Vulnerabilities > CVE-2019-11068

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH

Summary

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.

Vulnerable Configurations

Part Description Count
Application
Xmlsoft
91
Application
Oracle
1
Application
Netapp
34
OS
Canonical
5
OS
Debian
1
OS
Fedoraproject
2
OS
Opensuse
3

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1756.NASL
    descriptionIt was discovered that there was a authentication bypass vulnerability in libxslt, a widely-used library for transforming files from XML to other arbitrary format. The xsltCheckRead and xsltCheckWrite routines permitted access upon receiving an-1 error code and (as xsltCheckRead returned -1 for a specially crafted URL that is not actually invalid) the attacker was subsequently authenticated. For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id124065
    published2019-04-16
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124065
    titleDebian DLA-1756-1 : libxslt security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Debian Security Advisory DLA-1756-1. The text
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(124065);
      script_version("1.2");
      script_cvs_date("Date: 2020/01/23");
    
      script_cve_id("CVE-2019-11068");
    
      script_name(english:"Debian DLA-1756-1 : libxslt security update");
      script_summary(english:"Checks dpkg output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "It was discovered that there was a authentication bypass vulnerability
    in libxslt, a widely-used library for transforming files from XML to
    other arbitrary format.
    
    The xsltCheckRead and xsltCheckWrite routines permitted access upon
    receiving an-1 error code and (as xsltCheckRead returned -1 for a
    specially crafted URL that is not actually invalid) the attacker was
    subsequently authenticated.
    
    For Debian 8 'Jessie', this issue has been fixed in libxslt version
    1.1.28-2+deb8u4.
    
    We recommend that you upgrade your libxslt packages.
    
    NOTE: Tenable Network Security has extracted the preceding description
    block directly from the DLA security advisory. Tenable has attempted
    to automatically clean and format it as much as possible without
    introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.debian.org/debian-lts-announce/2019/04/msg00016.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/jessie/libxslt"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libxslt1-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libxslt1-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libxslt1.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python-libxslt1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python-libxslt1-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:xsltproc");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/04/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/16");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"8.0", prefix:"libxslt1-dbg", reference:"1.1.28-2+deb8u4")) flag++;
    if (deb_check(release:"8.0", prefix:"libxslt1-dev", reference:"1.1.28-2+deb8u4")) flag++;
    if (deb_check(release:"8.0", prefix:"libxslt1.1", reference:"1.1.28-2+deb8u4")) flag++;
    if (deb_check(release:"8.0", prefix:"python-libxslt1", reference:"1.1.28-2+deb8u4")) flag++;
    if (deb_check(release:"8.0", prefix:"python-libxslt1-dbg", reference:"1.1.28-2+deb8u4")) flag++;
    if (deb_check(release:"8.0", prefix:"xsltproc", reference:"1.1.28-2+deb8u4")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1824.NASL
    descriptionThis update for rmt-server to version 2.3.1 fixes the following issues : - Fix mirroring logic when errors are encountered (bsc#1140492) - Refactor RMT::Mirror to download metadata/licenses in parallel - Check repo metadata GPG signatures during mirroring (bsc#1132690) - Add rmt-server-config subpackage with nginx configs (fate#327816, bsc#1136081) - Fix dependency to removed boot_cli_i18n file (bsc#1136020) - Add `rmt-cli systems list` command to list registered systems - Fix create UUID when system_uuid file empty (bsc#1138316) - Fix duplicate nginx location in rmt-server-pubcloud (bsc#1135222) - Mirror additional repos that were enabled during mirroring (bsc#1132690) - Make service IDs consistent across different RMT instances (bsc#1134428) - Make SMT data import scripts faster (bsc#1134190) - Fix incorrect triggering of registration sharing (bsc#1129392) - Fix license mirroring issue in some non-SUSE repositories (bsc#1128858) - Update dependencies to fix vulnerabilities in rails (CVE-2019-5419, bsc#1129271) and nokogiri (CVE-2019-11068, bsc#1132160) - Allow RMT registration to work under HTTP as well as HTTPS. - Offline migration from SLE 15 to SLE 15 SP1 will add Python2 module - Online migrations will automatically add additional modules to the client systems depending on the base product - Supply log severity to journald - Breaking Change: Added headers to generated CSV files This update was imported from the SUSE:SLE-15-SP1:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id127737
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127737
    titleopenSUSE Security Update : rmt-server (openSUSE-2019-1824)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2019-1824.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(127737);
      script_version("1.2");
      script_cvs_date("Date: 2020/01/06");
    
