Vulnerabilities > CVE-2018-18313 - Out-of-bounds Read vulnerability in multiple products

Part	Description	Count
Application	Perl Perl Perl - Perl Perl 0.1 Perl Perl 0.2 Perl Perl 0.3 Perl Perl 0.4 Perl Perl 0.5 Perl Perl 0.52 Perl Perl 0.61 Perl Perl 0.62 Perl Perl 0.63 Perl Perl 0.64 Perl Perl 0.65 Perl Perl 0.66 Perl Perl 0.67 Perl Perl 0.68 Perl Perl 0.69 Perl Perl 0.70 Perl Perl 0.71 Perl Perl 0.72 Perl Perl 0.73 Perl Perl 0.80 Perl Perl 0.81 Perl Perl 0.82 Perl Perl 0.83 Perl Perl 0.84 Perl Perl 0.85 Perl Perl 0.86 Perl Perl 0.87 Perl Perl 0.88 Perl Perl 0.89 Perl Perl 0.90 Perl Perl 0.91 Perl Perl 0.92 Perl Perl 0.93 Perl Perl 0.94 Perl Perl 0.95 Perl Perl 0.96 Perl Perl 0.97 Perl Perl 0.98 Perl Perl 0.99 Perl Perl 1.00 Perl Perl 1.0.15 Perl Perl 1.0.16 Perl Perl 1.01 Perl Perl 1.20 Perl Perl 1.21 Perl Perl 1.22 Perl Perl 1.31 Perl Perl 1.32 Perl Perl 1.40 Perl Perl 1.41 Perl Perl 1.42 Perl Perl 1.43 Perl Perl 1.44 Perl Perl 1.45 Perl Perl 1.46 Perl Perl 1.47 Perl Perl 1.48 Perl Perl 1.49 Perl Perl 2.0.0 Perl Perl 2.1.0 Perl Perl 2.1.1 Perl Perl 2.1.2 Perl Perl 2.1.3 Perl Perl 2.2.0 Perl Perl 2.2.1 Perl Perl 2.2.2 Perl Perl 2.3.0 Perl Perl 2.4.0 Perl Perl 2.5.0 Perl Perl 2.5.1 Perl Perl 2.6.0 Perl Perl 2.6.1 Perl Perl 2.6.2 Perl Perl 2.6.3 Perl Perl 2.6.4 Perl Perl 2.6.5 Perl Perl 2.6.6 Perl Perl 2.7.0 Perl Perl 2.7.1 Perl Perl 2.7.2 Perl Perl 2.8.0 Perl Perl 2.8.1 Perl Perl 2.8.2 Perl Perl 2.8.3 Perl Perl 2.8.4 Perl Perl 2.8.5 Perl Perl 2.8.6 Perl Perl 2.8.7 Perl Perl 2.8.8 Perl Perl 2.9.0 Perl Perl 2.9.1 Perl Perl 2.9.2 Perl Perl 2.10.0 Perl Perl 2.10.1 Perl Perl 2.10.2 Perl Perl 2.10.3 Perl Perl 2.10.4 Perl Perl 2.10.5 Perl Perl 2.10.6 Perl Perl 2.10.7 Perl Perl 2.11.0 Perl Perl 2.11.1 Perl Perl 2.11.2 Perl Perl 2.11.3 Perl Perl 2.11.4 Perl Perl 2.11.5 Perl Perl 2.11.6 Perl Perl 2.11.7 Perl Perl 2.11.8 Perl Perl 2.12.0 Perl Perl 2.13.0 Perl Perl 2.14.0 Perl Perl 2.14.1 Perl Perl 2.15.0 Perl Perl 2.15.1 Perl Perl 2.16.0 Perl Perl 2.16.1 Perl Perl 2.17.0 Perl Perl 2.17.1 Perl Perl 2.17.2 Perl Perl 2.18.0 Perl Perl 2.18.1 Perl Perl 5.000 Perl Perl 5.000O Perl Perl 5.001 Perl Perl 5.001N Perl Perl 5.002 Perl Perl 5.002_01 Perl Perl 5.003 Perl Perl 5.003_01 Perl Perl 5.003_02 Perl Perl 5.003_03 Perl Perl 5.003_04 Perl Perl 5.003_05 Perl Perl 5.003_07 Perl Perl 5.003_08 Perl Perl 5.003_09 Perl Perl 5.003_10 Perl Perl 5.003_11 Perl Perl 5.003_12 Perl Perl 5.003_13 Perl Perl 5.003_14 Perl Perl 5.003_15 Perl Perl 5.003_16 Perl Perl 5.003_17 Perl Perl 5.003_18 Perl Perl 5.003_19 Perl Perl 5.003_20 Perl Perl 5.003_21 Perl Perl 5.003_22 Perl Perl 5.003_23 Perl Perl 5.003_24 Perl Perl 5.003_25 Perl Perl 5.003_26 Perl Perl 5.003_27 Perl Perl 5.003_28 Perl Perl 5.003_90 Perl Perl 5.003_91 Perl Perl 5.003_92 Perl Perl 5.003_93 Perl Perl 5.003_94 Perl Perl 5.003_95 Perl Perl 5.003_96 Perl Perl 5.003_97 Perl Perl 5.003_97A Perl Perl 5.003_97B Perl Perl 5.003_97C Perl Perl 5.003_97D Perl Perl 5.003_97E Perl Perl 5.003_97F Perl Perl 5.003_97G Perl Perl 5.003_97H Perl Perl 5.003_97I Perl Perl 5.003_97J Perl Perl 5.003_98 Perl