[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#37838] [PATCH 1/2] cve: Rewrite to read the JSON feed instead of th
|
From: |
Ludovic Courtès |
|
Subject: |
[bug#37838] [PATCH 1/2] cve: Rewrite to read the JSON feed instead of the XML feed. |
|
Date: |
Sun, 20 Oct 2019 23:20:30 +0200 |
The XML feed was discontinued on Oct. 16th, 2019:
<https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3>
* guix/cve.scm (string->date*): New procedure.
(<cve-item>, <cve>, <cve-reference>): New record types.
(cpe-match->cve-configuration, configuration-data->cve-configurations)
(json->cve-items, version-matches?): New procedures.
(yearly-feed-uri): Change URL to refer to JSON feed.
(cpe->product-alist, %parse-vulnerability-feed)
(xml->vulnerabilities): Remove.
(cve-configuration->package-list, merge-package-lists)
(cve-item->vulnerability, json->vulnerabilities): New procedures.
(write-cache): Use 'json->vulnerabilities' instead of
'xml->vulnerabilities', and remove 'parameterize'.
(vulnerabilities->lookup-proc): Use 'version-matches?' when VERSION is
true.
* tests/cve.scm (%sample): Use 'tests/cve-sample.json'.
(%expected-vulnerabilities): Rewrite accordingly.
("json->cve-items", "cve-item-published-date")
("json->vulnerabilities"): New tests.
("xml->vulnerabilities"): Remove.
("vulnerabilities->lookup-proc"): Adjust to new vulnerabilities.
* tests/cve-sample.json: New file.
* tests/cve-sample.xml: Remove.
* Makefile.am (EXTRA_DIST): Adjust accordingly.
* doc/guix.texi (Invoking guix lint): Update nist.gov URLs.
---
Makefile.am | 2 +-
doc/guix.texi | 4 +-
guix/cve.scm | 376 ++++++++----
tests/cve-sample.json | 1279 +++++++++++++++++++++++++++++++++++++++++
tests/cve-sample.xml | 616 --------------------
tests/cve.scm | 83 ++-
6 files changed, 1605 insertions(+), 755 deletions(-)
create mode 100644 tests/cve-sample.json
delete mode 100644 tests/cve-sample.xml
diff --git a/Makefile.am b/Makefile.am
index 36767c2f47..b1f33946c5 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -564,7 +564,7 @@ EXTRA_DIST +=
\
tests/test.drv \
tests/signing-key.pub \
tests/signing-key.sec \
- tests/cve-sample.xml \
+ tests/cve-sample.json \
build-aux/config.rpath \
bootstrap \
doc/build.scm \
diff --git a/doc/guix.texi b/doc/guix.texi
index 6eccbb971f..d29be2da28 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -9484,7 +9484,7 @@ that limit has been reset.
@cindex CVE, Common Vulnerabilities and Exposures
Report known vulnerabilities found in the Common Vulnerabilities and
Exposures (CVE) databases of the current and past year
-@uref{https://nvd.nist.gov/download.cfm#CVE_FEED, published by the US
+@uref{https://nvd.nist.gov/vuln/data-feeds, published by the US
NIST}.
To view information about a particular vulnerability, visit pages such as:
@@ -9501,7 +9501,7 @@ where @code{CVE-YYYY-ABCD} is the CVE identifier---e.g.,
@code{CVE-2015-7554}.
Package developers can specify in package recipes the
-@uref{https://nvd.nist.gov/cpe.cfm,Common Platform Enumeration (CPE)}
+@uref{https://nvd.nist.gov/products/cpe,Common Platform Enumeration (CPE)}
name and version of the package when they differ from the name or version
that Guix uses, as in this example:
diff --git a/guix/cve.scm b/guix/cve.scm
index 99754fa1f6..903d94a8a6 100644
--- a/guix/cve.scm
+++ b/guix/cve.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2015, 2016, 2017, 2018 Ludovic Courtès <address@hidden>
+;;; Copyright © 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <address@hidden>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -19,21 +19,43 @@
(define-module (guix cve)
#:use-module (guix utils)
#:use-module (guix http-client)
- #:use-module (sxml ssax)
+ #:use-module (guix json)
+ #:use-module (guix i18n)
+ #:use-module (json)
#:use-module (web uri)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-9)
#:use-module (srfi srfi-11)
#:use-module (srfi srfi-19)
#:use-module (srfi srfi-26)
+ #:use-module (srfi srfi-34)
+ #:use-module (srfi srfi-35)
#:use-module (ice-9 match)
#:use-module (ice-9 regex)
#:use-module (ice-9 vlist)
- #:export (vulnerability?
