Vulnerabilities > CVE-2019-9514 - Allocation of Resources Without Limits or Throttling vulnerability in multiple products

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.

Vulnerable Configurations

Part	Description	Count
Application	Apple Apple Swiftnio 1.0.0 Apple Swiftnio 1.0.1 Apple Swiftnio 1.1.0 Apple Swiftnio 1.1.1 Apple Swiftnio 1.2.0 Apple Swiftnio 1.2.1 Apple Swiftnio 1.2.2 Apple Swiftnio 1.3.0 Apple Swiftnio 1.3.1 Apple Swiftnio 1.3.2 Apple Swiftnio 1.4.0	11
Application	Apache Apache Traffic Server 8.0.0 Apache Traffic Server 8.0.1 Apache Traffic Server 8.0.2 Apache Traffic Server 8.0.3 Apache Traffic Server 7.0.0 Apache Traffic Server 7.1.0 Apache Traffic Server 7.1.1 Apache Traffic Server 7.1.2 Apache Traffic Server 7.1.3 Apache Traffic Server 7.1.4 Apache Traffic Server 7.1.5 Apache Traffic Server 7.1.6 Apache Traffic Server 6.0.0 Apache Traffic Server 6.0.3 Apache Traffic Server 6.1.0 Apache Traffic Server 6.1.1 Apache Traffic Server 6.2.0 Apache Traffic Server 6.2.1 Apache Traffic Server 6.2.2 Apache Traffic Server 6.2.3	49
Application	Synology Synology Skynas - Synology Diskstation Manager 6.2	2
Application	Redhat Redhat Software Collections 1.0 Redhat Openshift Container Platform 3.9 Redhat Openshift Container Platform 3.11 Redhat Openshift Container Platform 3.10 Redhat Openshift Container Platform 4.1 Redhat Openshift Container Platform 4.2 Redhat Jboss Core Services 1.0 Redhat Jboss Enterprise Application Platform 7.2.0 Redhat Jboss Enterprise Application Platform 7.3.0 Redhat Single Sign ON 7.3 Redhat Developer Tools 1.0 Redhat Quay 3.0.0 Redhat Openshift Service Mesh 1.0 Redhat Openstack 14	14
Application	Oracle Oracle Graalvm 19.2.0	1
Application	Mcafee Mcafee WEB Gateway 7.7.2.0 Mcafee WEB Gateway 7.7.2.1 Mcafee WEB Gateway 7.7.2.2 Mcafee WEB Gateway 7.7.2.3 Mcafee WEB Gateway 7.7.2.4 Mcafee WEB Gateway 7.7.2.5 Mcafee WEB Gateway 7.7.2.6 Mcafee WEB Gateway 7.7.2.7 Mcafee WEB Gateway 7.7.2.8 Mcafee WEB Gateway 7.7.2.9 Mcafee WEB Gateway 7.7.2.10 Mcafee WEB Gateway 7.7.2.11 Mcafee WEB Gateway 7.7.2.12 Mcafee WEB Gateway 7.7.2.13 Mcafee WEB Gateway 7.7.2.14 Mcafee WEB Gateway 7.7.2.15 Mcafee WEB Gateway 7.7.2.16 Mcafee WEB Gateway 7.7.2.17 Mcafee WEB Gateway 7.7.2.18 Mcafee WEB Gateway 7.7.2.19 Mcafee WEB Gateway 7.7.2.20 Mcafee WEB Gateway 7.7.2.21 Mcafee WEB Gateway 7.7.2.22 Mcafee WEB Gateway 7.7.2.23 Mcafee WEB Gateway 7.8.2.0 Mcafee WEB Gateway 7.8.2.1 Mcafee WEB Gateway 7.8.2.2 Mcafee WEB Gateway 7.8.2.3 Mcafee WEB Gateway 7.8.2.4 Mcafee WEB Gateway 7.8.2.5 Mcafee WEB Gateway 7.8.2.6 Mcafee WEB Gateway 7.8.2.7 Mcafee WEB Gateway 7.8.2.8 Mcafee WEB Gateway 7.8.2.9 Mcafee WEB Gateway 7.8.2.10 Mcafee WEB Gateway 7.8.2.11 Mcafee WEB Gateway 7.8.2.12 Mcafee WEB Gateway 8.1.0 Mcafee WEB Gateway 8.1.1 Mcafee WEB Gateway 8.1.2 Mcafee WEB Gateway 8.1.3 Mcafee WEB Gateway 8.1.4 Mcafee WEB Gateway 8.1.5	43
Application	Netapp Netapp Cloud Insights - Netapp Trident -	2
Application	F5 F5 BIG IP Local Traffic Manager 14.1.0 F5 BIG IP Local Traffic Manager 14.1.0.1 F5 BIG IP Local Traffic Manager 14.1.0.2 F5 BIG IP Local Traffic Manager 14.1.0.2.0.45.4 F5 BIG IP Local Traffic Manager 14.1.0.2.0.62.4 F5 BIG IP Local Traffic Manager 14.1.0.3 F5 BIG IP Local Traffic Manager 14.1.0.3.0.79.6 F5 BIG IP Local Traffic Manager 14.1.0.3.0.97.6 F5 BIG IP Local Traffic Manager 14.1.0.3.0.99.6 F5 BIG IP Local Traffic Manager 14.1.0.5 F5 BIG IP Local Traffic Manager 14.1.0.5.0.15.5 F5 BIG IP Local Traffic Manager 14.1.0.5.0.36.5 F5 BIG IP Local Traffic Manager 14.1.0.5.0.40.5 F5 BIG IP Local Traffic Manager 14.1.0.6 F5 BIG IP Local Traffic Manager 14.1.0.6.0.11.9 F5 BIG IP Local Traffic Manager 14.1.0.6.0.14.9 F5 BIG IP Local Traffic Manager 14.1.0.6.0.68.9 F5 BIG IP Local Traffic Manager 14.1.0.6.0.70.9 F5 BIG IP Local Traffic Manager 14.1.2 F5 BIG IP Local Traffic Manager 14.1.2-0.0.37 F5 BIG IP Local Traffic Manager 14.1.2-0.89.37 F5 BIG IP Local Traffic Manager 14.1.2.0.11.37 F5 BIG IP Local Traffic Manager 14.1.2.0.18.37 F5 BIG IP Local Traffic Manager 14.1.2.0.32.37 F5 BIG IP Local Traffic Manager 14.0.0 F5 BIG IP Local Traffic Manager 14.0.0.2 F5 BIG IP Local Traffic Manager 14.0.0.3 F5 BIG IP Local Traffic Manager 14.0.0.4 F5 BIG IP Local Traffic Manager 14.0.0.5 F5 BIG IP Local Traffic Manager 14.0.1 F5 BIG IP Local Traffic Manager 13.1.0 F5 BIG IP Local Traffic Manager 13.1.0.0 F5 BIG IP Local Traffic Manager 13.1.0.1 F5 BIG IP Local Traffic Manager 13.1.0.2 F5 BIG IP Local Traffic Manager 13.1.0.3 F5 BIG IP Local Traffic Manager 13.1.0.4 F5 BIG IP Local Traffic Manager 13.1.0.5 F5 BIG IP Local Traffic Manager 13.1.0.6 F5 BIG IP Local Traffic Manager 13.1.0.7 F5 BIG IP Local Traffic Manager 13.1.0.8 F5 BIG IP Local Traffic Manager 13.1.1 F5 BIG IP Local Traffic Manager 13.1.1.1 F5 BIG IP Local Traffic Manager 13.1.1.2 F5 BIG IP Local Traffic Manager 13.1.1.3 F5 BIG IP Local Traffic Manager 13.1.1.4 F5 BIG IP Local Traffic Manager 13.1.1.5 F5 BIG IP Local Traffic Manager 13.1.2 F5 BIG IP Local Traffic Manager 13.1.3 F5 BIG IP Local Traffic Manager 13.1.3.1 F5 BIG IP Local Traffic Manager 15.0.0 F5 BIG IP Local Traffic Manager 15.0.1 F5 BIG IP Local Traffic Manager 15.0.1.0.33.11 F5 BIG IP Local Traffic Manager 15.0.1.1 F5 BIG IP Local Traffic Manager 12.1.0 F5 BIG IP Local Traffic Manager 12.1.1 F5 BIG IP Local Traffic Manager 12.1.2 F5 BIG IP Local Traffic Manager 12.1.3 F5 BIG IP Local Traffic Manager 12.1.3.1 F5 BIG IP Local Traffic Manager 12.1.3.2 F5 BIG IP Local Traffic Manager 12.1.3.3 F5 BIG IP Local Traffic Manager 12.1.3.4 F5 BIG IP Local Traffic Manager 12.1.3.5 F5 BIG IP Local Traffic Manager 12.1.3.6 F5 BIG IP Local Traffic Manager 12.1.3.7 F5 BIG IP Local Traffic Manager 12.1.4 F5 BIG IP Local Traffic Manager 12.1.4.1 F5 BIG IP Local Traffic Manager 12.1.4.1.0.97.6 F5 BIG IP Local Traffic Manager 12.1.4.2 F5 BIG IP Local Traffic Manager 12.1.5 F5 BIG IP Local Traffic Manager 11.6.1 F5 BIG IP Local Traffic Manager 11.6.2 F5 BIG IP Local Traffic Manager 11.6.3 F5 BIG IP Local Traffic Manager 11.6.3.1 F5 BIG IP Local Traffic Manager 11.6.3.2 F5 BIG IP Local Traffic Manager 11.6.3.3 F5 BIG IP Local Traffic Manager 11.6.3.4 F5 BIG IP Local Traffic Manager 11.6.4 F5 BIG IP Local Traffic Manager 11.6.5	82
Application	Nodejs Nodejs Node.Js 8.0.0 Nodejs Node.Js 8.1.0 Nodejs Node.Js 8.1.1 Nodejs Node.Js 8.1.2 Nodejs Node.Js 8.1.3 Nodejs Node.Js 8.1.4 Nodejs Node.Js 8.2.0 Nodejs Node.Js 8.2.1 Nodejs Node.Js 8.3.0 Nodejs Node.Js 8.4.0 Nodejs Node.Js 8.5.0 Nodejs Node.Js 8.6.0 Nodejs Node.Js 8.7.0 Nodejs Node.Js 8.8.0 Nodejs Node.Js 8.8.1 Nodejs Node.Js 10.0.0 Nodejs Node.Js 10.1.0 Nodejs Node.Js 10.2.0 Nodejs Node.Js 10.2.1 Nodejs Node.Js 10.3.0 Nodejs Node.Js 10.4.0 Nodejs Node.Js 10.4.1 Nodejs Node.Js 10.5.0 Nodejs Node.Js 10.6.0 Nodejs Node.Js 10.7.0 Nodejs Node.Js 10.8.0 Nodejs Node.Js 10.9.0 Nodejs Node.Js 10.10.0 Nodejs Node.Js 10.11.0 Nodejs Node.Js 12.0.0 Nodejs Node.Js 12.1.0 Nodejs Node.Js 12.2.0 Nodejs Node.Js 12.3.0 Nodejs Node.Js 12.3.1 Nodejs Node.Js 12.4.0 Nodejs Node.Js 12.5.0 Nodejs Node.Js 12.6.0 Nodejs Node.Js 12.7.0 Nodejs Node.Js 12.8.0 Nodejs Node.Js 10.13.0 Nodejs Node.Js 10.14.0 Nodejs Node.Js 10.14.1 Nodejs Node.Js 10.14.2 Nodejs Node.Js 10.15.0 Nodejs Node.Js 10.15.1 Nodejs Node.Js 10.15.2 Nodejs Node.Js 10.15.3 Nodejs Node.Js 10.16.0 Nodejs Node.Js 10.16.1 Nodejs Node.Js 10.16.2 Nodejs Node.Js 8.9.0 Nodejs Node.Js 8.9.1 Nodejs Node.Js 8.9.2 Nodejs Node.Js 8.9.3 Nodejs Node.Js 8.9.4 Nodejs Node.Js 8.10.0 Nodejs Node.Js 8.11.0 Nodejs Node.Js 8.11.1 Nodejs Node.Js 8.11.2 Nodejs Node.Js 8.11.3 Nodejs Node.Js 8.11.4 Nodejs Node.Js 8.12.0 Nodejs Node.Js 8.13.0 Nodejs Node.Js 8.14.0 Nodejs Node.Js 8.14.1 Nodejs Node.Js 8.15.0 Nodejs Node.Js 8.15.1	67
OS	Apple Apple MAC OS X *	1
OS	Canonical Canonical Ubuntu Linux * Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 19.04	4
OS	Debian Debian Debian Linux 10.0 Debian Debian Linux 9.0	2
OS	Synology Synology Vs960Hd Firmware -	1
OS	Fedoraproject Fedoraproject Fedora 29 Fedoraproject Fedora 30	2
OS	Opensuse Opensuse Leap 15.0 Opensuse Leap 15.1	2
OS	Redhat Redhat Enterprise Linux Workstation 7.0 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux 8.0 Redhat Enterprise Linux EUS 8.1	4
Hardware	Synology Synology Vs960Hd -	1

Common Weakness Enumeration (CWE)

CWE-770 - Allocation of Resources Without Limits or Throttling

Common Attack Pattern Enumeration and Classification (CAPEC)

