Vulnerabilities > CVE-2018-11763

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
high complexity
apache
canonical
redhat
oracle
netapp
nessus

Summary

In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.

Nessus

  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3783-1.NASL
    descriptionRobert Swiecki discovered that the Apache HTTP Server HTTP/2 module incorrectly destroyed certain streams. A remote attacker could possibly use this issue to cause the server to crash, leading to a denial of service. (CVE-2018-1302) Craig Young discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. (CVE-2018-1333) Gal Goldshtein discovered that the Apache HTTP Server HTTP/2 module incorrectly handled large SETTINGS frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. (CVE-2018-11763). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id117916
    published2018-10-04
    reporterUbuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117916
    titleUbuntu 18.04 LTS : apache2 vulnerabilities (USN-3783-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-3783-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(117916);
      script_version("1.5");
      script_cvs_date("Date: 2019/09/18 12:31:48");
    
      script_cve_id("CVE-2018-11763", "CVE-2018-1302", "CVE-2018-1333");
      script_xref(name:"USN", value:"3783-1");
    
      script_name(english:"Ubuntu 18.04 LTS : apache2 vulnerabilities (USN-3783-1)");
      script_summary(english:"Checks dpkg output for updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Ubuntu host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Robert Swiecki discovered that the Apache HTTP Server HTTP/2 module
    incorrectly destroyed certain streams. A remote attacker could
    possibly use this issue to cause the server to crash, leading to a
    denial of service. (CVE-2018-1302)
    
    Craig Young discovered that the Apache HTTP Server HTTP/2 module
    incorrectly handled certain requests. A remote attacker could possibly
    use this issue to cause the server to consume resources, leading to a
    denial of service. (CVE-2018-1333)
    
    Gal Goldshtein discovered that the Apache HTTP Server HTTP/2 module
    incorrectly handled large SETTINGS frames. A remote attacker could
    possibly use this issue to cause the server to consume resources,
    leading to a denial of service. (CVE-2018-11763).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/3783-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected apache2-bin package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-bin");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/26");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/10/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(18\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 18.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"18.04", pkgname:"apache2-bin", pkgver:"2.4.29-1ubuntu4.4")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-bin");
    }
    
  • NASL familyMisc.
    NASL idORACLE_SECURE_GLOBAL_DESKTOP_JAN_2019_CPU.NASL
    descriptionThe version of Oracle Secure Global Desktop installed on the remote host is 5.4 and is missing a security patch from the January 2019 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities: - A denial of service (DoS) vulnerability exists in Apache HTTP Server 2.4.17 to 2.4.34, due to a design error. An unauthenticated, remote attacker can exploit this issue by sending continuous, large SETTINGS frames to cause a client to occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. (CVE-2018-11763). - An unvalidated redirect vulnerability exists in the default servlet in Apache Tomcat due to improper input validation. An unauthenticated remote attack can exploit this issue via a specially crafted URL to cause the redirect to be generated to any URI of the attackers choice. (CVE-2018-11784)
    last seen2020-06-01
    modified2020-06-02
    plugin id121601
    published2019-02-05
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121601
    titleOracle Secure Global Desktop Multiple Vulnerabilities (January 2019 CPU)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(121601);
      script_version("1.3");
      script_cvs_date("Date: 2019/10/31 15:18:51");
    
      script_cve_id("CVE-2018-11763", "CVE-2018-11784");
      script_bugtraq_id(105414, 105524);
    
      script_name(english:"Oracle Secure Global Desktop Multiple Vulnerabilities (January 2019 CPU)");
      script_summary(english:"Checks the version of Oracle Secure Global Desktop.");
    
      script_set_attribute(attribute:"synopsis", value:
    "An application installed on the remote host is affected by multiple
    vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of Oracle Secure Global Desktop installed on the remote
    host is 5.4 and is missing a security patch from the January 2019
    Critical Patch Update (CPU). It is, therefore, affected by multiple
    vulnerabilities:
    
      - A denial of service (DoS) vulnerability exists in Apache HTTP
        Server 2.4.17 to 2.4.34, due to a design error. An
        unauthenticated, remote attacker can exploit this issue by sending
        continuous, large SETTINGS frames to cause a client to occupy a
        connection, server thread and CPU time without any connection
        timeout coming to effect. This affects only HTTP/2 connections.
        A possible mitigation is to not enable the h2 protocol.
        (CVE-2018-11763).
    
      - An unvalidated redirect vulnerability exists in the default
        servlet in Apache Tomcat due to improper input validation. An
        unauthenticated remote attack can exploit this issue via a 
        specially crafted URL to cause the redirect to be generated to any
        URI of the attackers choice. (CVE-2018-11784)");
      # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixOVIR
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0dcafb3e");
      script_set_attribute(attribute:"solution", value:
    "Apply the appropriate patch according to the January 2019 Oracle
    Critical Patch Update advisory.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-11784");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/01/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/05");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:virtualization_secure_global_desktop");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Misc.");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("oracle_secure_global_desktop_installed.nbin");
      script_require_keys("Host/Oracle_Secure_Global_Desktop/Version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    
    app = "Oracle Secure Global Desktop";
    version = get_kb_item_or_exit("Host/Oracle_Secure_Global_Desktop/Version");
    
    # this check is for Oracle Secure Global Desktop packages built for Linux platform
    uname = get_kb_item_or_exit("Host/uname");
    if ("Linux" >!< uname) audit(AUDIT_OS_NOT, "Linux");
    
    fix_required = NULL;
    
    if (version =~ "^5\.40($|\.)") fix_required = 'Patch_54p3';
    
    if (isnull(fix_required)) audit(AUDIT_INST_VER_NOT_VULN, "Oracle Secure Global Desktop", version);
    
    patches = get_kb_list("Host/Oracle_Secure_Global_Desktop/Patches");
    
    patched = FALSE;
    foreach patch (patches)
    {
      if (patch == fix_required)
      {
        patched = TRUE;
        break;
      }
    }
    
    if (patched) audit(AUDIT_INST_VER_NOT_VULN, app, version + ' (with ' + fix_required + ')');
    
    report = '\n  Installed version : ' + version +
             '\n  Patch required    : ' + fix_required +
             '\n';
    security_report_v4(port:0, extra:report, severity:SECURITY_WARNING);
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1814.NASL
    descriptionThis update for virtualbox to version 6.0.10 fixes the following issues : Security issues fixed : - CVE-2019-2859 CVE-2019-2867 CVE-2019-2866 CVE-2019-2864 CVE-2019-2865 CVE-2019-1543 CVE-2019-2863 CVE-2019-2848 CVE-2019-2877 CVE-2019-2873 CVE-2019-2874 CVE-2019-2875 CVE-2019-2876 CVE-2019-2850 (boo#1141801)
    last seen2020-06-01
    modified2020-06-02
    plugin id127734
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127734
    titleopenSUSE Security Update : virtualbox (openSUSE-2019-1814)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2019-1814.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(127734);
      script_version("1.3");
      script_cvs_date("Date: 2020/01/06");
    
      script_cve_id("CVE-2018-0734", "CVE-2018-11763", "CVE-2018-11784", "CVE-2018-3288", "CVE-2018-3289", "CVE-2018-3290", "CVE-2018-3291", "CVE-2018-3292", "CVE-2018-3293", "CVE-2018-3294", "CVE-2018-3295", "CVE-2018-3296", "CVE-2018-3297", "CVE-2018-3298", "CVE-2019-1543", "CVE-2019-2446", "CVE-2019-2448", "CVE-2019-2450", "CVE-2019-2451", "CVE-2019-2508", "CVE-2019-2509", "CVE-2019-2511", "CVE-2019-2525", "CVE-2019-2527", "CVE-2019-2554", "CVE-2019-2555", "CVE-2019-2556", "CVE-2019-2574", "CVE-2019-2656", "CVE-2019-2657", "CVE-2019-2678", "CVE-2019-2679", "CVE-2019-2680", "CVE-2019-2690", "CVE-2019-2696", "CVE-2019-2703", "CVE-2019-2721", "CVE-2019-2722", "CVE-2019-2723", "CVE-2019-2848", "CVE-2019-2850", "CVE-2019-2859", "CVE-2019-2863", "CVE-2019-2864", "CVE-2019-2865", "CVE-2019-2866", "CVE-2019-2867", "CVE-2019-2873", "CVE-2019-2874", "CVE-2019-2875", "CVE-2019-2876", "CVE-2019-2877");
    
      script_name(english:"openSUSE Security Update : virtualbox (openSUSE-2019-1814)");
      script_summary(english:"Check for the openSUSE-2019-1814 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for virtualbox to version 6.0.10 fixes the following
    issues :
    
