Vulnerabilities > CVE-2019-8641 - Out-of-bounds Read vulnerability in Apple products

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(127048);
  script_version("1.4");
  script_cvs_date("Date: 2020/01/03");

  script_cve_id(
    "CVE-2018-16860",
    "CVE-2019-8641",
    "CVE-2019-8644",
    "CVE-2019-8646",
    "CVE-2019-8647",
    "CVE-2019-8649",
    "CVE-2019-8657",
    "CVE-2019-8658",
    "CVE-2019-8660",
    "CVE-2019-8662",
    "CVE-2019-8666",
    "CVE-2019-8669",
    "CVE-2019-8671",
    "CVE-2019-8672",
    "CVE-2019-8673",
    "CVE-2019-8676",
    "CVE-2019-8677",
    "CVE-2019-8678",
    "CVE-2019-8679",
    "CVE-2019-8680",
    "CVE-2019-8681",
    "CVE-2019-8683",
    "CVE-2019-8684",
    "CVE-2019-8685",
    "CVE-2019-8686",
    "CVE-2019-8687",
    "CVE-2019-8688",
    "CVE-2019-8689",
    "CVE-2019-8690",
    "CVE-2019-8698",
    "CVE-2019-13118"
  );
  script_xref(name:"APPLE-SA", value:"HT210351");
  script_xref(name:"APPLE-SA", value:"APPLE-SA-2019-07-17");

  script_name(english:"Apple TV < 12.4 Multiple Vulnerabilities");
  script_summary(english:"Checks the build number");

  script_set_attribute(attribute:"synopsis", value:
"The remote Apple TV device is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"According to its banner, the version of Apple TV on the remote
device is prior to 12.4. It is therefore affected by multiple
vulnerabilities as described in HT210351.");
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT210351");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Apple TV version 12.4 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-8689");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/07/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/26");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:apple_tv");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("appletv_version.nasl");
  script_require_keys("AppleTV/Version", "AppleTV/Model", "AppleTV/URL", "AppleTV/Port");
  script_require_ports("Services/www", 7000);

  exit(0);
}

include('audit.inc');
include('appletv_func.inc');

url = get_kb_item('AppleTV/URL');
if (empty_or_null(url)) exit(0, 'Cannot determine Apple TV URL.');
port = get_kb_item('AppleTV/Port');
if (empty_or_null(port)) exit(0, 'Cannot determine Apple TV port.');
build = get_kb_item('AppleTV/Version');
if (empty_or_null(build)) audit(AUDIT_UNKNOWN_DEVICE_VER, 'Apple TV');
model = get_kb_item('AppleTV/Model');
if (empty_or_null(model)) exit(0, 'Cannot determine Apple TV model.');

fixed_build = '16M568';
tvos_ver = '12.4';

# determine gen from the model
gen = APPLETV_MODEL_GEN[model];

appletv_check_version(
  build          : build,
  fix            : fixed_build,
  affected_gen   : make_list(4, 5),
  fix_tvos_ver   : tvos_ver,
  model          : model,
  gen            : gen,
  port           : port,
  url            : url,
  severity       : SECURITY_HOLE
);

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(129467);
  script_version("1.4");
  script_cvs_date("Date: 2020/01/07");

  script_cve_id("CVE-2019-8641");
  script_bugtraq_id(109332);
  script_xref(name:"APPLE-SA", value:"HT210589");
  script_xref(name:"APPLE-SA", value:"APPLE-SA-2019-9-26-2");

  script_name(english:"macOS 10.14.x < 10.14.6 SU2 / 10.13.x < 10.13.6 Update 2019-005 / 10.12.x < 10.12.6 Update 2019-005 Out-of-Bounds Read Vulnerability");
  script_summary(english:"Checks the version of Mac OS X / macOS.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a macOS update that fixes an out-of-bounds read vulnerability.");
  script_set_attribute(attribute:"description", value:
"The remote host is running a version of macOS / Mac OS X that is 10.14.x prior
to 10.14.6 Supplemental Update 2, 10.13.x prior to 10.13.6 Security Update
2019-005, or 10.12.x prior to 10.12.6 Security Update 2019-005. It is,
therefore, affected by an out-of-bounds read vulnerability. An attacker could
exploit this vulnerability to cause an application crash, or potentially
achieve arbitrary code execution.

