Vulnerabilities > CVE-2018-2767

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include("compat.inc");

if (description)
{
  script_id(111806);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24");

  script_cve_id("CVE-2017-10268", "CVE-2017-10378", "CVE-2017-10379", "CVE-2017-10384", "CVE-2017-3636", "CVE-2017-3641", "CVE-2017-3651", "CVE-2017-3653", "CVE-2018-2562", "CVE-2018-2622", "CVE-2018-2640", "CVE-2018-2665", "CVE-2018-2668", "CVE-2018-2755", "CVE-2018-2761", "CVE-2018-2767", "CVE-2018-2771", "CVE-2018-2781", "CVE-2018-2813", "CVE-2018-2817", "CVE-2018-2819");

  script_name(english:"Scientific Linux Security Update : mariadb on SL7.x x86_64 (20180816)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The following packages have been upgraded to a later upstream version:
mariadb (5.5.60).

Security Fix(es) :

  - mysql: Client programs unspecified vulnerability (CPU
    Jul 2017) (CVE-2017-3636)

  - mysql: Server: DML unspecified vulnerability (CPU Jul
    2017) (CVE-2017-3641)

  - mysql: Client mysqldump unspecified vulnerability (CPU
    Jul 2017) (CVE-2017-3651)

  - mysql: Server: Replication unspecified vulnerability
    (CPU Oct 2017) (CVE-2017-10268)

  - mysql: Server: Optimizer unspecified vulnerability (CPU
    Oct 2017) (CVE-2017-10378)

  - mysql: Client programs unspecified vulnerability (CPU
    Oct 2017) (CVE-2017-10379)

  - mysql: Server: DDL unspecified vulnerability (CPU Oct
    2017) (CVE-2017-10384)

  - mysql: Server: Partition unspecified vulnerability (CPU
    Jan 2018) (CVE-2018-2562)

  - mysql: Server: DDL unspecified vulnerability (CPU Jan
    2018) (CVE-2018-2622)

  - mysql: Server: Optimizer unspecified vulnerability (CPU
    Jan 2018) (CVE-2018-2640)

  - mysql: Server: Optimizer unspecified vulnerability (CPU
    Jan 2018) (CVE-2018-2665)

  - mysql: Server: Optimizer unspecified vulnerability (CPU
    Jan 2018) (CVE-2018-2668)

  - mysql: Server: Replication unspecified vulnerability
    (CPU Apr 2018) (CVE-2018-2755)

  - mysql: Client programs unspecified vulnerability (CPU
    Apr 2018) (CVE-2018-2761)

  - mysql: Server: Locking unspecified vulnerability (CPU
    Apr 2018) (CVE-2018-2771)

  - mysql: Server: Optimizer unspecified vulnerability (CPU
    Apr 2018) (CVE-2018-2781)

  - mysql: Server: DDL unspecified vulnerability (CPU Apr
    2018) (CVE-2018-2813)

  - mysql: Server: DDL unspecified vulnerability (CPU Apr
    2018) (CVE-2018-2817)

  - mysql: InnoDB unspecified vulnerability (CPU Apr 2018)
    (CVE-2018-2819)

  - mysql: Server: DDL unspecified vulnerability (CPU Jul
    2017) (CVE-2017-3653)

  - mysql: use of SSL/TLS not enforced in libmysqld (Return
    of BACKRONYM) (CVE-2018-2767)

Bug Fix(es) :

  - Previously, the mysqladmin tool waited for an inadequate
    length of time if the socket it listened on did not
    respond in a specific way. Consequently, when the socket
    was used while the MariaDB server was starting, the
    mariadb service became unresponsive for a long time.
    With this update, the mysqladmin timeout has been
    shortened to 2 seconds. As a result, the mariadb service
    either starts or fails but no longer hangs in the
    described situation."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1808&L=scientific-linux-errata&F=&S=&P=2075
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?1b3ca8f6"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-bench");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-embedded");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-embedded-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-test");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/08/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/17");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);


flag = 0;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-bench-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-debuginfo-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-devel-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-embedded-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-embedded-devel-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-libs-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-server-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-test-5.5.60-1.el7_5")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mariadb / mariadb-bench / mariadb-debuginfo / mariadb-devel / etc");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1069.
#

include("compat.inc");

if (description)
{
  script_id(112096);
  script_version("1.3");
  script_cvs_date("Date: 2019/07/10 16:04:12");

  script_cve_id("CVE-2018-0739", "CVE-2018-2767", "CVE-2018-3058", "CVE-2018-3062", "CVE-2018-3064", "CVE-2018-3066", "CVE-2018-3070", "CVE-2018-3081");
  script_xref(name:"ALAS", value:"2018-1069");

  script_name(english:"Amazon Linux AMI : mysql56 (ALAS-2018-1069)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux AMI host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Client mysqldump). Supported versions that are affected
are 5.6.40 and prior. Easily exploitable vulnerability allows low
privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score
6.5 (Availability impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).(CVE-2018-3070)

Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Security: Encryption). Supported versions that
are affected are 5.6.40 and prior. Difficult to exploit vulnerability
allows low privileged attacker with network access via multiple
protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized read access to a subset of
MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality
impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).(CVE-2018-2767)