    Security issues fixed :
    
      - CVE-2019-2859 CVE-2019-2867 CVE-2019-2866 CVE-2019-2864
        CVE-2019-2865 CVE-2019-1543 CVE-2019-2863 CVE-2019-2848
        CVE-2019-2877 CVE-2019-2873 CVE-2019-2874 CVE-2019-2875
        CVE-2019-2876 CVE-2019-2850 (boo#1141801)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1097248"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1098050"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112097"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1113894"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1115041"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1116050"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1130503"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1130588"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1132379"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1132439"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1132827"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1133289"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1133492"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1141801"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected virtualbox packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-3294");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-virtualbox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-virtualbox-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-x11");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-host-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-qt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-vnc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-websrv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE15\.0|SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0 / 15.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE15.0", reference:"python3-virtualbox-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"python3-virtualbox-debuginfo-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-debuginfo-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-debugsource-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-devel-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-desktop-icons-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-kmp-default-6.0.10_k4.12.14_lp150.12.67-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-kmp-default-debuginfo-6.0.10_k4.12.14_lp150.12.67-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-source-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-tools-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-tools-debuginfo-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-x11-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-x11-debuginfo-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-host-kmp-default-6.0.10_k4.12.14_lp150.12.67-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-host-kmp-default-debuginfo-6.0.10_k4.12.14_lp150.12.67-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-host-source-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-qt-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-qt-debuginfo-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-vnc-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-websrv-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-websrv-debuginfo-6.0.10-lp150.4.36.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"python3-virtualbox-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"python3-virtualbox-debuginfo-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-debuginfo-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-debugsource-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-devel-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-guest-desktop-icons-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-guest-kmp-default-6.0.10_k4.12.14_lp151.28.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-guest-kmp-default-debuginfo-6.0.10_k4.12.14_lp151.28.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-guest-source-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-guest-tools-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-guest-tools-debuginfo-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-guest-x11-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-guest-x11-debuginfo-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-host-kmp-default-6.0.10_k4.12.14_lp151.28.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-host-kmp-default-debuginfo-6.0.10_k4.12.14_lp151.28.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-host-source-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-qt-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-qt-debuginfo-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-vnc-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-websrv-6.0.10-lp151.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"virtualbox-websrv-debuginfo-6.0.10-lp151.2.6.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python3-virtualbox / python3-virtualbox-debuginfo / virtualbox / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-1378.NASL
    descriptionThis update for apache2 fixes the following issues : Security issues fixed : - CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. (bsc#1109961) This update was imported from the SUSE:SLE-12-SP2:Update update project.
    last seen2020-06-05
    modified2018-11-11
    plugin id118875
    published2018-11-11
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118875
    titleopenSUSE Security Update : apache2 (openSUSE-2018-1378)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2018-1378.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(118875);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2018-11763");
    
      script_name(english:"openSUSE Security Update : apache2 (openSUSE-2018-1378)");
      script_summary(english:"Check for the openSUSE-2018-1378 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for apache2 fixes the following issues :
    
    Security issues fixed :
    
      - CVE-2018-11763: In Apache HTTP Server by sending
        continuous, large SETTINGS frames a client can occupy a
        connection, server thread and CPU time without any
        connection timeout coming to effect. This affects only
        HTTP/2 connections. (bsc#1109961)
    
    This update was imported from the SUSE:SLE-12-SP2:Update update
    project."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1109961"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected apache2 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-event");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-event-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-example-pages");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-prefork");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-prefork-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-utils-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-worker");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-worker-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2018/11/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/11/11");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-2.4.23-31.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-debuginfo-2.4.23-31.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-debugsource-2.4.23-31.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-devel-2.4.23-31.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-event-2.4.23-31.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-event-debuginfo-2.4.23-31.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-example-pages-2.4.23-31.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-prefork-2.4.23-31.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-prefork-debuginfo-2.4.23-31.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-utils-2.4.23-31.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-utils-debuginfo-2.4.23-31.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-worker-2.4.23-31.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"apache2-worker-debuginfo-2.4.23-31.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2 / apache2-debuginfo / apache2-debugsource / apache2-devel / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1547.NASL
    descriptionThis update for virtualbox to version 5.2.24 fixes the following issues : Multiple security issues fixed : CVE-2019-2500, CVE-2019-2524, CVE-2019-2552, CVE-2018-3309, CVE-2019-2520 CVE-2019-2521, CVE-2019-2522, CVE-2019-2523, CVE-2019-2526, CVE-2019-2548 CVE-2018-11763, CVE-2019-2511, CVE-2019-2508, CVE-2019-2509, CVE-2019-2527 CVE-2019-2450, CVE-2019-2451, CVE-2019-2555, CVE-2019-2554, CVE-2019-2556 CVE-2018-11784, CVE-2018-0734, CVE-2019-2525, CVE-2019-2446, CVE-2019-2448 CVE-2019-2501, CVE-2019-2504, CVE-2019-2505, CVE-2019-2506, and CVE-2019-2553 (bsc#1122212). Other issues fixed : - Linux Additions: fix for building vboxvideo on EL 7.6 standard kernel, contributed by Robert Conde - USB: fixed a problem causing failures attaching SuperSpeed devices which report USB version 3.1 (rather than 3.0) on Windows hosts - Audio: added support for surround speaker setups used by Windows 10 Build 1809 - Linux hosts: fixed conflict between Debian and Oracle build desktop files - Linux guests: fixed building drivers on SLES 12.4 - Linux guests: fixed building shared folder driver with older kernels
    last seen2020-06-01
    modified2020-06-02
    plugin id125844
    published2019-06-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125844
    titleopenSUSE Security Update : virtualbox (openSUSE-2019-1547)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2019-1547.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(125844);
      script_version("1.2");
      script_cvs_date("Date: 2020/01/10");
    
      script_cve_id("CVE-2018-0734", "CVE-2018-11763", "CVE-2018-11784", "CVE-2018-3309", "CVE-2019-2446", "CVE-2019-2448", "CVE-2019-2450", "CVE-2019-2451", "CVE-2019-2500", "CVE-2019-2501", "CVE-2019-2504", "CVE-2019-2505", "CVE-2019-2506", "CVE-2019-2508", "CVE-2019-2509", "CVE-2019-2511", "CVE-2019-2520", "CVE-2019-2521", "CVE-2019-2522", "CVE-2019-2523", "CVE-2019-2524", "CVE-2019-2525", "CVE-2019-2526", "CVE-2019-2527", "CVE-2019-2548", "CVE-2019-2552", "CVE-2019-2553", "CVE-2019-2554", "CVE-2019-2555", "CVE-2019-2556");
    
      script_name(english:"openSUSE Security Update : virtualbox (openSUSE-2019-1547)");
      script_summary(english:"Check for the openSUSE-2019-1547 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for virtualbox to version 5.2.24 fixes the following
    issues :
    
    Multiple security issues fixed :
    
    CVE-2019-2500, CVE-2019-2524, CVE-2019-2552, CVE-2018-3309,
    CVE-2019-2520 CVE-2019-2521, CVE-2019-2522, CVE-2019-2523,
    CVE-2019-2526, CVE-2019-2548 CVE-2018-11763, CVE-2019-2511,
    CVE-2019-2508, CVE-2019-2509, CVE-2019-2527 CVE-2019-2450,
    CVE-2019-2451, CVE-2019-2555, CVE-2019-2554, CVE-2019-2556
    CVE-2018-11784, CVE-2018-0734, CVE-2019-2525, CVE-2019-2446,
    CVE-2019-2448 CVE-2019-2501, CVE-2019-2504, CVE-2019-2505,
    CVE-2019-2506, and CVE-2019-2553 (bsc#1122212).
    
