Vulnerabilities > CVE-2019-1301 - Unspecified vulnerability in Microsoft .Net Core and Powershell Core

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
microsoft
nessus

Summary

A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'.

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2731.NASL
    descriptionAn update for dotnet is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 2.1.509 and Runtime 2.1.13. Security Fix(es) : * dotnet: System.Net.Sockets.dll Socket.ConnectAsync Denial of Service (CVE-2019-1301) Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id128855
    published2019-09-16
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128855
    titleRHEL 8 : .NET Core on Red Hat Enterprise Linux (RHSA-2019:2731)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2019:2731. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(128855);
      script_version("1.6");
      script_cvs_date("Date: 2020/01/30");
    
      script_cve_id("CVE-2019-1301");
      script_xref(name:"RHSA", value:"2019:2731");
    
      script_name(english:"RHEL 8 : .NET Core on Red Hat Enterprise Linux (RHSA-2019:2731)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for dotnet is now available for Red Hat Enterprise Linux 8.
    
    Red Hat Product Security has rated this update as having a security
    impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    NET Core is a managed-software framework. It implements a subset of
    the .NET framework APIs and several new APIs, and it includes a CLR
    implementation.
    
    New versions of .NET Core that address security vulnerabilities are
    now available. The updated versions are .NET Core SDK 2.1.509 and
    Runtime 2.1.13.
    
    Security Fix(es) :
    
    * dotnet: System.Net.Sockets.dll Socket.ConnectAsync Denial of Service
    (CVE-2019-1301)
    
    Default inclusions for applications built with .NET Core have been
    updated to reference the newest versions and their security fixes.
    
    For more details about the security issue(s), including the impact, a
    CVSS score, acknowledgments, and other related information, refer to
    the CVE page(s) listed in the References section."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2019:2731"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-1301"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dotnet");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dotnet-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dotnet-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dotnet-host");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dotnet-host-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dotnet-host-fxr-2.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dotnet-host-fxr-2.1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-2.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dotnet-runtime-2.1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1.5xx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dotnet-sdk-2.1.5xx-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/11");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/16");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 8.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2019:2731";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"dotnet-2.1.509-1.el8_0")) flag++;
    
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"dotnet-debuginfo-2.1.509-1.el8_0")) flag++;
    
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"dotnet-debugsource-2.1.509-1.el8_0")) flag++;
    
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"dotnet-host-2.1.13-1.el8_0")) flag++;
    
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"dotnet-host-debuginfo-2.1.13-1.el8_0")) flag++;
    
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"dotnet-host-fxr-2.1-2.1.13-1.el8_0")) flag++;
    
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"dotnet-host-fxr-2.1-debuginfo-2.1.13-1.el8_0")) flag++;
    
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"dotnet-runtime-2.1-2.1.13-1.el8_0")) flag++;
    
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"dotnet-runtime-2.1-debuginfo-2.1.13-1.el8_0")) flag++;
    
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"dotnet-sdk-2.1-2.1.509-1.el8_0")) flag++;
    
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"dotnet-sdk-2.1.5xx-2.1.509-1.el8_0")) flag++;
    
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"dotnet-sdk-2.1.5xx-debuginfo-2.1.509-1.el8_0")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "dotnet / dotnet-debuginfo / dotnet-debugsource / dotnet-host / etc");
      }
    }
    
  • NASL familyWindows : Microsoft Bulletins
    NASL idSMB_NT_MS19_SEP_VISUAL_STUDIO.NASL
    descriptionThe Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. An attacker with unprivileged access to a vulnerable system could exploit this vulnerability. The security update addresses the vulnerability by ensuring the Diagnostics Hub Standard Collector Service properly impersonates file operations. (CVE-2019-1232) - A denial of service vulnerability exists when .NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET Core web application. The vulnerability can be exploited remotely, without authentication. The update addresses the vulnerability by correcting how the .NET Core web application handles web requests. (CVE-2019-1301)
    last seen2020-06-01
    modified2020-06-02
    plugin id128708
    published2019-09-11
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128708
    titleSecurity Updates for Microsoft Visual Studio Products (September 2019)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from the Microsoft Security Updates API. The text
    # itself is copyright (C) Microsoft Corporation.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(128708);
      script_version("1.5");
      script_cvs_date("Date: 2019/11/08");
    
      script_cve_id("CVE-2019-1232", "CVE-2019-1301");
      script_xref(name:"MSKB", value:"4513696");
      script_xref(name:"MSFT", value:"MS19-4513696");
      script_xref(name:"IAVA", value:"2019-A-0332");
    
      script_name(english:"Security Updates for Microsoft Visual Studio Products (September 2019)");
      script_summary(english:"Checks for Microsoft security updates.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The Microsoft Visual Studio Products are affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple
    vulnerabilities:
    