      script_cve_id("CVE-2019-11068", "CVE-2019-5419");
    
      script_name(english:"openSUSE Security Update : rmt-server (openSUSE-2019-1824)");
      script_summary(english:"Check for the openSUSE-2019-1824 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for rmt-server to version 2.3.1 fixes the following 
    issues :
    
      - Fix mirroring logic when errors are encountered
        (bsc#1140492)
    
      - Refactor RMT::Mirror to download metadata/licenses in
        parallel
    
      - Check repo metadata GPG signatures during mirroring
        (bsc#1132690)
    
      - Add rmt-server-config subpackage with nginx configs
        (fate#327816, bsc#1136081)
    
      - Fix dependency to removed boot_cli_i18n file
        (bsc#1136020) 
    
      - Add `rmt-cli systems list` command to list registered
        systems
    
      - Fix create UUID when system_uuid file empty
        (bsc#1138316)
    
      - Fix duplicate nginx location in rmt-server-pubcloud
        (bsc#1135222)
    
      - Mirror additional repos that were enabled during
        mirroring (bsc#1132690)
    
      - Make service IDs consistent across different RMT
        instances (bsc#1134428)
    
      - Make SMT data import scripts faster (bsc#1134190)
    
      - Fix incorrect triggering of registration sharing
        (bsc#1129392)
    
      - Fix license mirroring issue in some non-SUSE
        repositories (bsc#1128858)
    
      - Update dependencies to fix vulnerabilities in rails
        (CVE-2019-5419, bsc#1129271) and nokogiri
        (CVE-2019-11068, bsc#1132160)
    
      - Allow RMT registration to work under HTTP as well as
        HTTPS.
    
      - Offline migration from SLE 15 to SLE 15 SP1 will add
        Python2 module 
    
      - Online migrations will automatically add additional
        modules to the client systems depending on the base
        product
    
      - Supply log severity to journald
    
      - Breaking Change: Added headers to generated CSV files
    
    This update was imported from the SUSE:SLE-15-SP1:Update update
    project."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1128858"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1129271"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1129392"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1132160"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1132690"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1134190"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1134428"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1135222"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1136020"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1136081"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1138316"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1140492"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://features.opensuse.org/327816"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected rmt-server packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-11068");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rmt-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rmt-server-config");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rmt-server-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rmt-server-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rmt-server-pubcloud");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/27");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/08/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE15.1", reference:"rmt-server-2.3.1-lp151.2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"rmt-server-config-2.3.1-lp151.2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"rmt-server-debuginfo-2.3.1-lp151.2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"rmt-server-debugsource-2.3.1-lp151.2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"rmt-server-pubcloud-2.3.1-lp151.2.3.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rmt-server / rmt-server-config / rmt-server-debuginfo / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1973-1.NASL
    descriptionThis update for rmt-server to version 2.3.1 fixes the following issues : Fix mirroring logic when errors are encountered (bsc#1140492) Refactor RMT::Mirror to download metadata/licenses in parallel Check repo metadata GPG signatures during mirroring (bsc#1132690) Add rmt-server-config subpackage with nginx configs (fate#327816, bsc#1136081) Fix dependency to removed boot_cli_i18n file (bsc#1136020) Add `rmt-cli systems list` command to list registered systems Fix create UUID when system_uuid file empty (bsc#1138316) Fix duplicate nginx location in rmt-server-pubcloud (bsc#1135222) Mirror additional repos that were enabled during mirroring (bsc#1132690) Make service IDs consistent across different RMT instances (bsc#1134428) Make SMT data import scripts faster (bsc#1134190) Fix incorrect triggering of registration sharing (bsc#1129392) Fix license mirroring issue in some non-SUSE repositories (bsc#1128858) Update dependencies to fix vulnerabilities in rails (CVE-2019-5419, bsc#1129271) and nokogiri (CVE-2019-11068, bsc#1132160) Allow RMT registration to work under HTTP as well as HTTPS. Offline migration from SLE 15 to SLE 15 SP1 will add Python2 module Online migrations will automatically add additional modules to the client systems depending on the base product Supply log severity to journald Breaking Change: Added headers to generated CSV files Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id127091
    published2019-07-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127091
    titleSUSE SLES15 Security Update : rmt-server (SUSE-SU-2019:1973-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2019:1973-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(127091);
      script_version("1.3");
      script_cvs_date("Date: 2020/01/06");
    
