Vulnerabilities > CVE-2019-14459 - Integer Overflow or Wraparound vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
nfdump-project
debian
fedoraproject
CWE-190
nessus

Summary

nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-202003-17.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-202003-17 (nfdump: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in nfdump. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, by sending specially crafted netflow/sflow data, could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-03-19
    modified2020-03-16
    plugin id134594
    published2020-03-16
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134594
    titleGLSA-202003-17 : nfdump: Multiple vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 202003-17.
    #
    # The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134594);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/18");
    
      script_cve_id("CVE-2019-1010057", "CVE-2019-14459");
      script_xref(name:"GLSA", value:"202003-17");
    
      script_name(english:"GLSA-202003-17 : nfdump: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-202003-17
    (nfdump: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in nfdump. Please review
          the CVE identifiers referenced below for details.
      
    Impact :
    
        A remote attacker, by sending specially crafted netflow/sflow data,
          could possibly execute arbitrary code with the privileges of the process
          or cause a Denial of Service condition.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/202003-17"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All nfdump users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=net-analyzer/nfdump-1.6.19'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:nfdump");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/03/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/16");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"net-analyzer/nfdump", unaffected:make_list("ge 1.6.19"), vulnerable:make_list("lt 1.6.19"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nfdump");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-0FBFB00CBB.NASL
    description2019-08-14 - Fix compile issues - Fix output buffer size for lzo1x_decompress_safe() 2019-08-07 - Fix VerifyExtensionMap #179 2019-08-06 - Fix compile errors 2019-08-05 - Fix nfdump.1 man page. #175 - Fix off by 1 array. #173 - Fix use after free in ModifyCompressFile - Add bound checks in AddExporterStat #174 - Add bound checks in AddSamplerInfo #176 - Add bound checks in AddExporterInfo - Fix checks in InsertExtensionMap #177 - Remove COMPAT15 code - should no longer be needed. - Move version to v1.6.18 - Merge pull request #167 - Cleanup old code - Replace depricated pcap_lookupdev call in nfpcapd 2019-07-31 - Add early record size sanity check also for nfprofile, nfanon and nfreplay 2019-07-26 - nfpcapd cleanup, add some more monitoring - Fix hbo_exporter.c:249_1 segfault - Fix hbo_nffile_inline.c:85_1 segfault - Fix hbo_nfx.c:216_3 segfault - Update minilzo to v2.10 - Change to safe lzo decompress function 2019-07-25 - Rework nfpcapd and add it officially to the nfdump collection. - Add nfpcapd man page - Fix potential unsigned integer underflow #171 2019-07-16 - Add latency extension if dumping flowcache 2019-07-15 - Fix typos - Fix exporter struct inconsistancies. Coredump on ARM otherwise. 2019-07-02 - Add ipfix element #150, #151 unix time start/end - Fix display bug raw record 2019-06-01 - Add ipfix dyn element handling. - Add empty m4 directory - keep autoconf happy 2019-06-01 - Fix issue #162 - ipfix mpls sequece. - Fix issue #156 - print flowtable index error 2019-03-17 - Fix spec file - Remove non thread safe logging in nfpcapd 2018-11-24 - Fix protocol tag for protocol 87 - TCF - #130 - Add TCP flags ECN,CVR - #132 - Fix some error messages to be printed to the correct stream #135 - Add missing -M command line help to nfcapd - Remove padding byte warning in log #141 - Fix bug to accept -y compression flag in nfcapd. - #145 2018-06-24 - Fix bookkeeper type - use key_t - Add multiple packet repeaters to nfcapd/sfcapd. Up to 8 repeaters (-R) can be defined. - Ignore OSX .DS_Store files in -R file list - Add CISCO ASA elements initiatorPackets (298) responderPackets (299) - Merge #120 pull request for -z parameter to nfreplay - Update man page nfreplay Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id128126
    published2019-08-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128126
    titleFedora 30 : nfdump (2019-0fbfb00cbb)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2019-0fbfb00cbb.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(128126);
      script_version("1.3");
      script_cvs_date("Date: 2020/01/02");
    
      script_cve_id("CVE-2019-1010057", "CVE-2019-14459");
      script_xref(name:"FEDORA", value:"2019-0fbfb00cbb");
    
      script_name(english:"Fedora 30 : nfdump (2019-0fbfb00cbb)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "2019-08-14
    
      - Fix compile issues
    
      - Fix output buffer size for lzo1x_decompress_safe()
    
    2019-08-07
    
      - Fix VerifyExtensionMap #179
    
    2019-08-06
    
      - Fix compile errors
    
    2019-08-05
    
      - Fix nfdump.1 man page. #175
    
      - Fix off by 1 array. #173
    
      - Fix use after free in ModifyCompressFile
    
      - Add bound checks in AddExporterStat #174
    
      - Add bound checks in AddSamplerInfo #176
    
      - Add bound checks in AddExporterInfo
    
      - Fix checks in InsertExtensionMap #177
    
      - Remove COMPAT15 code - should no longer be needed.
    