      - An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly
        impersonates certain file operations. An attacker who successfully exploited this vulnerability could gain
        elevated privileges. An attacker with unprivileged access to a vulnerable system could exploit this vulnerability.
        The security update addresses the vulnerability by ensuring the Diagnostics Hub Standard Collector Service
        properly impersonates file operations. (CVE-2019-1232)
    
      - A denial of service vulnerability exists when .NET Core improperly handles web requests. An attacker who
        successfully exploited this vulnerability could cause a denial of service against a .NET Core web application.
        The vulnerability can be exploited remotely, without authentication. The update addresses the vulnerability by
        correcting how the .NET Core web application handles web requests. (CVE-2019-1301)");
      # https://support.microsoft.com/en-ie/help/4513696/security-update-for-elevation-of-privilege-vulnerability-vs-2015
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cfa387b3");
      # https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1d93e731");
      # https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes-v16.0
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a8a4791b");
      # https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes-v15.0
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?30855885");
      # https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes-v16.0
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a8a4791b");
      script_set_attribute(attribute:"solution", value:
    "Microsoft has released the following security updates to address this issue:  
      - KB4513696
      - Update 15.9.16 for Visual Studio 2017
      - Update 16.0.8 for Visual Studio 2019
      - Update 15.0 (26228.98) for Visual Studio 2017
      - Update 16.2.5 for Visual Studio 2019");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-1232");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/11");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:visual_studio");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows : Microsoft Bulletins");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ms_bulletin_checks_possible.nasl", "microsoft_visual_studio_installed.nbin");
      script_require_keys("SMB/MS_Bulletin_Checks/Possible", "installed_sw/Microsoft Visual Studio");
      script_require_ports(139, 445, "Host/patch_management_checks");
    
      exit(0);
    }
    
    include('audit.inc');
    include('misc_func.inc');
    include('install_func.inc');
    include('global_settings.inc');
    include('smb_func.inc');
    include('smb_hotfixes.inc');
    include('smb_hotfixes_fcheck.inc');
    
    get_kb_item_or_exit('installed_sw/Microsoft Visual Studio');
    
    port = kb_smb_transport();
    appname = 'Microsoft Visual Studio';
    
    installs = get_installs(app_name:appname, exit_if_not_found:TRUE);
    
    report = '';
    
    foreach install (installs[1])
    {
      version = install['version'];
      path = install['path'];
      prod = install['Product'];
    
      fix = '';
    
      # VS 2015 Up3
      if (version =~ '^14\\.0\\.')
      {
        patch_installed = false;
        foreach name (get_kb_list('SMB/Registry/HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Uninstall/*/DisplayName'))
          if ('4513696' >< name)
            patch_installed = true;
    
        if (!patch_installed)
          report +=
            '\nNote: The fix for this issue is available in the following update:\n' +
            '\n  - KB4513696 : Security update for the information disclosure vulnerability in Microsoft Visual Studio 2015 Update 3: September 10, 2019\n' +
            '\n';
      }
      # VS 2017 (15.0)
      else if (prod == '2017' && version =~ '^15\\.0\\.')
      {
        fix = '15.0.26228.98';
    
        if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)
        {
          report +=
            '\n  Path              : ' + path +
            '\n  Installed version : ' + version +
            '\n  Fixed version     : ' + fix +
            '\n';
        }
      }
      # VS 2017 version 15.9
      else if (prod == '2017' && version =~ '^15\\.[1-9]\\.')
      {
        fix = '15.9.28307.858';
    