      script_cve_id("CVE-2019-11068", "CVE-2019-5419");
    
      script_name(english:"SUSE SLES15 Security Update : rmt-server (SUSE-SU-2019:1973-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for rmt-server to version 2.3.1 fixes the following 
    issues :
    
    Fix mirroring logic when errors are encountered (bsc#1140492)
    
    Refactor RMT::Mirror to download metadata/licenses in parallel
    
    Check repo metadata GPG signatures during mirroring (bsc#1132690)
    
    Add rmt-server-config subpackage with nginx configs (fate#327816,
    bsc#1136081)
    
    Fix dependency to removed boot_cli_i18n file (bsc#1136020)
    
    Add `rmt-cli systems list` command to list registered systems
    
    Fix create UUID when system_uuid file empty (bsc#1138316)
    
    Fix duplicate nginx location in rmt-server-pubcloud (bsc#1135222)
    
    Mirror additional repos that were enabled during mirroring
    (bsc#1132690)
    
    Make service IDs consistent across different RMT instances
    (bsc#1134428)
    
    Make SMT data import scripts faster (bsc#1134190)
    
    Fix incorrect triggering of registration sharing (bsc#1129392)
    
    Fix license mirroring issue in some non-SUSE repositories
    (bsc#1128858)
    
    Update dependencies to fix vulnerabilities in rails (CVE-2019-5419,
    bsc#1129271) and nokogiri (CVE-2019-11068, bsc#1132160)
    
    Allow RMT registration to work under HTTP as well as HTTPS.
    
    Offline migration from SLE 15 to SLE 15 SP1 will add Python2 module
    
    Online migrations will automatically add additional modules to the
    client systems depending on the base product
    
    Supply log severity to journald
    
    Breaking Change: Added headers to generated CSV files
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1128858"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1129271"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1129392"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1132160"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1132690"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1134190"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1134428"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1135222"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1136020"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1136081"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138316"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140492"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11068/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-5419/"
      );
      # https://www.suse.com/support/update/announcement/2019/suse-su-20191973-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?69a77979"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Module for Server Applications 15-SP1:zypper in
    -t patch SUSE-SLE-Module-Server-Applications-15-SP1-2019-1973=1
    