+ #:export (json->cve-items
+
+ cve-item?
+ cve-item-cve
+ cve-item-configurations
+ cve-item-published-date
+ cve-item-last-modified-date
+
+ cve?
+ cve-id
+ cve-data-type
+ cve-data-format
+ cvs-references
+
+ cve-reference?
+ cve-reference-url
+ cve-reference-tags
+
+ vulnerability?
vulnerability-id
vulnerability-packages
- xml->vulnerabilities
+ json->vulnerabilities
current-vulnerabilities
vulnerabilities->lookup-proc))
@@ -41,15 +63,174 @@
;;;
;;; This modules provides the tools to fetch, parse, and digest part of the
;;; Common Vulnerabilities and Exposures (CVE) feeds provided by the US NIST
-;;; at <https://nvd.nist.gov/download.cfm#CVE_FEED>.
+;;; at <https://nvd.nist.gov/vuln/data-feeds>.
;;;
;;; Code:
-(define-record-type <vulnerability>
- (vulnerability id packages)
- vulnerability?
- (id vulnerability-id) ;string
- (packages vulnerability-packages)) ;((p1 v1 v2 v3) (p2 v1) ...)
+(define (string->date* str)
+ (string->date str "~Y-~m-~dT~H:~M~z"))
+
+(define-json-mapping <cve-item> cve-item cve-item?
+ json->cve-item
+ (cve cve-item-cve "cve" json->cve) ;<cve>
+ (configurations cve-item-configurations ;list of sexps
+ "configurations" configuration-data->cve-configurations)
+ (published-date cve-item-published-date
+ "publishedDate" string->date*)
+ (last-modified-date cve-item-last-modified-date
+ "lastModifiedDate" string->date*))
+
+(define-json-mapping <cve> cve cve?
+ json->cve
+ (id cve-id "CVE_data_meta" ;string
+ (cut assoc-ref <> "ID"))
+ (data-type cve-data-type ;'CVE
+ "data_type" string->symbol)
+ (data-format cve-data-format ;'MITRE
+ "data_format" string->symbol)
+ (references cve-item-references ;list of <cve-reference>
+ "references" reference-data->cve-references))
+
+(define-json-mapping <cve-reference> cve-reference cve-reference?
+ json->cve-reference
+ (url cve-reference-url) ;string
+ (tags cve-reference-tags ;list of strings
+ "tags" vector->list))
+
+(define (reference-data->cve-references alist)
+ (map json->cve-reference
+ (vector->list (assoc-ref alist "reference_data"))))
+
+(define %cpe-package-rx
+ ;; For applications: "cpe:2.3:a:VENDOR:PACKAGE:VERSION", or sometimes
+ ;; "cpe:2.3:a:VENDOR:PACKAGE:VERSION:PATCH-LEVEL".
+ (make-regexp "^cpe:2\\.3:a:([^:]+):([^:]+):([^:]+):([^:]+):"))
+
+(define (cpe->package-name cpe)
+ "Converts the Common Platform Enumeration (CPE) string CPE to a package
+name, in a very naive way. Return two values: the package name, and its
+version string. Return #f and #f if CPE does not look like an application CPE
+string."
+ (cond ((regexp-exec %cpe-package-rx cpe)
+ =>
+ (lambda (matches)
+ (values (match:substring matches 2)
+ (match (match:substring matches 3)
+ ("*" '_)
+ (version
+ (string-append version
+ (match (match:substring matches 4)
+ ("" "")
+ (patch-level
+ ;; Drop the colon from things like
+ ;; "cpe:2.3:a:openbsd:openssh:6.8:p1".
+ (string-drop patch-level 1)))))))))
+ (else
+ (values #f #f))))
+
+(define (cpe-match->cve-configuration alist)
+ "Convert ALIST, a \"cpe_match\" alist, into an sexp representing the package
+and versions matched. Return #f if ALIST doesn't correspond to an application
+package."