Perl 5.003_99 Perl Perl 5.003_99A Perl Perl 5.004 Perl Perl 5.004_01 Perl Perl 5.004_02 Perl Perl 5.004_03 Perl Perl 5.004_04 Perl Perl 5.004_05 Perl Perl 5.005 Perl Perl 5.005_01 Perl Perl 5.005_02 Perl Perl 5.005_03 Perl Perl 5.005_04 Perl Perl 5.6 Perl Perl 5.6.0 Perl Perl 5.6.1 Perl Perl 5.6.2 Perl Perl 5.7.3 Perl Perl 5.8 Perl Perl 5.8.0 Perl Perl 5.8.1 Perl Perl 5.8.2 Perl Perl 5.8.3 Perl Perl 5.8.4 Perl Perl 5.8.5 Perl Perl 5.8.6 Perl Perl 5.8.7 Perl Perl 5.8.8 Perl Perl 5.8.9 Perl Perl 5.8.10 Perl Perl 5.9.0 Perl Perl 5.9.1 Perl Perl 5.9.2 Perl Perl 5.9.3 Perl Perl 5.9.4 Perl Perl 5.9.5 Perl Perl 5.10 Perl Perl 5.10.0 Perl Perl 5.10.1 Perl Perl 5.11.0 Perl Perl 5.11.1 Perl Perl 5.11.2 Perl Perl 5.11.3 Perl Perl 5.11.4 Perl Perl 5.11.5 Perl Perl 5.12.0 Perl Perl 5.12.1 Perl Perl 5.12.2 Perl Perl 5.12.3 Perl Perl 5.12.4 Perl Perl 5.12.5 Perl Perl 5.13.0 Perl Perl 5.13.1 Perl Perl 5.13.2 Perl Perl 5.13.3 Perl Perl 5.13.4 Perl Perl 5.13.5 Perl Perl 5.13.6 Perl Perl 5.13.7 Perl Perl 5.13.8 Perl Perl 5.13.9 Perl Perl 5.13.10 Perl Perl 5.13.11 Perl Perl 5.14.0 Perl Perl 5.14.1 Perl Perl 5.14.2 Perl Perl 5.14.3 Perl Perl 5.14.4 Perl Perl 5.15.0 Perl Perl 5.15.1 Perl Perl 5.15.2 Perl Perl 5.15.3 Perl Perl 5.15.4 Perl Perl 5.15.5 Perl Perl 5.15.6 Perl Perl 5.15.7 Perl Perl 5.15.8 Perl Perl 5.15.9 Perl Perl 5.16.0 Perl Perl 5.16.1 Perl Perl 5.16.2 Perl Perl 5.16.3 Perl Perl 5.17.0 Perl Perl 5.17.1 Perl Perl 5.17.2 Perl Perl 5.17.3 Perl Perl 5.17.4 Perl Perl 5.17.5 Perl Perl 5.17.6 Perl Perl 5.17.7 Perl Perl 5.17.7.0 Perl Perl 5.17.8 Perl Perl 5.17.9 Perl Perl 5.17.10 Perl Perl 5.17.11 Perl Perl 5.18.0 Perl Perl 5.18.1 Perl Perl 5.18.2 Perl Perl 5.18.3 Perl Perl 5.18.4 Perl Perl 5.19.0 Perl Perl 5.19.1 Perl Perl 5.19.2 Perl Perl 5.19.3 Perl Perl 5.19.4 Perl Perl 5.19.5 Perl Perl 5.19.6 Perl Perl 5.19.7 Perl Perl 5.19.8 Perl Perl 5.19.9 Perl Perl 5.19.10 Perl Perl 5.19.11 Perl Perl 5.20.0 Perl Perl 5.20.1 Perl Perl 5.20.2 Perl Perl 5.20.3 Perl Perl 5.21.0 Perl Perl 5.21.1 Perl Perl 5.21.2 Perl Perl 5.21.3 Perl Perl 5.21.4 Perl Perl 5.21.5 Perl Perl 5.21.6 Perl Perl 5.21.7 Perl Perl 5.21.8 Perl Perl 5.21.9 Perl Perl 5.21.10 Perl Perl 5.21.11 Perl Perl 5.22 Perl Perl 5.22.0 Perl Perl 5.22.1 Perl Perl 5.22.2 Perl Perl 5.22.3 Perl Perl 5.22.4 Perl Perl 5.23.0 Perl Perl 5.23.1 Perl Perl 5.23.2 Perl Perl 5.23.3 Perl Perl 5.23.4 Perl Perl 5.23.5 Perl Perl 5.23.6 Perl Perl 5.23.7 Perl Perl 5.23.8 Perl Perl 5.23.9 Perl Perl 5.24.0 Perl Perl 5.24.1 Perl Perl 5.24.2 Perl Perl 5.24.3 Perl Perl 5.24.4 Perl Perl 5.25.0 Perl Perl 5.25.1 Perl Perl 5.25.2 Perl Perl 5.25.3 Perl Perl 5.25.4 Perl Perl 5.25.5 Perl Perl 5.25.6 Perl Perl 5.25.7 Perl Perl 5.25.8 Perl Perl 5.25.9 Perl Perl 5.25.10 Perl Perl 5.25.11 Perl Perl 5.25.12 Perl Perl 5.26.0 Perl Perl 5.26.1 Perl Perl 5.26.2	421
Application	Netapp Netapp E Series Santricity OS Controller 11.0 Netapp E Series Santricity OS Controller 11.0.0 Netapp E Series Santricity OS Controller 11.20 Netapp E Series Santricity OS Controller 11.25 Netapp E Series Santricity OS Controller 11.30 Netapp E Series Santricity OS Controller 11.30.5R3 Netapp E Series Santricity OS Controller 11.40 Netapp Snap Creator Framework - Netapp Snapdrive - Netapp Snapcenter -	10