    SUSE Linux Enterprise Module for Public Cloud 15-SP1:zypper in -t
    patch SUSE-SLE-Module-Public-Cloud-15-SP1-2019-1973=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-11068");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:rmt-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:rmt-server-config");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:rmt-server-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/27");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/26");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES15", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP1", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES15", sp:"1", reference:"rmt-server-2.3.1-3.3.3")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"rmt-server-config-2.3.1-3.3.3")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"rmt-server-debuginfo-2.3.1-3.3.3")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rmt-server");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1221-1.NASL
    descriptionThis update for libxslt fixes the following issues : Security issue fixed : CVE-2019-11068: Fixed a protection mechanism bypass where callers of xsltCheckRead() and xsltCheckWrite() would permit access upon receiving an error (bsc#1132160). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id125024
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125024
    titleSUSE SLED15 / SLES15 Security Update : libxslt (SUSE-SU-2019:1221-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2019:1221-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(125024);
      script_version("1.3");
      script_cvs_date("Date: 2020/01/17");
    
      script_cve_id("CVE-2019-11068");
    
      script_name(english:"SUSE SLED15 / SLES15 Security Update : libxslt (SUSE-SU-2019:1221-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for libxslt fixes the following issues :
    
    Security issue fixed :
    
    CVE-2019-11068: Fixed a protection mechanism bypass where callers of
    xsltCheckRead() and xsltCheckWrite() would permit access upon
    receiving an error (bsc#1132160).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1132160"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11068/"
      );
      # https://www.suse.com/support/update/announcement/2019/suse-su-20191221-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?cd07b48b"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Module for Open Buildservice Development Tools
    15:zypper in -t patch
    SUSE-SLE-Module-Development-Tools-OBS-15-2019-1221=1
    
    SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch
    SUSE-SLE-Module-Basesystem-15-2019-1221=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxslt-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxslt-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxslt-python");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxslt-python-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxslt-python-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxslt-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxslt-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxslt1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxslt1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/05/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/14");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0", os_ver + " SP" + sp);
    if (os_ver == "SLED15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libxslt-python-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libxslt-python-debuginfo-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libxslt-python-debugsource-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libxslt-debugsource-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libxslt-devel-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libxslt-tools-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libxslt-tools-debuginfo-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libxslt1-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libxslt1-debuginfo-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libxslt-python-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libxslt-python-debuginfo-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libxslt-python-debugsource-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libxslt-debugsource-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libxslt-devel-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libxslt-tools-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libxslt-tools-debuginfo-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libxslt1-1.1.32-3.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libxslt1-debuginfo-1.1.32-3.3.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libxslt");
    }
    
