Vulnerabilities > CVE-2015-8869 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
PARTIAL Summary
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| OS | 1 | |
| Application | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Buffer Overflow via Environment Variables This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
- Overflow Buffers Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
- Client-side Injection-induced Buffer Overflow This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
- Filter Failure through Buffer Overflow In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
- MIME Conversion An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2016-78AD11154F.NASL description Security fix for CVE-2015-8869 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-07-14 plugin id 92114 published 2016-07-14 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/92114 title Fedora 23 : ocaml (2016-78ad11154f) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2016-78ad11154f. # include("compat.inc"); if (description) { script_id(92114); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2015-8869"); script_xref(name:"FEDORA", value:"2016-78ad11154f"); script_name(english:"Fedora 23 : ocaml (2016-78ad11154f)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Security fix for CVE-2015-8869 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2016-78ad11154f" ); script_set_attribute(attribute:"solution", value:"Update the affected ocaml package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ocaml"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:23"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/13"); script_set_attribute(attribute:"patch_publication_date", value:"2016/05/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/07/14"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^23([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 23", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC23", reference:"ocaml-4.02.2-5.fc23")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ocaml"); }NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-1296.NASL description From Red Hat Security Advisory 2016:1296 : An update for ocaml is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. The ocaml packages contain two batch compilers (a fast bytecode compiler and an optimizing native-code compiler), an interactive top level system, parsing tools (Lex, Yacc, Camlp4), a replay debugger, a documentation generator, and a comprehensive library. Security Fix(es) : * OCaml versions 4.02.3 and earlier have a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be sign-extended from 32- to 64-bits before being passed to the memmove function. This leads to arguments between 2GiB and 4GiB being interpreted as larger than they are (specifically, a bit below 2^64), causing a buffer overflow. Further, arguments between 4GiB and 6GiB are interpreted as 4GiB smaller than they should be, causing a possible information leak. (CVE-2015-8869) last seen 2020-06-01 modified 2020-06-02 plugin id 91799 published 2016-06-24 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91799 title Oracle Linux 7 : ocaml (ELSA-2016-1296) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2016:1296 and # Oracle Linux Security Advisory ELSA-2016-1296 respectively. # include("compat.inc"); if (description) { script_id(91799); script_version("2.7"); script_cvs_date("Date: 2019/09/27 13:00:37"); script_cve_id("CVE-2015-8869"); script_xref(name:"RHSA", value:"2016:1296"); script_name(english:"Oracle Linux 7 : ocaml (ELSA-2016-1296)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2016:1296 : An update for ocaml is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. The ocaml packages contain two batch compilers (a fast bytecode compiler and an optimizing native-code compiler), an interactive top level system, parsing tools (Lex, Yacc, Camlp4), a replay debugger, a documentation generator, and a comprehensive library. Security Fix(es) : * OCaml versions 4.02.3 and earlier have a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be sign-extended from 32- to 64-bits before being passed to the memmove function. This leads to arguments between 2GiB and 4GiB being interpreted as larger than they are (specifically, a bit below 2^64), causing a buffer overflow. Further, arguments between 4GiB and 6GiB are interpreted as 4GiB smaller than they should be, causing a possible information leak. (CVE-2015-8869)" ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2016-June/006140.html" ); script_set_attribute( attribute:"solution", value:"Update the affected ocaml packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-camlp4"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-camlp4-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-compiler-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-emacs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-labltk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-labltk-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-ocamldoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-runtime"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-source"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-x11"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/13"); script_set_attribute(attribute:"patch_publication_date", value:"2016/06/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/06/24"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 7", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu); flag = 0; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"ocaml-4.01.0-22.7.el7_2")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"ocaml-camlp4-4.01.0-22.7.el7_2")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"ocaml-camlp4-devel-4.01.0-22.7.el7_2")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"ocaml-compiler-libs-4.01.0-22.7.el7_2")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"ocaml-docs-4.01.0-22.7.el7_2")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"ocaml-emacs-4.01.0-22.7.el7_2")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"ocaml-labltk-4.01.0-22.7.el7_2")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"ocaml-labltk-devel-4.01.0-22.7.el7_2")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"ocaml-ocamldoc-4.01.0-22.7.el7_2")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"ocaml-runtime-4.01.0-22.7.el7_2")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"ocaml-source-4.01.0-22.7.el7_2")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"ocaml-x11-4.01.0-22.7.el7_2")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ocaml / ocaml-camlp4 / ocaml-camlp4-devel / ocaml-compiler-libs / etc"); }NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2017-0564.NASL description From Red Hat Security Advisory 2017:0564 : An update for libguestfs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libguestfs packages contain a library, which is used for accessing and modifying virtual machine (VM) disk images. Security Fix(es) : * An integer conversion flaw was found in the way OCaml last seen 2020-06-01 modified 2020-06-02 plugin id 99061 published 2017-03-30 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99061 title Oracle Linux 6 : libguestfs (ELSA-2017-0564) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2017:0564 and # Oracle Linux Security Advisory ELSA-2017-0564 respectively. # include("compat.inc"); if (description) { script_id(99061); script_version("3.4"); script_cvs_date("Date: 2019/09/27 13:00:37"); script_cve_id("CVE-2015-8869"); script_xref(name:"RHSA", value:"2017:0564"); script_name(english:"Oracle Linux 6 : libguestfs (ELSA-2017-0564)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2017:0564 : An update for libguestfs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libguestfs packages contain a library, which is used for accessing and modifying virtual machine (VM) disk images. Security Fix(es) : * An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak. (CVE-2015-8869) Note: The libguestfs packages in this advisory were rebuilt with a fixed version of OCaml to address this issue. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2017-March/006801.html" ); script_set_attribute( attribute:"solution", value:"Update the affected libguestfs packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libguestfs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libguestfs-java"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libguestfs-java-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libguestfs-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libguestfs-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libguestfs-tools-c"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ocaml-libguestfs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perl-Sys-Guestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python-libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-libguestfs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/13"); script_set_attribute(attribute:"patch_publication_date", value:"2017/03/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/03/30"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu); flag = 0; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"libguestfs-1.20.11-20.el6")) flag++; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"libguestfs-devel-1.20.11-20.el6")) flag++; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"libguestfs-java-1.20.11-20.el6")) flag++; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"libguestfs-java-devel-1.20.11-20.el6")) flag++; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"libguestfs-javadoc-1.20.11-20.el6")) flag++; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"libguestfs-tools-1.20.11-20.el6")) flag++; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"libguestfs-tools-c-1.20.11-20.el6")) flag++; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"ocaml-libguestfs-1.20.11-20.el6")) flag++; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"ocaml-libguestfs-devel-1.20.11-20.el6")) flag++; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"perl-Sys-Guestfs-1.20.11-20.el6")) flag++; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"python-libguestfs-1.20.11-20.el6")) flag++; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"ruby-libguestfs-1.20.11-20.el6")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libguestfs / libguestfs-devel / libguestfs-java / etc"); }NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-2576.NASL description An update for libguestfs and virt-p2v is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libguestfs packages contain a library, which is used for accessing and modifying virtual machine (VM) disk images. Virt-p2v is a tool for conversion of a physical server to a virtual guest. The following packages have been upgraded to a newer upstream version: libguestfs (1.32.7), virt-p2v (1.32.7). (BZ#1218766) Security Fix(es) : * An integer conversion flaw was found in the way OCaml last seen 2020-06-01 modified 2020-06-02 plugin id 95323 published 2016-11-28 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95323 title CentOS 7 : libguestfs (CESA-2016:2576) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2016:2576 and # CentOS Errata and Security Advisory 2016:2576 respectively. # include("compat.inc"); if (description) { script_id(95323); script_version("3.6"); script_cvs_date("Date: 2020/01/02"); script_cve_id("CVE-2015-8869"); script_xref(name:"RHSA", value:"2016:2576"); script_name(english:"CentOS 7 : libguestfs (CESA-2016:2576)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for libguestfs and virt-p2v is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libguestfs packages contain a library, which is used for accessing and modifying virtual machine (VM) disk images. Virt-p2v is a tool for conversion of a physical server to a virtual guest. The following packages have been upgraded to a newer upstream version: libguestfs (1.32.7), virt-p2v (1.32.7). (BZ#1218766) Security Fix(es) : * An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak. (CVE-2015-8869) Note: The libguestfs packages in this advisory were rebuilt with a fixed version of OCaml to address this issue. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section." ); # https://lists.centos.org/pipermail/centos-cr-announce/2016-November/003611.