OS	Canonical Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10	5
OS	Debian Debian Debian Linux 9.0	1
OS	Redhat Redhat Enterprise Linux 7.4 Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 6.0 Redhat Enterprise Linux 7.5 Redhat Enterprise Linux 7.6	5
OS	Apple Apple MAC OS X - Apple MAC OS X 10.0 Apple MAC OS X 10.0.0 Apple MAC OS X 10.0.1 Apple MAC OS X 10.0.2 Apple MAC OS X 10.0.3 Apple MAC OS X 10.0.4 Apple MAC OS X 10.1 Apple MAC OS X 10.1.0 Apple MAC OS X 10.1.1 Apple MAC OS X 10.1.2 Apple MAC OS X 10.1.3 Apple MAC OS X 10.1.4 Apple MAC OS X 10.1.5 Apple MAC OS X 10.2 Apple MAC OS X 10.2.0 Apple MAC OS X 10.2.1 Apple MAC OS X 10.2.2 Apple MAC OS X 10.2.3 Apple MAC OS X 10.2.4 Apple MAC OS X 10.2.5 Apple MAC OS X 10.2.6 Apple MAC OS X 10.2.7 Apple MAC OS X 10.2.8 Apple MAC OS X 10.3 Apple MAC OS X 10.3.0 Apple MAC OS X 10.3.1 Apple MAC OS X 10.3.2 Apple MAC OS X 10.3.3 Apple MAC OS X 10.3.4 Apple MAC OS X 10.3.5 Apple MAC OS X 10.3.6 Apple MAC OS X 10.3.7 Apple MAC OS X 10.3.8 Apple MAC OS X 10.3.9 Apple MAC OS X 10.4 Apple MAC OS X 10.4.0 Apple MAC OS X 10.4.1 Apple MAC OS X 10.4.2 Apple MAC OS X 10.4.3 Apple MAC OS X 10.4.4 Apple MAC OS X 10.4.5 Apple MAC OS X 10.4.6 Apple MAC OS X 10.4.7 Apple MAC OS X 10.4.8 Apple MAC OS X 10.4.9 Apple MAC OS X 10.4.10 Apple MAC OS X 10.4.11 Apple MAC OS X 10.5 Apple MAC OS X 10.5.0 Apple MAC OS X 10.5.1 Apple MAC OS X 10.5.2 Apple MAC OS X 10.5.3 Apple MAC OS X 10.5.4 Apple MAC OS X 10.5.5 Apple MAC OS X 10.5.6 Apple MAC OS X 10.5.7 Apple MAC OS X 10.5.8 Apple MAC OS X 10.6.0 Apple MAC OS X 10.6.1 Apple MAC OS X 10.6.2 Apple MAC OS X 10.6.3 Apple MAC OS X 10.6.4 Apple MAC OS X 10.6.5 Apple MAC OS X 10.6.6 Apple MAC OS X 10.6.7 Apple MAC OS X 10.6.8 Apple MAC OS X 10.7.0 Apple MAC OS X 10.7.1 Apple MAC OS X 10.7.2 Apple MAC OS X 10.7.3 Apple MAC OS X 10.7.4 Apple MAC OS X 10.7.5 Apple MAC OS X 10.8.0 Apple MAC OS X 10.8.1 Apple MAC OS X 10.8.2 Apple MAC OS X 10.8.3 Apple MAC OS X 10.8.4 Apple MAC OS X 10.8.5 Apple MAC OS X 10.9 Apple MAC OS X 10.9.1 Apple MAC OS X 10.9.2 Apple MAC OS X 10.9.3 Apple MAC OS X 10.9.4 Apple MAC OS X 10.9.5 Apple MAC OS X 10.10.0 Apple MAC OS X 10.10.1 Apple MAC OS X 10.10.2 Apple MAC OS X 10.10.3 Apple MAC OS X 10.10.4 Apple MAC OS X 10.10.5 Apple MAC OS X 10.11.0 Apple MAC OS X 10.11.1 Apple MAC OS X 10.11.2 Apple MAC OS X 10.11.3 Apple MAC OS X 10.11.4 Apple MAC OS X 10.11.5 Apple MAC OS X 10.11.6 Apple MAC OS X 10.12 Apple MAC OS X 10.12.0 Apple MAC OS X 10.12.1 Apple MAC OS X 10.12.2 Apple MAC OS X 10.12.3 Apple MAC OS X 10.12.4 Apple MAC OS X 10.12.5 Apple MAC OS X 10.12.6 Apple MAC OS X 10.13 Apple MAC OS X 10.13.0 Apple MAC OS X 10.13.1 Apple MAC OS X 10.13.2 Apple MAC OS X 10.13.3 Apple MAC OS X 10.13.4 Apple MAC OS X 10.13.5 Apple MAC OS X 10.13.6 Apple MAC OS X 10.14 Apple MAC OS X 10.14.0 Apple MAC OS X 10.14.1 Apple MAC OS X 10.14.2 Apple MAC OS X 10.14.3	158