Locate and Exploit Test APIs
An attacker exploits a sample, demonstration, or test API that is insecure by default and should not be resident on production systems. Some applications include APIs that are intended to allow an administrator to test and refine their domain. These APIs should usually be disabled once a system enters a production environment. Testing APIs may expose a great deal of diagnostic information intended to aid an administrator, but which can also be used by an attacker to further refine their attack. Moreover, testing APIs may not have adequate security controls or may not have undergone rigorous testing since they were not intended for use in production environments. As such, they may have many flaws and vulnerabilities that would allow an attacker to severely disrupt a target.
Flooding
An attacker consumes the resources of a target by rapidly engaging in a large number of interactions with the target. This type of attack generally exposes a weakness in rate limiting or flow control in management of interactions. Since each request consumes some of the target's resources, if a sufficiently large number of requests must be processed at the same time then the target's resources can be exhausted. The degree to which the attack is successful depends upon the volume of requests in relation to the amount of the resource the target has access to, and other mitigating circumstances such as the target's ability to shift load or acquired additional resources to deal with the depletion. The more protected the resource and the greater the quantity of it that must be consumed, the more resources the attacker may need to have at their disposal. A typical TCP/IP flooding attack is a Distributed Denial-of-Service attack where many machines simultaneously make a large number of requests to a target. Against a target with strong defenses and a large pool of resources, many tens of thousands of attacking machines may be required. When successful this attack prevents legitimate users from accessing the service and can cause the target to crash. This attack differs from resource depletion through leaks or allocations in that the latter attacks do not rely on the volume of requests made to the target but instead focus on manipulation of the target's operations. The key factor in a flooding attack is the number of requests the attacker can make in a given period of time. The greater this number, the more likely an attack is to succeed against a given target.
Excessive Allocation
An attacker causes the target to allocate excessive resources to servicing the attackers' request, thereby reducing the resources available for legitimate services and degrading or denying services. Usually, this attack focuses on memory allocation, but any finite resource on the target could be the attacked, including bandwidth, processing cycles, or other resources. This attack does not attempt to force this allocation through a large number of requests (that would be Resource Depletion through Flooding) but instead uses one or a small number of requests that are carefully formatted to force the target to allocate excessive resources to service this request(s). Often this attack takes advantage of a bug in the target to cause the target to allocate resources vastly beyond what would be needed for a normal request. For example, using an Integer Attack, the attacker could cause a variable that controls allocation for a request to hold an excessively large value. Excessive allocation of resources can render a service degraded or unavailable to legitimate users and can even lead to crashing of the target.
XML Ping of the Death
An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.
XML Entity Expansion
An attacker submits an XML document to a target application where the XML document uses nested entity expansion to produce an excessively large output XML. XML allows the definition of macro-like structures that can be used to simplify the creation of complex structures. However, this capability can be abused to create excessive demands on a processor's CPU and memory. A small number of nested expansions can result in an exponential growth in demands on memory.

Nessus

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-4041.NASL
description	New Red Hat Single Sign-On 7.3.5 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * keycloak: Service accounts reset password flow not using placeholder.org domain anymore (CVE-2019-14837) * undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) * wildfly-core: Incorrect privileges for
last seen	2020-06-01
modified	2020-06-02
plugin id	131528
published	2019-12-03
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131528
title	RHEL 7 : Red Hat Single Sign-On 7.3.5 (RHSA-2019:4041) (Ping Flood) (Reset Flood) (Settings Flood)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2019:4041. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(131528); script_version("1.3"); script_cvs_date("Date: 2020/01/17"); script_cve_id("CVE-2019-14837", "CVE-2019-14838", "CVE-2019-14843", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"); script_xref(name:"RHSA", value:"2019:4041"); script_name(english:"RHEL 7 : Red Hat Single Sign-On 7.3.5 (RHSA-2019:4041) (Ping Flood) (Reset Flood) (Settings Flood)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "New Red Hat Single Sign-On 7.3.5 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * keycloak: Service accounts reset password flow not using placeholder.org domain anymore (CVE-2019-14837) * undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) * wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default (CVE-2019-14838) * wildfly: wildfly-security-manager: security manager authorization bypass (CVE-2019-14843) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section." ); # https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?93d4a9a3" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:4041" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-9512" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-9514" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-9515" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14837" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14838" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14843" ); script_set_attribute( attribute:"solution", value: "Update the affected rh-sso7-keycloak and / or rh-sso7-keycloak-server packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-14843"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-sso7-keycloak-server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/13"); script_set_attribute(attribute:"patch_publication_date", value:"2019/12/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/03"); script_set_attribute(attribute:"in_the_news", value:"true"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2019:4041"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL7", reference:"rh-sso7-keycloak-4.8.15-1.Final_redhat_00001.1.el7sso")) flag++; if (rpm_check(release:"RHEL7", reference:"rh-sso7-keycloak-server-4.8.15-1.Final_redhat_00001.1.el7sso")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rh-sso7-keycloak / rh-sso7-keycloak-server"); } }

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2020-0059-1.NASL
description	This update for nodejs12 fixes the following issues : Update to LTS release 12.13.0 (jsc#SLE-8947). Security issues fixed : CVE-2019-9511: Fixed the HTTP/2 implementation that was vulnerable to window size manipulations (bsc#1146091). CVE-2019-9512: Fixed the HTTP/2 implementation that was vulnerable to floods using PING frames (bsc#1146099). CVE-2019-9513: Fixed the HTTP/2 implementation that was vulnerable to resource loops, potentially leading to a denial of service (bsc#1146094). CVE-2019-9514: Fixed the HTTP/2 implementation that was vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). CVE-2019-9515: Fixed the HTTP/2 implementation that was vulnerable to a SETTINGS frame flood (bsc#1146100). CVE-2019-9516: Fixed the HTTP/2 implementation that was vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). CVE-2019-9517: Fixed the HTTP/2 implementation that was vulnerable to unconstrained interal data buffering (bsc#1146097). CVE-2019-9518: Fixed the HTTP/2 implementation that was vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). CVE-2019-13173: Fixed a file overwrite in the fstream.DirWriter() function (bsc#1140290). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	132767
published	2020-01-10
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/132767
title	SUSE SLES12 Security Update : nodejs12 (SUSE-SU-2020:0059-1) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2020:0059-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(132767); script_version("1.2"); script_cvs_date("Date: 2020/01/15"); script_cve_id("CVE-2019-13173", "CVE-2019-9511", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9516", "CVE-2019-9517", "CVE-2019-9518"); script_name(english:"SUSE SLES12 Security Update : nodejs12 (SUSE-SU-2020:0059-1) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for nodejs12 fixes the following issues : Update to LTS release 12.13.0 (jsc#SLE-8947). Security issues fixed : CVE-2019-9511: Fixed the HTTP/2 implementation that was vulnerable to window size manipulations (bsc#1146091). CVE-2019-9512: Fixed the HTTP/2 implementation that was vulnerable to floods using PING frames (bsc#1146099). CVE-2019-9513: Fixed the HTTP/2 implementation that was vulnerable to resource loops, potentially leading to a denial of service (bsc#1146094). CVE-2019-9514: Fixed the HTTP/2 implementation that was vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). CVE-2019-9515: Fixed the HTTP/2 implementation that was vulnerable to a SETTINGS frame flood (bsc#1146100). CVE-2019-9516: Fixed the HTTP/2 implementation that was vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). CVE-2019-9517: Fixed the HTTP/2 implementation that was vulnerable to unconstrained interal data buffering (bsc#1146097). CVE-2019-9518: Fixed the HTTP/2 implementation that was vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). CVE-2019-13173: Fixed a file overwrite in the fstream.DirWriter() function (bsc#1140290). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140290" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1146090" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1146091" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1146093" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1146094" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1146095" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1146097" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1146099" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1146100" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1149792" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13173/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9511/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9512/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9513/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9514/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9515/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9516/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9517/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9518/" ); # https://www.suse.com/support/update/announcement/2020/suse-su-20200059-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?cadca2ae" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2020-59=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-13173"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nodejs12"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nodejs12-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nodejs12-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nodejs12-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:npm12"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/02"); script_set_attribute(attribute:"patch_publication_date", value:"2020/01/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/10"); script_set_attribute(attribute:"in_the_news", value:"true"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release !~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S\|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"0", reference:"nodejs12-12.13.0-1.3.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"nodejs12-debuginfo-12.13.0-1.3.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"nodejs12-debugsource-12.13.0-1.3.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"nodejs12-devel-12.13.0-1.3.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"npm12-12.13.0-1.3.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nodejs12"); }

NASL family	Windows : Microsoft Bulletins
NASL id	SMB_NT_MS19_AUG_4512501.NASL
description	The remote Windows host is missing security update 4512501. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1162) - A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted. (CVE-2019-1192) - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1133, CVE-2019-1194) - A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to an XML application. The update addresses the vulnerability by correcting how the XmlLite runtime parses XML input. (CVE-2019-1187) - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1176) - An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. (CVE-2019-1224, CVE-2019-1225) - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157) - A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518) - <h1>Executive Summary</h1> Microsoft is aware of the Bluetooth BR/EDR (basic rate/enhanced data rate, known as "Bluetooth Classic") key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker could potentially be able to negotiate the offered key length down to 1 byte of entropy, from a maximum of 16 bytes. (CVE-2019-9506) - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1223) - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1227) - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2019-1188) - An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1168) - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0965) - An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows Graphics Component handles objects in memory. (CVE-2019-1078) - An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1180, CVE-2019-1186) - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197) - An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1175) - An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1171) - An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1198) - An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1178) - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152) - A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file
last seen	2020-04-01
modified	2019-08-13
plugin id	127845
published	2019-08-13
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127845
title	KB4512501: Windows 10 Version 1803 August 2019 Security Update
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from the Microsoft Security Updates API. The text # itself is copyright (C) Microsoft Corporation. # include('compat.inc'); if (description) { script_id(127845); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/31"); script_cve_id( "CVE-2019-0714", "CVE-2019-0715", "CVE-2019-0716", "CVE-2019-0718", "CVE-2019-0720", "CVE-2019-0723", "CVE-2019-0736", "CVE-2019-0965", "CVE-2019-1030", "CVE-2019-1057", "CVE-2019-1078", "CVE-2019-1131", "CVE-2019-1133", "CVE-2019-1139", "CVE-2019-1140", "CVE-2019-1143", "CVE-2019-1144", "CVE-2019-1145", "CVE-2019-1146", "CVE-2019-1147", "CVE-2019-1148", "CVE-2019-1149", "CVE-2019-1150", "CVE-2019-1151", "CVE-2019-1152", "CVE-2019-1153", "CVE-2019-1155", "CVE-2019-1156", "CVE-2019-1157", "CVE-2019-1158", "CVE-2019-1159", "CVE-2019-1162", "CVE-2019-1163", "CVE-2019-1164", "CVE-2019-1168", "CVE-2019-1171", "CVE-2019-1172", "CVE-2019-1173", "CVE-2019-1175", "CVE-2019-1176", "CVE-2019-1177", "CVE-2019-1178", "CVE-2019-1179", "CVE-2019-1180", "CVE-2019-1181", "CVE-2019-1182", "CVE-2019-1183", "CVE-2019-1184", "CVE-2019-1186", "CVE-2019-1187", "CVE-2019-1188", "CVE-2019-1192", "CVE-2019-1193", "CVE-2019-1194", "CVE-2019-1195", "CVE-2019-1196", "CVE-2019-1197", "CVE-2019-1198", "CVE-2019-1212", "CVE-2019-1222", "CVE-2019-1223", "CVE-2019-1224", "CVE-2019-1225", "CVE-2019-1226", "CVE-2019-1227", "CVE-2019-9506", "CVE-2019-9511", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9518" ); script_xref(name:"MSKB", value:"4512501"); script_xref(name:"MSFT", value:"MS19-4512501"); script_name(english:"KB4512501: Windows 10 Version 1803 August 2019 Security Update"); script_summary(english:"Checks for rollup."); script_set_attribute(attribute:"synopsis", value: "The remote Windows host is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The remote Windows host is missing security update 4512501. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1162) - A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted. (CVE-2019-1192) - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1133, CVE-2019-1194) - A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to an XML application. The update addresses the vulnerability by correcting how the XmlLite runtime parses XML input. (CVE-2019-1187) - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1176) - An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. (CVE-2019-1224, CVE-2019-1225) - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157) - A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518) - <h1>Executive Summary</h1> Microsoft is aware of the Bluetooth BR/EDR (basic rate/enhanced data rate, known as "Bluetooth Classic") key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker could potentially be able to negotiate the offered key length down to 1 byte of entropy, from a maximum of 16 bytes. (CVE-2019-9506) - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1223) - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1227) - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2019-1188) - An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1168) - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0965) - An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows Graphics Component handles objects in memory. (CVE-2019-1078) - An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1180, CVE-2019-1186) - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197) - An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1175) - An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1171) - An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1198) - An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1178) - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152) - A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature. (CVE-2019-1163) - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1159, CVE-2019-1164) - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1183) - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0720) - A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. (CVE-2019-0736) - An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1148, CVE-2019-1153) - A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, CVE-2019-1226) - An elevation of privilege vulnerability exists in the way that the rpcss.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1177) - An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1173) - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1193) - An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1030) - An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account. (CVE-2019-1172) - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0714, CVE-2019-0715, CVE-2019-0718, CVE-2019-0723) - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-0716) - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage. The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1143, CVE-2019-1158) - An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions. (CVE-2019-1184) - A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could cause the DHCP server service to stop responding. (CVE-2019-1212) - A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the users system. (CVE-2019-1057) - An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1179)"); # https://support.microsoft.com/en-us/help/4512501/august-13-2019-kb4512501-os-build-17134-942 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?39c6baa6"); script_set_attribute(attribute:"solution", value: "Apply Cumulative Update KB4512501."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-1181"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/13"); script_set_attribute(attribute:"patch_publication_date", value:"2019/08/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/13"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows : Microsoft Bulletins"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("smb_check_rollup.nasl", "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl"); script_require_keys("SMB/MS_Bulletin_Checks/Possible"); script_require_ports(139, 445, "Host/patch_management_checks"); exit(0); } include("audit.inc"); include("smb_hotfixes_fcheck.inc"); include("smb_hotfixes.inc"); include("smb_func.inc"); include("misc_func.inc"); get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible"); bulletin = "MS19-08"; kbs = make_list('4512501'); if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE); get_kb_item_or_exit("SMB/Registry/Enumerated"); get_kb_item_or_exit("SMB/WindowsVersion", exit_code:1); if (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN); share = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE); if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share); if ( smb_check_rollup(os:"10", sp:0, os_build:"17134", rollup_date:"08_2019", bulletin:bulletin, rollup_kb_list:[4512501]) ) { replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE); hotfix_security_hole(); hotfix_check_fversion_end(); exit(0); } else { hotfix_check_fversion_end(); audit(AUDIT_HOST_NOT, hotfix_get_audit_report()); }