    Other issues fixed :
    
      - Linux Additions: fix for building vboxvideo on EL 7.6
        standard kernel, contributed by Robert Conde
    
      - USB: fixed a problem causing failures attaching
        SuperSpeed devices which report USB version 3.1 (rather
        than 3.0) on Windows hosts
    
      - Audio: added support for surround speaker setups used by
        Windows 10 Build 1809
    
      - Linux hosts: fixed conflict between Debian and Oracle
        build desktop files 
    
      - Linux guests: fixed building drivers on SLES 12.4
    
      - Linux guests: fixed building shared folder driver with
        older kernels"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1122212"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected virtualbox packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-2552");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-virtualbox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-virtualbox-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-x11");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-host-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-qt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-vnc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-websrv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/06/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE15.0", reference:"python3-virtualbox-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"python3-virtualbox-debuginfo-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-debuginfo-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-debugsource-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-devel-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-desktop-icons-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-kmp-default-5.2.24_k4.12.14_lp150.12.61-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-kmp-default-debuginfo-5.2.24_k4.12.14_lp150.12.61-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-source-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-tools-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-tools-debuginfo-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-x11-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-guest-x11-debuginfo-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-host-kmp-default-5.2.24_k4.12.14_lp150.12.61-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-host-kmp-default-debuginfo-5.2.24_k4.12.14_lp150.12.61-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-host-source-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-qt-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-qt-debuginfo-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-vnc-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-websrv-5.2.24-lp150.4.33.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"virtualbox-websrv-debuginfo-5.2.24-lp150.4.33.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python3-virtualbox / python3-virtualbox-debuginfo / virtualbox / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-84.NASL
    descriptionThis update for virtualbox version 5.2.24 fixes the following issues : Update fixes multiple vulnerabilities : CVE-2019-2500, CVE-2019-2524, CVE-2019-2552, CVE-2018-3309, CVE-2019-2520 CVE-2019-2521, CVE-2019-2522, CVE-2019-2523, CVE-2019-2526, CVE-2019-2548 CVE-2018-11763, CVE-2019-2511, CVE-2019-2508, CVE-2019-2509, CVE-2019-2527 CVE-2019-2450, CVE-2019-2451, CVE-2019-2555, CVE-2019-2554, CVE-2019-2556 CVE-2018-11784, CVE-2018-0734, CVE-2019-2525, CVE-2019-2446, CVE-2019-2448 CVE-2019-2501, CVE-2019-2504, CVE-2019-2505, CVE-2019-2506, and CVE-2019-2553 (boo#1122212). Non-security issues fixed : - Linux Additions: fix for building vboxvideo on EL 7.6 standard kernel, contributed by Robert Conde - USB: fixed a problem causing failures attaching SuperSpeed devices which report USB version 3.1 (rather than 3.0) on Windows hosts - Audio: added support for surround speaker setups used by Windows 10 Build 1809 - Linux hosts: fixed conflict between Debian and Oracle build desktop files - Linux guests: fixed building drivers on SLES 12.4 - Linux guests: fixed building shared folder driver with older kernels
    last seen2020-03-18
    modified2019-01-28
    plugin id121411
    published2019-01-28
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121411
    titleopenSUSE Security Update : virtualbox (openSUSE-2019-84)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2019-84.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(121411);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/20");
    
      script_cve_id("CVE-2018-0734", "CVE-2018-11763", "CVE-2018-11784", "CVE-2018-3309", "CVE-2019-2446", "CVE-2019-2448", "CVE-2019-2450", "CVE-2019-2451", "CVE-2019-2500", "CVE-2019-2501", "CVE-2019-2504", "CVE-2019-2505", "CVE-2019-2506", "CVE-2019-2508", "CVE-2019-2509", "CVE-2019-2511", "CVE-2019-2520", "CVE-2019-2521", "CVE-2019-2522", "CVE-2019-2523", "CVE-2019-2524", "CVE-2019-2525", "CVE-2019-2526", "CVE-2019-2527", "CVE-2019-2548", "CVE-2019-2552", "CVE-2019-2553", "CVE-2019-2554", "CVE-2019-2555", "CVE-2019-2556");
    
      script_name(english:"openSUSE Security Update : virtualbox (openSUSE-2019-84)");
      script_summary(english:"Check for the openSUSE-2019-84 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for virtualbox version 5.2.24 fixes the following issues :
    
    Update fixes multiple vulnerabilities :
    
    CVE-2019-2500, CVE-2019-2524, CVE-2019-2552, CVE-2018-3309,
    CVE-2019-2520 CVE-2019-2521, CVE-2019-2522, CVE-2019-2523,
    CVE-2019-2526, CVE-2019-2548 CVE-2018-11763, CVE-2019-2511,
    CVE-2019-2508, CVE-2019-2509, CVE-2019-2527 CVE-2019-2450,
    CVE-2019-2451, CVE-2019-2555, CVE-2019-2554, CVE-2019-2556
    CVE-2018-11784, CVE-2018-0734, CVE-2019-2525, CVE-2019-2446,
    CVE-2019-2448 CVE-2019-2501, CVE-2019-2504, CVE-2019-2505,
    CVE-2019-2506, and CVE-2019-2553 (boo#1122212).
    
    Non-security issues fixed :
    
      - Linux Additions: fix for building vboxvideo on EL 7.6
        standard kernel, contributed by Robert Conde
    
      - USB: fixed a problem causing failures attaching
        SuperSpeed devices which report USB version 3.1 (rather
        than 3.0) on Windows hosts
    
      - Audio: added support for surround speaker setups used by
        Windows 10 Build 1809
    
      - Linux hosts: fixed conflict between Debian and Oracle
        build desktop files 
    