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c7b8914b" ); script_set_attribute( attribute:"solution", value:"Update the affected libguestfs packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-8869"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-bash-completion"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-gfs2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-gobject"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-gobject-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-gobject-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-inspect-icons"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-java"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-java-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-man-pages-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-man-pages-uk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-rescue"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-rsync"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-tools-c"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libguestfs-xfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:lua-guestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ocaml-libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ocaml-libguestfs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Sys-Guestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ruby-libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:virt-dib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:virt-v2v"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/13"); script_set_attribute(attribute:"patch_publication_date", value:"2016/11/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/28"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 7.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-bash-completion-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-devel-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-gfs2-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-gobject-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-gobject-devel-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-gobject-doc-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-inspect-icons-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-java-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-java-devel-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-javadoc-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-man-pages-ja-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-man-pages-uk-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-rescue-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-rsync-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-tools-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-tools-c-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libguestfs-xfs-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"lua-guestfs-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"ocaml-libguestfs-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"ocaml-libguestfs-devel-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"perl-Sys-Guestfs-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"python-libguestfs-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"ruby-libguestfs-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"virt-dib-1.32.7-3.el7.centos")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"virt-v2v-1.32.7-3.el7.centos")) flag++; if (flag) { cr_plugin_caveat = '\n' + 'NOTE: The security advisory associated with this vulnerability has a\n' + 'fixed package version that may only be available in the continuous\n' + 'release (CR) repository for CentOS, until it is present in the next\n' + 'point release of CentOS.\n\n' + 'If an equal or higher package level does not exist in the baseline\n' + 'repository for your major version of CentOS, then updates from the CR\n' + 'repository will need to be applied in order to address the\n' + 'vulnerability.\n'; security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + cr_plugin_caveat ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libguestfs / libguestfs-bash-completion / libguestfs-devel / etc"); }NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201702-15.NASL description The remote host is affected by the vulnerability described in GLSA-201702-15 (OCaml: Buffer overflow and information disclosure) It was discovered that OCaml was vulnerable to a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be sign-extended from 32- to 64-bits before being passed to the memmove function. This leads to arguments between 2GiB and 4GiB being interpreted as larger than they are (specifically, a bit below 2^64), causing a buffer overflow. Further, arguments between 4GiB and 6GiB are interpreted as 4GiB smaller than they should be causing a possible information leak. Impact : A remote attacker, able to interact with an OCaml-based application, could possibly obtain sensitive information or cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 97258 published 2017-02-21 reporter This script is Copyright (C) 2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/97258 title GLSA-201702-15 : OCaml: Buffer overflow and information disclosure NASL family Huawei Local Security Checks NASL id EULEROS_SA-2017-1061.NASL description According to the version of the libguestfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.i1/4^CVE-2015-8869i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2017-05-02 plugin id 99908 published 2017-05-02 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99908 title EulerOS 2.0 SP2 : libguestfs (EulerOS-SA-2017-1061) NASL family Scientific Linux Local Security Checks NASL id SL_20170321_OCAML_ON_SL6_X.NASL description Security Fix(es) : - An integer conversion flaw was found in the way OCaml last seen 2020-03-18 modified 2017-04-06 plugin id 99220 published 2017-04-06 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99220 title Scientific Linux Security Update : ocaml on SL6.x i386/x86_64 (20170321) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2017-0565.NASL description An update for ocaml is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. The ocaml packages contain two batch compilers (a fast bytecode compiler and an optimizing native-code compiler), an interactive top level system, parsing tools (Lex, Yacc, Camlp4), a replay debugger, a documentation generator, and a comprehensive library. Security Fix(es) : * An integer conversion flaw was found in the way OCaml last seen 2020-06-01 modified 2020-06-02 plugin id 