+ (let ((cpe (assoc-ref alist "cpe23Uri"))
+ (starti (assoc-ref alist "versionStartIncluding"))
+ (starte (assoc-ref alist "versionStartExcluding"))
+ (endi (assoc-ref alist "versionEndIncluding"))
+ (ende (assoc-ref alist "versionEndExcluding")))
+ (let-values (((package version) (cpe->package-name cpe)))
+ (and package
+ `(,package
+ ,(cond ((and (or starti starte) (or endi ende))
+ `(and ,(if starti `(>= ,starti) `(> ,starte))
+ ,(if endi `(<= ,endi) `(< ,ende))))
+ (starti `(>= ,starti))
+ (starte `(> ,starte))
+ (endi `(<= ,endi))
+ (ende `(< ,ende))
+ (else version)))))))
+
+(define (configuration-data->cve-configurations alist)
+ "Given ALIST, a JSON dictionary for the baroque \"configurations\"
+element found in CVEs, return an sexp such as (\"binutils\" (<
+\"2.31\")) that represents matching configurations."
+ (define string->operator
+ (match-lambda
+ ("OR" 'or)
+ ("AND" 'and)))
+
+ (define (node->configuration node)
+ (let ((operator (string->operator (assoc-ref node "operator"))))
+ (cond
+ ((assoc-ref node "cpe_match")
+ =>
+ (lambda (matches)
+ (let ((matches (vector->list matches)))
+ (match (filter-map cpe-match->cve-configuration
+ matches)
+ (() #f)
+ ((one) one)
+ (lst (cons operator lst))))))
+ ((assoc-ref node "children") ;typically for 'and'
+ =>
+ (lambda (children)
+ (match (filter-map node->configuration (vector->list children))
+ (() #f)
+ ((one) one)
+ (lst (cons operator lst)))))
+ (else
+ #f))))
+
+ (let ((nodes (vector->list (assoc-ref alist "nodes"))))
+ (filter-map node->configuration nodes)))
+
+(define (json->cve-items json)
+ "Parse JSON, an input port or a string, and return a list of <cve-item>
+records."
+ (let* ((alist (json->scm json))
+ (type (assoc-ref alist "CVE_data_type"))
+ (format (assoc-ref alist "CVE_data_format"))
+ (version (assoc-ref alist "CVE_data_version")))
+ (unless (equal? type "CVE")
+ (raise (condition (&message
+ (message "invalid CVE feed")))))
+ (unless (equal? format "MITRE")
+ (raise (condition
+ (&message
+ (message (format #f (G_ "unsupported CVE format: '~a'")
+ format))))))
+ (unless (equal? version "4.0")
+ (raise (condition
+ (&message
+ (message (format #f (G_ "unsupported CVE data version: '~a'")
+ version))))))
+
+ (map json->cve-item
+ (vector->list (assoc-ref alist "CVE_Items")))))
+
+(define (version-matches? version sexp)
+ "Return true if VERSION, a string, matches SEXP."
+ (match sexp
+ ('_
+ #t)
+ ((? string? expected)
+ (version-prefix? expected version))
+ (('or sexps ...)
+ (any (cut version-matches? version <>) sexps))
+ (('and sexps ...)
+ (every (cut version-matches? version <>) sexps))
+ (('< max)
+ (version>? max version))
+ (('<= max)
+ (version>=? max version))
+ (('> min)
+ (version>? version min))
+ (('>= min)
+ (version>=? version min))))
+
+�
+;;;
+;;; High-level interface.
+;;;
(define %now
(current-date))
@@ -61,8 +242,8 @@
(define (yearly-feed-uri year)
"Return the URI for the CVE feed for YEAR."
(string->uri
- (string-append "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-";
- (number->string year) ".xml.gz")))
+ (string-append "https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-";
+ (number->string year) ".json.gz")))
(define %current-year-ttl
;; According to <https://nvd.nist.gov/download.cfm#CVE_FEED>, feeds are
@@ -73,102 +254,11 @@
;; Update the previous year's database more and more infrequently.
(* 3600 24 (date-month %now)))
-(define %cpe-package-rx
- ;; For applications: "cpe:/a:VENDOR:PACKAGE:VERSION", or sometimes
- ;; "cpe/a:VENDOR:PACKAGE:VERSION:PATCH-LEVEL".
- (make-regexp "^cpe:/a:([^:]+):([^:]+):([^:]+)((:.+)?)"))