      - Linux guests: fixed building drivers on SLES 12.4
    
      - Linux guests: fixed building shared folder driver with
        older kernels"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1122212"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected virtualbox packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-2552");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-virtualbox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-x11");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-host-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-qt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-vnc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-websrv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/01/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/28");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE42.3", reference:"python-virtualbox-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python-virtualbox-debuginfo-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-debuginfo-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-debugsource-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-devel-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-guest-desktop-icons-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-guest-kmp-default-5.2.24_k4.4.165_81-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-guest-kmp-default-debuginfo-5.2.24_k4.4.165_81-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-guest-source-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-guest-tools-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-guest-tools-debuginfo-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-guest-x11-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-guest-x11-debuginfo-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-host-kmp-default-5.2.24_k4.4.165_81-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-host-kmp-default-debuginfo-5.2.24_k4.4.165_81-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-host-source-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-qt-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-qt-debuginfo-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-vnc-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-websrv-5.2.24-66.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"virtualbox-websrv-debuginfo-5.2.24-66.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python-virtualbox / python-virtualbox-debuginfo / virtualbox / etc");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-0367.NASL
    descriptionAn update is now available for JBoss Core Services on RHEL 6 and RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.29 Service Pack 1 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.29, and includes bug fixes for CVEs which are linked to in the References section. Security Fixes : * httpd: DoS for HTTP/2 connections by continuous SETTINGS (CVE-2018-11763) * httpd: Weak Digest auth nonce generation in mod_auth_digest (CVE-2018-1312) * httpd: Out of bound access after failure in reading the HTTP request (CVE-2018-1301) * httpd: Use-after-free on HTTP/2 stream shutdown (CVE-2018-1302) * httpd: bypass with a trailing newline in the file name (CVE-2017-15715) * httpd: Out of bound write in mod_authnz_ldap when using too small Accept-Language values (CVE-2017-15710) * httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause a denial of service (CVE-2018-1303) * httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications (CVE-2018-1283) * httpd: mod_http2: too much time allocated to workers, possibly leading to DoS (CVE-2018-1333) * mod_jk: connector path traversal due to mishandled HTTP requests in httpd (CVE-2018-11759) * nghttp2: NULL pointer dereference when too large ALTSVC frame is received (CVE-2018-1000168) * openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) Details around each issue, including information about the CVE, severity of the issue, and the CVSS score, can be found on the CVE pages listed in the Reference section below.
    last seen2020-06-01
    modified2020-06-02
    plugin id122292
    published2019-02-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122292
    titleRHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 (RHSA-2019:0367)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2019:0367. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(122292);
      script_version("1.5");
      script_cvs_date("Date: 2020/02/12");
    
      script_cve_id("CVE-2017-15710", "CVE-2017-15715", "CVE-2018-0739", "CVE-2018-1000168", "CVE-2018-11759", "CVE-2018-11763", "CVE-2018-1283", "CVE-2018-1301", "CVE-2018-1302", "CVE-2018-1303", "CVE-2018-1312", "CVE-2018-1333");
      script_xref(name:"RHSA", value:"2019:0367");
    
      script_name(english:"RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 (RHSA-2019:0367)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update is now available for JBoss Core Services on RHEL 6 and RHEL
    7.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE links in the References section.
    
    Red Hat JBoss Core Services is a set of supplementary software for Red
    Hat JBoss middleware products. This software, such as Apache HTTP
    Server, is common to multiple JBoss middleware products, and is
    packaged under Red Hat JBoss Core Services to allow for faster
    distribution of updates, and for a more consistent update experience.
    
    This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.29
    Service Pack 1 serves as an update to Red Hat JBoss Core Services
    Apache HTTP Server 2.4.29, and includes bug fixes for CVEs which are
    linked to in the References section.
    
    Security Fixes :
    
    * httpd: DoS for HTTP/2 connections by continuous SETTINGS
    (CVE-2018-11763)
    
    * httpd: Weak Digest auth nonce generation in mod_auth_digest
    (CVE-2018-1312)
    
    * httpd: Out of bound access after failure in reading the HTTP request
    (CVE-2018-1301)
    
    * httpd: Use-after-free on HTTP/2 stream shutdown (CVE-2018-1302)
    
    * httpd: bypass with a trailing newline in the file name
    (CVE-2017-15715)
    
    * httpd: Out of bound write in mod_authnz_ldap when using too small
    Accept-Language values (CVE-2017-15710)
    
    * httpd: Out of bounds read in mod_cache_socache can allow a remote
    attacker to cause a denial of service (CVE-2018-1303)
    
    * httpd: Improper handling of headers in mod_session can allow a
    remote user to modify session data for CGI applications
    (CVE-2018-1283)
    
    * httpd: mod_http2: too much time allocated to workers, possibly
    leading to DoS (CVE-2018-1333)
    
    * mod_jk: connector path traversal due to mishandled HTTP requests in
    httpd (CVE-2018-11759)
    
    * nghttp2: NULL pointer dereference when too large ALTSVC frame is
    received (CVE-2018-1000168)
    
    * openssl: Handling of crafted recursive ASN.1 structures can cause a
    stack overflow and resulting denial of service (CVE-2018-0739)
    
    Details around each issue, including information about the CVE,
    severity of the issue, and the CVSS score, can be found on the CVE
    pages listed in the Reference section below."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2019:0367"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2017-15710"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2017-15715"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-0739"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-1283"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-1301"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-1302"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-1303"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-1312"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-1333"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-11759"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-11763"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-1000168"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apache-commons-daemon-jsvc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr-util");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr-util-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr-util-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr-util-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr-util-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr-util-nss");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr-util-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr-util-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr-util-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-apr-util-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-manual");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-selinux");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-httpd-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_cluster-native");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_cluster-native-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_jk-ap24");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_jk-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_jk-manual");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_proxy_html");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_session");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-mod_ssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-nghttp2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-nghttp2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-nghttp2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-static");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-runtime");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/26");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/02/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/19");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(6|7)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x / 7.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2019:0367";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL6", reference:"jbcs-httpd24-1-6.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apache-commons-daemon-jsvc-1.1.0-3.redhat_2.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apache-commons-daemon-jsvc-1.1.0-3.redhat_2.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1.1.0-3.redhat_2.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1.1.0-3.redhat_2.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-1.6.3-31.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-1.6.3-31.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-debuginfo-1.6.3-31.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-debuginfo-1.6.3-31.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-devel-1.6.3-31.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-devel-1.6.3-31.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-util-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-util-debuginfo-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-debuginfo-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-util-devel-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-devel-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-util-ldap-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-ldap-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-util-mysql-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-mysql-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-util-nss-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-nss-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-util-odbc-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-odbc-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-util-openssl-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-openssl-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-util-pgsql-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-pgsql-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-apr-util-sqlite-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-sqlite-1.6.1-24.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-httpd-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-httpd-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-httpd-debuginfo-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-httpd-debuginfo-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-httpd-devel-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-httpd-devel-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbcs-httpd24-httpd-manual-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-httpd-selinux-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-httpd-selinux-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-httpd-tools-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-httpd-tools-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-mod_cluster-native-1.3.8-3.Final_redhat_2.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-mod_cluster-native-1.3.8-3.Final_redhat_2.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-mod_cluster-native-debuginfo-1.3.8-3.Final_redhat_2.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-mod_cluster-native-debuginfo-1.3.8-3.Final_redhat_2.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-mod_jk-ap24-1.2.46-1.redhat_1.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-mod_jk-ap24-1.2.46-1.redhat_1.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-mod_jk-debuginfo-1.2.46-1.redhat_1.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-mod_jk-debuginfo-1.2.46-1.redhat_1.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-mod_jk-manual-1.2.46-1.redhat_1.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-mod_jk-manual-1.2.46-1.redhat_1.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-mod_ldap-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-mod_ldap-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-mod_proxy_html-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-mod_proxy_html-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-mod_session-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-mod_session-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-mod_ssl-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-mod_ssl-2.4.29-35.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-nghttp2-1.29.0-9.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-nghttp2-1.29.0-9.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-nghttp2-debuginfo-1.29.0-9.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-nghttp2-debuginfo-1.29.0-9.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-nghttp2-devel-1.29.0-9.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-nghttp2-devel-1.29.0-9.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-openssl-1.0.2n-14.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-openssl-1.0.2n-14.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-openssl-debuginfo-1.0.2n-14.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-openssl-debuginfo-1.0.2n-14.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-openssl-devel-1.0.2n-14.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-openssl-devel-1.0.2n-14.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-openssl-libs-1.0.2n-14.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-openssl-libs-1.0.2n-14.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-openssl-perl-1.0.2n-14.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-openssl-perl-1.0.2n-14.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"jbcs-httpd24-openssl-static-1.0.2n-14.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"jbcs-httpd24-openssl-static-1.0.2n-14.jbcs.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbcs-httpd24-runtime-1-6.jbcs.el6")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"jbcs-httpd24-1-6.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apache-commons-daemon-jsvc-1.1.0-3.redhat_2.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1.1.0-3.redhat_2.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-1.6.3-31.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-debuginfo-1.6.3-31.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-devel-1.6.3-31.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-1.6.1-24.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-debuginfo-1.6.1-24.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-devel-1.6.1-24.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-ldap-1.6.1-24.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-mysql-1.6.1-24.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-nss-1.6.1-24.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-odbc-1.6.1-24.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-openssl-1.6.1-24.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-pgsql-1.6.1-24.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-apr-util-sqlite-1.6.1-24.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-httpd-2.4.29-35.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-httpd-debuginfo-2.4.29-35.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-httpd-devel-2.4.29-35.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbcs-httpd24-httpd-manual-2.4.29-35.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-httpd-selinux-2.4.29-35.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-httpd-tools-2.4.29-35.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_cluster-native-1.3.8-3.Final_redhat_2.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_cluster-native-debuginfo-1.3.8-3.Final_redhat_2.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_jk-ap24-1.2.46-1.redhat_1.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_jk-debuginfo-1.2.46-1.redhat_1.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_jk-manual-1.2.46-1.redhat_1.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_ldap-2.4.29-35.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_proxy_html-2.4.29-35.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_session-2.4.29-35.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-mod_ssl-2.4.29-35.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-nghttp2-1.29.0-9.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-nghttp2-debuginfo-1.29.0-9.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-nghttp2-devel-1.29.0-9.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-openssl-1.0.2n-14.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-openssl-debuginfo-1.0.2n-14.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-openssl-devel-1.0.2n-14.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-openssl-libs-1.0.2n-14.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-openssl-perl-1.0.2n-14.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"jbcs-httpd24-openssl-static-1.0.2n-14.jbcs.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbcs-httpd24-runtime-1-6.jbcs.el7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "jbcs-httpd24 / jbcs-httpd24-apache-commons-daemon-jsvc / etc");
      }
    }
    