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-4520.NASL
description	Several vulnerabilities were discovered in the HTTP/2 code of Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service. The fixes are too intrusive to backport to the version in the oldstable distribution (stretch). An upgrade to Debian stable (buster) is recommended instead.
last seen	2020-06-01
modified	2020-06-02
plugin id	128621
published	2019-09-10
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128621
title	Debian DSA-4520-1 : trafficserver - security update (Empty Frames Flood) (Ping Flood) (Reset Flood) (Settings Flood)

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_73B1E734C74E11E980520028F8D09152.NASL
description	Jonathon Loomey of Netflix reports : HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion Recently, a series of DoS attack vulnerabilities have been reported on a broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is exposed to the following : - CVE-2019-9512
last seen	2020-06-01
modified	2020-06-02
plugin id	128136
published	2019-08-26
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128136
title	FreeBSD : h2o -- multiple HTTP/2 vulnerabilities (73b1e734-c74e-11e9-8052-0028f8d09152) (Ping Flood) (Reset Flood) (Settings Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-4019.NASL
description	An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es) : * undertow: HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511) * undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) * wildfly-core: Incorrect privileges for
last seen	2020-06-01
modified	2020-06-02
plugin id	131523
published	2019-12-03
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131523
title	RHEL 7 : JBoss EAP (RHSA-2019:4019) (Data Dribble) (Ping Flood) (Reset Flood) (Settings Flood)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-2114.NASL
description	This update for nodejs10 to version 10.16.3 fixes the following issues : Security issues fixed : - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146091). - CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded memory growth (bsc#1146099). - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service. (bsc#1146094). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). - CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in unbounded memory growth (bsc#1146100). - CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1146097). - CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	128668
published	2019-09-11
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128668
title	openSUSE Security Update : nodejs10 (openSUSE-2019-2114) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-4042.NASL
description	New Red Hat Single Sign-On 7.3.5 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * keycloak: Service accounts reset password flow not using placeholder.org domain anymore (CVE-2019-14837) * undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) * wildfly-core: Incorrect privileges for
last seen	2020-06-01
modified	2020-06-02
plugin id	131529
published	2019-12-03
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131529
title	RHEL 8 : Red Hat Single Sign-On 7.3.5 (RHSA-2019:4042) (Ping Flood) (Reset Flood) (Settings Flood)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-2130.NASL
description	This update for go1.12 fixes the following issues : Security issues fixed : - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115). - CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123). Bugfixes : - Update to go version 1.12.9 (bsc#1141689). - Adding Web Assembly stuff from misc/wasm (bsc#1139210). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	128863
published	2019-09-16
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128863
title	openSUSE Security Update : go1.12 (openSUSE-2019-2130) (Ping Flood) (Reset Flood)

NASL family	Amazon Linux Local Security Checks
NASL id	ALA_ALAS-2019-1270.NASL
description	net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com. (CVE-2019-14809) Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512) Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514)
last seen	2020-06-01
modified	2020-06-02
plugin id	128293
published	2019-08-28
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128293
title	Amazon Linux AMI : golang (ALAS-2019-1270) (Ping Flood) (Reset Flood)

NASL family	Windows : Microsoft Bulletins
NASL id	SMB_NT_MS19_AUG_4512507.NASL
description	The remote Windows host is missing security update 4512507. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1162) - A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted. (CVE-2019-1192) - An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1148, CVE-2019-1153) - A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to an XML application. The update addresses the vulnerability by correcting how the XmlLite runtime parses XML input. (CVE-2019-1187) - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1176) - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157) - A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518) - <h1>Executive Summary</h1> Microsoft is aware of the Bluetooth BR/EDR (basic rate/enhanced data rate, known as "Bluetooth Classic") key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker could potentially be able to negotiate the offered key length down to 1 byte of entropy, from a maximum of 16 bytes. (CVE-2019-9506) - An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1168) - An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows Graphics Component handles objects in memory. (CVE-2019-1078) - An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1180, CVE-2019-1186) - An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1179) - An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1171) - An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1198) - An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1178) - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152) - A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file
last seen	2020-06-01
modified	2020-06-02
plugin id	127847
published	2019-08-13
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127847
title	KB4512507: Windows 10 Version 1703 August 2019 Security Update

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2020-0406.NASL
description	An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Security Fix(es) : * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-06-01
modified	2020-06-02
plugin id	133487
published	2020-02-05
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133487
title	RHEL 7 : containernetworking-plugins (RHSA-2020:0406) (Ping Flood) (Reset Flood)

NASL family	Windows : Microsoft Bulletins
NASL id	SMB_NT_MS19_AUG_4512516.NASL
description	The remote Windows host is missing security update 4512516. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1162) - A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted. (CVE-2019-1192) - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1133, CVE-2019-1194) - A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to an XML application. The update addresses the vulnerability by correcting how the XmlLite runtime parses XML input. (CVE-2019-1187) - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1176) - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157) - A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518) - <h1>Executive Summary</h1> Microsoft is aware of the Bluetooth BR/EDR (basic rate/enhanced data rate, known as "Bluetooth Classic") key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker could potentially be able to negotiate the offered key length down to 1 byte of entropy, from a maximum of 16 bytes. (CVE-2019-9506) - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2019-1188) - An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1168) - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0965) - An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows Graphics Component handles objects in memory. (CVE-2019-1078) - An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1180, CVE-2019-1186) - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197) - An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1179) - An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1171) - An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1198) - An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1178) - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152) - A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file
last seen	2020-05-31
modified	2019-08-13
plugin id	127849
published	2019-08-13
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127849
title	KB4512516: Windows 10 Version 1709 August 2019 Security Update

NASL family	F5 Networks Local Security Checks
NASL id	F5_BIGIP_SOL01988340.NASL
description	Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. (CVE-2019-9514) Impact The BIG-IP system may exhaust available resources and fail over to another system in the device group.
last seen	2020-03-17
modified	2019-09-25
plugin id	129308
published	2019-09-25
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/129308
title	F5 Networks BIG-IP : HTTP/2 Reset Flood vulnerability (K01988340) (Reset Flood)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-4503.NASL
description	Three vulnerabilities have been discovered in the Go programming language;
last seen	2020-06-01
modified	2020-06-02
plugin id	127930
published	2019-08-20
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127930
title	Debian DSA-4503-1 : golang-1.11 - security update (Ping Flood) (Reset Flood)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-2259-1.NASL
description	This update for nodejs10 to version 10.16.3 fixes the following issues : Security issues fixed : CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146091). CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded memory growth (bsc#1146099). CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service. (bsc#1146094). CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in unbounded memory growth (bsc#1146100). CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1146097). CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	128467
published	2019-09-03
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128467
title	SUSE SLES15 Security Update : nodejs10 (SUSE-SU-2019:2259-1) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2019-6A2980DE56.NASL
description	Update to Node.js 10.6.13 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	128133
published	2019-08-26
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128133
title	Fedora 29 : 1:nodejs (2019-6a2980de56) (0-Length Headers Leak) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-4020.NASL
description	An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es) : * undertow: HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511) * undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) * wildfly-core: Incorrect privileges for
last seen	2020-06-01
modified	2020-06-02
plugin id	131524
published	2019-12-03
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131524
title	RHEL 8 : JBoss EAP (RHSA-2019:4020) (Data Dribble) (Ping Flood) (Reset Flood) (Settings Flood)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-4508.NASL
description	Three vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP server, which could result in denial of service.
last seen	2020-06-01
modified	2020-06-02
plugin id	128181
published	2019-08-27
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128181
title	Debian DSA-4508-1 : h2o - security update (Ping Flood) (Reset Flood) (Settings Flood)

NASL family	Windows : Microsoft Bulletins
NASL id	SMB_NT_MS19_AUG_4512517.NASL
description	The remote Windows host is missing security update 4512517. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1162) - A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted. (CVE-2019-1192) - An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1148, CVE-2019-1153) - A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to an XML application. The update addresses the vulnerability by correcting how the XmlLite runtime parses XML input. (CVE-2019-1187) - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1176) - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157) - A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518) - <h1>Executive Summary</h1> Microsoft is aware of the Bluetooth BR/EDR (basic rate/enhanced data rate, known as "Bluetooth Classic") key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker could potentially be able to negotiate the offered key length down to 1 byte of entropy, from a maximum of 16 bytes. (CVE-2019-9506) - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1139, CVE-2019-1140, CVE-2019-1195, CVE-2019-1197) - An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1168) - An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows Graphics Component handles objects in memory. (CVE-2019-1078) - An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1180, CVE-2019-1186) - A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could cause the DHCP service to become nonresponsive. (CVE-2019-1206) - An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1179) - An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1198) - An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1178) - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152) - A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file
last seen	2020-06-01
modified	2020-06-02
plugin id	127850
published	2019-08-13
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127850
title	KB4512517: Windows 10 Version 1607 and Windows Server 2016 August 2019 Security Update

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-3265.NASL
description	An update is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat
last seen	2020-06-01
modified	2020-06-02
plugin id	130418
published	2019-10-31
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130418
title	RHEL 7 : OpenShift Container Platform 4.1 (RHSA-2019:3265) (Ping Flood) (Reset Flood)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-2115.NASL
description	This update for nodejs8 to version 8.16.1 fixes the following issues : Security issues fixed : - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146091). - CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded memory growth (bsc#1146099). - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service. (bsc#1146094). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). - CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in unbounded memory growth (bsc#1146100). - CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1146097). - CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). Bug fixes : - Fixed that npm resolves its default config file like in all other versions, as /etc/nodejs/npmrc (bsc#1144919). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	128669
published	2019-09-11
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128669
title	openSUSE Security Update : nodejs8 (openSUSE-2019-2115) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-2078.NASL
description	According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512) - Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514) - net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com.(CVE-2019-14809) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-03
modified	2019-09-30
plugin id	129437
published	2019-09-30
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/129437
title	EulerOS 2.0 SP8 : golang (EulerOS-SA-2019-2078)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2019-65DB7AD6C7.NASL
description	- Rebase to go1.11.13 - Security fix for CVE-2019-9512, CVE-2019-9514 and CVE-2019-14809 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	128571
published	2019-09-09
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128571
title	Fedora 29 : golang (2019-65db7ad6c7) (Ping Flood) (Reset Flood)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-4308-1.NASL
description	it was discovered that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject invalid characters and possibly perform header injection attacks. (CVE-2019-12387) It was discovered that Twisted incorrectly verified XMPP TLS certificates. A remote attacker could possibly use this issue to perform a man-in-the-middle attack and obtain sensitive information. (CVE-2019-12855) It was discovered that Twisted incorrectly handled HTTP/2 connections. A remote attacker could possibly use this issue to cause Twisted to hang or consume resources, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2019-9512, CVE-2019-9514, CVE-2019-9515) Jake Miller and ZeddYu Lu discovered that Twisted incorrectly handled certain content-length headers. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2020-10108, CVE-2020-10109). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-26
modified	2020-03-20
plugin id	134758
published	2020-03-20
reporter	Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134758
title	Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : twisted vulnerabilities (USN-4308-1) (Ping Flood) (Reset Flood) (Settings Flood)

NASL family	Windows : Microsoft Bulletins
NASL id	SMB_NT_MS19_AUG_4512508.NASL
description	The remote Windows host is missing security update 4512508. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1190) - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1162) - A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted. (CVE-2019-1192) - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1133, CVE-2019-1194) - A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to an XML application. The update addresses the vulnerability by correcting how the XmlLite runtime parses XML input. (CVE-2019-1187) - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1176) - An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. (CVE-2019-1224, CVE-2019-1225) - An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. (CVE-2019-1170) - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157) - A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518) - <h1>Executive Summary</h1> Microsoft is aware of the Bluetooth BR/EDR (basic rate/enhanced data rate, known as "Bluetooth Classic") key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker could potentially be able to negotiate the offered key length down to 1 byte of entropy, from a maximum of 16 bytes. (CVE-2019-9506) - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1223) - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1227) - An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1173, CVE-2019-1174) - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2019-1188) - An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1168) - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0965) - An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows Graphics Component handles objects in memory. (CVE-2019-1078) - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0714, CVE-2019-0715, CVE-2019-0717, CVE-2019-0718, CVE-2019-0723) - An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1180, CVE-2019-1186) - An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1175) - An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1171) - An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1198) - An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1178) - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152) - A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file
last seen	2020-04-01
modified	2019-08-13
plugin id	127848
published	2019-08-13
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127848
title	KB4512508: Windows 10 Version 1903 August 2019 Security Update