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2019-1241.NASL
    descriptionlibxslt allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. (CVE-2019-11068)
    last seen2020-06-01
    modified2020-06-02
    plugin id127069
    published2019-07-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127069
    titleAmazon Linux AMI : libxslt (ALAS-2019-1241)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-320D5295FC.NASL
    descriptionUpdate to 1.1.33 Fix CVE-2016-1841, CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, CVE-2016-4609, CVE-2019-11068, CVE-2016-1684, CVE-2016-1683, CVE-2016-4738. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126015
    published2019-06-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126015
    titleFedora 30 : mingw-libxslt (2019-320d5295fc)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-2_0-0152_LIBXSLT.NASL
    descriptionAn update of the libxslt package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id126215
    published2019-06-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126215
    titlePhoton OS 2.0: Libxslt PHSA-2019-2.0-0152
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1527.NASL
    descriptionThis update for rmt-server to version 2.1.4 fixes the following issues : - Fix duplicate nginx location in rmt-server-pubcloud (bsc#1135222) - Mirror additional repos that were enabled during mirroring (bsc#1132690) - Make service IDs consistent across different RMT instances (bsc#1134428) - Make SMT data import scripts faster (bsc#1134190) - Fix incorrect triggering of registration sharing (bsc#1129392) - Fix license mirroring issue in some non-SUSE repositories (bsc#1128858) - Set CURLOPT_LOW_SPEED_LIMIT to prevent downloads from getting stuck (bsc#1107806) - Truncate the RMT lockfile when writing a new PID (bsc#1125770) - Fix missing trailing slashes on custom repository import from SMT (bsc#1118745) - Zypper authentication plugin (fate#326629) - Instance verification plugin in rmt-server-pubcloud (fate#326629) - Update dependencies to fix vulnerabilities in rails (CVE-2019-5419, bsc#1129271) and nokogiri (CVE-2019-11068, bsc#1132160) - Allow RMT registration to work under HTTP as well as HTTPS. - Offline migration from SLE 15 to SLE 15 SP1 will add Python2 module - Online migrations will automatically add additional modules to the client systems depending on the base product - Supply log severity to journald - Breaking Change: Added headers to generated CSV files This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id125794
    published2019-06-10
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125794
    titleopenSUSE Security Update : rmt-server (openSUSE-2019-1527)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0224_LIBXSLT.NASL
    descriptionAn update of the libxslt package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id125086
    published2019-05-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125086
    titlePhoton OS 1.0: Libxslt PHSA-2019-1.0-0224
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3947-1.NASL
    descriptionIt was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124085
    published2019-04-16
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124085
    titleUbuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : libxslt vulnerability (USN-3947-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1433.NASL
    descriptionThis update for libxslt fixes the following issues : Security issue fixed : - CVE-2019-11068: Fixed a protection mechanism bypass where callers of xsltCheckRead() and xsltCheckWrite() would permit access upon receiving an error (bsc#1132160). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id125332
    published2019-05-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125332
    titleopenSUSE Security Update : libxslt (openSUSE-2019-1433)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1318.NASL
    descriptionAccording to the versions of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.(CVE-2019-11068) - In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.(CVE-2015-5019) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-05-01
    plugin id124445
    published2019-05-01
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124445
    titleEulerOS 2.0 SP5 : libxslt (EulerOS-SA-2019-1318)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1317.NASL
    descriptionAccording to the version of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.(CVE-2019-11068) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-05-01
    plugin id124444
    published2019-05-01
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124444
    titleEulerOS 2.0 SP2 : libxslt (EulerOS-SA-2019-1317)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_93167BEF975211E9B61CB885849DED8E.NASL
    descriptionMitre report : libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
    last seen2020-06-01
    modified2020-06-02
    plugin id126756
    published2019-07-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126756
    titleFreeBSD : libxslt -- security framework bypass (93167bef-9752-11e9-b61c-b885849ded8e)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1428.NASL
    descriptionThis update for libxslt fixes the following issues : Security issue fixed : - CVE-2019-11068: Fixed a protection mechanism bypass where callers of xsltCheckRead() and xsltCheckWrite() would permit access upon receiving an error (bsc#1132160). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id125327
    published2019-05-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125327
    titleopenSUSE Security Update : libxslt (openSUSE-2019-1428)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1221-2.NASL
    descriptionThis update for libxslt fixes the following issues : Security issue fixed : CVE-2019-11068: Fixed a protection mechanism bypass where callers of xsltCheckRead() and xsltCheckWrite() would permit access upon receiving an error (bsc#1132160). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126441
    published2019-07-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126441