Note that Nessus has not tested for this issue but has instead relied only on
the operating system's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT210589");
  script_set_attribute(attribute:"solution", value:
"Upgrade to macOS 10.14.x < 10.14.6 SU2 / 10.13.x < 10.13.6 Update 2019-005 /
10.12.x < 10.12.6 Update 2019-005 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-8641");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/09/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/30");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:macos");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl");
  script_require_ports("Host/MacOSX/Version", "Host/OS");

  exit(0);
}

include('lists.inc');
include('vcf.inc');
include('vcf_extras_apple.inc');

app_info = vcf::apple::macos::get_app_info();

# Build numbers from:
# https://en.wikipedia.org/wiki/MacOS#Release_history ->
#  https://en.wikipedia.org/wiki/MacOS_Sierra
#  https://en.wikipedia.org/wiki/MacOS_High_Sierra
#  https://en.wikipedia.org/wiki/MacOS_Mojave
#  ...
constraints = [
  { 'min_version': '10.12', 'max_version': '10.12.6', 'fixed_build': '16G2136', 'fixed_display': '10.12.6 Security Update 2019-005' },
  { 'min_version': '10.13', 'max_version': '10.13.6', 'fixed_build': '17G8037', 'fixed_display': '10.13.6 Security Update 2019-005' },
  { 'min_version': '10.14', 'max_version': '10.14.6', 'fixed_build': '18G103', 'fixed_display': '10.14.6 Supplemental Update 2' }
];

vcf::apple::macos::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(127054);
  script_version("1.5");
  script_cvs_date("Date: 2020/01/03");

  script_cve_id(
    "CVE-2018-16860",
    "CVE-2018-19860",
    "CVE-2019-8641",
    "CVE-2019-8644",
    "CVE-2019-8646",
    "CVE-2019-8648",
    "CVE-2019-8649",
    "CVE-2019-8656",
    "CVE-2019-8657",
    "CVE-2019-8658",
    "CVE-2019-8660",
    "CVE-2019-8661",
    "CVE-2019-8662",
    "CVE-2019-8663",
    "CVE-2019-8666",
    "CVE-2019-8667",
    "CVE-2019-8669",
    "CVE-2019-8670",
    "CVE-2019-8671",
    "CVE-2019-8672",
    "CVE-2019-8673",
    "CVE-2019-8676",
    "CVE-2019-8677",
    "CVE-2019-8678",
    "CVE-2019-8679",
    "CVE-2019-8680",
    "CVE-2019-8681",
    "CVE-2019-8683",
    "CVE-2019-8684",
    "CVE-2019-8685",
    "CVE-2019-8686",
    "CVE-2019-8687",
    "CVE-2019-8688",
    "CVE-2019-8689",
    "CVE-2019-8690",
    "CVE-2019-8691",
    "CVE-2019-8692",
    "CVE-2019-8693",
    "CVE-2019-8694",
    "CVE-2019-8695",
    "CVE-2019-8697",
    "CVE-2019-13118"
  );
  script_xref(name:"APPLE-SA", value:"HT210348");
  script_xref(name:"APPLE-SA", value:"APPLE-SA-2019-07-17");

  script_name(english:"macOS 10.14.x < 10.14.6 Multiple Vulnerabilities");
  script_summary(english:"Checks the version of Mac OS X / macOS.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a macOS update that fixes multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.6. It is, therefore, affected by
multiple vulnerabilities :

  - An application may be able to read restricted memory
    (CVE-2019-8691, CVE-2019-8692, CVE-2019-8693)

  - Extracting a zip file containing a symbolic link to an
    endpoint in an NFS mount that is attacker controlled may
    bypass Gatekeeper (CVE-2019-8656)

  - A remote attacker may be able to cause arbitrary code
    execution (CVE-2019-8648, CVE-2018-19860, CVE-2019-8661)

  - A remote attacker may be able to leak memory
    (CVE-2019-8646, CVE-2019-8663)

  - A remote attacker may be able to cause unexpected
    application termination or arbitrary code execution
    (CVE-2019-8641, CVE-2019-8660)

  - An application may be able to execute arbitrary code
    with system privileges (CVE-2019-8695, CVE-2019-8697)

  - An issue existed in Samba that may allow attackers to
    perform unauthorized actions by intercepting
    communications between services (CVE-2018-16860)

  - An application may be able to execute arbitrary code
    with kernel privileges (CVE-2019-8694)

  - A remote attacker may be able to view sensitive
    information (CVE-2019-13118)

  - An attacker may be able to trigger a use-after-free in
    an application deserializing an untrusted NSDictionary
    (CVE-2019-8662)

  - Visiting a malicious website may lead to address bar
    spoofing (CVE-2019-8670)

  - The encryption status of a Time Machine backup may be
    incorrect (CVE-2019-8667)