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-2925.NASL
description	An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (10.16.3). Security Fix(es) : * HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511) * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) * HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516) * HTTP/2: request for large response leads to denial of service (CVE-2019-9517) * HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-05-23
modified	2019-10-01
plugin id	129480
published	2019-10-01
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/129480
title	RHEL 8 : nodejs:10 (RHSA-2019:2925) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-2056.NASL
description	This update for go1.12 fixes the following issues : Security issues fixed : - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115). - CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123). Bugfixes : - Update to go version 1.12.9 (bsc#1141689). - Adding Web Assembly stuff from misc/wasm (bsc#1139210). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	128462
published	2019-09-03
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128462
title	openSUSE Security Update : go1.12 (openSUSE-2019-2056) (Ping Flood) (Reset Flood)

NASL family	Windows : Microsoft Bulletins
NASL id	SMB_NT_MS19_AUG_4512497.NASL
description	The remote Windows host is missing security update 4512497. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1162) - A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted. (CVE-2019-1192) - An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1148, CVE-2019-1153) - A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to an XML application. The update addresses the vulnerability by correcting how the XmlLite runtime parses XML input. (CVE-2019-1187) - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1176) - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1139, CVE-2019-1140, CVE-2019-1197) - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157) - A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518) - <h1>Executive Summary</h1> Microsoft is aware of the Bluetooth BR/EDR (basic rate/enhanced data rate, known as "Bluetooth Classic") key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker could potentially be able to negotiate the offered key length down to 1 byte of entropy, from a maximum of 16 bytes. (CVE-2019-9506) - An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1168) - An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows Graphics Component handles objects in memory. (CVE-2019-1078) - An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1180, CVE-2019-1186) - An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1179) - An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1198) - An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1178) - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152) - A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file
last seen	2020-06-01
modified	2020-06-02
plugin id	127844
published	2019-08-13
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127844
title	KB4512497: Windows 10 August 2019 Security Update

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2019-2726.NASL
description	From Red Hat Security Advisory 2019:2726 : An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es) : * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * Failure trying to conntect to image registry using TLS when buildah is compiled with FIPS mode (BZ#1743169)
last seen	2020-06-01
modified	2020-06-02
plugin id	129036
published	2019-09-19
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/129036
title	Oracle Linux 8 : go-toolset:ol8 (ELSA-2019-2726) (Ping Flood) (Reset Flood)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-2213-1.NASL
description	This update for go1.11 fixes the following issues : Security issues fixed : CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111). CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115). CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123). Bugfixes: Update to go version 1.11.13 (bsc#1141688). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	128146
published	2019-08-26
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128146
title	SUSE SLED15 / SLES15 Security Update : go1.11 (SUSE-SU-2019:2213-1) (Ping Flood) (Reset Flood)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2019-4269.NASL
description	From Red Hat Security Advisory 2019:4269 : An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es) : * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc (CVE-2019-16884) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * avc: podman run --security-opt label=type:svirt_qemu_net_t (BZ#1764318) * backport json-file logging support to 1.4.2 (BZ#1770176) * Selinux won
last seen	2020-06-01
modified	2020-06-02
plugin id	132667
published	2020-01-06
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/132667
title	Oracle Linux 8 : container-tools:ol8 (ELSA-2019-4269) (Ping Flood) (Reset Flood)

NASL family	Misc.
NASL id	ARISTA_EOS_SA0043.NASL
description	The version of Arista Networks EOS running on the remote device is affected by the following vulnerabilities: - HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service (DoS). An unauthenticated, remote attacker can exploit this, by sending continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. (CVE-2019-9512) - HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a DoS. An unauthenticated, remote attacker can open a number of streams and send an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. (CVE-2019-9514) - HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a DoS. An unauthenticated, remote attacker can exploit this by sending a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. (CVE-2019-9515) Note that Nessus has not tested for this issue but has instead relied only on the application
last seen	2020-03-17
modified	2020-03-11
plugin id	134419
published	2020-03-11
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134419
title	Arista Networks EOS Multiple Vulnerabilities (SA0043)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-4269.NASL
description	An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es) : * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc (CVE-2019-16884) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * avc: podman run --security-opt label=type:svirt_qemu_net_t (BZ#1764318) * backport json-file logging support to 1.4.2 (BZ#1770176) * Selinux won
last seen	2020-05-23
modified	2019-12-18
plugin id	132234
published	2019-12-18
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/132234
title	RHEL 8 : container-tools:rhel8 (RHSA-2019:4269) (Ping Flood) (Reset Flood)

NASL family	CGI abuses
NASL id	JBOSS_EAP_RHSA-2019-4021.NASL
description	The version of Red Hat JBoss Enterprise Application Platform (EAP) installed on the remote host is 7.x prior to 7.2.5. It is therefore, affected my multiple vulnerabilities as referenced in the RHSA-2019:4021 advisory: - undertow: HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511) - undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) - undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) - undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) - wildfly-core: Incorrect privileges for
last seen	2020-06-01
modified	2020-06-02
plugin id	132314
published	2019-12-19
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/132314
title	Red Hat JBoss Enterprise Application Platform 7.x < 7.2.5 Multiple Vulnerabilities

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_72A5579EC76511E980520028F8D09152.NASL
description	Jonathon Loomey of Netflix reports : HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion Recently, a series of DoS attack vulnerabilities have been reported on a broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is exposed to the following : - CVE-2019-9512
last seen	2020-06-01
modified	2020-06-02
plugin id	128135
published	2019-08-26
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128135
title	FreeBSD : h2o -- multiple HTTP/2 vulnerabilities (72a5579e-c765-11e9-8052-0028f8d09152) (Ping Flood) (Reset Flood) (Settings Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-2690.NASL
description	An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat
last seen	2020-06-01
modified	2020-06-02
plugin id	128849
published	2019-09-16
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128849
title	RHEL 7 : OpenShift Container Platform 3.10 (RHSA-2019:2690) (Ping Flood) (Reset Flood)

NASL family	Misc.
NASL id	KUBERNETES_1_15_3.NASL
description	The version of Kubernetes installed on the remote host is a version prior to 1.13.10, or 1.14.x prior to 1.14.6, or 1.15.x prior to 1.15.3. It is, therefore, affected by the following denial of service vulnerabilities : - A denial of service (DoS) vulnerability exists in HTTP/2 due to some HTTP/2 implementations inefficiently handling a large queue of ping responses. An unauthenticated, remote attacker can exploit this issue, via continual ping requests, to cause the system to stop responding. (CVE-2019-9512) - A denial of service (DoS) vulnerability exists in HTTP/2 due to some HTTP/2 implementations inefficiently handling a queue of RST_STREAM frames. An unauthenticated, remote attacker can exploit this issue, by opening a number of streams and sending an invalid request over each stream, to cause the system to stop responding. (CVE-2019-9514) Note that Nessus has not attempted to exploit these issues but has instead relied only on the application
last seen	2020-04-04
modified	2020-03-31
plugin id	135030
published	2020-03-31
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/135030
title	Kubernetes 1.13.x < 1.13.10 / 1.14.x < 1.14.6 / 1.15.x < 1.15.3 DoS

NASL family	Windows : Microsoft Bulletins
NASL id	SMB_NT_MS19_AUG_4511553.NASL
description	The remote Windows host is missing security update 4511553. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1190) - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1162) - A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted. (CVE-2019-1192) - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1133, CVE-2019-1194) - A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to an XML application. The update addresses the vulnerability by correcting how the XmlLite runtime parses XML input. (CVE-2019-1187) - An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1176) - An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. (CVE-2019-1224, CVE-2019-1225) - An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. (CVE-2019-1170) - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1146, CVE-2019-1147, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157) - A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518) - <h1>Executive Summary</h1> Microsoft is aware of the Bluetooth BR/EDR (basic rate/enhanced data rate, known as "Bluetooth Classic") key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker could potentially be able to negotiate the offered key length down to 1 byte of entropy, from a maximum of 16 bytes. (CVE-2019-9506) - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1223) - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1227) - An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1173, CVE-2019-1174) - A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. (CVE-2019-1188) - An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1168) - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0965) - An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows Graphics Component handles objects in memory. (CVE-2019-1078) - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0714, CVE-2019-0715, CVE-2019-0717, CVE-2019-0718, CVE-2019-0723) - An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1180, CVE-2019-1186) - A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could cause the DHCP service to become nonresponsive. (CVE-2019-1206) - An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1175) - An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1171) - An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. (CVE-2019-1198) - An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1178) - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152) - A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file
last seen	2020-04-01
modified	2019-08-13
plugin id	127841
published	2019-08-13
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127841
title	KB4511553: Windows 10 Version 1809 and Windows Server 2019 August 2019 Security Update

NASL family	Amazon Linux Local Security Checks
NASL id	AL2_ALAS-2019-1272.NASL
description	Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. (CVE-2019-9512) Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. (CVE-2019-9514)
last seen	2020-06-01
modified	2020-06-02
plugin id	128286
published	2019-08-28
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128286
title	Amazon Linux 2 : golang (ALAS-2019-1272) (Ping Flood) (Reset Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-3131.NASL
description	An update is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat
last seen	2020-06-01
modified	2020-06-02
plugin id	129995
published	2019-10-17
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/129995
title	RHEL 7 / 8 : OpenShift Container Platform 4.1.20 golang (RHSA-2019:3131) (Ping Flood) (Reset Flood)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-2260-1.NASL
description	This update for nodejs8 to version 8.16.1 fixes the following issues : Security issues fixed : CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146091). CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded memory growth (bsc#1146099). CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service. (bsc#1146094). CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in unbounded memory growth (bsc#1146100). CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1146097). CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). Bug fixes: Fixed that npm resolves its default config file like in all other versions, as /etc/nodejs/npmrc (bsc#1144919). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	128468
published	2019-09-03
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128468
title	SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2019:2260-1) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-2072.NASL
description	This update for go1.11 fixes the following issues : Security issues fixed : - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115). - CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123). Bugfixes : - Update to go version 1.11.13 (bsc#1141688). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	128541
published	2019-09-06
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128541
title	openSUSE Security Update : go1.11 (openSUSE-2019-2072) (Ping Flood) (Reset Flood)

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_9FBAEFB3837E11EAB5B4641C67A117D8.NASL
description	Twisted developers reports : All HTTP clients in twisted.web.client now raise a ValueError when called with a method and/or URL that contain invalid characters. This mitigates CVE-2019-12387. Thanks to Alex Brasetvik for reporting this vulnerability. The HTTP/2 server implementation now enforces TCP flow control on control frame messages and times out clients that send invalid data without reading responses. This closes CVE-2019-9512 (Ping Flood), CVE-2019-9514 (Reset Flood), and CVE-2019-9515 (Settings Flood). Thanks to Jonathan Looney and Piotr Sikora. twisted.web.http was subject to several request smuggling attacks. Requests with multiple Content-Length headers were allowed (CVE-2020-10108, thanks to Jake Miller from Bishop Fox and ZeddYu Lu for reporting this) and now fail with a 400; requests with a Content-Length header and a Transfer-Encoding header honored the first header (CVE-2020-10109, thanks to Jake Miller from Bishop Fox for reporting this) and now fail with a 400; requests whose Transfer-Encoding header had a value other than
last seen	2020-04-30
modified	2020-04-22
plugin id	135883
published	2020-04-22
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/135883
title	FreeBSD : py-twisted -- multiple vulnerabilities (9fbaefb3-837e-11ea-b5b4-641c67a117d8) (Ping Flood) (Reset Flood) (Settings Flood)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1967.NASL
description	According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512) - Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-08
modified	2019-09-23
plugin id	129124
published	2019-09-23
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/129124
title	EulerOS 2.0 SP5 : golang (EulerOS-SA-2019-1967)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2019-2925.NASL
description	From Red Hat Security Advisory 2019:2925 : An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs (10.16.3). Security Fix(es) : * HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511) * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) * HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516) * HTTP/2: request for large response leads to denial of service (CVE-2019-9517) * HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-06-01
modified	2020-06-02
plugin id	129514
published	2019-10-02
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/129514
title	Oracle Linux 8 : nodejs:10 (ELSA-2019-2925) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2019-4273.NASL
description	From Red Hat Security Advisory 2019:4273 : An update for the container-tools:1.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es) : * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-06-01
modified	2020-06-02
plugin id	132668
published	2020-01-06
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/132668
title	Oracle Linux 8 : container-tools:1.0 (ELSA-2019-4273) (Ping Flood) (Reset Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-2817.NASL
description	An update for cri-o is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat
last seen	2020-06-01
modified	2020-06-02
plugin id	129265
published	2019-09-24
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/129265
title	RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2019:2817) (Ping Flood) (Reset Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-2682.NASL
description	An update for go-toolset-1.11 and go-toolset-1.11-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es) : * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-06-01
modified	2020-06-02
plugin id	128659
published	2019-09-11
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128659
title	RHEL 7 : go-toolset-1.11 and go-toolset-1.11-golang (RHSA-2019:2682) (Ping Flood) (Reset Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-3245.NASL
description	An update for apb, containernetworking-plugins, and golang-github-prometheus-promu is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat
last seen	2020-06-01
modified	2020-06-02
plugin id	130385
published	2019-10-30
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130385
title	RHEL 7 : OpenShift Container Platform 4.2 (RHSA-2019:3245) (Ping Flood) (Reset Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-4273.NASL
description	An update for the container-tools:1.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es) : * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-05-23
modified	2019-12-18
plugin id	132235
published	2019-12-18
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/132235
title	RHEL 8 : container-tools:1.0 (RHSA-2019:4273) (Ping Flood) (Reset Flood)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-2254-1.NASL
description	This update for nodejs10 to version 10.16.3 fixes the following issues : Security issues fixed : CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146091). CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded memory growth (bsc#1146099). CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service. (bsc#1146094). CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in unbounded memory growth (bsc#1146100). CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1146097). CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	128411
published	2019-08-30
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128411
title	SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2019:2254-1) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-2769.NASL
description	An security update is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat
last seen	2020-06-01
modified	2020-06-02
plugin id	130185
published	2019-10-24
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130185
title	RHEL 7 : OpenShift Container Platform 3.9 (RHSA-2019:2769) (Ping Flood) (Reset Flood)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-2000.NASL
description	This update for go1.12 fixes the following issues : Security issues fixed : - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth. (bsc#1146111) - CVE-2019-9514: Fixed HTTP/2 implementation is vulnerable to a reset flood, potentially leading to a denial of service. (bsc#1146115) - CVE-2019-14809: Fixed authorization bypass due to malformed hosts in URLs. (bsc#1146123)
last seen	2020-06-01
modified	2020-06-02
plugin id	128142
published	2019-08-26
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128142
title	openSUSE Security Update : go1.12 (openSUSE-2019-2000) (Ping Flood) (Reset Flood)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2019-55D101A740.NASL
description	- Rebase to go1.12.9 - Security fix for CVE-2019-9512, CVE-2019-9514 and CVE-2019-14809 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	128567
published	2019-09-09
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128567
title	Fedora 30 : golang (2019-55d101a740) (Ping Flood) (Reset Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-2661.NASL
description	An update for the openshift and atomic-enterprise-service-catalog packages is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Both the openshift and atomic-enterprise-service-catalog packages have been rebuilt with updates versions of golang. The golang packages provide the Go programming language compiler. Security Fix(es) : * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-06-01
modified	2020-06-02
plugin id	128657
published	2019-09-11
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128657
title	RHEL 7 / 8 : Red Hat OpenShift Container Platform 4.1 openshift RPM (RHSA-2019:2661) (Ping Flood) (Reset Flood)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-2085.NASL
description	This update for go1.12 fixes the following issues : Security issues fixed : - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115). - CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123). Bugfixes : - Update to go version 1.12.9 (bsc#1141689). - Adding Web Assembly stuff from misc/wasm (bsc#1139210). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	128605
published	2019-09-09
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128605
title	openSUSE Security Update : go1.12 (openSUSE-2019-2085) (Ping Flood) (Reset Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-2726.NASL
description	An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es) : * HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * Failure trying to conntect to image registry using TLS when buildah is compiled with FIPS mode (BZ#1743169)
last seen	2020-05-23
modified	2019-09-11
plugin id	128666
published	2019-09-11
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128666
title	RHEL 8 : go-toolset:rhel8 (RHSA-2019:2726) (Ping Flood) (Reset Flood)