      - Move version to v1.6.18
    
      - Merge pull request #167
    
      - Cleanup old code
    
      - Replace depricated pcap_lookupdev call in nfpcapd
    
    2019-07-31
    
      - Add early record size sanity check also for nfprofile,
        nfanon and nfreplay
    
    2019-07-26
    
      - nfpcapd cleanup, add some more monitoring
    
      - Fix hbo_exporter.c:249_1 segfault 
    
      - Fix hbo_nffile_inline.c:85_1 segfault
    
      - Fix hbo_nfx.c:216_3 segfault
    
      - Update minilzo to v2.10
    
      - Change to safe lzo decompress function
    
    2019-07-25
    
      - Rework nfpcapd and add it officially to the nfdump
        collection.
    
      - Add nfpcapd man page
    
      - Fix potential unsigned integer underflow #171
    
    2019-07-16
    
      - Add latency extension if dumping flowcache
    
    2019-07-15
    
      - Fix typos
    
      - Fix exporter struct inconsistancies. Coredump on ARM
        otherwise.
    
    2019-07-02
    
      - Add ipfix element #150, #151 unix time start/end
    
      - Fix display bug raw record
    
    2019-06-01
    
      - Add ipfix dyn element handling.
    
      - Add empty m4 directory - keep autoconf happy
    
    2019-06-01
    
      - Fix issue #162 - ipfix mpls sequece.
    
      - Fix issue #156 - print flowtable index error
    
    2019-03-17
    
      - Fix spec file
    
      - Remove non thread safe logging in nfpcapd
    
    2018-11-24
    
      - Fix protocol tag for protocol 87 - TCF - #130
    
      - Add TCP flags ECN,CVR - #132
    
      - Fix some error messages to be printed to the correct
        stream #135
    
      - Add missing -M command line help to nfcapd
    
      - Remove padding byte warning in log #141
    
      - Fix bug to accept -y compression flag in nfcapd. - #145
    
    2018-06-24
    
      - Fix bookkeeper type - use key_t
    
      - Add multiple packet repeaters to nfcapd/sfcapd. Up to 8
        repeaters (-R) can be defined.
    
      - Ignore OSX .DS_Store files in -R file list
    
      - Add CISCO ASA elements initiatorPackets (298)
        responderPackets (299)
    
      - Merge #120 pull request for -z parameter to nfreplay
    
      - Update man page nfreplay
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-0fbfb00cbb"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected nfdump package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nfdump");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:30");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/08/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/26");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^30([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 30", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC30", reference:"nfdump-1.6.18-1.fc30")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nfdump");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-9013B5E75D.NASL
    description2019-08-14 - Fix compile issues - Fix output buffer size for lzo1x_decompress_safe() 2019-08-07 - Fix VerifyExtensionMap #179 2019-08-06 - Fix compile errors 2019-08-05 - Fix nfdump.1 man page. #175 - Fix off by 1 array. #173 - Fix use after free in ModifyCompressFile - Add bound checks in AddExporterStat #174 - Add bound checks in AddSamplerInfo #176 - Add bound checks in AddExporterInfo - Fix checks in InsertExtensionMap #177 - Remove COMPAT15 code - should no longer be needed. - Move version to v1.6.18 - Merge pull request #167 - Cleanup old code - Replace depricated pcap_lookupdev call in nfpcapd 2019-07-31 - Add early record size sanity check also for nfprofile, nfanon and nfreplay 2019-07-26 - nfpcapd cleanup, add some more monitoring - Fix hbo_exporter.c:249_1 segfault - Fix hbo_nffile_inline.c:85_1 segfault - Fix hbo_nfx.c:216_3 segfault - Update minilzo to v2.10 - Change to safe lzo decompress function 2019-07-25 - Rework nfpcapd and add it officially to the nfdump collection. - Add nfpcapd man page - Fix potential unsigned integer underflow #171 2019-07-16 - Add latency extension if dumping flowcache 2019-07-15 - Fix typos - Fix exporter struct inconsistancies. Coredump on ARM otherwise. 2019-07-02 - Add ipfix element #150, #151 unix time start/end - Fix display bug raw record 2019-06-01 - Add ipfix dyn element handling. - Add empty m4 directory - keep autoconf happy 2019-06-01 - Fix issue #162 - ipfix mpls sequece. - Fix issue #156 - print flowtable index error 2019-03-17 - Fix spec file - Remove non thread safe logging in nfpcapd 2018-11-24 - Fix protocol tag for protocol 87 - TCF - #130 - Add TCP flags ECN,CVR - #132 - Fix some error messages to be printed to the correct stream #135 - Add missing -M command line help to nfcapd - Remove padding byte warning in log #141 - Fix bug to accept -y compression flag in nfcapd. - #145 2018-06-24 - Fix bookkeeper type - use key_t - Add multiple packet repeaters to nfcapd/sfcapd. Up to 8 repeaters (-R) can be defined. - Ignore OSX .DS_Store files in -R file list - Add CISCO ASA elements initiatorPackets (298) responderPackets (299) - Merge #120 pull request for -z parameter to nfreplay - Update man page nfreplay Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id128134
    published2019-08-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128134
    titleFedora 29 : nfdump (2019-9013b5e75d)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2019-9013b5e75d.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(128134);
      script_version("1.3");
      script_cvs_date("Date: 2020/01/02");
    