  - Parsing a maliciously crafted office document may lead
    to an unexpected application termination or arbitrary
    code execution (CVE-2019-8657)

  - Processing maliciously crafted web content may lead to
    universal cross site scripting (CVE-2019-8690,
    CVE-2019-8649, CVE-2019-8658)

  - Processing maliciously crafted web content may lead to
    arbitrary code execution (CVE-2019-8644, CVE-2019-8666,
    CVE-2019-8669, CVE-2019-8671, CVE-2019-8672,
    CVE-2019-8673, CVE-2019-8676, CVE-2019-8677,
    CVE-2019-8678, CVE-2019-8679, CVE-2019-8680,
    CVE-2019-8681, CVE-2019-8683, CVE-2019-8684,
    CVE-2019-8685, CVE-2019-8686, CVE-2019-8687,
    CVE-2019-8688, CVE-2019-8689)

Note that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported
version number.");
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT210348");
  script_set_attribute(attribute:"solution", value:
"Upgrade to macOS version 10.14.6 or later");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-8695");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/06/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/07/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/26");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:macos");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl");
  script_require_ports("Host/MacOSX/Version", "Host/OS");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

fix = "10.14.6";
minver = "10.14";

os = get_kb_item("Host/MacOSX/Version");
if (!os)
{
  os = get_kb_item_or_exit("Host/OS");
  if ("Mac OS X" >!< os) audit(AUDIT_OS_NOT, "macOS / Mac OS X");

  c = get_kb_item("Host/OS/Confidence");
  if (c <= 70) exit(1, "Can't determine the host's OS with sufficient confidence.");
}
if (!os) audit(AUDIT_OS_NOT, "macOS / Mac OS X");

matches = pregmatch(pattern:"Mac OS X ([0-9]+(\.[0-9]+)+)", string:os);
if (empty_or_null(matches)) exit(1, "Failed to parse the macOS / Mac OS X version ('" + os + "').");

version = matches[1];

if (ver_compare(ver:version, minver:minver, fix:fix, strict:FALSE) == -1)
{
  security_report_v4(
    port:0,
    severity:SECURITY_HOLE,
    extra:
      '\n  Installed version : ' + version +
      '\n  Fixed version     : ' + fix +
      '\n'
    );
}
else audit(AUDIT_INST_VER_NOT_VULN, "macOS / Mac OS X", version);

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(127055);
  script_version("1.6");
  script_cvs_date("Date: 2020/01/03");

  script_cve_id(
    "CVE-2018-16860",
    "CVE-2018-19860",
    "CVE-2019-8641",
    "CVE-2019-8644",
    "CVE-2019-8646",
    "CVE-2019-8648",
    "CVE-2019-8649",
    "CVE-2019-8656",
    "CVE-2019-8657",
    "CVE-2019-8658",
    "CVE-2019-8660",
    "CVE-2019-8661",
    "CVE-2019-8662",
    "CVE-2019-8663",
    "CVE-2019-8666",
    "CVE-2019-8667",
    "CVE-2019-8669",
    "CVE-2019-8670",
    "CVE-2019-8671",
    "CVE-2019-8672",
    "CVE-2019-8673",
    "CVE-2019-8676",
    "CVE-2019-8677",
    "CVE-2019-8678",
    "CVE-2019-8679",
    "CVE-2019-8680",
    "CVE-2019-8681",
    "CVE-2019-8683",
    "CVE-2019-8684",
    "CVE-2019-8685",
    "CVE-2019-8686",
    "CVE-2019-8687",
    "CVE-2019-8688",
    "CVE-2019-8689",
    "CVE-2019-8690",
    "CVE-2019-8691",
    "CVE-2019-8692",
    "CVE-2019-8693",
    "CVE-2019-8694",
    "CVE-2019-8695",
    "CVE-2019-8697",
    "CVE-2019-13118"
  );
  script_xref(name:"APPLE-SA", value:"HT210348");
  script_xref(name:"APPLE-SA", value:"APPLE-SA-2019-07-17");

  script_name(english:"macOS Sierra / High Sierra Multiple Vulnerabilities (Security Update 2019-004)");
  script_summary(english:"Checks the presence of Security Update 2019-004.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a macOS or Mac OS X security update that fixes multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The remote host is running Mac OS X 10.12.6 or Mac OS X 10.13.6 
and is missing a security update. It is, therefore, affected by
multiple vulnerabilities :

  - An application may be able to read restricted memory
    (CVE-2019-8691, CVE-2019-8692, CVE-2019-8693)