        if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)
        {
          report +=
            '\n  Path              : ' + path +
            '\n  Installed version : ' + version +
            '\n  Fixed version     : ' + fix +
            '\n';
        }
      }
      # VS 2019 Version 16.0
      else if (prod == '2019' && version =~ '^16\\.0\\.')
      {
        fix = '16.0.28803.584';
        if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)
        {
          report +=
            '\n  Path              : ' + path +
            '\n  Installed version : ' + version +
            '\n  Fixed version     : ' + fix +
            '\n';
        }
      }
      # VS 2019 Version 16.2
      else if (prod == '2019' && version =~ '^16\\.2\\.')
      {
        fix = '16.2.29306.81';
        if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)
        {
          report +=
            '\n  Path              : ' + path +
            '\n  Installed version : ' + version +
            '\n  Fixed version     : ' + fix +
            '\n';
        }
      }
    }
    
    if (empty(report))
      audit(AUDIT_INST_VER_NOT_VULN, appname);
    
    security_report_v4(port:port, severity:SECURITY_WARNING, extra:report);
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-2731.NASL
    descriptionFrom Red Hat Security Advisory 2019:2731 : An update for dotnet is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 2.1.509 and Runtime 2.1.13. Security Fix(es) : * dotnet: System.Net.Sockets.dll Socket.ConnectAsync Denial of Service (CVE-2019-1301) Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id128848
    published2019-09-16
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128848
    titleOracle Linux 8 : .NET / Core / Enterprise / Hat / Linux / Red / on (ELSA-2019-2731)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2019:2731 and 
    # Oracle Linux Security Advisory ELSA-2019-2731 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(128848);
      script_version("1.4");
      script_cvs_date("Date: 2019/12/27");
    
      script_cve_id("CVE-2019-1301");
      script_xref(name:"RHSA", value:"2019:2731");
    
      script_name(english:"Oracle Linux 8 : .NET / Core / Enterprise / Hat / Linux / Red / on (ELSA-2019-2731)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2019:2731 :
    
    An update for dotnet is now available for Red Hat Enterprise Linux 8.
    
    Red Hat Product Security has rated this update as having a security
    impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    NET Core is a managed-software framework. It implements a subset of
    the .NET framework APIs and several new APIs, and it includes a CLR
    implementation.
    
    New versions of .NET Core that address security vulnerabilities are
    now available. The updated versions are .NET Core SDK 2.1.509 and
    Runtime 2.1.13.
    
    Security Fix(es) :
    
    * dotnet: System.Net.Sockets.dll Socket.ConnectAsync Denial of Service
    (CVE-2019-1301)
    
    Default inclusions for applications built with .NET Core have been
    updated to reference the newest versions and their security fixes.
    
    For more details about the security issue(s), including the impact, a
    CVSS score, acknowledgments, and other related information, refer to
    the CVE page(s) listed in the References section."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2019-September/009157.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:dotnet");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:dotnet-host");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:dotnet-host-fxr-2.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:dotnet-runtime-2.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:dotnet-sdk-2.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:dotnet-sdk-2.1.5xx");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:8");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/11");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/16");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 8", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL8", cpu:"x86_64", reference:"dotnet-2.1.509-1.el8_0")) flag++;
    if (rpm_check(release:"EL8", cpu:"x86_64", reference:"dotnet-host-2.1.13-1.el8_0")) flag++;
    if (rpm_check(release:"EL8", cpu:"x86_64", reference:"dotnet-host-fxr-2.1-2.1.13-1.el8_0")) flag++;
    if (rpm_check(release:"EL8", cpu:"x86_64", reference:"dotnet-runtime-2.1-2.1.13-1.el8_0")) flag++;
    if (rpm_check(release:"EL8", cpu:"x86_64", reference:"dotnet-sdk-2.1-2.1.509-1.el8_0")) flag++;
    if (rpm_check(release:"EL8", cpu:"x86_64", reference:"dotnet-sdk-2.1.5xx-2.1.509-1.el8_0")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "dotnet / dotnet-host / dotnet-host-fxr-2.1 / dotnet-runtime-2.1 / etc");
    }
    