    titleSUSE SLED15 / SLES15 Security Update : libxslt (SUSE-SU-2019:1221-2)
  • NASL familyMisc.
    NASL idORACLE_JAVA_CPU_OCT_2019_UNIX.NASL
    descriptionThe version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 7 Update 241, 8 Update 231, 11 Update 5, or 13 Update 1. It is, therefore, affected by multiple vulnerabilities related to the following components : - 2D - Libraries - Kerberos - Networking - JavaFX - Hotspot - Scripting - Javadoc - Deployment - Concurrency - JAXP - Serialization - Security Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id130010
    published2019-10-17
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130010
    titleOracle Java SE 1.7.0_241 / 1.8.0_231 / 1.11.0_5 / 1.13.0_1 Multiple Vulnerabilities (Oct 2019 CPU) (Unix)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1430.NASL
    descriptionThis update for libxslt fixes the following issues : - CVE-2019-11068: Fixed a protection mechanism bypass where callers of xsltCheckRead() and xsltCheckWrite() would permit access upon receiving an error (bsc#1132160). This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id125329
    published2019-05-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125329
    titleopenSUSE Security Update : libxslt (openSUSE-2019-1430)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1592.NASL
    descriptionAccording to the versions of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.(CVE-2019-11068) - In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.(CVE-2015-9019) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-05-29
    plugin id125519
    published2019-05-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125519
    titleEulerOS 2.0 SP3 : libxslt (EulerOS-SA-2019-1592)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1232-1.NASL
    descriptionThis update for libxslt fixes the following issues : CVE-2019-11068: Fixed a protection mechanism bypass where callers of xsltCheckRead() and xsltCheckWrite() would permit access upon receiving an error (bsc#1132160). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id125130
    published2019-05-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125130
    titleSUSE SLED12 / SLES12 Security Update : libxslt (SUSE-SU-2019:1232-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-E21C77FFAE.NASL
    descriptionUpdate to 1.1.33 and fix CVE-2019-11068 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id125912
    published2019-06-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125912
    titleFedora 30 : libxslt (2019-e21c77ffae)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-E74D639587.NASL
    descriptionUpdate to 1.1.33 and fix CVE-2019-11068 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126134
    published2019-06-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126134
    titleFedora 29 : libxslt (2019-e74d639587)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1381-1.NASL
    descriptionThis update for rmt-server to version 2.1.4 fixes the following issues : Fix duplicate nginx location in rmt-server-pubcloud (bsc#1135222) Mirror additional repos that were enabled during mirroring (bsc#1132690) Make service IDs consistent across different RMT instances (bsc#1134428) Make SMT data import scripts faster (bsc#1134190) Fix incorrect triggering of registration sharing (bsc#1129392) Fix license mirroring issue in some non-SUSE repositories (bsc#1128858) Set CURLOPT_LOW_SPEED_LIMIT to prevent downloads from getting stuck (bsc#1107806) Truncate the RMT lockfile when writing a new PID (bsc#1125770) Fix missing trailing slashes on custom repository import from SMT (bsc#1118745) Zypper authentication plugin (fate#326629) Instance verification plugin in rmt-server-pubcloud (fate#326629) Update dependencies to fix vulnerabilities in rails (CVE-2019-5419, bsc#1129271) and nokogiri (CVE-2019-11068, bsc#1132160) Allow RMT registration to work under HTTP as well as HTTPS. Offline migration from SLE 15 to SLE 15 SP1 will add Python2 module Online migrations will automatically add additional modules to the client systems depending on the base product Supply log severity to journald Breaking Change: Added headers to generated CSV files Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id125620
    published2019-05-31
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125620
    titleSUSE SLES15 Security Update : rmt-server (SUSE-SU-2019:1381-1)
  • NASL familyWindows
    NASL idORACLE_JAVA_CPU_OCT_2019.NASL
    descriptionThe version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 7 Update 241, 8 Update 231, 11 Update 5, or 13 Update 1. It is, therefore, affected by multiple vulnerabilities related to the following components : - 2D - Libraries - Kerberos - Networking - JavaFX - Hotspot - Scripting - Javadoc - Deployment - Concurrency - JAXP - Serialization - Security Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id130011
    published2019-10-17
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130011
    titleOracle Java SE 1.7.0_241 / 1.8.0_231 / 1.11.0_5 / 1.13.0_1 Multiple Vulnerabilities (Oct 2019 CPU) (Windows)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1625.NASL
    descriptionAccording to the versions of the libxslt packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.(CVE-2019-11068) - In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.(CVE-2015-9019) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id125577
    published2019-05-30
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125577
    titleEulerOS Virtualization for ARM 64 3.0.2.0 : libxslt (EulerOS-SA-2019-1625)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1606.NASL
    descriptionAccording to the versions of the libxslt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.(CVE-2019-11068) - In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.(CVE-2015-9019) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id125558
    published2019-05-30
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125558
    titleEulerOS Virtualization 3.0.1.0 : libxslt (EulerOS-SA-2019-1606)

References