97950 published 2017-03-27 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97950 title CentOS 6 : ocaml (CESA-2017:0565) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3437-1.NASL description Radek Micek discovered that OCaml incorrectly handled sign extensions. A remote attacker could use this issue to cause applications using OCaml to crash, to possibly obtain sensitive information, or to possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 103662 published 2017-10-04 reporter Ubuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/103662 title Ubuntu 14.04 LTS : ocaml vulnerability (USN-3437-1) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-466.NASL description OCaml versions 4.02.3 and earlier have a runtime bug that, on 64-bit platforms, causes sizes arguments to an internal memmove call to be sign-extended from 32 to 64-bits before being passed to the memmove function. This leads arguments between 2GiB and 4GiB to be interpreted as larger than they are (specifically, a bit below 2^64), causing a buffer overflow. Arguments between 4GiB and 6GiB are interpreted as 4GiB smaller than they should be, causing a possible information leak.A NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2016-05-12 plugin id 91051 published 2016-05-12 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91051 title Debian DLA-466-1 : ocaml security update NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_8D2AF8437D8E11E98464C85B76CE9B5A.NASL description MITRE reports : OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function. last seen 2020-06-01 modified 2020-06-02 plugin id 125379 published 2019-05-24 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/125379 title FreeBSD : OCaml -- Multiple Security Vulnerabilities (8d2af843-7d8e-11e9-8464-c85b76ce9b5a) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-1072.NASL description This update for ocaml fixes the following issue : Security issue fixed : - CVE-2015-8869: Prevent buffer overflow and information leak. (bsc#977990) This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-05 modified 2016-09-12 plugin id 93435 published 2016-09-12 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/93435 title openSUSE Security Update : ocaml (openSUSE-2016-1072) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-1296.NASL description An update for ocaml is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. The ocaml packages contain two batch compilers (a fast bytecode compiler and an optimizing native-code compiler), an interactive top level system, parsing tools (Lex, Yacc, Camlp4), a replay debugger, a documentation generator, and a comprehensive library. Security Fix(es) : * OCaml versions 4.02.3 and earlier have a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be sign-extended from 32- to 64-bits before being passed to the memmove function. This leads to arguments between 2GiB and 4GiB being interpreted as larger than they are (specifically, a bit below 2^64), causing a buffer overflow. Further, arguments between 4GiB and 6GiB are interpreted as 4GiB smaller than they should be, causing a possible information leak. (CVE-2015-8869) last seen 2020-06-01 modified 2020-06-02 plugin id 91788 published 2016-06-24 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91788 title CentOS 7 : ocaml (CESA-2016:1296) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-605.NASL description This update for ocaml fixes the following issues : Security issue fixed : - CVE-2015-8869: prevent buffer overflow and information leak (boo#977990) last seen 2020-06-05 modified 2016-05-20 plugin id 91275 published 2016-05-20 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/91275 title openSUSE Security Update : ocaml (openSUSE-2016-605) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2017-0564.NASL description An update for libguestfs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libguestfs packages contain a library, which is used for accessing and modifying virtual machine (VM) disk images. Security Fix(es) : * An integer conversion flaw was found in the way OCaml last seen 2020-06-01 modified 2020-06-02 plugin id 97949 published 2017-03-27 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97949 title CentOS 6 : libguestfs (CESA-2017:0564) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2017-0565.NASL description An update for ocaml is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. The ocaml packages contain two batch compilers (a fast bytecode compiler and an optimizing native-code compiler), an interactive top level system, parsing tools (Lex, Yacc, Camlp4), a replay debugger, a documentation generator, and a comprehensive library. Security Fix(es) : * An integer conversion flaw was found in the way OCaml last seen 2020-06-01 modified 2020-06-02 plugin id 97873 published 2017-03-22 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97873 title RHEL 6 : ocaml (RHSA-2017:0565) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2017-0049.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Enable execshield stack protection on ppc/ppc64 (572826) related: rhbz#1343082 - Fix strict-aliasing warnings in build (990540). - Fix buffer overflow and information leak (CVE-2015-8869) resolves: rhbz#1343082 last seen 2020-06-01 modified 2020-06-02 plugin id 99076 published 2017-03-30 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99076 title OracleVM 3.3 / 3.4 : ocaml (OVMSA-2017-0049) NASL family Scientific Linux Local Security Checks NASL id SL_20161103_LIBGUESTFS_AND_VIRT_P2V_ON_SL7_X.NASL description Virt-p2v is a tool for conversion of a physical server to a virtual guest. The following packages have been upgraded to a newer upstream version: libguestfs (1.32.7), virt-p2v (1.32.7). Security Fix(es) : - An integer conversion flaw was found in the way OCaml last seen 2020-03-18 modified 2016-12-15 plugin id 95843 published 2016-12-15 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95843 title Scientific Linux Security Update : libguestfs and virt-p2v on SL7.x x86_64 (20161103) NASL family Fedora Local Security Checks NASL id FEDORA_2016-1C4E616564.NASL description Security fix for CVE-2015-8869 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-05-09 plugin id 90950 published 2016-05-09 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/90950 