kb/HT205030
- https://support.apple.com/kb/HT205031