  • NASL familyCGI abuses
    NASL idORACLE_PRIMAVERA_UNIFIER_CPU_APR_2019.NASL
    descriptionAccording to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.x prior to 16.2.15.7 or 17.7.x prior to 17.12.10 or 18.x prior to 18.8.6. It is, therefore, affected by multiple vulnerabilities: - A deserialization vulnerability in Apache Commons FileUpload allows for remote code execution. (CVE-2016-1000031) - A denial of service (DoS) vulnerability exists in Apache HTTP Server 2.4.17 to 2.4.34, due to a design error. An unauthenticated, remote attacker can exploit this issue by sending continuous, large SETTINGS frames to cause a client to occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. (CVE-2018-11763). - A deserialization vulnerability in jackson-databind, a fast and powerful JSON library for Java, allows an unauthenticated user to perform code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization. (CVE-2018-19362) Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id124170
    published2019-04-19
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124170
    titleOracle Primavera Unifier Multiple Vulnerabilities (Apr 2019 CPU)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(124170);
      script_version("1.3");
      script_cvs_date("Date: 2019/10/18  8:01:08");
    
      script_cve_id(
        "CVE-2016-1000031",
        "CVE-2017-9798",
        "CVE-2018-8034",
        "CVE-2018-11763",
        "CVE-2018-11784",
        "CVE-2018-19360",
        "CVE-2018-19361",
        "CVE-2018-19362"
      );
      script_bugtraq_id(
        93604,
        100872,
        104895,
        105414,
        105524
      );
    
      script_name(english:"Oracle Primavera Unifier Multiple Vulnerabilities (Apr 2019 CPU)");
      script_summary(english:"Checks the version of Oracle Primavera Unifier.");
    
      script_set_attribute(attribute:"synopsis", value:
    "An application running on the remote web server is affected by
    multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "According to its self-reported version number, the Oracle Primavera
    Unifier installation running on the remote web server is 16.x prior to
    16.2.15.7 or 17.7.x prior to 17.12.10 or 18.x prior to 18.8.6. It is, 
    therefore, affected by multiple vulnerabilities:
    
      - A deserialization vulnerability in Apache Commons
        FileUpload allows for remote code execution.
        (CVE-2016-1000031)
    
      - A denial of service (DoS) vulnerability exists in
        Apache HTTP Server 2.4.17 to 2.4.34, due to a design
        error. An unauthenticated, remote attacker can
        exploit this issue by sending continuous, large
        SETTINGS frames to cause a client to occupy a
        connection, server thread and CPU time without any
        connection timeout coming to effect. This affects
        only HTTP/2 connections. A possible mitigation is to
        not enable the h2 protocol. (CVE-2018-11763).
    
      - A deserialization vulnerability in jackson-databind, a
        fast and powerful JSON library for Java, allows an
        unauthenticated user to perform code execution. The
        issue was resolved by extending the blacklist and
        blocking more classes from polymorphic deserialization.
        (CVE-2018-19362)
    
    Note that Nessus has not tested for these issues but has instead
    relied only on the application's self-reported version number.");
      # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9166970d");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to Oracle Primavera Unifier version 16.2.15.7 / 17.12.10 / 18.8.6 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-1000031");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/04/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/19");
    
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/a:oracle:primavera_unifier");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"CGI abuses");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("oracle_primavera_unifier.nbin");
      script_require_keys("installed_sw/Oracle Primavera Unifier", "www/weblogic");
      script_require_ports("Services/www", 8002);
    
      exit(0);
    }
    
    include("http.inc");
    include("vcf.inc");
    
    get_install_count(app_name:"Oracle Primavera Unifier", exit_if_zero:TRUE);
    
    port = get_http_port(default:8002);
    get_kb_item_or_exit("www/weblogic/" + port + "/installed");
    
    app_info = vcf::get_app_info(app:"Oracle Primavera Unifier", port:port);
    
    vcf::check_granularity(app_info:app_info, sig_segments:3);
    
    constraints = [
      { "min_version" : "16.1.0.0", "fixed_version" : "16.2.15.7" },
      { "min_version" : "17.7.0.0", "fixed_version" : "17.12.10" },
      { "min_version" : "18.8.0.0", "fixed_version" : "18.8.6" }
    ];
    
    vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE); 
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-9CDBB641F9.NASL
    descriptionSecurity update for CVE-2018-11763 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120654
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120654
    titleFedora 29 : mod_http2 (2018-9cdbb641f9)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2018-9cdbb641f9.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(120654);
      script_version("1.5");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2018-11763");
      script_xref(name:"FEDORA", value:"2018-9cdbb641f9");
    
      script_name(english:"Fedora 29 : mod_http2 (2018-9cdbb641f9)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security update for CVE-2018-11763
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-9cdbb641f9"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected mod_http2 package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mod_http2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/10/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/03");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^29([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC29", reference:"mod_http2-1.11.1-1.fc29")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mod_http2");
    }
    