Vulnerability in the MySQL Client component of Oracle MySQL
(subcomponent: Client programs). Supported versions that are affected
are 5.6.40 and prior. Difficult to exploit vulnerability allows high
privileged attacker with network access via multiple protocols to
compromise MySQL Client. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Client as well as
unauthorized update, insert or delete access to some of MySQL Client
accessible data. CVSS 3.0 Base Score 5.0 (Integrity and Availability
impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H).(CVE-2018-3081)

Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Memcached). Supported versions that are
affected are 5.6.40 and prior. Difficult to exploit vulnerability
allows low privileged attacker with network access via memcached to
compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score
5.3 (Availability impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).(CVE-2018-3062)

Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: Options). Supported versions that are affected
5.6.40 and prior. Difficult to exploit vulnerability allows high
privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized update, insert or delete access to some of
MySQL Server accessible data as well as unauthorized read access to a
subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3
(Confidentiality and Integrity impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).(CVE-2018-3066)

Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: InnoDB). Supported versions that are affected are
5.6.40 and prior. Easily exploitable vulnerability allows low
privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server as well as
unauthorized update, insert or delete access to some of MySQL Server
accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability
impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).(CVE-2018-3064)

Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: MyISAM). Supported versions that are affected are
5.6.40 and prior. Easily exploitable vulnerability allows low
privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized update, insert or delete access to some of
MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity
impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).(CVE-2018-3058)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/ALAS-2018-1069.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Run 'yum update mysql56' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql56");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql56-bench");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql56-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql56-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql56-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql56-embedded");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql56-embedded-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql56-errmsg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql56-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql56-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql56-test");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/08/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/24");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"mysql56-5.6.41-1.30.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql56-bench-5.6.41-1.30.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql56-common-5.6.41-1.30.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql56-debuginfo-5.6.41-1.30.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql56-devel-5.6.41-1.30.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql56-embedded-5.6.41-1.30.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql56-embedded-devel-5.6.41-1.30.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql56-errmsg-5.6.41-1.30.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql56-libs-5.6.41-1.30.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql56-server-5.6.41-1.30.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql56-test-5.6.41-1.30.amzn1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql56 / mysql56-bench / mysql56-common / mysql56-debuginfo / etc");
}

#
# (C) Tenable Network Security, Inc.
#

# The descriptive text and package checks in this plugin were
# extracted from ZTE advisory NS-SA-2019-0034. The text
# itself is copyright (C) ZTE, Inc.

include("compat.inc");

if (description)
{
  script_id(127203);
  script_version("1.2");
  script_cvs_date("Date: 2019/10/17 14:31:04");

  script_cve_id(
    "CVE-2017-3636",
    "CVE-2017-3641",
    "CVE-2017-3651",
    "CVE-2017-3653",
    "CVE-2017-10268",
    "CVE-2017-10378",
    "CVE-2017-10379",
    "CVE-2017-10384",
    "CVE-2018-2562",
    "CVE-2018-2622",
    "CVE-2018-2640",
    "CVE-2018-2665",
    "CVE-2018-2668",
    "CVE-2018-2755",
    "CVE-2018-2761",
    "CVE-2018-2767",
    "CVE-2018-2771",
    "CVE-2018-2781",
    "CVE-2018-2813",
    "CVE-2018-2817",
    "CVE-2018-2819",
    "CVE-2018-3133",
    "CVE-2019-2455"
  );

  script_name(english:"NewStart CGSL CORE 5.04 / MAIN 5.04 : mariadb Multiple Vulnerabilities (NS-SA-2019-0034)");

  script_set_attribute(attribute:"synopsis", value:
"The remote machine is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has mariadb packages installed that are affected
by multiple vulnerabilities:

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Client mysqldump). Supported
    versions that are affected are 5.5.56 and earlier,
    5.6.36 and earlier and 5.7.18 and earlier. Easily
    exploitable vulnerability allows low privileged attacker
    with network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized update, insert or delete
    access to some of MySQL Server accessible data. CVSS 3.0
    Base Score 4.3 (Integrity impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
    (CVE-2017-3651)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Client programs). Supported
    versions that are affected are 5.5.56 and earlier and
    5.6.36 and earlier. Easily exploitable vulnerability
    allows low privileged attacker with logon to the
    infrastructure where MySQL Server executes to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized update, insert or delete
    access to some of MySQL Server accessible data as well
    as unauthorized read access to a subset of MySQL Server
    accessible data and unauthorized ability to cause a
    partial denial of service (partial DOS) of MySQL Server.
    CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and
    Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).
    (CVE-2017-3636)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: DML). Supported versions
    that are affected are 5.5.56 and earlier, 5.6.36 and
    earlier and 5.7.18 and earlier. Easily exploitable
    vulnerability allows high privileged attacker with
    network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized ability to cause a hang or
    frequently repeatable crash (complete DOS) of MySQL
    Server. CVSS 3.0 Base Score 4.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2017-3641)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: DDL). Supported versions
    that are affected are 5.5.56 and earlier, 5.6.36 and
    earlier and 5.7.18 and earlier. Difficult to exploit
    vulnerability allows low privileged attacker with
    network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized update, insert or delete
    access to some of MySQL Server accessible data. CVSS 3.0
    Base Score 3.1 (Integrity impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).
    (CVE-2017-3653)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: Optimizer). Supported
    versions that are affected are 5.5.57 and earlier,
    5.6.37 and earlier and 5.7.11 and earlier. Easily
    exploitable vulnerability allows low privileged attacker
    with network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized ability to cause a hang or
    frequently repeatable crash (complete DOS) of MySQL
    Server. CVSS 3.0 Base Score 6.5 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2017-10378)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: Replication). Supported
    versions that are affected are 5.5.57 and earlier,
    5.6.37 and earlier and 5.7.19 and earlier. Difficult to
    exploit vulnerability allows high privileged attacker
    with logon to the infrastructure where MySQL Server
    executes to compromise MySQL Server. Successful attacks
    of this vulnerability can result in unauthorized access
    to critical data or complete access to all MySQL Server
    accessible data. CVSS 3.0 Base Score 4.1
    (Confidentiality impacts). CVSS Vector:
    (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).
    (CVE-2017-10268)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Client programs). Supported
    versions that are affected are 5.5.57 and earlier,
    5.6.37 and earlier and 5.7.19 and earlier. Easily
    exploitable vulnerability allows low privileged attacker
    with network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized access to critical data or
    complete access to all MySQL Server accessible data.
    CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS
    Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
    (CVE-2017-10379)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: DDL). Supported versions
    that are affected are 5.5.57 and earlier 5.6.37 and
    earlier 5.7.19 and earlier. Easily exploitable
    vulnerability allows low privileged attacker with
    network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized ability to cause a hang or
    frequently repeatable crash (complete DOS) of MySQL
    Server. CVSS 3.0 Base Score 6.5 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2017-10384)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: Replication). Supported
    versions that are affected are 5.5.59 and prior, 5.6.39
    and prior and 5.7.21 and prior. Difficult to exploit
    vulnerability allows unauthenticated attacker with logon
    to the infrastructure where MySQL Server executes to
    compromise MySQL Server. Successful attacks require
    human interaction from a person other than the attacker
    and while the vulnerability is in MySQL Server, attacks
    may significantly impact additional products. Successful
    attacks of this vulnerability can result in takeover of
    MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality,
    Integrity and Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
    (CVE-2018-2755)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: Security: Encryption).
    Supported versions that are affected are 5.5.60 and
    prior, 5.6.40 and prior and 5.7.22 and prior. Difficult
    to exploit vulnerability allows low privileged attacker
    with network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized read access to a subset of
    MySQL Server accessible data. CVSS 3.0 Base Score 3.1
    (Confidentiality impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).
    (CVE-2018-2767)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server : Partition). Supported
    versions that are affected are 5.5.58 and prior, 5.6.38
    and prior and 5.7.19 and prior. Easily exploitable
    vulnerability allows low privileged attacker with
    network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized ability to cause a hang or
    frequently repeatable crash (complete DOS) of MySQL
    Server as well as unauthorized update, insert or delete
    access to some of MySQL Server accessible data. CVSS 3.0
    Base Score 7.1 (Integrity and Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).
    (CVE-2018-2562)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: DDL). Supported versions
    that are affected are 5.5.58 and prior, 5.6.38 and prior
    and 5.7.20 and prior. Easily exploitable vulnerability
    allows low privileged attacker with network access via
    multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in
    unauthorized ability to cause a hang or frequently
    repeatable crash (complete DOS) of MySQL Server. CVSS
    3.0 Base Score 6.5 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2018-2622)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: Optimizer). Supported
    versions that are affected are 5.5.58 and prior, 5.6.38
    and prior and 5.7.20 and prior. Easily exploitable
    vulnerability allows low privileged attacker with
    network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized ability to cause a hang or
    frequently repeatable crash (complete DOS) of MySQL
    Server. CVSS 3.0 Base Score 6.5 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2018-2640, CVE-2018-2665, CVE-2018-2668)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Client programs). Supported
    versions that are affected are 5.5.59 and prior, 5.6.39
    and prior and 5.7.21 and prior. Difficult to exploit
    vulnerability allows unauthenticated attacker with
    network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized ability to cause a hang or
    frequently repeatable crash (complete DOS) of MySQL
    Server. CVSS 3.0 Base Score 5.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2018-2761)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: Locking). Supported
    versions that are affected are 5.5.59 and prior, 5.6.39
    and prior and 5.7.21 and prior. Difficult to exploit
    vulnerability allows high privileged attacker with
    network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized ability to cause a hang or
    frequently repeatable crash (complete DOS) of MySQL
    Server. CVSS 3.0 Base Score 4.4 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2018-2771)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: Optimizer). Supported
    versions that are affected are 5.5.59 and prior, 5.6.39
    and prior and 5.7.21 and prior. Easily exploitable
    vulnerability allows high privileged attacker with
    network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized ability to cause a hang or
    frequently repeatable crash (complete DOS) of MySQL
    Server. CVSS 3.0 Base Score 4.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2018-2781)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: DDL). Supported versions
    that are affected are 5.5.59 and prior, 5.6.39 and prior
    and 5.7.21 and prior. Easily exploitable vulnerability
    allows low privileged attacker with network access via
    multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in
    unauthorized read access to a subset of MySQL Server
    accessible data. CVSS 3.0 Base Score 4.3
    (Confidentiality impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
    (CVE-2018-2813)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: DDL). Supported versions
    that are affected are 5.5.59 and prior, 5.6.39 and prior
    and 5.7.21 and prior. Easily exploitable vulnerability
    allows low privileged attacker with network access via
    multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in
    unauthorized ability to cause a hang or frequently
    repeatable crash (complete DOS) of MySQL Server. CVSS
    3.0 Base Score 6.5 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2018-2817)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: InnoDB). Supported versions that
    are affected are 5.5.59 and prior, 5.6.39 and prior and
    5.7.21 and prior. Easily exploitable vulnerability
    allows low privileged attacker with network access via
    multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in
    unauthorized ability to cause a hang or frequently
    repeatable crash (complete DOS) of MySQL Server. CVSS
    3.0 Base Score 6.5 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2018-2819)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: Parser). Supported versions
    that are affected are 5.6.42 and prior, 5.7.24 and prior
    and 8.0.13 and prior. Easily exploitable vulnerability
    allows low privileged attacker with network access via
    multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in
    unauthorized ability to cause a hang or frequently
    repeatable crash (complete DOS) of MySQL Server. CVSS
    3.0 Base Score 6.5 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2019-2455)

