Vulnerabilities > CVE-2015-2318 - Improper Certificate Validation vulnerability in multiple products

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.

Vulnerable Configurations

Part Description Count
Application
Mono-Project
206
OS
Debian
1

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Creating a Rogue Certificate Authority Certificate
    An attacker exploits a weakness in the MD5 hash algorithm (weak collision resistance) to generate a certificate signing request (CSR) that contains collision blocks in the "to be signed" part. The attacker specially crafts two different, but valid X.509 certificates that when hashed with the MD5 algorithm would yield the same value. The attacker then sends the CSR for one of the certificates to the Certification Authority which uses the MD5 hashing algorithm. That request is completely valid and the Certificate Authority issues an X.509 certificate to the attacker which is signed with its private key. An attacker then takes that signed blob and inserts it into another X.509 certificate that the attacker generated. Due to the MD5 collision, both certificates, though different, hash to the same value and so the signed blob works just as well in the second certificate. The net effect is that the attackers' second X.509 certificate, which the Certification Authority has never seen, is now signed and validated by that Certification Authority. To make the attack more interesting, the second certificate could be not just a regular certificate, but rather itself a signing certificate. Thus the attacker is able to start their own Certification Authority that is anchored in its root of trust in the legitimate Certification Authority that has signed the attackers' first X.509 certificate. If the original Certificate Authority was accepted by default by browsers, so will now the Certificate Authority set up by the attacker and of course any certificates that it signs. So the attacker is now able to generate any SSL certificates to impersonate any web server, and the user's browser will not issue any warning to the victim. This can be used to compromise HTTPS communications and other types of systems where PKI and X.509 certificates may be used (e.g., VPN, IPSec) .

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_BYTEFX-DATA-MYSQL-150318.NASL
    descriptionMultiple SSL vulnerabilities were fixed in the Mono TLS implementation. - SKIP-TLS problem could be used to client impersonification. (CVE-2015-2318) - A FREAK style SSL protocol downgrade problem was fixed. (CVE-2015-2319) - The SSLv2 support was disabled. (CVE-2015-2320)
    last seen2020-06-01
    modified2020-06-02
    plugin id83330
    published2015-05-11
    reporterThis script is Copyright (C) 2015 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83330
    titleSuSE 11.3 Security Update : Mono (SAT Patch Number 10497)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(83330);
      script_version("$Revision: 2.1 $");
      script_cvs_date("$Date: 2015/05/11 23:42:11 $");
    
      script_cve_id("CVE-2015-2318", "CVE-2015-2319", "CVE-2015-2320");
    
      script_name(english:"SuSE 11.3 Security Update : Mono (SAT Patch Number 10497)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple SSL vulnerabilities were fixed in the Mono TLS
    implementation.
    
      - SKIP-TLS problem could be used to client
        impersonification. (CVE-2015-2318)
    
      - A FREAK style SSL protocol downgrade problem was fixed.
        (CVE-2015-2319)
    
      - The SSLv2 support was disabled. (CVE-2015-2320)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=921312"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2015-2318.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2015-2319.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2015-2320.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 10497.");
      script_set_attribute(attribute:"risk_factor", value:"High");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:bytefx-data-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:ibm-data-db2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-core");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-data");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-data-firebird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-data-oracle");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-data-postgresql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-data-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-data-sybase");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-extras");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-jscript");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-locale-extras");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-nunit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-wcf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-web");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mono-winforms");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:monodoc-core");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/03/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, "SuSE 11.3");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"bytefx-data-mysql-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"ibm-data-db2-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-core-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-data-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-data-firebird-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-data-oracle-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-data-postgresql-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-data-sqlite-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-data-sybase-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-devel-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-extras-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-jscript-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-locale-extras-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-nunit-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-wcf-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-web-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mono-winforms-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"monodoc-core-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"bytefx-data-mysql-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"ibm-data-db2-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-core-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-data-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-data-firebird-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-data-oracle-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-data-postgresql-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-data-sqlite-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-data-sybase-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-devel-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-extras-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-jscript-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-locale-extras-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-nunit-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-wcf-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-web-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mono-winforms-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"monodoc-core-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLES11", sp:3, reference:"mono-core-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLES11", sp:3, reference:"mono-data-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLES11", sp:3, reference:"mono-data-postgresql-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLES11", sp:3, reference:"mono-data-sqlite-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLES11", sp:3, reference:"mono-locale-extras-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLES11", sp:3, reference:"mono-nunit-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLES11", sp:3, reference:"mono-web-2.6.7-0.13.1")) flag++;
    if (rpm_check(release:"SLES11", sp:3, reference:"mono-winforms-2.6.7-0.13.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3202.NASL
    descriptionResearchers at INRIA and Xamarin discovered several vulnerabilities in mono, a platform for running and developing applications based on the ECMA/ISO Standards. Mono
    last seen2020-03-17
    modified2015-03-24
    plugin id82000
    published2015-03-24
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82000
    titleDebian DSA-3202-1 : mono - security update
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-3202. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(82000);
      script_version("1.11");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2015-2318", "CVE-2015-2319", "CVE-2015-2320");
      script_bugtraq_id(73250, 73253, 73256);
      script_xref(name:"DSA", value:"3202");
    