  • NASL familyMisc.
    NASL idORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2019_CPU.NASL
    descriptionThe version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component: - A deserialization vulnerability in Apache Commons FileUpload allows for remote code execution. (CVE-2016-1000031) - An information disclosure vulnerability exists in OpenSSL due to the potential for a side-channel timing attack. An unauthenticated attacker can exploit this to disclose potentially sensitive information. (CVE-2018-0734) - A denial of service (DoS) vulnerability exists in Apache HTTP Server 2.4.17 to 2.4.34, due to a design error. An unauthenticated, remote attacker can exploit this issue by sending continuous, large SETTINGS frames to cause a client to occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. (CVE-2018-11763). - Networking component of Enterprise Manager Base Platform (Spring Framework) is easily exploited and may allow an unauthenticated, remote attacker to takeover the Enterprise Manager Base Platform. (CVE-2018-1258)
    last seen2020-06-01
    modified2020-06-02
    plugin id125147
    published2019-05-15
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125147
    titleOracle Enterprise Manager Ops Center (Apr 2019 CPU)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(125147);
      script_version("1.2");
      script_cvs_date("Date: 2019/05/17  9:44:17");
    
      script_cve_id(
        "CVE-2016-1000031",
        "CVE-2018-0161",
        "CVE-2018-0734",
        "CVE-2018-0735",
        "CVE-2018-5407",
        "CVE-2018-11763",
        "CVE-2017-9798",
        "CVE-2018-1258",
        "CVE-2018-11039",
        "CVE-2018-11040",
        "CVE-2018-1257",
        "CVE-2018-15756"
      );
    
      script_bugtraq_id(
        93604,
        100872,
        103573,
        104222,
        104260,
        105414,
        105703,
        105750,
        105758,
        105897,
        107984,
        107986
      );
      script_xref(name:"IAVA", value:"2019-A-0130");
    
      script_name(english:"Oracle Enterprise Manager Ops Center (Apr 2019 CPU)");
      script_summary(english:"Checks for the patch ID.");
      script_set_attribute(attribute:"synopsis", value:
    "An enterprise management application installed on the remote host is
    affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of Oracle Enterprise Manager Cloud Control installed on
    the remote host is affected by multiple vulnerabilities in
    Enterprise Manager Base Platform component:
    
      - A deserialization vulnerability in Apache Commons
        FileUpload allows for remote code execution.
        (CVE-2016-1000031)
    
      - An information disclosure vulnerability exists in OpenSSL
        due to the potential for a side-channel timing attack.
        An unauthenticated attacker can exploit this to disclose
        potentially sensitive information. (CVE-2018-0734)
    
      - A denial of service (DoS) vulnerability exists in Apache
        HTTP Server 2.4.17 to 2.4.34, due to a design error. An
        unauthenticated, remote attacker can exploit this issue
        by sending continuous, large SETTINGS frames to cause a
        client to occupy a connection, server thread and CPU
        time without any connection timeout coming to effect.
        This affects only HTTP/2 connections. A possible
        mitigation is to not enable the h2 protocol.
        (CVE-2018-11763).
    
      - Networking component of Enterprise Manager Base Platform
        (Spring Framework) is easily exploited and may allow an
        unauthenticated, remote attacker to takeover the
        Enterprise Manager Base Platform. (CVE-2018-1258)
    
    ");
      # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9166970d");
      script_set_attribute(attribute:"solution", value:
    "Apply the appropriate patch according to the April 2019
    Oracle Critical Patch Update advisory.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-1000031");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/04/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/15");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"agent", value:"unix");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:enterprise_manager_ops_center");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Misc.");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("oracle_enterprise_manager_ops_center_installed.nbin");
      script_require_keys("installed_sw/Oracle Enterprise Manager Ops Center");
    
      exit(0);
    }
    
    include('global_settings.inc');
    include('misc_func.inc');
    include('install_func.inc');
    
    get_kb_item_or_exit('Host/local_checks_enabled');
    app_name = 'Oracle Enterprise Manager Ops Center';
    
    install = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);
    version = install['version'];
    version_full = install['Full Patch Version'];
    path = install['path'];
    patch_version = install['Patch Version'];
    
    
    patchid = NULL;
    fix = NULL;
    
    if (version_full =~ "^12\.3\.3\.")
    {
      patchid = '29623885';
      fix = '1819';
    } 
    
    if (isnull(patchid))
      audit(AUDIT_HOST_NOT, 'affected');
    
    if (ver_compare(ver:patch_version, fix:fix, strict:FALSE) != -1)
      audit(AUDIT_INST_PATH_NOT_VULN, app_name, version_full, path);
    
    report = 
      '\n Path                : ' + path + 
      '\n Version             : ' + version + 
      '\n Ops Agent Version   : ' + version_full + 
      '\n Current Patch       : ' + patch_version + 
      '\n Fixed Patch Version : ' + fix +
      '\n Fix                 : ' + patchid;
    
    security_report_v4(extra:report, severity:SECURITY_HOLE, port:0);
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-1178.NASL
    descriptionThis update for apache2 fixes the following issues : Security issues fixed : - CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. (bsc#1109961) Bug fixes : - consider also patterns in APACHE_CONF_INCLUDE_DIRS as documentation says (patch Juergen Gleiss) This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-05
    modified2018-10-17
    plugin id118170
    published2018-10-17
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118170
    titleopenSUSE Security Update : apache2 (openSUSE-2018-1178)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2018-1178.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(118170);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2018-11763");
    
      script_name(english:"openSUSE Security Update : apache2 (openSUSE-2018-1178)");
      script_summary(english:"Check for the openSUSE-2018-1178 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for apache2 fixes the following issues :
    
    Security issues fixed :
    
      - CVE-2018-11763: In Apache HTTP Server by sending
        continuous, large SETTINGS frames a client can occupy a
        connection, server thread and CPU time without any
        connection timeout coming to effect. This affects only
        HTTP/2 connections. (bsc#1109961)
    
    Bug fixes :
    
      - consider also patterns in APACHE_CONF_INCLUDE_DIRS as
        documentation says (patch Juergen Gleiss)
    
    This update was imported from the SUSE:SLE-15:Update update project."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1109961"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected apache2 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-event");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-event-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-example-pages");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-prefork");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-prefork-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-utils-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-worker");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-worker-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2018/10/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/17");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-2.4.33-lp150.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-debuginfo-2.4.33-lp150.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-debugsource-2.4.33-lp150.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-devel-2.4.33-lp150.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-event-2.4.33-lp150.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-event-debuginfo-2.4.33-lp150.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-example-pages-2.4.33-lp150.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-prefork-2.4.33-lp150.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-prefork-debuginfo-2.4.33-lp150.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-utils-2.4.33-lp150.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-utils-debuginfo-2.4.33-lp150.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-worker-2.4.33-lp150.2.6.1") ) flag++;
    if ( rpm_check(release:"SUSE15.0", reference:"apache2-worker-debuginfo-2.4.33-lp150.2.6.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2 / apache2-debuginfo / apache2-debugsource / apache2-devel / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-3582-2.NASL
    descriptionThis update for apache2 fixes the following issues : Security issues fixed : CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. (bsc#1109961) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-10
    modified2018-12-06
    plugin id119449
    published2018-12-06
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119449
    titleSUSE SLES12 Security Update : apache2 (SUSE-SU-2018:3582-2)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2018:3582-2.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(119449);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/09");
    
      script_cve_id("CVE-2018-11763");
    
      script_name(english:"SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:3582-2)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "This update for apache2 fixes the following issues :
    
    Security issues fixed :
    
    CVE-2018-11763: In Apache HTTP Server by sending continuous, large
    SETTINGS frames a client can occupy a connection, server thread and
    CPU time without any connection timeout coming to effect. This affects
    only HTTP/2 connections. (bsc#1109961)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1109961"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-11763/"
      );
      # https://www.suse.com/support/update/announcement/2018/suse-su-20183582-2/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?b557a382"
      );
      script_set_attribute(
        attribute:"solution",
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t
    patch SUSE-SLE-SDK-12-SP4-2018-2541=1
    