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_41F4BAACBF7711E98D2F5404A68AD561.NASL
description	The traefik project reports : Update of dependency to go go1.12.8 resolves potential HTTP/2 denial of service in traefik.
last seen	2020-06-01
modified	2020-06-02
plugin id	127947
published	2019-08-20
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127947
title	FreeBSD : traefik -- Denial of service in HTTP/2 (41f4baac-bf77-11e9-8d2f-5404a68ad561) (Ping Flood) (Reset Flood)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-4669.NASL
description	Multiple vulnerabilities were discovered in Node.js, which could result in denial of service or HTTP request smuggling.
last seen	2020-05-06
modified	2020-04-30
plugin id	136126
published	2020-04-30
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/136126
title	Debian DSA-4669-1 : nodejs - security update (Data Dribble) (Reset Flood) (Resource Loop)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-4018.NASL
description	An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.4, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es) : * undertow: HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511) * undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) * wildfly-core: Incorrect privileges for
last seen	2020-06-01
modified	2020-06-02
plugin id	131522
published	2019-12-03
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131522
title	RHEL 6 : JBoss EAP (RHSA-2019:4018) (Data Dribble) (Ping Flood) (Reset Flood) (Settings Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-4040.NASL
description	New Red Hat Single Sign-On 7.3.5 packages are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * keycloak: Service accounts reset password flow not using placeholder.org domain anymore (CVE-2019-14837) * undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514) * undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) * wildfly-core: Incorrect privileges for
last seen	2020-06-01
modified	2020-06-02
plugin id	131527
published	2019-12-03
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131527
title	RHEL 6 : Red Hat Single Sign-On 7.3.5 (RHSA-2019:4040) (Ping Flood) (Reset Flood) (Settings Flood)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-2214-1.NASL
description	This update for go1.12 fixes the following issues : Security issues fixed : CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111). CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115). CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123). Bugfixes: Update to go version 1.12.9 (bsc#1141689). Adding Web Assembly stuff from misc/wasm (bsc#1139210). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	128147
published	2019-08-26
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128147
title	SUSE SLED15 / SLES15 Security Update : go1.12 (SUSE-SU-2019:2214-1) (Ping Flood) (Reset Flood)

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_C97A940BC39211E9BB38000D3AB229D6.NASL
description	Node.js reports : Node.js, as well as many other implementations of HTTP/2, have been found vulnerable to Denial of Service attacks. See https://github.com/Netflix/security-bulletins/blob/master/advisories/t hird-party/2019-002.md for more information. Updates are now available for all active Node.js release lines, including Linux ARMv6 builds for Node.js 8.x (which had been delayed). We recommend that all Node.js users upgrade to a version listed below as soon as possible. Vulnerabilities Fixed Impact: All versions of Node.js 8 (LTS
last seen	2020-06-01
modified	2020-06-02
plugin id	128043
published	2019-08-21
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128043
title	FreeBSD : Node.js -- multiple vulnerabilities (c97a940b-c392-11e9-bb38-000d3ab229d6) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-3906.NASL
description	An update is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat
last seen	2020-06-01
modified	2020-06-02
plugin id	131154
published	2019-11-20
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131154
title	RHEL 7 : OpenShift Container Platform 3.11 HTTP/2 (RHSA-2019:3906) (Ping Flood) (Reset Flood)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2019-5A6A7BC12C.NASL
description	Update to Node.js 10.6.13 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	128131
published	2019-08-26
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128131
title	Fedora 30 : 1:nodejs (2019-5a6a7bc12c) (0-Length Headers Leak) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

Redhat

advisories

bugzilla

id	1743169
title	Failure trying to conntect to image registry using TLS when buildah is compiled with FIPS mode [8.0.0.z]

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 8 is installed
oval oval:com.redhat.rhba:tst:20193384074
comment Module go-toolset:rhel8 is enabled
oval oval:com.redhat.rhsa:tst:20191519017

AND

comment golang-bin is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
oval oval:com.redhat.rhsa:tst:20192726001
comment golang-bin is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20161538002

AND

comment golang is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
oval oval:com.redhat.rhsa:tst:20192726003
comment golang is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20161538004

AND

comment go-toolset is earlier than 0:1.11.13-1.module+el8.0.1+4087+d8180914
oval oval:com.redhat.rhsa:tst:20192726005
comment go-toolset is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20191519008

AND

comment golang-tests is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
oval oval:com.redhat.rhsa:tst:20192726007
comment golang-tests is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20161538012

AND

comment golang-src is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
oval oval:com.redhat.rhsa:tst:20192726009
comment golang-src is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20161538008

AND

comment golang-misc is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
oval oval:com.redhat.rhsa:tst:20192726011
comment golang-misc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20161538010

AND

comment golang-docs is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
oval oval:com.redhat.rhsa:tst:20192726013
comment golang-docs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20161538006

AND

comment golang-race is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
oval oval:com.redhat.rhsa:tst:20192726015
comment golang-race is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20191519002

rhsa

id	RHSA-2019:2726
released	2019-09-12
severity	Important
title	RHSA-2019:2726: go-toolset:rhel8 security and bug fix update (Important)

bugzilla

id	1774382
title	Selinux won't allow SCTP inter pod communication [rhel-8.1.0.z]

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 8 is installed
oval oval:com.redhat.rhba:tst:20193384074
comment Module container-tools:rhel8 is enabled
oval oval:com.redhat.rhsa:tst:20190975043

AND

comment toolbox is earlier than 0:0.0.4-1.module+el8.1.0+4081+b29780af
oval oval:com.redhat.rhsa:tst:20193403001
comment toolbox is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193403002

AND

comment slirp4netns-debugsource is earlier than 0:0.3.0-4.module+el8.1.0+4306+1d917805
oval oval:com.redhat.rhsa:tst:20193403003
comment slirp4netns-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975002

AND

comment slirp4netns is earlier than 0:0.3.0-4.module+el8.1.0+4306+1d917805
oval oval:com.redhat.rhsa:tst:20193403005
comment slirp4netns is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975004

AND

comment skopeo-tests is earlier than 1:0.1.37-6.module+el8.1.0+4876+e678a192
oval oval:com.redhat.rhsa:tst:20194269007
comment skopeo-tests is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193403008

AND

comment skopeo-debugsource is earlier than 1:0.1.37-6.module+el8.1.0+4876+e678a192
oval oval:com.redhat.rhsa:tst:20194269009
comment skopeo-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975006

AND

comment skopeo is earlier than 1:0.1.37-6.module+el8.1.0+4876+e678a192
oval oval:com.redhat.rhsa:tst:20194269011
comment skopeo is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975008

AND

comment runc-debugsource is earlier than 0:1.0.0-61.rc8.module+el8.1.0+4873+4a24e241
oval oval:com.redhat.rhsa:tst:20194269013
comment runc-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975010

AND

comment runc is earlier than 0:1.0.0-61.rc8.module+el8.1.0+4873+4a24e241
oval oval:com.redhat.rhsa:tst:20194269015
comment runc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975012

AND

comment podman-tests is earlier than 0:1.4.2-6.module+el8.1.0+4830+f49150d7
oval oval:com.redhat.rhsa:tst:20194269017
comment podman-tests is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193403018

AND

comment podman-remote is earlier than 0:1.4.2-6.module+el8.1.0+4830+f49150d7
oval oval:com.redhat.rhsa:tst:20194269019
comment podman-remote is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193403020

AND

comment podman-debugsource is earlier than 0:1.4.2-6.module+el8.1.0+4830+f49150d7
oval oval:com.redhat.rhsa:tst:20194269021
comment podman-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975014

AND

comment podman is earlier than 0:1.4.2-6.module+el8.1.0+4830+f49150d7
oval oval:com.redhat.rhsa:tst:20194269023
comment podman is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975016

AND

comment oci-umount-debugsource is earlier than 2:2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af
oval oval:com.redhat.rhsa:tst:20193403025
comment oci-umount-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975018

AND

comment oci-umount is earlier than 2:2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af
oval oval:com.redhat.rhsa:tst:20193403027
comment oci-umount is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975020

AND

comment oci-systemd-hook-debugsource is earlier than 1:0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af
oval oval:com.redhat.rhsa:tst:20193403029
comment oci-systemd-hook-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975022

AND

comment oci-systemd-hook is earlier than 1:0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af
oval oval:com.redhat.rhsa:tst:20193403031
comment oci-systemd-hook is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975024

AND

comment fuse-overlayfs-debugsource is earlier than 0:0.4.1-1.module+el8.1.0+4081+b29780af
oval oval:com.redhat.rhsa:tst:20193403033
comment fuse-overlayfs-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975026

AND

comment fuse-overlayfs is earlier than 0:0.4.1-1.module+el8.1.0+4081+b29780af
oval oval:com.redhat.rhsa:tst:20193403035
comment fuse-overlayfs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975028

AND

comment containers-common is earlier than 1:0.1.37-6.module+el8.1.0+4876+e678a192
oval oval:com.redhat.rhsa:tst:20194269037
comment containers-common is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975030

AND

comment containernetworking-plugins-debugsource is earlier than 0:0.8.1-3.module+el8.1.0+4881+045289ee
oval oval:com.redhat.rhsa:tst:20194269039
comment containernetworking-plugins-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975032

AND

comment containernetworking-plugins is earlier than 0:0.8.1-3.module+el8.1.0+4881+045289ee
oval oval:com.redhat.rhsa:tst:20194269041
comment containernetworking-plugins is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975034

AND

comment buildah-tests is earlier than 0:1.9.0-5.module+el8.1.0+4240+893c1ab8
oval oval:com.redhat.rhsa:tst:20193403043
comment buildah-tests is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193403044

AND

comment buildah-debugsource is earlier than 0:1.9.0-5.module+el8.1.0+4240+893c1ab8
oval oval:com.redhat.rhsa:tst:20193403045
comment buildah-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975036

AND

comment buildah is earlier than 0:1.9.0-5.module+el8.1.0+4240+893c1ab8
oval oval:com.redhat.rhsa:tst:20193403047
comment buildah is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975038

AND

comment python-podman-api is earlier than 0:1.2.0-0.1.gitd0a45fe.module+el8.1.0+4081+b29780af
oval oval:com.redhat.rhsa:tst:20193403049
comment python-podman-api is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193403050

AND

comment podman-manpages is earlier than 0:1.4.2-6.module+el8.1.0+4830+f49150d7
oval oval:com.redhat.rhsa:tst:20194269051
comment podman-manpages is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193403052

AND

comment podman-docker is earlier than 0:1.4.2-6.module+el8.1.0+4830+f49150d7
oval oval:com.redhat.rhsa:tst:20194269053
comment podman-docker is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975040

AND

comment container-selinux is earlier than 2:2.123.0-2.module+el8.1.0+4900+9d7326b8
oval oval:com.redhat.rhsa:tst:20194269055
comment container-selinux is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975042