      script_name(english:"Debian DSA-3202-1 : mono - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Researchers at INRIA and Xamarin discovered several vulnerabilities in
    mono, a platform for running and developing applications based on the
    ECMA/ISO Standards. Mono's TLS stack contained several problems that
    hampered its capabilities: those issues could lead to client
    impersonation (via SKIP-TLS), SSLv2 fallback, and encryption weakening
    (via FREAK)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/wheezy/mono"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2015/dsa-3202"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the mono packages.
    
    For the stable distribution (wheezy), these problems have been fixed
    in version 2.10.8.1-8+deb7u1."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/03/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"7.0", prefix:"libmono-2.0-1", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-2.0-1-dbg", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-2.0-dev", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-accessibility2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-accessibility4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-c5-1.1-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-cairo2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-cairo4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-cecil-private-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-cil-dev", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-codecontracts4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-compilerservices-symbolwriter4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-corlib2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-corlib4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-cscompmgd8.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-csharp4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-custommarshalers4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-data-tds2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-data-tds4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-db2-1.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-debugger-soft2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-debugger-soft4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-http4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-i18n-cjk4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-i18n-mideast4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-i18n-other4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-i18n-rare4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-i18n-west2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-i18n-west4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-i18n2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-i18n4.0-all", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-i18n4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-ldap2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-ldap4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-management2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-management4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-messaging-rabbitmq2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-messaging-rabbitmq4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-messaging2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-messaging4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-microsoft-build-engine4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-microsoft-build-framework4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-microsoft-build-tasks-v4.0-4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-microsoft-build-utilities-v4.0-4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-microsoft-build2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-microsoft-csharp4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-microsoft-visualc10.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-microsoft-web-infrastructure1.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-microsoft8.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-npgsql2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-npgsql4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-opensystem-c4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-oracle2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-oracle4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-peapi2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-peapi4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-posix2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-posix4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-profiler", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-rabbitmq2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-rabbitmq4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-relaxng2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-relaxng4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-security2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-security4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-sharpzip2.6-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-sharpzip2.84-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-sharpzip4.84-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-simd2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-simd4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-sqlite2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-sqlite4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-componentmodel-composition4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-componentmodel-dataannotations4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-configuration-install4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-configuration4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-core4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-data-datasetextensions4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-data-linq2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-data-linq4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-data-services-client4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-data-services4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-data2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-data4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-design4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-drawing-design4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-drawing4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-dynamic4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-enterpriseservices4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-identitymodel-selectors4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-identitymodel4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-ldap2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-ldap4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-management4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-messaging2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-messaging4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-net4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-numerics4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-runtime-caching4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-runtime-durableinstancing4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-runtime-serialization-formatters-soap4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-runtime-serialization4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-runtime2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-runtime4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-security4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-servicemodel-discovery4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-servicemodel-routing4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-servicemodel-web4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-servicemodel4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-serviceprocess4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-transactions4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-web-abstractions4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-web-applicationservices4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-web-dynamicdata4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-web-extensions-design4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-web-extensions4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-web-mvc1.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-web-mvc2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-web-routing4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-web-services4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-web2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-web4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-windows-forms-datavisualization4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-windows-forms4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-xaml4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-xml-linq4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system-xml4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-system4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-tasklets2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-tasklets4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-wcf3.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-web4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-webbrowser2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-webbrowser4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-webmatrix-data4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-windowsbase3.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-windowsbase4.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono-winforms2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libmono2.0-cil", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-2.0-gac", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-2.0-service", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-4.0-gac", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-4.0-service", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-complete", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-csharp-shell", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-dbg", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-devel", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-dmcs", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-gac", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-gmcs", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-jay", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-mcs", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-runtime", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-runtime-dbg", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-runtime-sgen", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-utils", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"mono-xbuild", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"monodoc-base", reference:"2.10.8.1-8+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"monodoc-manual", reference:"2.10.8.1-8+deb7u1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-176.NASL
    descriptionThree issues with Mono
    last seen2020-03-17
    modified2015-03-26
    plugin id82161
    published2015-03-26
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82161
    titleDebian DLA-176-1 : mono security update
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Debian Security Advisory DLA-176-1. The text
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(82161);
      script_version("1.10");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2015-2318", "CVE-2015-2319", "CVE-2015-2320");
      script_bugtraq_id(73250, 73253, 73256);
    
      script_name(english:"Debian DLA-176-1 : mono security update");
      script_summary(english:"Checks dpkg output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Three issues with Mono's TLS stack are addressed.
    