  - Vulnerability in the MySQL Server component of Oracle
    MySQL (subcomponent: Server: Parser). Supported versions
    that are affected are 5.5.61 and prior, 5.6.41 and
    prior, 5.7.23 and prior and 8.0.12 and prior. Easily
    exploitable vulnerability allows low privileged attacker
    with network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability
    can result in unauthorized ability to cause a hang or
    frequently repeatable crash (complete DOS) of MySQL
    Server. CVSS 3.0 Base Score 6.5 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2018-3133)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"http://security.gd-linux.com/notice/NS-SA-2019-0034");
  script_set_attribute(attribute:"solution", value:
"Upgrade the vulnerable CGSL mariadb packages. Note that updated packages may not be available yet. Please contact ZTE
for more information.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-2562");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/07/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"NewStart CGSL Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/ZTE-CGSL/release");
if (isnull(release) || release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, "NewStart Carrier Grade Server Linux");

if (release !~ "CGSL CORE 5.04" &&
    release !~ "CGSL MAIN 5.04")
  audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');

if (!get_kb_item("Host/ZTE-CGSL/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "NewStart Carrier Grade Server Linux", cpu);

flag = 0;

pkgs = {
  "CGSL CORE 5.04": [
    "mariadb-5.5.60-1.el7_5",
    "mariadb-bench-5.5.60-1.el7_5",
    "mariadb-debuginfo-5.5.60-1.el7_5",
    "mariadb-devel-5.5.60-1.el7_5",
    "mariadb-embedded-5.5.60-1.el7_5",
    "mariadb-embedded-devel-5.5.60-1.el7_5",
    "mariadb-libs-5.5.60-1.el7_5",
    "mariadb-server-5.5.60-1.el7_5",
    "mariadb-test-5.5.60-1.el7_5"
  ],
  "CGSL MAIN 5.04": [
    "mariadb-5.5.60-1.el7_5",
    "mariadb-bench-5.5.60-1.el7_5",
    "mariadb-debuginfo-5.5.60-1.el7_5",
    "mariadb-devel-5.5.60-1.el7_5",
    "mariadb-embedded-5.5.60-1.el7_5",
    "mariadb-embedded-devel-5.5.60-1.el7_5",
    "mariadb-libs-5.5.60-1.el7_5",
    "mariadb-server-5.5.60-1.el7_5",
    "mariadb-test-5.5.60-1.el7_5"
  ]
};
pkg_list = pkgs[release];

foreach (pkg in pkg_list)
  if (rpm_check(release:"ZTE " + release, reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mariadb");
}

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(118434);
  script_version("1.4");
  script_cvs_date("Date: 2019/06/28 11:31:59");

  script_cve_id(
    "CVE-2017-10268",
    "CVE-2017-10378",
    "CVE-2017-10379",
    "CVE-2017-10384",
    "CVE-2017-3636",
    "CVE-2017-3641",
    "CVE-2017-3651",
    "CVE-2017-3653",
    "CVE-2018-2622",
    "CVE-2018-2640",
    "CVE-2018-2665",
    "CVE-2018-2668",
    "CVE-2018-2755",
    "CVE-2018-2761",
    "CVE-2018-2767",
    "CVE-2018-2771",
    "CVE-2018-2781",
    "CVE-2018-2813",
    "CVE-2018-2817",
    "CVE-2018-2819"
  );

  script_name(english:"EulerOS Virtualization 2.5.0 : mariadb (EulerOS-SA-2018-1346)");
  script_summary(english:"Checks the rpm output for the updated packages.");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization host is missing multiple security
updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the mariadb packages installed, the
EulerOS Virtualization installation on the remote host is affected by
the following vulnerabilities :

  - mysql: Client programs unspecified vulnerability (CPU
    Jul 2017) (CVE-2017-3636)