Common Weakness Enumeration (CWE)

CWE-125 - Out-of-bounds Read

Common Attack Pattern Enumeration and Classification (CAPEC)

Overread Buffers
An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.

Nessus

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2018-CA03363D57.NASL
description	Security fix for CVE-2018-18311, CVE-2018-18312, CVE-2018-18313 and CVE-2018-18314 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2019-01-03
plugin id	120786
published	2019-01-03
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/120786
title	Fedora 28 : 4:perl (2018-ca03363d57)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2018-ca03363d57. # include("compat.inc"); if (description) { script_id(120786); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314"); script_xref(name:"FEDORA", value:"2018-ca03363d57"); script_name(english:"Fedora 28 : 4:perl (2018-ca03363d57)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Security fix for CVE-2018-18311, CVE-2018-18312, CVE-2018-18313 and CVE-2018-18314 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-ca03363d57" ); script_set_attribute( attribute:"solution", value:"Update the affected 4:perl package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:4:perl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:28"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/05"); script_set_attribute(attribute:"patch_publication_date", value:"2018/12/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/03"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^28([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 28", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC28", reference:"perl-5.26.3-415.fc28", epoch:"4")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "4:perl"); }

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-3834-1.NASL
description	Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-18311) Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18312) Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. (CVE-2018-18313) Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18314). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-13
modified	2018-12-04
plugin id	119337
published	2018-12-04
reporter	Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119337
title	Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : perl vulnerabilities (USN-3834-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-3834-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(119337); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/19"); script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314"); script_xref(name:"USN", value:"3834-1"); script_xref(name:"IAVA", value:"2018-A-0407-S"); script_name(english:"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : perl vulnerabilities (USN-3834-1)"); script_summary(english:"Checks dpkg output for updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Ubuntu host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-18311) Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18312) Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. (CVE-2018-18313) Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18314). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/3834-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected perl package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:perl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/05"); script_set_attribute(attribute:"patch_publication_date", value:"2018/12/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/12/04"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(14\.04\|16\.04\|18\.04\|18\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 14.04 / 16.04 / 18.04 / 18.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"14.04", pkgname:"perl", pkgver:"5.18.2-2ubuntu1.7")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"perl", pkgver:"5.22.1-9ubuntu0.6")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"perl", pkgver:"5.26.1-6ubuntu0.3")) flag++; if (ubuntu_check(osver:"18.10", pkgname:"perl", pkgver:"5.26.2-7ubuntu0.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl"); }

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201909-01.NASL
description	The remote host is affected by the vulnerability described in GLSA-201909-01 (Perl: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Perl. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	128590
published	2019-09-09
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128590
title	GLSA-201909-01 : Perl: Multiple vulnerabilities
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201909-01. # # The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(128590); script_version("1.2"); script_cvs_date("Date: 2019/12/31"); script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314", "CVE-2018-6797", "CVE-2018-6798", "CVE-2018-6913"); script_xref(name:"GLSA", value:"201909-01"); script_name(english:"GLSA-201909-01 : Perl: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201909-01 (Perl: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Perl. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201909-01" ); script_set_attribute( attribute:"solution", value: "All Perl users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/perl-5.28.2'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:perl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/17"); script_set_attribute(attribute:"patch_publication_date", value:"2019/09/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/09"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"dev-lang/perl", unaffected:make_list("ge 5.28.2"), vulnerable:make_list("lt 5.28.2"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Perl"); }

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-1029.NASL
description	This update for perl fixes the following issues : Secuirty issues fixed : - CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). - CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). - CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	123159
published	2019-03-27
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/123159
title	openSUSE Security Update : perl (openSUSE-2019-1029)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-1029. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(123159); script_version("1.2"); script_cvs_date("Date: 2020/01/31"); script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314"); script_name(english:"openSUSE Security Update : perl (openSUSE-2019-1029)"); script_summary(english:"Check for the openSUSE-2019-1029 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for perl fixes the following issues : Secuirty issues fixed : - CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). - CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). - CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1114674" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1114675" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1114681" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1114686" ); script_set_attribute(attribute:"solution", value:"Update the affected perl packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-base-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-base-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-debugsource"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/05"); script_set_attribute(attribute:"patch_publication_date", value:"2019/03/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/27"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"perl-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"perl-base-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"perl-base-debuginfo-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"perl-debuginfo-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"perl-debugsource-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"perl-32bit-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"perl-32bit-debuginfo-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"perl-base-32bit-5.26.1-lp150.6.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"perl-base-32bit-debuginfo-5.26.1-lp150.6.6.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl-32bit / perl-32bit-debuginfo / perl / perl-base-32bit / etc"); }