    CVE-2015-2318
    
    Mono's implementation of the SSL/TLS stack failed to check the order
    of the handshake messages. Which would allow various attacks on the
    protocol to succeed. ('SKIP-TLS')
    
    CVE-2015-2319
    
    Mono's implementation of SSL/TLS also contained support for the weak
    EXPORT cyphers and was susceptible to the FREAK attack.
    
    CVE-2015-2320
    
    Mono contained SSLv2 fallback code, which is no longer needed and can
    be considered insecure.
    
    NOTE: Tenable Network Security has extracted the preceding description
    block directly from the DLA security advisory. Tenable has attempted
    to automatically clean and format it as much as possible without
    introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.debian.org/debian-lts-announce/2015/03/msg00013.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/squeeze-lts/mono"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-accessibility1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-accessibility2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-bytefx0.7.6.1-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-bytefx0.7.6.2-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-c5-1.1-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-cairo1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-cairo2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-cecil-private-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-cil-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-corlib1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-corlib2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-cscompmgd7.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-cscompmgd8.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-data-tds1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-data-tds2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-data1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-data2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-db2-1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-debugger-soft0.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-firebirdsql1.7-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-getoptions1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-getoptions2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-i18n-west1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-i18n-west2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-i18n1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-i18n2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-ldap1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-ldap2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-management2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-messaging-rabbitmq2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-messaging2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-microsoft-build2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-microsoft7.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-microsoft8.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-npgsql1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-npgsql2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-oracle1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-oracle2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-peapi1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-peapi2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-posix1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-posix2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-profiler");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-rabbitmq2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-relaxng1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-relaxng2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-security1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-security2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-sharpzip0.6-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-sharpzip0.84-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-sharpzip2.6-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-sharpzip2.84-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-simd2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-sqlite1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-sqlite2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-data-linq2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-data1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-data2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-ldap1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-ldap2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-messaging1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-messaging2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-runtime1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-runtime2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-web-mvc1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-web-mvc2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-web1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system-web2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-system2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-tasklets2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-wcf3.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-webbrowser0.5-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-windowsbase3.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-winforms1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono-winforms2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono0-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono1.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmono2.0-cil");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-1.0-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-1.0-gac");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-1.0-service");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-2.0-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-2.0-gac");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-2.0-service");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-complete");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-csharp-shell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-gac");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-gmcs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-jay");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-mcs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-mjs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-runtime");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-runtime-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mono-xbuild");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:monodoc-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:monodoc-manual");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:prj2make-sharp");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/03/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/26");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"6.0", prefix:"libmono-accessibility1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-accessibility2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-bytefx0.7.6.1-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-bytefx0.7.6.2-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-c5-1.1-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-cairo1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-cairo2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-cecil-private-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-cil-dev", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-corlib1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-corlib2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-cscompmgd7.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-cscompmgd8.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-data-tds1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-data-tds2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-data1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-data2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-db2-1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-debugger-soft0.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-dev", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-firebirdsql1.7-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-getoptions1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-getoptions2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-i18n-west1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-i18n-west2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-i18n1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-i18n2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-ldap1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-ldap2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-management2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-messaging-rabbitmq2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-messaging2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-microsoft-build2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-microsoft7.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-microsoft8.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-npgsql1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-npgsql2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-oracle1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-oracle2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-peapi1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-peapi2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-posix1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-posix2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-profiler", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-rabbitmq2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-relaxng1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-relaxng2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-security1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-security2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-sharpzip0.6-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-sharpzip0.84-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-sharpzip2.6-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-sharpzip2.84-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-simd2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-sqlite1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-sqlite2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-data-linq2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-data1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-data2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-ldap1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-ldap2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-messaging1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-messaging2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-runtime1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-runtime2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-web-mvc1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-web-mvc2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-web1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system-web2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-system2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-tasklets2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-wcf3.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-webbrowser0.5-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-windowsbase3.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-winforms1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono-winforms2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono0", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono0-dbg", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono1.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"libmono2.0-cil", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-1.0-devel", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-1.0-gac", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-1.0-service", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-2.0-devel", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-2.0-gac", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-2.0-service", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-complete", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-csharp-shell", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-dbg", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-devel", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-gac", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-gmcs", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-jay", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-mcs", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-mjs", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-runtime", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-runtime-dbg", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-utils", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"mono-xbuild", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"monodoc-base", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"monodoc-manual", reference:"2.6.7-5.1+deb6u1")) flag++;
    if (deb_check(release:"6.0", prefix:"prj2make-sharp", reference:"2.6.7-5.1+deb6u1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2547-1.NASL
    descriptionIt was discovered that the Mono TLS implementation was vulnerable to the SKIP-TLS vulnerability. A remote attacker could possibly use this issue to perform client impersonation attacks. (CVE-2015-2318) It was discovered that the Mono TLS implementation was vulnerable to the FREAK vulnerability. A remote attacker or a man in the middle could possibly use this issue to force the use of insecure ciphersuites. (CVE-2015-2319) It was discovered that the Mono TLS implementation still supported a fallback to SSLv2. This update removes the functionality as use of SSLv2 is known to be insecure. (CVE-2015-2320) It was discovered that Mono incorrectly handled memory in certain circumstances. A remote attacker could possibly use this issue to cause Mono to crash, resulting in a denial of service, or to obtain sensitive information. This issue only applied to Ubuntu 12.04 LTS. (CVE-2011-0992) It was discovered that Mono incorrectly handled hash collisions. A remote attacker could possibly use this issue to cause Mono to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS. (CVE-2012-3543). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id82074
    published2015-03-25
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82074
    titleUbuntu 12.04 LTS / 14.04 LTS / 14.10 : mono vulnerabilities (USN-2547-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-2547-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(82074);
      script_version("1.13");
      script_cvs_date("Date: 2019/09/18 12:31:44");
    