    SUSE Linux Enterprise Server 12-SP4:zypper in -t patch
    SUSE-SLE-SERVER-12-SP4-2018-2541=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-example-pages");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-prefork");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-prefork-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-utils-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-worker");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-worker-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/12/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/12/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP4", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"4", reference:"apache2-2.4.23-29.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"apache2-debuginfo-2.4.23-29.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"apache2-debugsource-2.4.23-29.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"apache2-example-pages-2.4.23-29.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"apache2-prefork-2.4.23-29.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"apache2-prefork-debuginfo-2.4.23-29.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"apache2-utils-2.4.23-29.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"apache2-utils-debuginfo-2.4.23-29.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"apache2-worker-2.4.23-29.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"apache2-worker-debuginfo-2.4.23-29.27.2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2");
    }
    
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2019-1155.NASL
    descriptionIn Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.(CVE-2018-11763)
    last seen2020-03-17
    modified2019-01-25
    plugin id121368
    published2019-01-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121368
    titleAmazon Linux 2 : httpd (ALAS-2019-1155)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-3101-1.NASL
    descriptionThis update for apache2 fixes the following issues : Security issues fixed : CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. (bsc#1109961) Bug fixes: consider also patterns in APACHE_CONF_INCLUDE_DIRS as documentation says (patch Juergen Gleiss) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-18
    modified2019-01-02
    plugin id120127
    published2019-01-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120127
    titleSUSE SLES15 Security Update : apache2 (SUSE-SU-2018:3101-1)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2018-1104.NASL
    descriptionIn Apache HTTP Server, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.(CVE-2018-11763)
    last seen2020-06-01
    modified2020-06-02
    plugin id118835
    published2018-11-09
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118835
    titleAmazon Linux 2 : mod_http2 (ALAS-2018-1104)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2311.NASL
    descriptionAccording to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.(CVE-2018-11763) - In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.(CVE-2019-0211) - In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.(CVE-2018-17189) - In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.(CVE-2019-0215) - A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes (
    last seen2020-06-01
    modified2020-06-02
    plugin id131476
    published2019-12-03
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131476
    titleEulerOS Virtualization for ARM 64 3.0.3.0 : httpd (EulerOS-SA-2019-2311)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-6FFB18592F.NASL
    descriptionSecurity update for CVE-2018-11763 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120519
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120519
    titleFedora 28 : mod_http2 (2018-6ffb18592f)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_E182C076C18911E8A6D2B499BAEBFEAF.NASL
    descriptionThe Apache httpd project reports : low: DoS for HTTP/2 connections by continuous SETTINGS By sending continous SETTINGS frames of maximum size an ongoing HTTP/2 connection could be kept busy and would never time out. This can be abused for a DoS on the server. This only affect a server that has enabled the h2 protocol.
    last seen2020-06-01
    modified2020-06-02
    plugin id117724
    published2018-09-27
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117724
    titleFreeBSD : Apache -- Denial of service vulnerability in HTTP/2 (e182c076-c189-11e8-a6d2-b499baebfeaf)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0203_HTTPD.NASL
    descriptionAn update of the httpd package has been released.
    last seen2020-03-17
    modified2019-02-07
    plugin id122016
    published2019-02-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122016
    titlePhoton OS 1.0: Httpd PHSA-2019-1.0-0203
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-BB9D24C82D.NASL
    descriptionSecurity update for CVE-2018-11763 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-10-22
    plugin id118242
    published2018-10-22
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118242
    titleFedora 27 : mod_http2 (2018-bb9d24c82d)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-791.NASL
    descriptionThis update for apache2 fixes the following issues : Security issues fixed : - CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. (bsc#1109961) Bug fixes : - consider also patterns in APACHE_CONF_INCLUDE_DIRS as documentation says (patch Juergen Gleiss) This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id123337
    published2019-03-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123337
    titleopenSUSE Security Update : apache2 (openSUSE-2019-791)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2018-1104.NASL
    descriptionIn Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. (CVE-2018-11763)
    last seen2020-04-03
    modified2018-12-17
    plugin id119687
    published2018-12-17
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119687
    titleAmazon Linux AMI : httpd24 (ALAS-2018-1104)
  • NASL familyWeb Servers
    NASL idAPACHE_2_4_35.NASL
    descriptionAccording to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.35. It is, therefore, affected by the following vulnerability: - By sending continuous SETTINGS frames of maximum size an ongoing HTTP/2 connection could be kept busy and would never time out. This can be abused for a DoS on the server. This only affect a server that has enabled the h2 protocol. Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id117807
    published2018-09-27
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117807
    titleApache 2.4.x < 2.4.35 DoS
  • NASL familyCGI abuses
    NASL idORACLE_PRIMAVERA_P6_EPPM_CPU_APR_2019.NASL
    descriptionAccording to its self-reported version number, the Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) installation running on the remote web server is 8.4 prior to 8.4.15.10, 15.x prior to 15.2.18.4, 16.x prior to 16.2.17.2, 17.x prior to 17.12.12.0, or 18.x prior to 18.8.8.0. It is, therefore, affected by multiple vulnerabilities: - A deserialization vulnerability in Apache Commons FileUpload allows for remote code execution. (CVE-2016-1000031) - A denial of service vulnerability in the bundled third-party component OpenSSL library
    last seen2020-06-01
    modified2020-06-02
    plugin id124169
    published2019-04-19
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124169
    titleOracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-3582-1.NASL
    descriptionThis update for apache2 fixes the following issues : Security issues fixed : CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. (bsc#1109961) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id118566
    published2018-10-31
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118566
    titleSUSE SLES12 Security Update : apache2 (SUSE-SU-2018:3582-1)