NASL family	MacOS X Local Security Checks
NASL id	MACOS_10_14_4.NASL
description	The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.4. It is, therefore, affected by multiple vulnerabilities, including: - Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges. (CVE-2019-8508) - An application may be able to execute arbitrary code with kernel privileges. (CVE-2019-8529) - A malicious application may be able to execute arbitrary code with system privileges (CVE-2019-8549)
last seen	2020-06-01
modified	2020-06-02
plugin id	123128
published	2019-03-27
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/123128
title	macOS 10.14.x < 10.14.4 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(123128); script_version("1.7"); script_cvs_date("Date: 2020/01/31"); script_cve_id( "CVE-2018-12015", "CVE-2018-18311", "CVE-2018-18313", "CVE-2019-6207", "CVE-2019-6237", "CVE-2019-6239", "CVE-2019-7293", "CVE-2019-8502", "CVE-2019-8504", "CVE-2019-8507", "CVE-2019-8508", "CVE-2019-8510", "CVE-2019-8511", "CVE-2019-8513", "CVE-2019-8514", "CVE-2019-8516", "CVE-2019-8517", "CVE-2019-8519", "CVE-2019-8520", "CVE-2019-8521", "CVE-2019-8522", "CVE-2019-8526", "CVE-2019-8527", "CVE-2019-8529", "CVE-2019-8530", "CVE-2019-8533", "CVE-2019-8537", "CVE-2019-8540", "CVE-2019-8542", "CVE-2019-8545", "CVE-2019-8546", "CVE-2019-8549", "CVE-2019-8550", "CVE-2019-8552", "CVE-2019-8555", "CVE-2019-8561", "CVE-2019-8565" ); script_bugtraq_id(104423, 106072, 106145); script_xref(name:"APPLE-SA", value:"APPLE-SA-2019-3-25-2"); script_name(english:"macOS 10.14.x < 10.14.4 Multiple Vulnerabilities"); script_summary(english:"Checks the version of Mac OS X / macOS."); script_set_attribute(attribute:"synopsis", value: "The remote host is missing a macOS update that fixes multiple security vulnerabilities."); script_set_attribute(attribute:"description", value: "The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.4. It is, therefore, affected by multiple vulnerabilities, including: - Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges. (CVE-2019-8508) - An application may be able to execute arbitrary code with kernel privileges. (CVE-2019-8529) - A malicious application may be able to execute arbitrary code with system privileges (CVE-2019-8549)"); script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT209600"); # https://lists.apple.com/archives/security-announce/2019/Mar/msg00001.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?71533e9d"); script_set_attribute(attribute:"solution", value: "Upgrade to macOS version 10.14.4 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-8527"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mac OS X Feedback Assistant Race Condition'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/25"); script_set_attribute(attribute:"patch_publication_date", value:"2019/03/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/27"); script_set_attribute(attribute:"plugin_type", value:"combined"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:macos"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl"); script_require_ports("Host/MacOSX/Version", "Host/OS"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); fix = "10.14.4"; minver = "10.14"; os = get_kb_item("Host/MacOSX/Version"); if (!os) { os = get_kb_item_or_exit("Host/OS"); if ("Mac OS X" >!< os) audit(AUDIT_OS_NOT, "macOS / Mac OS X"); c = get_kb_item("Host/OS/Confidence"); if (c <= 70) exit(1, "Can't determine the host's OS with sufficient confidence."); } if (!os) audit(AUDIT_OS_NOT, "macOS / Mac OS X"); matches = pregmatch(pattern:"Mac OS X ([0-9]+(\.[0-9]+)+)", string:os); if (empty_or_null(matches)) exit(1, "Failed to parse the macOS / Mac OS X version ('" + os + "')."); version = matches[1]; if (ver_compare(ver:version, minver:minver, fix:fix, strict:FALSE) == -1) { security_report_v4( port:0, severity:SECURITY_HOLE, extra: '\n Installed version : ' + version + '\n Fixed version : ' + fix + '\n' ); } else audit(AUDIT_INST_VER_NOT_VULN, "macOS / Mac OS X", version);

NASL family	MacOS X Local Security Checks
NASL id	MACOS_SECUPD_10_13_6_2019-002.NASL
description	The remote host is running macOS 10.13.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities including: - An application may be able to execute arbitrary code with kernel privileges. (CVE-2019-8529) - A local user may be able to read kernel memory. (CVE-2019-8504) - A malicious application may be able to determine kernel memory layout. (CVE-2019-6207, CVE-2019-8510) - 802.1X - DiskArbitration - Feedback Assistant - IOKit - IOKit SCSI - Kernel - PackageKit - Perl - Security - Time Machine - Wi-Fi
last seen	2020-03-18
modified	2019-03-27
plugin id	123130
published	2019-03-27
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/123130
title	macOS 10.13.6 Multiple Vulnerabilities (Security Update 2019-002)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(123130); script_version("1.9"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/13"); script_cve_id( "CVE-2018-12015", "CVE-2018-18311", "CVE-2018-18313", "CVE-2019-6207", "CVE-2019-8504", "CVE-2019-8510", "CVE-2019-8513", "CVE-2019-8520", "CVE-2019-8521", "CVE-2019-8522", "CVE-2019-8526", "CVE-2019-8527", "CVE-2019-8529", "CVE-2019-8555", "CVE-2019-8561", "CVE-2019-8564" ); script_bugtraq_id(104423, 106072, 106145); script_xref(name:"APPLE-SA", value:"APPLE-SA-2019-3-25-2"); script_name(english:"macOS 10.13.6 Multiple Vulnerabilities (Security Update 2019-002)"); script_summary(english:"Checks for the presence of Security Update 2019-002 (APPLE-SA-2019-3-25-2)"); script_set_attribute(attribute:"synopsis", value: "The remote host is missing a macOS security update that fixes multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The remote host is running macOS 10.13.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities including: - An application may be able to execute arbitrary code with kernel privileges. (CVE-2019-8529) - A local user may be able to read kernel memory. (CVE-2019-8504) - A malicious application may be able to determine kernel memory layout. (CVE-2019-6207, CVE-2019-8510) - 802.1X - DiskArbitration - Feedback Assistant - IOKit - IOKit SCSI - Kernel - PackageKit - Perl - Security - Time Machine - Wi-Fi"); script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT209600"); script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT209635"); # https://lists.apple.com/archives/security-announce/2019/Mar/msg00001.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?71533e9d"); script_set_attribute(attribute:"solution", value: "Install Security Update 2019-002 or later for 10.13.6."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-8527"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mac OS X TimeMachine (tmdiagnose) Command Injection Privilege Escalation'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/25"); script_set_attribute(attribute:"patch_publication_date", value:"2019/03/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/27"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:macos"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version", "Host/MacOSX/packages/boms"); exit(0); } include('lists.inc'); include('vcf.inc'); include('vcf_extras_apple.inc'); app_info = vcf::apple::macos::get_app_info(); constraints = [ { 'min_version' : '10.13', 'max_version' : '10.13.6', 'fixed_build': '17G6029', 'fixed_display' : '10.13.6 Security Update 2019-002' } ]; vcf::apple::macos::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);