AND

comment cockpit-podman is earlier than 0:4-1.module+el8.1.0+4081+b29780af
oval oval:com.redhat.rhsa:tst:20193403057
comment cockpit-podman is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193403058

rhsa

id	RHSA-2019:4269
released	2019-12-17
severity	Important
title	RHSA-2019:4269: container-tools:rhel8 security and bug fix update (Important)

bugzilla

id	1735744
title	CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 8 is installed
oval oval:com.redhat.rhba:tst:20193384074
comment Module container-tools:1.0 is enabled
oval oval:com.redhat.rhsa:tst:20193494043

AND

comment slirp4netns-debugsource is earlier than 0:0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48
oval oval:com.redhat.rhsa:tst:20193494001
comment slirp4netns-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975002

AND

comment slirp4netns is earlier than 0:0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48
oval oval:com.redhat.rhsa:tst:20193494003
comment slirp4netns is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975004

AND

comment skopeo-debugsource is earlier than 1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
oval oval:com.redhat.rhsa:tst:20194273005
comment skopeo-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975006

AND

comment skopeo is earlier than 1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
oval oval:com.redhat.rhsa:tst:20194273007
comment skopeo is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975008

AND

comment runc-debugsource is earlier than 0:1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef
oval oval:com.redhat.rhsa:tst:20194273009
comment runc-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975010

AND

comment runc is earlier than 0:1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef
oval oval:com.redhat.rhsa:tst:20194273011
comment runc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975012

AND

comment podman-debugsource is earlier than 0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
oval oval:com.redhat.rhsa:tst:20194273013
comment podman-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975014

AND

comment podman is earlier than 0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
oval oval:com.redhat.rhsa:tst:20194273015
comment podman is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975016

AND

comment oci-umount-debugsource is earlier than 2:2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0
oval oval:com.redhat.rhsa:tst:20193494017
comment oci-umount-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975018

AND

comment oci-umount is earlier than 2:2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0
oval oval:com.redhat.rhsa:tst:20193494019
comment oci-umount is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975020

AND

comment oci-systemd-hook-debugsource is earlier than 1:0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0
oval oval:com.redhat.rhsa:tst:20193494021
comment oci-systemd-hook-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975022

AND

comment oci-systemd-hook is earlier than 1:0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0
oval oval:com.redhat.rhsa:tst:20193494023
comment oci-systemd-hook is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975024

AND

comment fuse-overlayfs-debugsource is earlier than 0:0.3-5.module+el8.1.0+3468+011f0ab0
oval oval:com.redhat.rhsa:tst:20193494025
comment fuse-overlayfs-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975026

AND

comment fuse-overlayfs is earlier than 0:0.3-5.module+el8.1.0+3468+011f0ab0
oval oval:com.redhat.rhsa:tst:20193494027
comment fuse-overlayfs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975028

AND

comment containers-common is earlier than 1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
oval oval:com.redhat.rhsa:tst:20194273029
comment containers-common is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975030

AND

comment containernetworking-plugins-debugsource is earlier than 0:0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef
oval oval:com.redhat.rhsa:tst:20194273031
comment containernetworking-plugins-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975032

AND

comment containernetworking-plugins is earlier than 0:0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef
oval oval:com.redhat.rhsa:tst:20194273033
comment containernetworking-plugins is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975034

AND

comment buildah-debugsource is earlier than 0:1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef
oval oval:com.redhat.rhsa:tst:20194273035
comment buildah-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975036

AND

comment buildah is earlier than 0:1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef
oval oval:com.redhat.rhsa:tst:20194273037
comment buildah is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975038

AND

comment podman-docker is earlier than 0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
oval oval:com.redhat.rhsa:tst:20194273039
comment podman-docker is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975040

AND

comment container-selinux is earlier than 2:2.94-1.git1e99f1d.module+el8.1.0+3468+011f0ab0
oval oval:com.redhat.rhsa:tst:20193494041
comment container-selinux is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20190975042

rhsa

id	RHSA-2019:4273
released	2019-12-17
severity	Important
title	RHSA-2019:4273: container-tools:1.0 security update (Important)

rhsa
id RHSA-2019:2594
rhsa
id RHSA-2019:2661
rhsa
id RHSA-2019:2682
rhsa
id RHSA-2019:2690
rhsa
id RHSA-2019:2766
rhsa
id RHSA-2019:2769
rhsa
id RHSA-2019:2796
rhsa
id RHSA-2019:2861
rhsa
id RHSA-2019:2925
rhsa
id RHSA-2019:2939
rhsa
id RHSA-2019:2955
rhsa
id RHSA-2019:2966
rhsa
id RHSA-2019:3131
rhsa
id RHSA-2019:3245
rhsa
id RHSA-2019:3265
rhsa
id RHSA-2019:3892
rhsa
id RHSA-2019:3906
rhsa
id RHSA-2019:4018
rhsa
id RHSA-2019:4019
rhsa
id RHSA-2019:4020
rhsa
id RHSA-2019:4021
rhsa
id RHSA-2019:4040
rhsa
id RHSA-2019:4041
rhsa
id RHSA-2019:4042
rhsa
id RHSA-2019:4045
rhsa
id RHSA-2019:4352
rhsa
id RHSA-2020:0406
rhsa
id RHSA-2020:0727