  • NASL familyWindows
    NASL idSMB_NT_MS19_SEP_DOTNET_CORE.NASL
    descriptionThe Microsoft .NET Core installation on the remote host is version 2.1.x < 2.1.13, or 2.2.x < 2.2.7. It is, therefore, affected by a denial-of-service vulnerability when .Net Core improperly handles web requests. An unauthenticated, remote attacker could exploit this issue, to cause a denial of service attack against a .Net Core web application.
    last seen2020-06-01
    modified2020-06-02
    plugin id128771
    published2019-09-13
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128771
    titleSecurity Update for .NET Core (Sep 2019)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(128771);
      script_version("1.5");
      script_cvs_date("Date: 2019/11/08");
    
      script_cve_id("CVE-2019-1301");
      script_xref(name:"IAVA", value:"2019-A-0328");
    
      script_name(english:"Security Update for .NET Core (Sep 2019)");
      script_summary(english:"Checks for Windows Install of .NET Core.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Windows host is affected by a .NET Core denial of service vulnerability.");
      script_set_attribute(attribute:"description", value:
    "The Microsoft .NET Core installation on the remote host is version
    2.1.x < 2.1.13, or 2.2.x < 2.2.7. It is, therefore, affected by a denial-of-service vulnerability
    when .Net Core improperly handles web requests. An unauthenticated, remote attacker 
    could exploit this issue, to cause a denial of service attack against
    a .Net Core web application.");
      # https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1301
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cc33b45c");
      # https://github.com/dotnet/announcements/issues/121
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d6437f9e");
      script_set_attribute(attribute:"solution", value:
    "Refer to vendor documentation.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-1301");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/13");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:.net_core");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("microsoft_asp_dotnet_core_win.nbin");
      script_require_keys("installed_sw/.NET Core SDK Windows", "Settings/ParanoidReport");
      script_require_ports(139, 445);
    
      exit(0);
    }
    
    include('vcf.inc');
    
    if (report_paranoia < 2) audit(AUDIT_PARANOID);
    
    app = '.NET Core Windows';
    app_info = vcf::get_app_info(app:app, win_local:TRUE);
    
    constraints = [
      { 'min_version' : '2.1.0', 'fixed_version' : '2.1.13' },
      { 'min_version' : '2.2.0', 'fixed_version' : '2.2.7' }
    ];
    
    vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
    
  • NASL familyWindows
    NASL idSMB_NT_MS19_SEP_DOTNET_CORE_SDK.NASL
    descriptionThe Microsoft .NET Core SDK installation on the remote host is version 2.1.x < 2.1.509, or 2.1.606 or 2.1.802, 2.2.x < 2.2.109 or 2.2.206 or 2.2.302. It is, therefore, affected by multiple vulnerabilities: - A denial of service vulnerability when .Net Core improperly handles web requests. An unauthenticated, remote attacker could exploit this issue, to cause a denial of service attack against a .Net Core web application. (CVE-2019-1301) - An elevation of privilege vulnerability that could lead to a content injection attack enabling an attacker to run a script in the context of the logged-on user. An unauthenticated, remote attacker could exploit this issue, via a link that has a specially crafted URL, and convince the user to click the link. (CVE-2019-1302)
    last seen2020-06-01
    modified2020-06-02
    plugin id128772
    published2019-09-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128772
    titleSecurity Update for .NET Core SDK (Sep 2019)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(128772);
      script_version("1.5");
      script_cvs_date("Date: 2020/01/17");
    
      script_cve_id("CVE-2019-1301", "CVE-2019-1302");
      script_xref(name:"IAVA", value:"2019-A-0328");
    
      script_name(english:"Security Update for .NET Core SDK (Sep 2019)");
      script_summary(english:"Checks for Windows Install of .NET Core.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Windows host is affected by multiple .NET Core SDK vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The Microsoft .NET Core SDK installation on the remote host is version
    2.1.x < 2.1.509, or 2.1.606 or 2.1.802, 2.2.x < 2.2.109 or 2.2.206 or 2.2.302.
    It is, therefore, affected by multiple vulnerabilities: 
    
      - A denial of service vulnerability when .Net Core improperly handles 
        web requests. An unauthenticated, remote attacker 
        could exploit this issue, to cause a denial of service attack against
        a .Net Core web application. (CVE-2019-1301)
    