NASL family	MacOS X Local Security Checks
NASL id	MACOS_SECUPD_10_12_6_2019-002.NASL
description	The remote host is running Mac OS X 10.12.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities including: - A malicious application may be able to execute arbitrary code with kernel privileges. (CVE-2019-8555) - A malicious application may be able to determine kernel memory layout. (CVE-2019-6207, CVE-2019-8510) - A malicious application may be able to read restricted memory. (CVE-2019-8520) - 802.1X - DiskArbitration - Feedback Assistant - IOKit - IOKit SCSI - Kernel - PackageKit - Perl - Security - Time Machine - Wi-Fi
last seen	2020-06-01
modified	2020-06-02
plugin id	123129
published	2019-03-27
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/123129
title	macOS and Mac OS X Multiple Vulnerabilities (Security Update 2019-002)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(123129); script_version("1.8"); script_cvs_date("Date: 2020/01/31"); script_cve_id( "CVE-2018-12015", "CVE-2018-18311", "CVE-2018-18313", "CVE-2019-6207", "CVE-2019-8508", "CVE-2019-8510", "CVE-2019-8513", "CVE-2019-8520", "CVE-2019-8521", "CVE-2019-8522", "CVE-2019-8526", "CVE-2019-8527", "CVE-2019-8530", "CVE-2019-8540", "CVE-2019-8555", "CVE-2019-8561", "CVE-2019-8564" ); script_bugtraq_id(104423, 106072, 106145); script_xref(name:"APPLE-SA", value:"APPLE-SA-2019-3-25-2"); script_name(english:"macOS and Mac OS X Multiple Vulnerabilities (Security Update 2019-002)"); script_summary(english:"Checks for the presence of Security Update 2019-002."); script_set_attribute(attribute:"synopsis", value: "The remote host is missing a macOS or Mac OS X security update that fixes multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The remote host is running Mac OS X 10.12.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities including: - A malicious application may be able to execute arbitrary code with kernel privileges. (CVE-2019-8555) - A malicious application may be able to determine kernel memory layout. (CVE-2019-6207, CVE-2019-8510) - A malicious application may be able to read restricted memory. (CVE-2019-8520) - 802.1X - DiskArbitration - Feedback Assistant - IOKit - IOKit SCSI - Kernel - PackageKit - Perl - Security - Time Machine - Wi-Fi"); script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT209600"); script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT209635"); # https://lists.apple.com/archives/security-announce/2019/Mar/msg00001.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?71533e9d"); script_set_attribute(attribute:"solution", value: "Install Security Update 2019-002 or later for 10.12.x."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-8527"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Mac OS X TimeMachine (tmdiagnose) Command Injection Privilege Escalation'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/25"); script_set_attribute(attribute:"patch_publication_date", value:"2019/03/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/27"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:macos"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version", "Host/MacOSX/packages/boms"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); # Compare 2 patch numbers to determine if patch requirements are satisfied. # Return true if this patch or a later patch is applied # Return false otherwise function check_patch(year, number) { local_var p_split = split(patch, sep:"-"); local_var p_year = int( p_split[0]); local_var p_num = int( p_split[1]); if (year > p_year) return TRUE; else if (year < p_year) return FALSE; else if (number >= p_num) return TRUE; else return FALSE; } get_kb_item_or_exit("Host/local_checks_enabled"); os = get_kb_item_or_exit("Host/MacOSX/Version"); if (!preg(pattern:"Mac OS X 10\.12\.6([^0-9]\|$)", string:os)) audit(AUDIT_OS_NOT, "Mac OS X 10.12.6"); patch = "2019-002"; packages = get_kb_item_or_exit("Host/MacOSX/packages/boms", exit_code:1); sec_boms_report = pgrep( pattern:"^com\.apple\.pkg\.update\.(security\.\|os\.SecUpd).*bom$", string:packages ); sec_boms = split(sec_boms_report, sep:'\n'); foreach package (sec_boms) { # Grab patch year and number matches = pregmatch(pattern:"[^0-9](20[0-9][0-9])[-.]([0-9]{3})[^0-9]", string:package); if (empty_or_null(matches)) continue; if (empty_or_null(matches[1]) \|\| empty_or_null(matches[2])) continue; patch_found = check_patch(year:int(matches[1]), number:int(matches[2])); if (patch_found) exit(0, "The host has Security Update " + patch + " or later installed and is therefore not affected."); } report = '\n Missing security update : ' + patch; report += '\n Installed security BOMs : '; if (sec_boms_report) report += str_replace(find:'\n', replace:'\n ', string:sec_boms_report); else report += 'n/a'; report += '\n'; security_report_v4(port:0, severity:SECURITY_HOLE, extra:report);