  - mysql: Server: DML unspecified vulnerability (CPU Jul
    2017) (CVE-2017-3641)

  - mysql: Client mysqldump unspecified vulnerability (CPU
    Jul 2017) (CVE-2017-3651)

  - mysql: Server: Replication unspecified vulnerability
    (CPU Oct 2017) (CVE-2017-10268)

  - mysql: Server: Optimizer unspecified vulnerability (CPU
    Oct 2017) (CVE-2017-10378)

  - mysql: Client programs unspecified vulnerability (CPU
    Oct 2017) (CVE-2017-10379)

  - mysql: Server: DDL unspecified vulnerability (CPU Oct
    2017) (CVE-2017-10384)

  - mysql: Server: DDL unspecified vulnerability (CPU Jan
    2018) (CVE-2018-2622)

  - mysql: Server: Optimizer unspecified vulnerability (CPU
    Jan 2018) (CVE-2018-2640)

  - mysql: Server: Optimizer unspecified vulnerability (CPU
    Jan 2018) (CVE-2018-2665)

  - mysql: Server: Optimizer unspecified vulnerability (CPU
    Jan 2018) (CVE-2018-2668)

  - mysql: Server: Replication unspecified vulnerability
    (CPU Apr 2018) (CVE-2018-2755)

  - mysql: Client programs unspecified vulnerability (CPU
    Apr 2018) (CVE-2018-2761)

  - mysql: Server: Locking unspecified vulnerability (CPU
    Apr 2018) (CVE-2018-2771)

  - mysql: Server: Optimizer unspecified vulnerability (CPU
    Apr 2018) (CVE-2018-2781)

  - mysql: Server: DDL unspecified vulnerability (CPU Apr
    2018) (CVE-2018-2813)

  - mysql: Server: DDL unspecified vulnerability (CPU Apr
    2018) (CVE-2018-2817)

  - mysql: InnoDB unspecified vulnerability (CPU Apr 2018)
    (CVE-2018-2819)

  - mysql: Server: DDL unspecified vulnerability (CPU Jul
    2017) (CVE-2017-3653)

  - mysql: use of SSL/TLS not enforced in libmysqld (Return
    of BACKRONYM) (CVE-2018-2767)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1346
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?58b5058d");
  script_set_attribute(attribute:"solution", value:
"Update the affected mariadb packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");

  script_set_attribute(attribute:"patch_publication_date", value:"2018/10/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/26");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb-server");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:2.5.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "2.5.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 2.5.0");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["mariadb-5.5.60-1.h1",
        "mariadb-libs-5.5.60-1.h1",
        "mariadb-server-5.5.60-1.h1"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mariadb");
}

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2018-668.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(110679);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");

  script_cve_id("CVE-2018-2755", "CVE-2018-2761", "CVE-2018-2766", "CVE-2018-2767", "CVE-2018-2771", "CVE-2018-2781", "CVE-2018-2782", "CVE-2018-2784", "CVE-2018-2787", "CVE-2018-2813", "CVE-2018-2817", "CVE-2018-2819");

  script_name(english:"openSUSE Security Update : mariadb (openSUSE-2018-668)");
  script_summary(english:"Check for the openSUSE-2018-668 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for MariaDB to version 10.0.35 fixes multiple issues:
Security issues fixed :

  - CVE-2018-2782: Unspecified DoS vulnerability in InnoDB
    (bsc#1090518)

  - CVE-2018-2784: Unspecified DoS vulnerability in InnoDB
    (bsc#1090518)

  - CVE-2018-2787: Unspecified vulnerability in InnoDB
    allowing writes (bsc#1090518)

  - CVE-2018-2766: Unspecified DoS vulnerability InnoDB
    (bsc#1090518)

  - CVE-2018-2755: Unspecified vulnerability in Replication
    allowing server compromise (bsc#1090518)

  - CVE-2018-2819: Unspecified DoS vulnerability in InnoDB
    (bsc#1090518)

  - CVE-2018-2817: Unspecified DoS vulnerability in DDL
    (bsc#1090518)

  - CVE-2018-2761: Unspecified DoS vulnerability in Client
    programs (bsc#1090518)

  - CVE-2018-2781: Unspecified DoS vulnerability in
    Server/Optimizer (bsc#1090518)

  - CVE-2018-2771: Unspecified DoS vulnerability in the
    Server/Locking component (bsc#1090518)

  - CVE-2018-2813: Unspecified vulnerability in The DDL
    component allowing unauthorized reads (bsc#1090518)

  - CVE-2018-2767: The embedded server library now supports
    SSL when connecting to remote servers (bsc#1088681)

The following changes are included :

  - XtraDB updated to 5.6.39-83.1

  - TokuDB updated to 5.6.39-83.1

  - InnoDB updated to 5.6.40

  - Fix for Crash in MVCC read after IMPORT TABLESPACE

  - Fix for innodb_read_only trying to modify files if
    transactions were recovered in COMMITTED state

  - Fix for DROP TABLE hang on InnoDB table with FULLTEXT
    index

  - Fix for Crash in INFORMATION_SCHEMA.INNODB_SYS_TABLES
    whenaccessing corrupted record