title Fedora 24 : ocaml-4.02.3-3.fc24 (2016-1c4e616564) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2017-0564.NASL description An update for libguestfs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libguestfs packages contain a library, which is used for accessing and modifying virtual machine (VM) disk images. Security Fix(es) : * An integer conversion flaw was found in the way OCaml last seen 2020-06-01 modified 2020-06-02 plugin id 97872 published 2017-03-22 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97872 title RHEL 6 : libguestfs (RHSA-2017:0564) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-1296.NASL description An update for ocaml is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. The ocaml packages contain two batch compilers (a fast bytecode compiler and an optimizing native-code compiler), an interactive top level system, parsing tools (Lex, Yacc, Camlp4), a replay debugger, a documentation generator, and a comprehensive library. Security Fix(es) : * OCaml versions 4.02.3 and earlier have a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be sign-extended from 32- to 64-bits before being passed to the memmove function. This leads to arguments between 2GiB and 4GiB being interpreted as larger than they are (specifically, a bit below 2^64), causing a buffer overflow. Further, arguments between 4GiB and 6GiB are interpreted as 4GiB smaller than they should be, causing a possible information leak. (CVE-2015-8869) last seen 2020-06-01 modified 2020-06-02 plugin id 91804 published 2016-06-24 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91804 title RHEL 7 : ocaml (RHSA-2016:1296) NASL family Scientific Linux Local Security Checks NASL id SL_20160623_OCAML_ON_SL7_X.NASL description Security Fix(es) : - OCaml versions 4.02.3 and earlier have a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be sign- extended from 32- to 64-bits before being passed to the memmove function. This leads to arguments between 2GiB and 4GiB being interpreted as larger than they are (specifically, a bit below 2^64), causing a buffer overflow. Further, arguments between 4GiB and 6GiB are interpreted as 4GiB smaller than they should be, causing a possible information leak. (CVE-2015-8869) last seen 2020-03-18 modified 2016-07-13 plugin id 92031 published 2016-07-13 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/92031 title Scientific Linux Security Update : ocaml on SL7.x x86_64 (20160623) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-2576.NASL description An update for libguestfs and virt-p2v is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libguestfs packages contain a library, which is used for accessing and modifying virtual machine (VM) disk images. Virt-p2v is a tool for conversion of a physical server to a virtual guest. The following packages have been upgraded to a newer upstream version: libguestfs (1.32.7), virt-p2v (1.32.7). (BZ#1218766) Security Fix(es) : * An integer conversion flaw was found in the way OCaml last seen 2020-06-01 modified 2020-06-02 plugin id 94539 published 2016-11-04 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94539 title RHEL 7 : libguestfs and virt-p2v (RHSA-2016:2576) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-2576.NASL description From Red Hat Security Advisory 2016:2576 : An update for libguestfs and virt-p2v is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libguestfs packages contain a library, which is used for accessing and modifying virtual machine (VM) disk images. Virt-p2v is a tool for conversion of a physical server to a virtual guest. The following packages have been upgraded to a newer upstream version: libguestfs (1.32.7), virt-p2v (1.32.7). (BZ#1218766) Security Fix(es) : * An integer conversion flaw was found in the way OCaml last seen 2020-06-01 modified 2020-06-02 plugin id 94699 published 2016-11-11 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94699 title Oracle Linux 7 : libguestfs (ELSA-2016-2576) NASL family Scientific Linux Local Security Checks NASL id SL_20170321_LIBGUESTFS_ON_SL6_X.NASL description Security Fix(es) : - An integer conversion flaw was found in the way OCaml last seen 2020-03-18 modified 2017-04-06 plugin id 99219 published 2017-04-06 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99219 title Scientific Linux Security Update : libguestfs on SL6.x x86_64 (20170321) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2017-0565.NASL description From Red Hat Security Advisory 2017:0565 : An update for ocaml is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. The ocaml packages contain two batch compilers (a fast bytecode compiler and an optimizing native-code compiler), an interactive top level system, parsing tools (Lex, Yacc, Camlp4), a replay debugger, a documentation generator, and a comprehensive library. Security Fix(es) : * An integer conversion flaw was found in the way OCaml last seen 2020-06-01 modified 2020-06-02 plugin id 99062 published 2017-03-30 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99062 title Oracle Linux 6 : ocaml (ELSA-2017-0565) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0110_LIBGUESTFS.NASL description The remote NewStart CGSL host, running version MAIN 4.05, has libguestfs packages installed that are affected by a vulnerability: - An integer conversion flaw was found in the way OCaml last seen 2020-06-01 modified 2020-06-02 plugin id 127346 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127346 title NewStart CGSL MAIN 4.05 : libguestfs Vulnerability (NS-SA-2019-0110)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184507.html
- http://lists.opensuse.org/opensuse-updates/2016-05/msg00081.html
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00037.html
- http://rhn.redhat.com/errata/RHSA-2016-2576.html
- http://rhn.redhat.com/errata/RHSA-2017-0564.html
- http://rhn.redhat.com/errata/RHSA-2017-0565.html
- http://www.openwall.com/lists/oss-security/2016/04/29/1
- http://www.openwall.com/lists/oss-security/2016/04/29/6
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.securityfocus.com/bid/89318
- https://access.redhat.com/errata/RHSA-2016:1296
- https://github.com/ocaml/ocaml/commit/659615c7b100a89eafe6253e7a5b9d84d0e8df74#diff-a97df53e3ebc59bb457191b496c90762
- https://security.gentoo.org/glsa/201702-15