      - An elevation of privilege vulnerability that could lead to 
        a content injection attack enabling an attacker to run a script 
        in the context of the logged-on user. An unauthenticated, remote attacker 
        could exploit this issue, via a link that has a specially crafted URL,
        and convince the user to click the link. (CVE-2019-1302)");
      # https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1301
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cc33b45c");
      # https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1302
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?729669e9");
      # https://github.com/aspnet/Announcements/issues/384
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?40f974ac");
      # https://github.com/aspnet/AspNetCore/issues/13859
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5164378b");
      # https://github.com/dotnet/announcements/issues/121
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d6437f9e");
      script_set_attribute(attribute:"solution", value:
    "Refer to vendor documentation.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-1302");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/13");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:.net_core");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("microsoft_dotnet_core_sdk_win.nbin");
      script_require_keys("installed_sw/.NET Core SDK Windows", "Settings/ParanoidReport");
      script_require_ports(139, 445);
    
      exit(0);
    }
    
    include('vcf.inc');
    
    if (report_paranoia < 2) audit(AUDIT_PARANOID);
    
    app = '.NET Core SDK Windows';
    app_info = vcf::get_app_info(app:app, win_local:TRUE);
    
    constraints = [
      { 'min_version' : '2.1', 'fixed_version' : '2.1.509' },
      { 'min_version' : '2.1.600', 'fixed_version' : '2.1.606'},
      { 'min_version' : '2.1.700', 'fixed_version' : '2.1.802'},
      { 'min_version' : '2.2', 'fixed_version' : '2.2.109' },
      { 'min_version' : '2.2.200', 'fixed_version' : '2.2.206'},
      { 'min_version' : '2.2.300', 'fixed_version' : '2.2.402'}
    ];
    
    vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2732.NASL
    descriptionAn update for rh-dotnet21-dotnet and rh-dotnet22-dotnet is now available for .NET Core on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 2.1.13, and 2.2.7. Security Fix(es) : * dotnet: System.Net.Sockets.dll Socket.ConnectAsync Denial of Service (CVE-2019-1301) Default inclusions for applications built with .NET Core have been updated to reference the newest versions and their security fixes. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id128856
    published2019-09-16
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128856
    titleRHEL 7 : dotNET (RHSA-2019:2732)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2019:2732. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(128856);
      script_version("1.5");
      script_cvs_date("Date: 2019/12/27");
    
      script_cve_id("CVE-2019-1301");
      script_xref(name:"RHSA", value:"2019:2732");
    
      script_name(english:"RHEL 7 : dotNET (RHSA-2019:2732)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for rh-dotnet21-dotnet and rh-dotnet22-dotnet is now
    available for .NET Core on Red Hat Enterprise Linux 7.
    
    Red Hat Product Security has rated this update as having a security
    impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    .NET Core is a managed-software framework. It implements a subset of
    the .NET framework APIs and several new APIs, and it includes a CLR
    implementation.
    
    New versions of .NET Core that address security vulnerabilities are
    now available. The updated versions are .NET Core 2.1.13, and 2.2.7.
    
    Security Fix(es) :
    
    * dotnet: System.Net.Sockets.dll Socket.ConnectAsync Denial of Service
    (CVE-2019-1301)
    
    Default inclusions for applications built with .NET Core have been
    updated to reference the newest versions and their security fixes.
    
    For more details about the security issue(s), including the impact, a
    CVSS score, acknowledgments, and other related information, refer to
    the CVE page(s) listed in the References section."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2019:2732"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-1301"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-host");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-runtime-2.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-sdk-2.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-dotnet-sdk-2.1.5xx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet21-runtime");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-host");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-host-fxr-2.2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-runtime-2.2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-sdk-2.2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-dotnet-sdk-2.2.1xx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-dotnet22-runtime");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/11");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/16");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2019:2732";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet21-2.1-12.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet21-dotnet-2.1.509-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet21-dotnet-debuginfo-2.1.509-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet21-dotnet-host-2.1.13-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet21-dotnet-runtime-2.1-2.1.13-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet21-dotnet-sdk-2.1-2.1.509-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet21-dotnet-sdk-2.1.5xx-2.1.509-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet21-runtime-2.1-12.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet22-2.2-9.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet22-dotnet-2.2.109-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet22-dotnet-debuginfo-2.2.109-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet22-dotnet-host-2.2.7-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet22-dotnet-host-fxr-2.2-2.2.7-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet22-dotnet-runtime-2.2-2.2.7-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet22-dotnet-sdk-2.2-2.2.109-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet22-dotnet-sdk-2.2.1xx-2.2.109-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rh-dotnet22-runtime-2.2-9.el7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rh-dotnet21 / rh-dotnet21-dotnet / rh-dotnet21-dotnet-debuginfo / etc");
      }
    }
    