Redhat

advisories
  • rhsa
    idRHSA-2018:3558
  • rhsa
    idRHSA-2019:0366
  • rhsa
    idRHSA-2019:0367
rpms
  • httpd24-curl-0:7.61.1-1.el6
  • httpd24-curl-0:7.61.1-1.el7
  • httpd24-curl-debuginfo-0:7.61.1-1.el6
  • httpd24-curl-debuginfo-0:7.61.1-1.el7
  • httpd24-httpd-0:2.4.34-7.el6
  • httpd24-httpd-0:2.4.34-7.el7
  • httpd24-httpd-debuginfo-0:2.4.34-7.el6
  • httpd24-httpd-debuginfo-0:2.4.34-7.el7
  • httpd24-httpd-devel-0:2.4.34-7.el6
  • httpd24-httpd-devel-0:2.4.34-7.el7
  • httpd24-httpd-manual-0:2.4.34-7.el6
  • httpd24-httpd-manual-0:2.4.34-7.el7
  • httpd24-httpd-tools-0:2.4.34-7.el6
  • httpd24-httpd-tools-0:2.4.34-7.el7
  • httpd24-libcurl-0:7.61.1-1.el6
  • httpd24-libcurl-0:7.61.1-1.el7
  • httpd24-libcurl-devel-0:7.61.1-1.el6
  • httpd24-libcurl-devel-0:7.61.1-1.el7
  • httpd24-libnghttp2-0:1.7.1-7.el6
  • httpd24-libnghttp2-0:1.7.1-7.el7
  • httpd24-libnghttp2-devel-0:1.7.1-7.el6
  • httpd24-libnghttp2-devel-0:1.7.1-7.el7
  • httpd24-mod_ldap-0:2.4.34-7.el6
  • httpd24-mod_ldap-0:2.4.34-7.el7
  • httpd24-mod_md-0:2.4.34-7.el7
  • httpd24-mod_proxy_html-1:2.4.34-7.el6
  • httpd24-mod_proxy_html-1:2.4.34-7.el7
  • httpd24-mod_session-0:2.4.34-7.el6
  • httpd24-mod_session-0:2.4.34-7.el7
  • httpd24-mod_ssl-1:2.4.34-7.el6
  • httpd24-mod_ssl-1:2.4.34-7.el7
  • httpd24-nghttp2-0:1.7.1-7.el6
  • httpd24-nghttp2-0:1.7.1-7.el7
  • httpd24-nghttp2-debuginfo-0:1.7.1-7.el6
  • httpd24-nghttp2-debuginfo-0:1.7.1-7.el7
  • jbcs-httpd24-0:1-6.jbcs.el6
  • jbcs-httpd24-0:1-6.jbcs.el7
  • jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-3.redhat_2.jbcs.el6
  • jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-3.redhat_2.jbcs.el7
  • jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-3.redhat_2.jbcs.el6
  • jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-3.redhat_2.jbcs.el7
  • jbcs-httpd24-apr-0:1.6.3-31.jbcs.el6
  • jbcs-httpd24-apr-0:1.6.3-31.jbcs.el7
  • jbcs-httpd24-apr-debuginfo-0:1.6.3-31.jbcs.el6
  • jbcs-httpd24-apr-debuginfo-0:1.6.3-31.jbcs.el7
  • jbcs-httpd24-apr-devel-0:1.6.3-31.jbcs.el6
  • jbcs-httpd24-apr-devel-0:1.6.3-31.jbcs.el7
  • jbcs-httpd24-apr-util-0:1.6.1-24.jbcs.el6
  • jbcs-httpd24-apr-util-0:1.6.1-24.jbcs.el7
  • jbcs-httpd24-apr-util-debuginfo-0:1.6.1-24.jbcs.el6
  • jbcs-httpd24-apr-util-debuginfo-0:1.6.1-24.jbcs.el7
  • jbcs-httpd24-apr-util-devel-0:1.6.1-24.jbcs.el6
  • jbcs-httpd24-apr-util-devel-0:1.6.1-24.jbcs.el7
  • jbcs-httpd24-apr-util-ldap-0:1.6.1-24.jbcs.el6
  • jbcs-httpd24-apr-util-ldap-0:1.6.1-24.jbcs.el7
  • jbcs-httpd24-apr-util-mysql-0:1.6.1-24.jbcs.el6
  • jbcs-httpd24-apr-util-mysql-0:1.6.1-24.jbcs.el7
  • jbcs-httpd24-apr-util-nss-0:1.6.1-24.jbcs.el6
  • jbcs-httpd24-apr-util-nss-0:1.6.1-24.jbcs.el7
  • jbcs-httpd24-apr-util-odbc-0:1.6.1-24.jbcs.el6
  • jbcs-httpd24-apr-util-odbc-0:1.6.1-24.jbcs.el7
  • jbcs-httpd24-apr-util-openssl-0:1.6.1-24.jbcs.el6
  • jbcs-httpd24-apr-util-openssl-0:1.6.1-24.jbcs.el7
  • jbcs-httpd24-apr-util-pgsql-0:1.6.1-24.jbcs.el6
  • jbcs-httpd24-apr-util-pgsql-0:1.6.1-24.jbcs.el7
  • jbcs-httpd24-apr-util-sqlite-0:1.6.1-24.jbcs.el6
  • jbcs-httpd24-apr-util-sqlite-0:1.6.1-24.jbcs.el7
  • jbcs-httpd24-httpd-0:2.4.29-35.jbcs.el6
  • jbcs-httpd24-httpd-0:2.4.29-35.jbcs.el7
  • jbcs-httpd24-httpd-debuginfo-0:2.4.29-35.jbcs.el6
  • jbcs-httpd24-httpd-debuginfo-0:2.4.29-35.jbcs.el7
  • jbcs-httpd24-httpd-devel-0:2.4.29-35.jbcs.el6
  • jbcs-httpd24-httpd-devel-0:2.4.29-35.jbcs.el7
  • jbcs-httpd24-httpd-manual-0:2.4.29-35.jbcs.el6
  • jbcs-httpd24-httpd-manual-0:2.4.29-35.jbcs.el7
  • jbcs-httpd24-httpd-selinux-0:2.4.29-35.jbcs.el6
  • jbcs-httpd24-httpd-selinux-0:2.4.29-35.jbcs.el7
  • jbcs-httpd24-httpd-tools-0:2.4.29-35.jbcs.el6
  • jbcs-httpd24-httpd-tools-0:2.4.29-35.jbcs.el7
  • jbcs-httpd24-mod_cluster-native-0:1.3.8-3.Final_redhat_2.jbcs.el6
  • jbcs-httpd24-mod_cluster-native-0:1.3.8-3.Final_redhat_2.jbcs.el7
  • jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-3.Final_redhat_2.jbcs.el6
  • jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-3.Final_redhat_2.jbcs.el7
  • jbcs-httpd24-mod_jk-ap24-0:1.2.46-1.redhat_1.jbcs.el6
  • jbcs-httpd24-mod_jk-ap24-0:1.2.46-1.redhat_1.jbcs.el7
  • jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-1.redhat_1.jbcs.el6
  • jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-1.redhat_1.jbcs.el7
  • jbcs-httpd24-mod_jk-manual-0:1.2.46-1.redhat_1.jbcs.el6
  • jbcs-httpd24-mod_jk-manual-0:1.2.46-1.redhat_1.jbcs.el7
  • jbcs-httpd24-mod_ldap-0:2.4.29-35.jbcs.el6
  • jbcs-httpd24-mod_ldap-0:2.4.29-35.jbcs.el7
  • jbcs-httpd24-mod_proxy_html-1:2.4.29-35.jbcs.el6
  • jbcs-httpd24-mod_proxy_html-1:2.4.29-35.jbcs.el7
  • jbcs-httpd24-mod_session-0:2.4.29-35.jbcs.el6
  • jbcs-httpd24-mod_session-0:2.4.29-35.jbcs.el7
  • jbcs-httpd24-mod_ssl-1:2.4.29-35.jbcs.el6
  • jbcs-httpd24-mod_ssl-1:2.4.29-35.jbcs.el7
  • jbcs-httpd24-nghttp2-0:1.29.0-9.jbcs.el6
  • jbcs-httpd24-nghttp2-0:1.29.0-9.jbcs.el7
  • jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-9.jbcs.el6
  • jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-9.jbcs.el7
  • jbcs-httpd24-nghttp2-devel-0:1.29.0-9.jbcs.el6
  • jbcs-httpd24-nghttp2-devel-0:1.29.0-9.jbcs.el7
  • jbcs-httpd24-openssl-1:1.0.2n-14.jbcs.el6
  • jbcs-httpd24-openssl-1:1.0.2n-14.jbcs.el7
  • jbcs-httpd24-openssl-debuginfo-1:1.0.2n-14.jbcs.el6
  • jbcs-httpd24-openssl-debuginfo-1:1.0.2n-14.jbcs.el7
  • jbcs-httpd24-openssl-devel-1:1.0.2n-14.jbcs.el6
  • jbcs-httpd24-openssl-devel-1:1.0.2n-14.jbcs.el7
  • jbcs-httpd24-openssl-libs-1:1.0.2n-14.jbcs.el6
  • jbcs-httpd24-openssl-libs-1:1.0.2n-14.jbcs.el7
  • jbcs-httpd24-openssl-perl-1:1.0.2n-14.jbcs.el6
  • jbcs-httpd24-openssl-perl-1:1.0.2n-14.jbcs.el7
  • jbcs-httpd24-openssl-static-1:1.0.2n-14.jbcs.el6
  • jbcs-httpd24-openssl-static-1:1.0.2n-14.jbcs.el7
  • jbcs-httpd24-runtime-0:1-6.jbcs.el6
  • jbcs-httpd24-runtime-0:1-6.jbcs.el7

References