This update was imported from the SUSE:SLE-12-SP1:Update update
project."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1088681"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1090518"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected mariadb packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient18-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient18-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient18-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient_r18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient_r18-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqld-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqld18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqld18-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-bench");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-bench-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-client-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-errormessages");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-test-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mariadb-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");

  script_set_attribute(attribute:"patch_publication_date", value:"2018/06/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/06/25");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE42.3", reference:"libmysqlclient-devel-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libmysqlclient18-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libmysqlclient18-debuginfo-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libmysqlclient_r18-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libmysqld-devel-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libmysqld18-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libmysqld18-debuginfo-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mariadb-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mariadb-bench-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mariadb-bench-debuginfo-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mariadb-client-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mariadb-client-debuginfo-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mariadb-debuginfo-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mariadb-debugsource-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mariadb-errormessages-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mariadb-test-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mariadb-test-debuginfo-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mariadb-tools-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"mariadb-tools-debuginfo-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libmysqlclient18-32bit-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libmysqlclient18-debuginfo-32bit-10.0.35-35.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libmysqlclient_r18-32bit-10.0.35-35.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmysqlclient-devel / libmysqlclient18 / libmysqlclient18-32bit / etc");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2018:2439 and 
# Oracle Linux Security Advisory ELSA-2018-2439 respectively.
#

include("compat.inc");

if (description)
{
  script_id(111800);
  script_version("1.6");
  script_cvs_date("Date: 2019/09/27 13:00:38");

  script_cve_id("CVE-2017-10268", "CVE-2017-10378", "CVE-2017-10379", "CVE-2017-10384", "CVE-2017-3636", "CVE-2017-3641", "CVE-2017-3651", "CVE-2017-3653", "CVE-2018-2562", "CVE-2018-2622", "CVE-2018-2640", "CVE-2018-2665", "CVE-2018-2668", "CVE-2018-2755", "CVE-2018-2761", "CVE-2018-2767", "CVE-2018-2771", "CVE-2018-2781", "CVE-2018-2813", "CVE-2018-2817", "CVE-2018-2819", "CVE-2018-3133", "CVE-2019-2455");
  script_xref(name:"RHSA", value:"2018:2439");

  script_name(english:"Oracle Linux 7 : mariadb (ELSA-2018-2439)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Oracle Linux host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"From Red Hat Security Advisory 2018:2439 :

An update for mariadb is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security
impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.

MariaDB is a multi-user, multi-threaded SQL database server that is
binary compatible with MySQL.

The following packages have been upgraded to a later upstream version:
mariadb (5.5.60). (BZ#1584668, BZ#1584671, BZ#1584674, BZ#1601085)

Security Fix(es) :

* mysql: Client programs unspecified vulnerability (CPU Jul 2017)
(CVE-2017-3636)

* mysql: Server: DML unspecified vulnerability (CPU Jul 2017)
(CVE-2017-3641)

* mysql: Client mysqldump unspecified vulnerability (CPU Jul 2017)
(CVE-2017-3651)

* mysql: Server: Replication unspecified vulnerability (CPU Oct 2017)
(CVE-2017-10268)

* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2017)
(CVE-2017-10378)

* mysql: Client programs unspecified vulnerability (CPU Oct 2017)
(CVE-2017-10379)

* mysql: Server: DDL unspecified vulnerability (CPU Oct 2017)
(CVE-2017-10384)

* mysql: Server: Partition unspecified vulnerability (CPU Jan 2018)
(CVE-2018-2562)

* mysql: Server: DDL unspecified vulnerability (CPU Jan 2018)
(CVE-2018-2622)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018)
(CVE-2018-2640)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018)
(CVE-2018-2665)

* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018)
(CVE-2018-2668)

* mysql: Server: Replication unspecified vulnerability (CPU Apr 2018)
(CVE-2018-2755)

* mysql: Client programs unspecified vulnerability (CPU Apr 2018)
(CVE-2018-2761)

* mysql: Server: Locking unspecified vulnerability (CPU Apr 2018)
(CVE-2018-2771)

* mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018)
(CVE-2018-2781)

* mysql: Server: DDL unspecified vulnerability (CPU Apr 2018)
(CVE-2018-2813)

* mysql: Server: DDL unspecified vulnerability (CPU Apr 2018)
(CVE-2018-2817)

* mysql: InnoDB unspecified vulnerability (CPU Apr 2018)
(CVE-2018-2819)

* mysql: Server: DDL unspecified vulnerability (CPU Jul 2017)
(CVE-2017-3653)

* mysql: use of SSL/TLS not enforced in libmysqld (Return of
BACKRONYM) (CVE-2018-2767)

For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.