Redhat

advisories
bugzilla
id1750793
titleCVE-2019-1301 dotnet: System.Net.Sockets.dll Socket.ConnectAsync Denial of Service
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 8 is installed
      ovaloval:com.redhat.rhba:tst:20193384074
    • OR
      • AND
        • commentdotnet-debugsource is earlier than 0:2.1.509-1.el8_0
          ovaloval:com.redhat.rhsa:tst:20192731001
        • commentdotnet-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20191259014
      • AND
        • commentdotnet-sdk-2.1.5xx is earlier than 0:2.1.509-1.el8_0
          ovaloval:com.redhat.rhsa:tst:20192731003
        • commentdotnet-sdk-2.1.5xx is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20191259006
      • AND
        • commentdotnet-sdk-2.1 is earlier than 0:2.1.509-1.el8_0
          ovaloval:com.redhat.rhsa:tst:20192731005
        • commentdotnet-sdk-2.1 is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20191259008
      • AND
        • commentdotnet-runtime-2.1 is earlier than 0:2.1.13-1.el8_0
          ovaloval:com.redhat.rhsa:tst:20192731007
        • commentdotnet-runtime-2.1 is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20191259012
      • AND
        • commentdotnet-host-fxr-2.1 is earlier than 0:2.1.13-1.el8_0
          ovaloval:com.redhat.rhsa:tst:20192731009
        • commentdotnet-host-fxr-2.1 is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20191259002
      • AND
        • commentdotnet-host is earlier than 0:2.1.13-1.el8_0
          ovaloval:com.redhat.rhsa:tst:20192731011
        • commentdotnet-host is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20191259010
      • AND
        • commentdotnet is earlier than 0:2.1.509-1.el8_0
          ovaloval:com.redhat.rhsa:tst:20192731013
        • commentdotnet is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20191259004
rhsa
idRHSA-2019:2731
released2019-09-12
severityModerate
titleRHSA-2019:2731: .NET Core on Red Hat Enterprise Linux security and bug fix update (Moderate)
rpms
  • dotnet-0:2.1.509-1.el8_0
  • dotnet-debuginfo-0:2.1.509-1.el8_0
  • dotnet-debugsource-0:2.1.509-1.el8_0
  • dotnet-host-0:2.1.13-1.el8_0
  • dotnet-host-debuginfo-0:2.1.13-1.el8_0
  • dotnet-host-fxr-2.1-0:2.1.13-1.el8_0
  • dotnet-host-fxr-2.1-debuginfo-0:2.1.13-1.el8_0
  • dotnet-runtime-2.1-0:2.1.13-1.el8_0
  • dotnet-runtime-2.1-debuginfo-0:2.1.13-1.el8_0
  • dotnet-sdk-2.1-0:2.1.509-1.el8_0
  • dotnet-sdk-2.1.5xx-0:2.1.509-1.el8_0
  • dotnet-sdk-2.1.5xx-debuginfo-0:2.1.509-1.el8_0
  • rh-dotnet21-0:2.1-12.el7
  • rh-dotnet21-dotnet-0:2.1.509-1.el7
  • rh-dotnet21-dotnet-debuginfo-0:2.1.509-1.el7
  • rh-dotnet21-dotnet-host-0:2.1.13-1.el7
  • rh-dotnet21-dotnet-runtime-2.1-0:2.1.13-1.el7
  • rh-dotnet21-dotnet-sdk-2.1-0:2.1.509-1.el7
  • rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.509-1.el7
  • rh-dotnet21-runtime-0:2.1-12.el7
  • rh-dotnet22-0:2.2-9.el7
  • rh-dotnet22-dotnet-0:2.2.109-1.el7
  • rh-dotnet22-dotnet-debuginfo-0:2.2.109-1.el7
  • rh-dotnet22-dotnet-host-0:2.2.7-1.el7
  • rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.7-1.el7
  • rh-dotnet22-dotnet-runtime-2.2-0:2.2.7-1.el7
  • rh-dotnet22-dotnet-sdk-2.2-0:2.2.109-1.el7
  • rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.109-1.el7
  • rh-dotnet22-runtime-0:2.2-9.el7