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-4347.NASL
description	Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2018-18311 Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input. - CVE-2018-18312 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow write during compilation, potentially allowing arbitrary code execution. - CVE-2018-18313 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow read during compilation which leads to information leak. - CVE-2018-18314 Jakub Wilk discovered that a specially crafted regular expression could lead to a heap-based buffer overflow.
last seen	2020-06-01
modified	2020-06-02
plugin id	119290
published	2018-11-30
reporter	This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119290
title	Debian DSA-4347-1 : perl - security update
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-4347. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(119290); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/19"); script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314"); script_xref(name:"DSA", value:"4347"); script_xref(name:"IAVA", value:"2018-A-0407-S"); script_name(english:"Debian DSA-4347-1 : perl - security update"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2018-18311 Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input. - CVE-2018-18312 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow write during compilation, potentially allowing arbitrary code execution. - CVE-2018-18313 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow read during compilation which leads to information leak. - CVE-2018-18314 Jakub Wilk discovered that a specially crafted regular expression could lead to a heap-based buffer overflow." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2018-18311" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2018-18312" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2018-18313" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2018-18314" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/perl" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/stretch/perl" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2018/dsa-4347" ); script_set_attribute( attribute:"solution", value: "Upgrade the perl packages. For the stable distribution (stretch), these problems have been fixed in version 5.24.1-3+deb9u5." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:perl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/05"); script_set_attribute(attribute:"patch_publication_date", value:"2018/11/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/11/30"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"9.0", prefix:"libperl-dev", reference:"5.24.1-3+deb9u5")) flag++; if (deb_check(release:"9.0", prefix:"libperl5.24", reference:"5.24.1-3+deb9u5")) flag++; if (deb_check(release:"9.0", prefix:"perl", reference:"5.24.1-3+deb9u5")) flag++; if (deb_check(release:"9.0", prefix:"perl-base", reference:"5.24.1-3+deb9u5")) flag++; if (deb_check(release:"9.0", prefix:"perl-debug", reference:"5.24.1-3+deb9u5")) flag++; if (deb_check(release:"9.0", prefix:"perl-doc", reference:"5.24.1-3+deb9u5")) flag++; if (deb_check(release:"9.0", prefix:"perl-modules-5.24", reference:"5.24.1-3+deb9u5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2018-4187-1.NASL
description	This update for perl fixes the following issues : Secuirty issues fixed : CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-18
modified	2019-01-02
plugin id	120189
published	2019-01-02
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/120189
title	SUSE SLED15 / SLES15 Security Update : perl (SUSE-SU-2018:4187-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2018:4187-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(120189); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/16"); script_cve_id("CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314"); script_name(english:"SUSE SLED15 / SLES15 Security Update : perl (SUSE-SU-2018:4187-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for perl fixes the following issues : Secuirty issues fixed : CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114674" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114675" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114681" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114686" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-18311/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-18312/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-18313/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-18314/" ); # https://www.suse.com/support/update/announcement/2018/suse-su-20184187-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1f588e88" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Module for Development Tools 15:zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2018-2984=1 SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2984=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-base-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-debugsource"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/05"); script_set_attribute(attribute:"patch_publication_date", value:"2018/12/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release !~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S\|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED15\|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0", os_ver + " SP" + sp); if (os_ver == "SLED15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"perl-32bit-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"perl-base-32bit-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"perl-base-32bit-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"perl-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"perl-base-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"perl-base-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"perl-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"perl-debugsource-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"perl-32bit-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"perl-base-32bit-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"perl-base-32bit-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"perl-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"perl-base-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"perl-base-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"perl-debuginfo-5.26.1-7.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"perl-debugsource-5.26.1-7.6.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "perl"); }

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2018-1595.NASL
description	This update for perl fixes the following issues : Secuirty issues fixed : - CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). - CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). - CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-05
modified	2018-12-24
plugin id	119863
published	2018-12-24
reporter	This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119863
title	openSUSE Security Update : perl (openSUSE-2018-1595)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2018-9DBE983805.NASL
description	Security fix for CVE-2018-18311, CVE-2018-18312, CVE-2018-18313 and CVE-2018-18314 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2019-01-03
plugin id	120656
published	2019-01-03
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/120656
title	Fedora 29 : 4:perl (2018-9dbe983805)

NASL family	PhotonOS Local Security Checks
NASL id	PHOTONOS_PHSA-2019-2_0-0135_PERL.NASL
description	An update of the perl package has been released.
last seen	2020-06-01
modified	2020-06-02
plugin id	122912
published	2019-03-18
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/122912
title	Photon OS 2.0: Perl PHSA-2019-2.0-0135

NASL family	PhotonOS Local Security Checks
NASL id	PHOTONOS_PHSA-2019-1_0-0212_PERL.NASL
description	An update of the perl package has been released.
last seen	2020-06-01
modified	2020-06-02
plugin id	122923
published	2019-03-18
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/122923
title	Photon OS 1.0: Perl PHSA-2019-1.0-0212