Bug Fix(es) :

* Previously, the mysqladmin tool waited for an inadequate length of
time if the socket it listened on did not respond in a specific way.
Consequently, when the socket was used while the MariaDB server was
starting, the mariadb service became unresponsive for a long time.
With this update, the mysqladmin timeout has been shortened to 2
seconds. As a result, the mariadb service either starts or fails but
no longer hangs in the described situation. (BZ#1584023)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/el-errata/2018-August/007941.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected mariadb packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:mariadb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:mariadb-bench");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:mariadb-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:mariadb-embedded");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:mariadb-embedded-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:mariadb-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:mariadb-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:mariadb-test");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/08/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/17");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Oracle Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 7", "Oracle Linux " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);

flag = 0;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"mariadb-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"mariadb-bench-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"mariadb-devel-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"mariadb-embedded-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"mariadb-embedded-devel-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"mariadb-libs-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"mariadb-server-5.5.60-1.el7_5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"mariadb-test-5.5.60-1.el7_5")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mariadb / mariadb-bench / mariadb-devel / mariadb-embedded / etc");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2018:1781-1.
# The text itself is copyright (C) SUSE.
#

include("compat.inc");

if (description)
{
  script_id(110682);
  script_version("1.4");
  script_cvs_date("Date: 2019/09/10 13:51:48");

  script_cve_id("CVE-2018-2755", "CVE-2018-2761", "CVE-2018-2766", "CVE-2018-2767", "CVE-2018-2771", "CVE-2018-2781", "CVE-2018-2782", "CVE-2018-2784", "CVE-2018-2787", "CVE-2018-2813", "CVE-2018-2817", "CVE-2018-2819");

  script_name(english:"SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2018:1781-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"MariaDB was updated to 10.0.35 (bsc#1090518) Notable changes :

  - PCRE updated to 8.42

  - XtraDB updated to 5.6.39-83.1

  - TokuDB updated to 5.6.39-83.1

  - InnoDB updated to 5.6.40

  - The embedded server library now supports SSL when
    connecting to remote servers [bsc#1088681],
    [CVE-2018-2767]

  - MDEV-15249 - Crash in MVCC read after IMPORT TABLESPACE

  - MDEV-14988 - innodb_read_only tries to modify files if
    transactions were recovered in COMMITTED state

  - MDEV-14773 - DROP TABLE hangs for InnoDB table with
    FULLTEXT index

  - MDEV-15723 - Crash in
    INFORMATION_SCHEMA.INNODB_SYS_TABLES when accessing
    corrupted record

  - fixes for the following security vulnerabilities:
    CVE-2018-2782, CVE-2018-2784, CVE-2018-2787,
    CVE-2018-2766, CVE-2018-2755, CVE-2018-2819,
    CVE-2018-2817, CVE-2018-2761, CVE-2018-2781,
    CVE-2018-2771, CVE-2018-2813

  - Release notes and changelog :

    - https://kb.askmonty.org/en/mariadb-10035-release-notes

    - https://kb.askmonty.org/en/mariadb-10035-changelog

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1088681"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1090518"
  );
  # https://kb.askmonty.org/en/mariadb-10035-changelog
  script_set_attribute(
    attribute:"see_also",
    value:"https://mariadb.com/kb/en/library/mariadb-10035-changelog/"
  );
  # https://kb.askmonty.org/en/mariadb-10035-release-notes
  script_set_attribute(
    attribute:"see_also",
    value:"https://mariadb.com/kb/en/library/mariadb-10035-release-notes/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2755/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2761/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2766/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2767/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2771/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2781/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2782/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2784/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2787/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2813/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2817/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2819/"
  );
  # https://www.suse.com/support/update/announcement/2018/suse-su-20181781-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?fe06564a"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch
SUSE-SLE-WE-12-SP3-2018-1202=1

SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t
patch SUSE-SLE-SDK-12-SP3-2018-1202=1

SUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch
SUSE-SLE-SAP-12-SP2-2018-1202=1

SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch
SUSE-SLE-SAP-12-SP1-2018-1202=1

SUSE Linux Enterprise Server 12-SP3:zypper in -t patch
SUSE-SLE-SERVER-12-SP3-2018-1202=1

SUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch
SUSE-SLE-SERVER-12-SP2-2018-1202=1

SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch
SUSE-SLE-SERVER-12-SP1-2018-1202=1

SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP3-2018-1202=1

SUSE Enterprise Storage 4:zypper in -t patch
SUSE-Storage-4-2018-1202=1"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient18-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient_r18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqld-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqld18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqld18-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-client-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-errormessages");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/06/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/06/25");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(1|2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP1/2/3", os_ver + " SP" + sp);
if (os_ver == "SLED12" && (! preg(pattern:"^(3)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP3", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES12", sp:"1", reference:"libmysqlclient-devel-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"libmysqlclient18-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"libmysqlclient18-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"libmysqlclient_r18-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"libmysqld-devel-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"libmysqld18-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"libmysqld18-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"mariadb-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"mariadb-client-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"mariadb-client-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"mariadb-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"mariadb-debugsource-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"mariadb-errormessages-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"mariadb-tools-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"mariadb-tools-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"libmysqlclient18-32bit-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"libmysqlclient18-debuginfo-32bit-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libmysqlclient18-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libmysqlclient18-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"mariadb-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"mariadb-client-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"mariadb-client-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"mariadb-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"mariadb-debugsource-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"mariadb-errormessages-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"mariadb-tools-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"mariadb-tools-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libmysqlclient18-32bit-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libmysqlclient18-debuginfo-32bit-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libmysqlclient18-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libmysqlclient18-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"mariadb-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"mariadb-client-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"mariadb-client-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"mariadb-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"mariadb-debugsource-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"mariadb-errormessages-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"mariadb-tools-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"mariadb-tools-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libmysqlclient18-32bit-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libmysqlclient18-debuginfo-32bit-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmysqlclient18-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmysqlclient18-32bit-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmysqlclient18-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmysqlclient18-debuginfo-32bit-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmysqlclient_r18-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmysqlclient_r18-32bit-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"mariadb-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"mariadb-client-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"mariadb-client-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"mariadb-debuginfo-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"mariadb-debugsource-10.0.35-29.20.3")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"mariadb-errormessages-10.0.35-29.20.3")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mariadb");
}