  - Extracting a zip file containing a symbolic link to an
    endpoint in an NFS mount that is attacker controlled may
    bypass Gatekeeper (CVE-2019-8656)

  - A remote attacker may be able to cause arbitrary code
    execution (CVE-2019-8648, CVE-2018-19860, CVE-2019-8661)

  - A remote attacker may be able to leak memory
    (CVE-2019-8646, CVE-2019-8663)

  - A remote attacker may be able to cause unexpected
    application termination or arbitrary code execution
    ( CVE-2019-8641, CVE-2019-8660)

  - An application may be able to execute arbitrary code
    with system privileges (CVE-2019-8695, CVE-2019-8697)

  - An issue existed in Samba that may allow attackers to
    perform unauthorized actions by intercepting
    communications between services (CVE-2018-16860)

  - An application may be able to execute arbitrary code
    with kernel privileges (CVE-2019-8694)

  - A remote attacker may be able to view sensitive
    information (CVE-2019-13118)

  - An attacker may be able to trigger a use-after-free in
    an application deserializing an untrusted NSDictionary
    (CVE-2019-8662)

  - Visiting a malicious website may lead to address bar
    spoofing (CVE-2019-8670)

  - The encryption status of a Time Machine backup may be
    incorrect (CVE-2019-8667)

  - Parsing a maliciously crafted office document may lead
    to an unexpected application termination or arbitrary
    code execution (CVE-2019-8657)

  - Processing maliciously crafted web content may lead to
    universal cross site scripting (CVE-2019-8649, 
    CVE-2019-8658, CVE-2019-8690)

  - Processing maliciously crafted web content may lead to
    arbitrary code execution (CVE-2019-8644, CVE-2019-8666,
    CVE-2019-8669, CVE-2019-8671, CVE-2019-8672,
    CVE-2019-8673, CVE-2019-8676, CVE-2019-8677,
    CVE-2019-8678, CVE-2019-8679, CVE-2019-8680,
    CVE-2019-8681, CVE-2019-8683, CVE-2019-8684,
    CVE-2019-8685, CVE-2019-8686, CVE-2019-8687,
    CVE-2019-8688, CVE-2019-8689)

Note that Nessus has not tested for this issue but has instead
relied only on the operating system's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT210348");
  script_set_attribute(attribute:"solution", value:
"Install Security Update 2019-004 or later for 10.12.x or 10.13.x.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-8695");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/06/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/07/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/26");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:macos");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_ports("Host/local_checks_enabled", "Host/MacOSX/Version", "Host/MacOSX/packages/boms");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

# Compare 2 patch numbers to determine if patch requirements are satisfied.
# Return true if this patch or a later patch is applied
# Return false otherwise
function check_patch(year, number)
{
  local_var p_split = split(patch, sep:"-");
  local_var p_year  = int( p_split[0]);
  local_var p_num   = int( p_split[1]);

  if (year >  p_year) return TRUE;
  else if (year <  p_year) return FALSE;
  else if (number >=  p_num) return TRUE;
  else return FALSE;
}

get_kb_item_or_exit("Host/local_checks_enabled");
os = get_kb_item_or_exit("Host/MacOSX/Version");

if (!preg(pattern:"Mac OS X 10\.1[2-3]\.", string:os))
  audit(AUDIT_OS_NOT, "Mac OS X 10.12.x / 10.13.x");

patch = '2019-004';

packages = get_kb_item_or_exit('Host/MacOSX/packages/boms', exit_code:1);
sec_boms_report = pgrep(
  pattern:"^com\.apple\.pkg\.update\.(security\.|os\.SecUpd).*bom$",
  string:packages
);
sec_boms = split(sec_boms_report, sep:'\n');

foreach package (sec_boms)
{
  # Grab patch year and number
  matches = pregmatch(pattern:"[^0-9](20[0-9][0-9])[-.]([0-9]{3})[^0-9]", string:package);
  if (empty_or_null(matches)) continue;
  if (empty_or_null(matches[1]) || empty_or_null(matches[2]))
    continue;

  patch_found = check_patch(year:int(matches[1]), number:int(matches[2]));
  if (patch_found) exit(0, 'The host has Security Update ' + patch + ' or later installed and is therefore not affected.');
}

report =  '\n  Missing security update : ' + patch;
report += '\n  Installed security BOMs : ';
if (sec_boms_report) report += str_replace(find:'\n', replace:'\n                            ', string:sec_boms_report);
else report += 'n/a';
report += '\n';

security_report_v4(port:0, severity:SECURITY_HOLE, extra:report);