      script_cve_id("CVE-2019-1010057", "CVE-2019-14459");
      script_xref(name:"FEDORA", value:"2019-9013b5e75d");
    
      script_name(english:"Fedora 29 : nfdump (2019-9013b5e75d)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "2019-08-14
    
      - Fix compile issues
    
      - Fix output buffer size for lzo1x_decompress_safe()
    
    2019-08-07
    
      - Fix VerifyExtensionMap #179
    
    2019-08-06
    
      - Fix compile errors
    
    2019-08-05
    
      - Fix nfdump.1 man page. #175
    
      - Fix off by 1 array. #173
    
      - Fix use after free in ModifyCompressFile
    
      - Add bound checks in AddExporterStat #174
    
      - Add bound checks in AddSamplerInfo #176
    
      - Add bound checks in AddExporterInfo
    
      - Fix checks in InsertExtensionMap #177
    
      - Remove COMPAT15 code - should no longer be needed.
    
      - Move version to v1.6.18
    
      - Merge pull request #167
    
      - Cleanup old code
    
      - Replace depricated pcap_lookupdev call in nfpcapd
    
    2019-07-31
    
      - Add early record size sanity check also for nfprofile,
        nfanon and nfreplay
    
    2019-07-26
    
      - nfpcapd cleanup, add some more monitoring
    
      - Fix hbo_exporter.c:249_1 segfault 
    
      - Fix hbo_nffile_inline.c:85_1 segfault
    
      - Fix hbo_nfx.c:216_3 segfault
    
      - Update minilzo to v2.10
    
      - Change to safe lzo decompress function
    
    2019-07-25
    
      - Rework nfpcapd and add it officially to the nfdump
        collection.
    
      - Add nfpcapd man page
    
      - Fix potential unsigned integer underflow #171
    
    2019-07-16
    
      - Add latency extension if dumping flowcache
    
    2019-07-15
    
      - Fix typos
    
      - Fix exporter struct inconsistancies. Coredump on ARM
        otherwise.
    
    2019-07-02
    
      - Add ipfix element #150, #151 unix time start/end
    
      - Fix display bug raw record
    
    2019-06-01
    
      - Add ipfix dyn element handling.
    
      - Add empty m4 directory - keep autoconf happy
    
    2019-06-01
    
      - Fix issue #162 - ipfix mpls sequece.
    
      - Fix issue #156 - print flowtable index error
    
    2019-03-17
    
      - Fix spec file
    
      - Remove non thread safe logging in nfpcapd
    
    2018-11-24
    
      - Fix protocol tag for protocol 87 - TCF - #130
    
      - Add TCP flags ECN,CVR - #132
    
      - Fix some error messages to be printed to the correct
        stream #135
    
      - Add missing -M command line help to nfcapd
    
      - Remove padding byte warning in log #141
    
      - Fix bug to accept -y compression flag in nfcapd. - #145
    
    2018-06-24
    
      - Fix bookkeeper type - use key_t
    
      - Add multiple packet repeaters to nfcapd/sfcapd. Up to 8
        repeaters (-R) can be defined.
    
      - Ignore OSX .DS_Store files in -R file list
    
      - Add CISCO ASA elements initiatorPackets (298)
        responderPackets (299)
    
      - Merge #120 pull request for -z parameter to nfreplay
    
      - Update man page nfreplay
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-9013b5e75d"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected nfdump package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nfdump");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/08/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/26");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^29([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC29", reference:"nfdump-1.6.18-1.fc29")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nfdump");
    }