      script_cve_id("CVE-2011-0992", "CVE-2012-3543", "CVE-2015-2318", "CVE-2015-2319", "CVE-2015-2320");
      script_bugtraq_id(47208, 55251, 73250, 73253, 73256);
      script_xref(name:"USN", value:"2547-1");
    
      script_name(english:"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : mono vulnerabilities (USN-2547-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "It was discovered that the Mono TLS implementation was vulnerable to
    the SKIP-TLS vulnerability. A remote attacker could possibly use this
    issue to perform client impersonation attacks. (CVE-2015-2318)
    
    It was discovered that the Mono TLS implementation was vulnerable to
    the FREAK vulnerability. A remote attacker or a man in the middle
    could possibly use this issue to force the use of insecure
    ciphersuites. (CVE-2015-2319)
    
    It was discovered that the Mono TLS implementation still supported a
    fallback to SSLv2. This update removes the functionality as use of
    SSLv2 is known to be insecure. (CVE-2015-2320)
    
    It was discovered that Mono incorrectly handled memory in certain
    circumstances. A remote attacker could possibly use this issue to
    cause Mono to crash, resulting in a denial of service, or to obtain
    sensitive information. This issue only applied to Ubuntu 12.04 LTS.
    (CVE-2011-0992)
    
    It was discovered that Mono incorrectly handled hash collisions. A
    remote attacker could possibly use this issue to cause Mono to crash,
    resulting in a denial of service. This issue only applied to Ubuntu
    12.04 LTS. (CVE-2012-3543).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/2547-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libmono-2.0-1 and / or mono-runtime packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmono-2.0-1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mono-runtime");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.10");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/04/13");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/03/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/25");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(12\.04|14\.04|14\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 14.04 / 14.10", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"12.04", pkgname:"libmono-2.0-1", pkgver:"2.10.8.1-1ubuntu2.3")) flag++;
    if (ubuntu_check(osver:"12.04", pkgname:"mono-runtime", pkgver:"2.10.8.1-1ubuntu2.3")) flag++;
    if (ubuntu_check(osver:"14.04", pkgname:"libmono-2.0-1", pkgver:"3.2.8+dfsg-4ubuntu1.1")) flag++;
    if (ubuntu_check(osver:"14.04", pkgname:"mono-runtime", pkgver:"3.2.8+dfsg-4ubuntu1.1")) flag++;
    if (ubuntu_check(osver:"14.10", pkgname:"libmono-2.0-1", pkgver:"3.2.8+dfsg-4ubuntu2.1")) flag++;
    if (ubuntu_check(osver:"14.10", pkgname:"mono-runtime", pkgver:"3.2.8+dfsg-4ubuntu2.1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmono-2.0-1 / mono-runtime");
    }