#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory FEDORA-2018-f67fda3db6.
#

include("compat.inc");

if (description)
{
  script_id(120915);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");

  script_cve_id("CVE-2018-2767", "CVE-2018-3056", "CVE-2018-3058", "CVE-2018-3060", "CVE-2018-3061", "CVE-2018-3062", "CVE-2018-3064", "CVE-2018-3065", "CVE-2018-3066", "CVE-2018-3070", "CVE-2018-3071", "CVE-2018-3077", "CVE-2018-3081");
  script_xref(name:"FEDORA", value:"2018-f67fda3db6");

  script_name(english:"Fedora 28 : community-mysql (2018-f67fda3db6)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"**MySQL 5.7.23**

Release notes

https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-23.html

CVEs fixed

CVE-2018-2767 CVE-2018-3056 CVE-2018-3058 CVE-2018-3060 CVE-2018-3061
CVE-2018-3062 CVE-2018-3064 CVE-2018-3065 CVE-2018-3066 CVE-2018-3070
CVE-2018-3071 CVE-2018-3077 CVE-2018-3081

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-f67fda3db6"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected community-mysql package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:community-mysql");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:28");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/09/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/03");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^28([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 28", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);


flag = 0;
if (rpm_check(release:"FC28", reference:"community-mysql-5.7.23-1.fc28")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "community-mysql");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2018:1382-1.
# The text itself is copyright (C) SUSE.
#

include("compat.inc");

if (description)
{
  script_id(110089);
  script_version("1.4");
  script_cvs_date("Date: 2019/09/10 13:51:47");

  script_cve_id("CVE-2018-2755", "CVE-2018-2761", "CVE-2018-2766", "CVE-2018-2767", "CVE-2018-2771", "CVE-2018-2781", "CVE-2018-2782", "CVE-2018-2784", "CVE-2018-2787", "CVE-2018-2813", "CVE-2018-2817", "CVE-2018-2819");

  script_name(english:"SUSE SLES12 Security Update : mariadb (SUSE-SU-2018:1382-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"MariaDB was updated to 10.0.35 (bsc#1090518) Notable changes :

  - PCRE updated to 8.42

  - XtraDB updated to 5.6.39-83.1

  - TokuDB updated to 5.6.39-83.1

  - InnoDB updated to 5.6.40

  - The embedded server library now supports SSL when
    connecting to remote servers [bsc#1088681],
    [CVE-2018-2767]

  - MDEV-15249 - Crash in MVCC read after IMPORT TABLESPACE

  - MDEV-14988 - innodb_read_only tries to modify files if
    transactions were recovered in COMMITTED state

  - MDEV-14773 - DROP TABLE hangs for InnoDB table with
    FULLTEXT index

  - MDEV-15723 - Crash in
    INFORMATION_SCHEMA.INNODB_SYS_TABLES when accessing
    corrupted record

  - fixes for the following security vulnerabilities:
    CVE-2018-2782, CVE-2018-2784, CVE-2018-2787,
    CVE-2018-2766, CVE-2018-2755, CVE-2018-2819,
    CVE-2018-2817, CVE-2018-2761, CVE-2018-2781,
    CVE-2018-2771, CVE-2018-2813

  - Release notes and changelog :

    - https://kb.askmonty.org/en/mariadb-10035-release-notes

    - https://kb.askmonty.org/en/mariadb-10035-changelog

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1088681"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1090518"
  );
  # https://kb.askmonty.org/en/mariadb-10035-changelog
  script_set_attribute(
    attribute:"see_also",
    value:"https://mariadb.com/kb/en/library/mariadb-10035-changelog/"
  );
  # https://kb.askmonty.org/en/mariadb-10035-release-notes
  script_set_attribute(
    attribute:"see_also",
    value:"https://mariadb.com/kb/en/library/mariadb-10035-release-notes/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2755/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2761/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2766/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2767/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2771/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2781/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2782/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2784/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2787/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2813/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2817/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-2819/"
  );
  # https://www.suse.com/support/update/announcement/2018/suse-su-20181382-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?36a87777"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch
SUSE-SLE-SERVER-12-2018-966=1"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient18-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient_r18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqld-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqld18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqld18-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-client-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-errormessages");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/05/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/24");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient-devel-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient18-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient18-debuginfo-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient_r18-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqld-devel-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqld18-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqld18-debuginfo-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-client-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-client-debuginfo-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-debuginfo-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-debugsource-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-errormessages-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-tools-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-tools-debuginfo-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient18-32bit-10.0.35-20.46.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient18-debuginfo-32bit-10.0.35-20.46.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mariadb");
}