Redhat

advisories

rhsa
id RHSA-2019:0001
rhsa
id RHSA-2019:0010

rpms

rh-perl526-perl-4:5.26.3-405.el7
rh-perl526-perl-Attribute-Handlers-0:0.99-405.el7
rh-perl526-perl-Devel-Peek-0:1.26-405.el7
rh-perl526-perl-Devel-SelfStubber-0:1.06-405.el7
rh-perl526-perl-Errno-0:1.28-405.el7
rh-perl526-perl-ExtUtils-Embed-0:1.34-405.el7
rh-perl526-perl-ExtUtils-Miniperl-0:1.06-405.el7
rh-perl526-perl-IO-0:1.38-405.el7
rh-perl526-perl-IO-Zlib-1:1.10-405.el7
rh-perl526-perl-Locale-Maketext-Simple-1:0.21-405.el7
rh-perl526-perl-Math-Complex-0:1.59-405.el7
rh-perl526-perl-Memoize-0:1.03-405.el7
rh-perl526-perl-Module-CoreList-1:5.20181130-1.el7
rh-perl526-perl-Module-CoreList-tools-1:5.20181130-1.el7
rh-perl526-perl-Module-Loaded-1:0.08-405.el7
rh-perl526-perl-Net-Ping-0:2.55-405.el7
rh-perl526-perl-Pod-Html-0:1.22.02-405.el7
rh-perl526-perl-SelfLoader-0:1.23-405.el7
rh-perl526-perl-Test-0:1.30-405.el7
rh-perl526-perl-Time-Piece-0:1.31-405.el7
rh-perl526-perl-debuginfo-4:5.26.3-405.el7
rh-perl526-perl-devel-4:5.26.3-405.el7
rh-perl526-perl-interpreter-4:5.26.3-405.el7
rh-perl526-perl-libnetcfg-4:5.26.3-405.el7
rh-perl526-perl-libs-4:5.26.3-405.el7
rh-perl526-perl-macros-4:5.26.3-405.el7
rh-perl526-perl-open-0:1.11-405.el7
rh-perl526-perl-tests-4:5.26.3-405.el7
rh-perl526-perl-utils-0:5.26.3-405.el7
rh-perl524-perl-4:5.24.0-381.el6
rh-perl524-perl-4:5.24.0-381.el7
rh-perl524-perl-Attribute-Handlers-0:0.99-381.el6
rh-perl524-perl-Attribute-Handlers-0:0.99-381.el7
rh-perl524-perl-Devel-Peek-0:1.23-381.el6
rh-perl524-perl-Devel-Peek-0:1.23-381.el7
rh-perl524-perl-Devel-SelfStubber-0:1.05-381.el6
rh-perl524-perl-Devel-SelfStubber-0:1.05-381.el7
rh-perl524-perl-Errno-0:1.25-381.el6
rh-perl524-perl-Errno-0:1.25-381.el7
rh-perl524-perl-ExtUtils-Embed-0:1.33-381.el6
rh-perl524-perl-ExtUtils-Embed-0:1.33-381.el7
rh-perl524-perl-ExtUtils-Miniperl-0:1.05-381.el6
rh-perl524-perl-ExtUtils-Miniperl-0:1.05-381.el7
rh-perl524-perl-IO-0:1.36-381.el6
rh-perl524-perl-IO-0:1.36-381.el7
rh-perl524-perl-IO-Zlib-1:1.10-381.el6
rh-perl524-perl-IO-Zlib-1:1.10-381.el7
rh-perl524-perl-Locale-Maketext-Simple-1:0.21-381.el6
rh-perl524-perl-Locale-Maketext-Simple-1:0.21-381.el7
rh-perl524-perl-Math-BigInt-FastCalc-0:0.40-381.el6
rh-perl524-perl-Math-BigInt-FastCalc-0:0.40-381.el7
rh-perl524-perl-Math-BigRat-0:0.2608.02-381.el6
rh-perl524-perl-Math-BigRat-0:0.2608.02-381.el7
rh-perl524-perl-Math-Complex-0:1.59-381.el6
rh-perl524-perl-Math-Complex-0:1.59-381.el7
rh-perl524-perl-Memoize-0:1.03-381.el6
rh-perl524-perl-Memoize-0:1.03-381.el7
rh-perl524-perl-Module-Loaded-1:0.08-381.el6
rh-perl524-perl-Module-Loaded-1:0.08-381.el7
rh-perl524-perl-Net-Ping-0:2.43-381.el6
rh-perl524-perl-Net-Ping-0:2.43-381.el7
rh-perl524-perl-Pod-Html-0:1.22-381.el6
rh-perl524-perl-Pod-Html-0:1.22-381.el7
rh-perl524-perl-SelfLoader-0:1.23-381.el6
rh-perl524-perl-SelfLoader-0:1.23-381.el7
rh-perl524-perl-Test-0:1.28-381.el6
rh-perl524-perl-Test-0:1.28-381.el7
rh-perl524-perl-Time-Piece-0:1.31-381.el6
rh-perl524-perl-Time-Piece-0:1.31-381.el7
rh-perl524-perl-bignum-0:0.42-381.el6
rh-perl524-perl-bignum-0:0.42-381.el7
rh-perl524-perl-core-0:5.24.0-381.el6
rh-perl524-perl-core-0:5.24.0-381.el7
rh-perl524-perl-debuginfo-4:5.24.0-381.el6
rh-perl524-perl-debuginfo-4:5.24.0-381.el7
rh-perl524-perl-devel-4:5.24.0-381.el6
rh-perl524-perl-devel-4:5.24.0-381.el7
rh-perl524-perl-libnetcfg-4:5.24.0-381.el6
rh-perl524-perl-libnetcfg-4:5.24.0-381.el7
rh-perl524-perl-libs-4:5.24.0-381.el6
rh-perl524-perl-libs-4:5.24.0-381.el7
rh-perl524-perl-macros-4:5.24.0-381.el6
rh-perl524-perl-macros-4:5.24.0-381.el7
rh-perl524-perl-open-0:1.10-381.el6
rh-perl524-perl-open-0:1.10-381.el7
rh-perl524-perl-tests-4:5.24.0-381.el6
rh-perl524-perl-tests-4:5.24.0-381.el7
rh-perl524-perl-utils-0:5.24.0-381.el6
rh-perl524-perl-utils-0:5.24.0-381.el7

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

Redhat

References