rpms

atomic-enterprise-service-catalog-1:4.1.14-201908290858.git.1.28cc9ff.el7
atomic-enterprise-service-catalog-svcat-1:4.1.14-201908290858.git.1.28cc9ff.el7
openshift-clients-0:4.1.14-201908290858.git.0.3bd3467.el7
openshift-clients-0:4.1.14-201908290858.git.0.3bd3467.el8
openshift-clients-redistributable-0:4.1.14-201908290858.git.0.3bd3467.el7
openshift-clients-redistributable-0:4.1.14-201908290858.git.0.3bd3467.el8
openshift-hyperkube-0:4.1.14-201908290858.git.0.3bd3467.el7
openshift-hyperkube-0:4.1.14-201908290858.git.0.3bd3467.el8
go-toolset-1.11-0:1.11.13-1.el7
go-toolset-1.11-build-0:1.11.13-1.el7
go-toolset-1.11-golang-0:1.11.13-2.el7
go-toolset-1.11-golang-bin-0:1.11.13-2.el7
go-toolset-1.11-golang-docs-0:1.11.13-2.el7
go-toolset-1.11-golang-misc-0:1.11.13-2.el7
go-toolset-1.11-golang-race-0:1.11.13-2.el7
go-toolset-1.11-golang-src-0:1.11.13-2.el7
go-toolset-1.11-golang-tests-0:1.11.13-2.el7
go-toolset-1.11-runtime-0:1.11.13-1.el7
go-toolset-1.11-scldevel-0:1.11.13-1.el7
atomic-openshift-0:3.10.170-1.git.0.8e592d6.el7
atomic-openshift-clients-0:3.10.170-1.git.0.8e592d6.el7
atomic-openshift-clients-redistributable-0:3.10.170-1.git.0.8e592d6.el7
atomic-openshift-docker-excluder-0:3.10.170-1.git.0.8e592d6.el7
atomic-openshift-excluder-0:3.10.170-1.git.0.8e592d6.el7
atomic-openshift-hyperkube-0:3.10.170-1.git.0.8e592d6.el7
atomic-openshift-hypershift-0:3.10.170-1.git.0.8e592d6.el7
atomic-openshift-master-0:3.10.170-1.git.0.8e592d6.el7
atomic-openshift-node-0:3.10.170-1.git.0.8e592d6.el7
atomic-openshift-pod-0:3.10.170-1.git.0.8e592d6.el7
atomic-openshift-sdn-ovs-0:3.10.170-1.git.0.8e592d6.el7
atomic-openshift-template-service-broker-0:3.10.170-1.git.0.8e592d6.el7
atomic-openshift-tests-0:3.10.170-1.git.0.8e592d6.el7
go-toolset-0:1.11.13-1.module+el8.0.1+4087+d8180914
golang-0:1.11.13-2.module+el8.0.1+4087+d8180914
golang-bin-0:1.11.13-2.module+el8.0.1+4087+d8180914
golang-docs-0:1.11.13-2.module+el8.0.1+4087+d8180914
golang-misc-0:1.11.13-2.module+el8.0.1+4087+d8180914
golang-race-0:1.11.13-2.module+el8.0.1+4087+d8180914
golang-src-0:1.11.13-2.module+el8.0.1+4087+d8180914
golang-tests-0:1.11.13-2.module+el8.0.1+4087+d8180914
ansible-service-broker-0:1.1.20-2.el7
ansible-service-broker-container-scripts-0:1.1.20-2.el7
ansible-service-broker-selinux-0:1.1.20-2.el7
atomic-openshift-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-clients-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-clients-redistributable-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-cluster-capacity-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-descheduler-0:3.9.13-2.git.267.bb59a3f.el7
atomic-openshift-docker-excluder-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-dockerregistry-0:3.9.101-1.git.1.13625cf.el7
atomic-openshift-excluder-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-federation-services-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-master-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-node-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-node-problem-detector-0:3.9.13-2.git.167.5d6b0d4.el7
atomic-openshift-pod-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-sdn-ovs-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-service-catalog-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-template-service-broker-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-tests-0:3.9.101-1.git.0.150f595.el7
atomic-openshift-web-console-0:3.9.101-1.git.1.601c6d2.el7
cockpit-debuginfo-0:195-2.rhaos.el7
cockpit-kubernetes-0:195-2.rhaos.el7
containernetworking-plugins-0:0.5.2-6.el7
containernetworking-plugins-debuginfo-0:0.5.2-6.el7
cri-o-0:1.9.16-3.git858756d.el7
cri-o-debuginfo-0:1.9.16-3.git858756d.el7
cri-tools-0:1.0.0-6.rhaos3.9.git8e6013a.el7
cri-tools-debuginfo-0:1.0.0-6.rhaos3.9.git8e6013a.el7
golang-github-openshift-oauth-proxy-0:2.1-3.git885c9f40.el7
golang-github-openshift-prometheus-alert-buffer-0:0-3.gitceca8c1.el7
golang-github-prometheus-promu-0:0-5.git85ceabc.el7
hawkular-openshift-agent-0:1.2.2-3.el7
heapster-0:1.3.0-4.el7
image-inspector-0:2.1.3-2.el7
openshift-enterprise-image-registry-0:3.8.0-2.git.216.b6b90bb.el7
openshift-eventrouter-0:0.1-3.git5bd9251.el7
openshift-eventrouter-debuginfo-0:0.1-3.git5bd9251.el7
openshift-external-storage-debuginfo-0:0.0.1-9.git78d6339.el7
openshift-external-storage-efs-provisioner-0:0.0.1-9.git78d6339.el7
openshift-external-storage-local-provisioner-0:0.0.1-9.git78d6339.el7
openshift-external-storage-snapshot-controller-0:0.0.1-9.git78d6339.el7
openshift-external-storage-snapshot-provisioner-0:0.0.1-9.git78d6339.el7
openvswitch-ovn-kubernetes-0:0.1.0-3.el7
prometheus-0:2.2.1-2.gitbc6058c.el7
prometheus-alertmanager-0:0.14.0-2.git30af4d0.el7
prometheus-node-exporter-0:3.9.101-1.git.1.8295224.el7
prometheus-promu-0:0-5.git85ceabc.el7
skydive-0:0.20.5-2.el7ost
skydive-agent-0:0.20.5-2.el7ost
skydive-analyzer-0:0.20.5-2.el7ost
skydive-ansible-0:0.20.5-2.el7ost
skydive-debuginfo-0:0.20.5-2.el7ost
skydive-selinux-0:0.20.5-2.el7ost
cri-o-0:1.11.16-0.2.dev.rhaos3.11.git3f89eba.el7
cri-o-debuginfo-0:1.11.16-0.2.dev.rhaos3.11.git3f89eba.el7
nodejs-1:10.16.3-2.module+el8.0.0+4214+49953fda
nodejs-debuginfo-1:10.16.3-2.module+el8.0.0+4214+49953fda
nodejs-debugsource-1:10.16.3-2.module+el8.0.0+4214+49953fda
nodejs-devel-1:10.16.3-2.module+el8.0.0+4214+49953fda
nodejs-devel-debuginfo-1:10.16.3-2.module+el8.0.0+4214+49953fda
nodejs-docs-1:10.16.3-2.module+el8.0.0+4214+49953fda
nodejs-nodemon-0:1.18.3-1.module+el8+2632+6c5111ed
nodejs-packaging-0:17-3.module+el8+2873+aa7dfd9a
npm-1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
rh-nodejs10-0:3.2-3.el7
rh-nodejs10-nodejs-0:10.16.3-3.el7
rh-nodejs10-nodejs-debuginfo-0:10.16.3-3.el7
rh-nodejs10-nodejs-devel-0:10.16.3-3.el7
rh-nodejs10-nodejs-docs-0:10.16.3-3.el7
rh-nodejs10-npm-0:6.9.0-10.16.3.3.el7
rh-nodejs10-runtime-0:3.2-3.el7
rh-nodejs10-scldevel-0:3.2-3.el7
rh-nodejs8-0:3.0-5.el7
rh-nodejs8-nodejs-0:8.16.1-2.el7
rh-nodejs8-nodejs-debuginfo-0:8.16.1-2.el7
rh-nodejs8-nodejs-devel-0:8.16.1-2.el7
rh-nodejs8-nodejs-docs-0:8.16.1-2.el7
rh-nodejs8-npm-0:6.4.1-8.16.1.2.el7
rh-nodejs8-runtime-0:3.0-5.el7
rh-nodejs8-scldevel-0:3.0-5.el7
cri-o-0:1.13.11-0.10.dev.rhaos4.1.gitbdeb2ca.el7
cri-o-0:1.13.11-0.13.dev.rhaos4.1.gitbdeb2ca.el8
cri-o-debuginfo-0:1.13.11-0.10.dev.rhaos4.1.gitbdeb2ca.el7
cri-o-debuginfo-0:1.13.11-0.13.dev.rhaos4.1.gitbdeb2ca.el8
cri-o-debugsource-0:1.13.11-0.13.dev.rhaos4.1.gitbdeb2ca.el8
cri-tools-0:1.13.0-2.rhaos4.1.gitc06001f.el7
cri-tools-0:1.13.0-3.rhaos4.1.gitb69a0b9.el8
cri-tools-debuginfo-0:1.13.0-2.rhaos4.1.gitc06001f.el7
faq-0:0.0.6-4.el7
faq-debuginfo-0:0.0.6-4.el7
ignition-0:0.32.0-2.git5941fc0.el8
ignition-debuginfo-0:0.32.0-2.git5941fc0.el8
ignition-debugsource-0:0.32.0-2.git5941fc0.el8
ignition-validate-0:0.32.0-2.git5941fc0.el8
ignition-validate-debuginfo-0:0.32.0-2.git5941fc0.el8
openshift-external-storage-cephfs-provisioner-0:0.0.2-7.gitd3c94f0.el7
openshift-external-storage-debuginfo-0:0.0.2-7.gitd3c94f0.el7
openshift-external-storage-efs-provisioner-0:0.0.2-7.gitd3c94f0.el7
openshift-external-storage-local-provisioner-0:0.0.2-7.gitd3c94f0.el7
openshift-external-storage-manila-provisioner-0:0.0.2-7.gitd3c94f0.el7
openshift-external-storage-snapshot-controller-0:0.0.2-7.gitd3c94f0.el7
openshift-external-storage-snapshot-provisioner-0:0.0.2-7.gitd3c94f0.el7
pivot-0:0.0.5-2.el8
apb-0:2.0.3-2.el7
apb-container-scripts-0:2.0.3-2.el7
apb-devel-0:2.0.3-2.el7
containernetworking-plugins-0:0.8.1-4.el7
containernetworking-plugins-debuginfo-0:0.8.1-4.el7
golang-github-prometheus-promu-0:0.5.0-2.git642a960.el7
prometheus-promu-0:0.5.0-2.git642a960.el7
ansible-operator-0:0.0.1-3.git.59.4beb3d2.el7
ansible-operator-container-scripts-0:0.0.1-3.git.59.4beb3d2.el7
ansible-operator-devel-0:0.0.1-3.git.59.4beb3d2.el7
apb-0:2.0.3-2.el7
apb-container-scripts-0:2.0.3-2.el7
apb-devel-0:2.0.3-2.el7
containernetworking-plugins-0:0.8.1-4.el7
containernetworking-plugins-debuginfo-0:0.8.1-4.el7
golang-github-openshift-prometheus-alert-buffer-0:0-3.gitceca8c1.el7
golang-github-prometheus-promu-0:0-5.git85ceabc.el7
openshift-eventrouter-0:0.2-3.gited73fb6.el7
openshift-eventrouter-debuginfo-0:0.2-3.gited73fb6.el7
prometheus-promu-0:0-5.git85ceabc.el7
atomic-enterprise-service-catalog-1:3.11.154-1.git.1.fa68ced.el7
atomic-enterprise-service-catalog-svcat-1:3.11.154-1.git.1.fa68ced.el7
atomic-openshift-cluster-autoscaler-0:3.11.154-1.git.1.532da7a.el7
atomic-openshift-descheduler-0:3.11.154-1.git.1.1d31032.el7
atomic-openshift-metrics-server-0:3.11.154-1.git.1.6a6b6ce.el7
atomic-openshift-node-problem-detector-0:3.11.154-1.git.1.5e8e065.el7
atomic-openshift-service-idler-0:3.11.154-1.git.1.f80fb86.el7
atomic-openshift-web-console-0:3.11.154-1.git.1.f54cb18.el7
cockpit-debuginfo-0:195-2.rhaos.el7
cockpit-kubernetes-0:195-2.rhaos.el7
csi-attacher-0:0.2.0-4.git27299be.el7
csi-attacher-debuginfo-0:0.2.0-4.git27299be.el7
csi-driver-registrar-0:0.2.0-2.el7
csi-driver-registrar-debuginfo-0:0.2.0-2.el7
csi-livenessprobe-0:0.0.1-2.gitff5b6a0.el7
csi-livenessprobe-debuginfo-0:0.0.1-2.gitff5b6a0.el7
csi-provisioner-0:0.2.0-3.el7
csi-provisioner-debuginfo-0:0.2.0-3.el7
golang-github-openshift-oauth-proxy-0:3.11.154-1.git.1.220e3dc.el7
golang-github-openshift-prometheus-alert-buffer-0:0-3.gitceca8c1.el7
hawkular-openshift-agent-0:1.2.2-3.el7
heapster-0:1.3.0-4.el7
image-inspector-0:2.4.0-4.el7
openshift-enterprise-autoheal-0:3.11.154-1.git.1.13199be.el7
openshift-enterprise-cluster-capacity-0:3.11.154-1.git.1.5798c2c.el7
openshift-eventrouter-0:0.2-4.git7c289cc.el7
openshift-eventrouter-debuginfo-0:0.2-4.git7c289cc.el7
openshift-external-storage-cephfs-provisioner-0:0.0.2-9.gitd3c94f0.el7
openshift-external-storage-debuginfo-0:0.0.2-9.gitd3c94f0.el7
openshift-external-storage-efs-provisioner-0:0.0.2-9.gitd3c94f0.el7
openshift-external-storage-local-provisioner-0:0.0.2-9.gitd3c94f0.el7
openshift-external-storage-manila-provisioner-0:0.0.2-9.gitd3c94f0.el7
openshift-external-storage-snapshot-controller-0:0.0.2-9.gitd3c94f0.el7
openshift-external-storage-snapshot-provisioner-0:0.0.2-9.gitd3c94f0.el7
prometheus-0:3.11.154-1.git.1.148db48.el7
prometheus-alertmanager-0:3.11.154-1.git.1.4acd2e6.el7
prometheus-node-exporter-0:3.11.154-1.git.1.bc9f224.el7
eap7-apache-cxf-0:3.2.10-1.redhat_00001.1.el6eap
eap7-apache-cxf-rt-0:3.2.10-1.redhat_00001.1.el6eap
eap7-apache-cxf-services-0:3.2.10-1.redhat_00001.1.el6eap
eap7-apache-cxf-tools-0:3.2.10-1.redhat_00001.1.el6eap
eap7-byte-buddy-0:1.9.11-1.redhat_00002.1.el6eap
eap7-glassfish-jsf-0:2.3.5-5.SP3_redhat_00003.1.el6eap
eap7-hal-console-0:3.0.17-2.Final_redhat_00001.1.el6eap
eap7-hibernate-0:5.3.13-1.Final_redhat_00001.1.el6eap
eap7-hibernate-core-0:5.3.13-1.Final_redhat_00001.1.el6eap
eap7-hibernate-entitymanager-0:5.3.13-1.Final_redhat_00001.1.el6eap
eap7-hibernate-envers-0:5.3.13-1.Final_redhat_00001.1.el6eap
eap7-hibernate-java8-0:5.3.13-1.Final_redhat_00001.1.el6eap
eap7-ironjacamar-0:1.4.18-1.Final_redhat_00001.1.el6eap
eap7-ironjacamar-common-api-0:1.4.18-1.Final_redhat_00001.1.el6eap
eap7-ironjacamar-common-impl-0:1.4.18-1.Final_redhat_00001.1.el6eap
eap7-ironjacamar-common-spi-0:1.4.18-1.Final_redhat_00001.1.el6eap
eap7-ironjacamar-core-api-0:1.4.18-1.Final_redhat_00001.1.el6eap
eap7-ironjacamar-core-impl-0:1.4.18-1.Final_redhat_00001.1.el6eap
eap7-ironjacamar-deployers-common-0:1.4.18-1.Final_redhat_00001.1.el6eap
eap7-ironjacamar-jdbc-0:1.4.18-1.Final_redhat_00001.1.el6eap
eap7-ironjacamar-validator-0:1.4.18-1.Final_redhat_00001.1.el6eap
eap7-jboss-genericjms-0:2.0.2-1.Final_redhat_00001.1.el6eap
eap7-jboss-msc-0:1.4.11-1.Final_redhat_00001.1.el6eap
eap7-jboss-remoting-0:5.0.16-2.Final_redhat_00001.1.el6eap
eap7-jboss-server-migration-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-cli-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-core-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-eap6.4-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-eap7.0-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-eap7.1-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly10.0-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly10.1-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly11.0-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly12.0-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly8.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly9.0-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
eap7-jboss-xnio-base-0:3.7.6-2.SP1_redhat_00001.1.el6eap
eap7-picketbox-0:5.0.3-6.Final_redhat_00005.1.el6eap
eap7-picketbox-infinispan-0:5.0.3-6.Final_redhat_00005.1.el6eap
eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00009.1.el6eap
eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00009.1.el6eap
eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00009.1.el6eap
eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00009.1.el6eap
eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00009.1.el6eap
eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00009.1.el6eap
eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00009.1.el6eap
eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00009.1.el6eap
eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00009.1.el6eap
eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00009.1.el6eap
eap7-resteasy-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-atom-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-cdi-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-client-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-client-microprofile-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-crypto-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-jackson-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-jackson2-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-jaxb-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-jaxrs-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-jettison-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-jose-jwt-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-jsapi-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-json-binding-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-json-p-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-multipart-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-rxjava2-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-spring-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-validator-provider-11-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-resteasy-yaml-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
eap7-undertow-0:2.0.26-2.SP3_redhat_00001.1.el6eap
eap7-wildfly-0:7.2.5-4.GA_redhat_00002.1.el6eap
eap7-wildfly-elytron-0:1.6.5-1.Final_redhat_00001.1.el6eap
eap7-wildfly-elytron-tool-0:1.4.4-1.Final_redhat_00001.1.el6eap
eap7-wildfly-http-client-common-0:1.0.17-1.Final_redhat_00001.1.el6eap
eap7-wildfly-http-ejb-client-0:1.0.17-1.Final_redhat_00001.1.el6eap
eap7-wildfly-http-naming-client-0:1.0.17-1.Final_redhat_00001.1.el6eap
eap7-wildfly-http-transaction-client-0:1.0.17-1.Final_redhat_00001.1.el6eap
eap7-wildfly-javadocs-0:7.2.5-4.GA_redhat_00002.1.el6eap
eap7-wildfly-modules-0:7.2.5-4.GA_redhat_00002.1.el6eap
eap7-wildfly-openssl-0:1.0.8-1.Final_redhat_00001.1.el6eap
eap7-wildfly-openssl-java-0:1.0.8-1.Final_redhat_00001.1.el6eap
eap7-wildfly-openssl-linux-x86_64-0:1.0.8-5.Final_redhat_00001.1.el6eap
eap7-wildfly-openssl-linux-x86_64-debuginfo-0:1.0.8-5.Final_redhat_00001.1.el6eap
eap7-yasson-0:1.0.5-1.redhat_00001.1.el6eap
eap7-apache-cxf-0:3.2.10-1.redhat_00001.1.el7eap
eap7-apache-cxf-rt-0:3.2.10-1.redhat_00001.1.el7eap
eap7-apache-cxf-services-0:3.2.10-1.redhat_00001.1.el7eap
eap7-apache-cxf-tools-0:3.2.10-1.redhat_00001.1.el7eap
eap7-byte-buddy-0:1.9.11-1.redhat_00002.1.el7eap
eap7-glassfish-jsf-0:2.3.5-5.SP3_redhat_00003.1.el7eap
eap7-hal-console-0:3.0.17-2.Final_redhat_00001.1.el7eap
eap7-hibernate-0:5.3.13-1.Final_redhat_00001.1.el7eap
eap7-hibernate-core-0:5.3.13-1.Final_redhat_00001.1.el7eap
eap7-hibernate-entitymanager-0:5.3.13-1.Final_redhat_00001.1.el7eap
eap7-hibernate-envers-0:5.3.13-1.Final_redhat_00001.1.el7eap
eap7-hibernate-java8-0:5.3.13-1.Final_redhat_00001.1.el7eap
eap7-ironjacamar-0:1.4.18-1.Final_redhat_00001.1.el7eap
eap7-ironjacamar-common-api-0:1.4.18-1.Final_redhat_00001.1.el7eap
eap7-ironjacamar-common-impl-0:1.4.18-1.Final_redhat_00001.1.el7eap
eap7-ironjacamar-common-spi-0:1.4.18-1.Final_redhat_00001.1.el7eap
eap7-ironjacamar-core-api-0:1.4.18-1.Final_redhat_00001.1.el7eap
eap7-ironjacamar-core-impl-0:1.4.18-1.Final_redhat_00001.1.el7eap
eap7-ironjacamar-deployers-common-0:1.4.18-1.Final_redhat_00001.1.el7eap
eap7-ironjacamar-jdbc-0:1.4.18-1.Final_redhat_00001.1.el7eap
eap7-ironjacamar-validator-0:1.4.18-1.Final_redhat_00001.1.el7eap
eap7-jboss-genericjms-0:2.0.2-1.Final_redhat_00001.1.el7eap
eap7-jboss-msc-0:1.4.11-1.Final_redhat_00001.1.el7eap
eap7-jboss-remoting-0:5.0.16-2.Final_redhat_00001.1.el7eap
eap7-jboss-server-migration-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-cli-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-core-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-eap6.4-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-eap7.0-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-eap7.1-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly10.0-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly10.1-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly11.0-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly12.0-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly8.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly9.0-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
eap7-jboss-xnio-base-0:3.7.6-2.SP1_redhat_00001.1.el7eap
eap7-picketbox-0:5.0.3-6.Final_redhat_00005.1.el7eap
eap7-picketbox-infinispan-0:5.0.3-6.Final_redhat_00005.1.el7eap
eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00009.1.el7eap
eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00009.1.el7eap
eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00009.1.el7eap
eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00009.1.el7eap
eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00009.1.el7eap
eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00009.1.el7eap
eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00009.1.el7eap
eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00009.1.el7eap
eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00009.1.el7eap
eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00009.1.el7eap
eap7-resteasy-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-atom-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-cdi-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-client-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-client-microprofile-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-crypto-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-jackson-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-jackson2-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-jaxb-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-jaxrs-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-jettison-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-jose-jwt-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-jsapi-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-json-binding-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-json-p-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-multipart-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-rxjava2-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-spring-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-validator-provider-11-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-resteasy-yaml-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
eap7-undertow-0:2.0.26-2.SP3_redhat_00001.1.el7eap
eap7-wildfly-0:7.2.5-4.GA_redhat_00002.1.el7eap
eap7-wildfly-elytron-0:1.6.5-1.Final_redhat_00001.1.el7eap
eap7-wildfly-elytron-tool-0:1.4.4-1.Final_redhat_00001.1.el7eap
eap7-wildfly-http-client-common-0:1.0.17-1.Final_redhat_00001.1.el7eap
eap7-wildfly-http-ejb-client-0:1.0.17-1.Final_redhat_00001.1.el7eap
eap7-wildfly-http-naming-client-0:1.0.17-1.Final_redhat_00001.1.el7eap
eap7-wildfly-http-transaction-client-0:1.0.17-1.Final_redhat_00001.1.el7eap
eap7-wildfly-java-jdk11-0:7.2.5-4.GA_redhat_00002.1.el7eap
eap7-wildfly-java-jdk8-0:7.2.5-4.GA_redhat_00002.1.el7eap
eap7-wildfly-javadocs-0:7.2.5-4.GA_redhat_00002.1.el7eap
eap7-wildfly-modules-0:7.2.5-4.GA_redhat_00002.1.el7eap
eap7-wildfly-openssl-0:1.0.8-1.Final_redhat_00001.1.el7eap
eap7-wildfly-openssl-java-0:1.0.8-1.Final_redhat_00001.1.el7eap
eap7-wildfly-openssl-linux-x86_64-0:1.0.8-5.Final_redhat_00001.1.el7eap
eap7-wildfly-openssl-linux-x86_64-debuginfo-0:1.0.8-5.Final_redhat_00001.1.el7eap
eap7-yasson-0:1.0.5-1.redhat_00001.1.el7eap
eap7-apache-cxf-0:3.2.10-1.redhat_00001.1.el8eap
eap7-apache-cxf-rt-0:3.2.10-1.redhat_00001.1.el8eap
eap7-apache-cxf-services-0:3.2.10-1.redhat_00001.1.el8eap
eap7-apache-cxf-tools-0:3.2.10-1.redhat_00001.1.el8eap
eap7-byte-buddy-0:1.9.11-1.redhat_00002.1.el8eap
eap7-glassfish-jsf-0:2.3.5-5.SP3_redhat_00003.1.el8eap
eap7-hal-console-0:3.0.17-2.Final_redhat_00001.1.el8eap
eap7-hibernate-0:5.3.13-1.Final_redhat_00001.1.el8eap
eap7-hibernate-core-0:5.3.13-1.Final_redhat_00001.1.el8eap
eap7-hibernate-entitymanager-0:5.3.13-1.Final_redhat_00001.1.el8eap
eap7-hibernate-envers-0:5.3.13-1.Final_redhat_00001.1.el8eap
eap7-hibernate-java8-0:5.3.13-1.Final_redhat_00001.1.el8eap
eap7-ironjacamar-0:1.4.18-1.Final_redhat_00001.1.el8eap
eap7-ironjacamar-common-api-0:1.4.18-1.Final_redhat_00001.1.el8eap
eap7-ironjacamar-common-impl-0:1.4.18-1.Final_redhat_00001.1.el8eap
eap7-ironjacamar-common-spi-0:1.4.18-1.Final_redhat_00001.1.el8eap
eap7-ironjacamar-core-api-0:1.4.18-1.Final_redhat_00001.1.el8eap
eap7-ironjacamar-core-impl-0:1.4.18-1.Final_redhat_00001.1.el8eap
eap7-ironjacamar-deployers-common-0:1.4.18-1.Final_redhat_00001.1.el8eap
eap7-ironjacamar-jdbc-0:1.4.18-1.Final_redhat_00001.1.el8eap
eap7-ironjacamar-validator-0:1.4.18-1.Final_redhat_00001.1.el8eap
eap7-jboss-genericjms-0:2.0.2-1.Final_redhat_00001.1.el8eap
eap7-jboss-msc-0:1.4.11-1.Final_redhat_00001.1.el8eap
eap7-jboss-remoting-0:5.0.16-2.Final_redhat_00001.1.el8eap
eap7-jboss-server-migration-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-cli-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-core-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-eap6.4-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-eap7.0-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-eap7.1-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly10.0-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly10.1-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly11.0-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly12.0-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly8.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly9.0-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
eap7-jboss-xnio-base-0:3.7.6-2.SP1_redhat_00001.1.el8eap
eap7-picketbox-0:5.0.3-6.Final_redhat_00005.1.el8eap
eap7-picketbox-infinispan-0:5.0.3-6.Final_redhat_00005.1.el8eap
eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00009.1.el8eap
eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00009.1.el8eap
eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00009.1.el8eap
eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00009.1.el8eap
eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00009.1.el8eap
eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00009.1.el8eap
eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00009.1.el8eap
eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00009.1.el8eap
eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00009.1.el8eap
eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00009.1.el8eap
eap7-resteasy-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-atom-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-cdi-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-client-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-client-microprofile-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-crypto-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-jackson-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-jackson2-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-jaxb-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-jaxrs-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-jettison-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-jose-jwt-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-jsapi-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-json-binding-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-json-p-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-multipart-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-rxjava2-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-spring-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-validator-provider-11-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-resteasy-yaml-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
eap7-undertow-0:2.0.26-2.SP3_redhat_00001.1.el8eap
eap7-wildfly-0:7.2.5-4.GA_redhat_00002.1.el8eap
eap7-wildfly-elytron-0:1.6.5-1.Final_redhat_00001.1.el8eap
eap7-wildfly-elytron-tool-0:1.4.4-1.Final_redhat_00001.1.el8eap
eap7-wildfly-http-client-common-0:1.0.17-1.Final_redhat_00001.1.el8eap
eap7-wildfly-http-ejb-client-0:1.0.17-1.Final_redhat_00001.1.el8eap
eap7-wildfly-http-naming-client-0:1.0.17-1.Final_redhat_00001.1.el8eap
eap7-wildfly-http-transaction-client-0:1.0.17-1.Final_redhat_00001.1.el8eap
eap7-wildfly-javadocs-0:7.2.5-4.GA_redhat_00002.1.el8eap
eap7-wildfly-modules-0:7.2.5-4.GA_redhat_00002.1.el8eap
eap7-wildfly-openssl-0:1.0.8-1.Final_redhat_00001.1.el8eap
eap7-wildfly-openssl-java-0:1.0.8-1.Final_redhat_00001.1.el8eap
eap7-wildfly-openssl-linux-x86_64-0:1.0.8-5.Final_redhat_00001.1.el8eap
eap7-wildfly-openssl-linux-x86_64-debuginfo-0:1.0.8-5.Final_redhat_00001.1.el8eap
eap7-yasson-0:1.0.5-1.redhat_00001.1.el8eap
rh-sso7-keycloak-0:4.8.15-1.Final_redhat_00001.1.el6sso
rh-sso7-keycloak-server-0:4.8.15-1.Final_redhat_00001.1.el6sso
rh-sso7-keycloak-0:4.8.15-1.Final_redhat_00001.1.el7sso
rh-sso7-keycloak-server-0:4.8.15-1.Final_redhat_00001.1.el7sso
rh-sso7-keycloak-0:4.8.15-1.Final_redhat_00001.1.el8sso
rh-sso7-keycloak-server-0:4.8.15-1.Final_redhat_00001.1.el8sso
buildah-0:1.9.0-5.module+el8.1.0+4240+893c1ab8
buildah-debuginfo-0:1.9.0-5.module+el8.1.0+4240+893c1ab8
buildah-debugsource-0:1.9.0-5.module+el8.1.0+4240+893c1ab8
buildah-tests-0:1.9.0-5.module+el8.1.0+4240+893c1ab8
buildah-tests-debuginfo-0:1.9.0-5.module+el8.1.0+4240+893c1ab8
cockpit-podman-0:4-1.module+el8.1.0+4081+b29780af
container-selinux-2:2.123.0-2.module+el8.1.0+4900+9d7326b8
containernetworking-plugins-0:0.8.1-3.module+el8.1.0+4881+045289ee
containernetworking-plugins-debuginfo-0:0.8.1-3.module+el8.1.0+4881+045289ee
containernetworking-plugins-debugsource-0:0.8.1-3.module+el8.1.0+4881+045289ee
containers-common-1:0.1.37-6.module+el8.1.0+4876+e678a192
fuse-overlayfs-0:0.4.1-1.module+el8.1.0+4081+b29780af
fuse-overlayfs-debuginfo-0:0.4.1-1.module+el8.1.0+4081+b29780af
fuse-overlayfs-debugsource-0:0.4.1-1.module+el8.1.0+4081+b29780af
oci-systemd-hook-1:0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af
oci-systemd-hook-debuginfo-1:0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af
oci-systemd-hook-debugsource-1:0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af
oci-umount-2:2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af
oci-umount-debuginfo-2:2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af
oci-umount-debugsource-2:2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af
podman-0:1.4.2-6.module+el8.1.0+4830+f49150d7
podman-debuginfo-0:1.4.2-6.module+el8.1.0+4830+f49150d7
podman-debugsource-0:1.4.2-6.module+el8.1.0+4830+f49150d7
podman-docker-0:1.4.2-6.module+el8.1.0+4830+f49150d7
podman-manpages-0:1.4.2-6.module+el8.1.0+4830+f49150d7
podman-remote-0:1.4.2-6.module+el8.1.0+4830+f49150d7
podman-remote-debuginfo-0:1.4.2-6.module+el8.1.0+4830+f49150d7
podman-tests-0:1.4.2-6.module+el8.1.0+4830+f49150d7
python-podman-api-0:1.2.0-0.1.gitd0a45fe.module+el8.1.0+4081+b29780af
runc-0:1.0.0-61.rc8.module+el8.1.0+4873+4a24e241
runc-debuginfo-0:1.0.0-61.rc8.module+el8.1.0+4873+4a24e241
runc-debugsource-0:1.0.0-61.rc8.module+el8.1.0+4873+4a24e241
skopeo-1:0.1.37-6.module+el8.1.0+4876+e678a192
skopeo-debuginfo-1:0.1.37-6.module+el8.1.0+4876+e678a192
skopeo-debugsource-1:0.1.37-6.module+el8.1.0+4876+e678a192
skopeo-tests-1:0.1.37-6.module+el8.1.0+4876+e678a192
slirp4netns-0:0.3.0-4.module+el8.1.0+4306+1d917805
slirp4netns-debuginfo-0:0.3.0-4.module+el8.1.0+4306+1d917805
slirp4netns-debugsource-0:0.3.0-4.module+el8.1.0+4306+1d917805
toolbox-0:0.0.4-1.module+el8.1.0+4081+b29780af
buildah-0:1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef
buildah-debuginfo-0:1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef
buildah-debugsource-0:1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef
container-selinux-2:2.94-1.git1e99f1d.module+el8.1.0+3468+011f0ab0
containernetworking-plugins-0:0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef
containernetworking-plugins-debuginfo-0:0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef
containernetworking-plugins-debugsource-0:0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef
containers-common-1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
fuse-overlayfs-0:0.3-5.module+el8.1.0+3468+011f0ab0
fuse-overlayfs-debuginfo-0:0.3-5.module+el8.1.0+3468+011f0ab0
fuse-overlayfs-debugsource-0:0.3-5.module+el8.1.0+3468+011f0ab0
oci-systemd-hook-1:0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0
oci-systemd-hook-debuginfo-1:0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0
oci-systemd-hook-debugsource-1:0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0
oci-umount-2:2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0
oci-umount-debuginfo-2:2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0
oci-umount-debugsource-2:2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0
podman-0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
podman-debuginfo-0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
podman-debugsource-0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
podman-docker-0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
runc-0:1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef
runc-debuginfo-0:1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef
runc-debugsource-0:1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef
skopeo-1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
skopeo-debuginfo-1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
skopeo-debugsource-1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
slirp4netns-0:0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48
slirp4netns-debuginfo-0:0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48
slirp4netns-debugsource-0:0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48
containernetworking-plugins-0:0.8.1-4.el7_7
containernetworking-plugins-debuginfo-0:0.8.1-4.el7_7

The Hacker News

id	THN:F6202F3C31F7C788D1830F976D0B2464
last seen	2019-08-14
modified	2019-08-14
published	2019-08-14
reporter	The Hacker News
source	https://thehackernews.com/2019/08/http2-dos-vulnerability.html
title	8 New HTTP/2 Implementation Flaws Expose Websites to DoS Attacks

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

Redhat

The Hacker News

References