-
-(define (cpe->package-name cpe)
- "Converts the Common Platform Enumeration (CPE) string CPE to a package
-name, in a very naive way. Return two values: the package name, and its
-version string. Return #f and #f if CPE does not look like an application CPE
-string."
- (cond ((regexp-exec %cpe-package-rx (string-trim-both cpe))
- =>
- (lambda (matches)
- (values (match:substring matches 2)
- (string-append (match:substring matches 3)
- (match (match:substring matches 4)
- ("" "")
- (patch-level
- ;; Drop the colon from things like
- ;; "cpe:/a:openbsd:openssh:6.8:p1".
- (string-drop patch-level 1)))))))
- (else
- (values #f #f))))
-
-(define (cpe->product-alist products)
- "Given PRODUCTS, a list of CPE names, return the subset limited to the
-applications listed in PRODUCTS, with names converted to package names:
-
- (cpe->product-alist
- '(\"cpe:/a:gnu:libtasn1:4.7\" \"cpe:/a:gnu:libtasn1:4.6\"
\"cpe:/a:gnu:cpio:2.11\"))
- => ((\"libtasn1\" \"4.7\" \"4.6\") (\"cpio\" \"2.11\"))
-"
- (fold (lambda (product result)
- (let-values (((name version) (cpe->package-name product)))
- (if name
- (match result
- (((previous . versions) . tail)
- ;; Attempt to coalesce NAME and PREVIOUS.
- (if (string=? name previous)
- (alist-cons name (cons version versions) tail)
- (alist-cons name (list version) result)))
- (()
- (alist-cons name (list version) result)))
- result)))
- '()
- (sort products string<?)))
-
-(define %parse-vulnerability-feed
- ;; Parse the XML vulnerability feed from
- ;; <https://nvd.nist.gov/download.cfm#CVE_FEED> and return a list of
- ;; vulnerability objects.
- (ssax:make-parser NEW-LEVEL-SEED
- (lambda (elem-gi attributes namespaces expected-content
- seed)
- (match elem-gi
- ((name-space . 'entry)
- (cons (assoc-ref attributes 'id) seed))
- ((name-space . 'vulnerable-software-list)
- (cons '() seed))
- ((name-space . 'product)
- (cons 'product seed))
- (x seed)))
-
- FINISH-ELEMENT
- (lambda (elem-gi attributes namespaces parent-seed
- seed)
- (match elem-gi
- ((name-space . 'entry)
- (match seed
- (((? string? id) . rest)
- ;; Some entries have no vulnerable-software-list.
- rest)
- ((products id . rest)
- (match (cpe->product-alist products)
- (()
- ;; No application among PRODUCTS.
- rest)
- (packages
- (cons (vulnerability id packages)
- rest))))))
- (x
- seed)))
-
- CHAR-DATA-HANDLER
- (lambda (str _ seed)
- (match seed
- (('product software-list . rest)
- ;; Add STR to the vulnerable software list this
- ;; <product> tag is part of.
- (cons (cons str software-list) rest))
- (x x)))))
-
-(define (xml->vulnerabilities port)
- "Read from PORT an XML feed of vulnerabilities and return a list of
-vulnerability objects."
- (reverse (%parse-vulnerability-feed port '())))
+(define-record-type <vulnerability>
+ (vulnerability id packages)
+ vulnerability?
+ (id vulnerability-id) ;string
+ (packages vulnerability-packages)) ;((p1 sexp1) (p2 sexp2) ...)
(define vulnerability->sexp
(match-lambda
@@ -180,16 +270,70 @@ vulnerability objects."
(('v id (packages ...))
(vulnerability id packages))))
+(define (cve-configuration->package-list config)
+ "Parse CONFIG, a config sexp, and return a list of the form (P SEXP)
+where P is a package name and SEXP expresses constraints on the matching
+versions."
+ (let loop ((config config)
+ (packages '()))
+ (match config
+ (('or configs ...)
+ (fold loop packages configs))
+ (('and config _ ...) ;XXX
+ (loop config packages))
+ (((? string? package) '_) ;any version
+ (cons `(,package _)
+ (alist-delete package packages)))
+ (((? string? package) sexp)
+ (let ((previous (assoc-ref packages package)))
+ (if previous
+ (cons `(,package (or ,sexp ,@previous))
+ (alist-delete package packages))
+ (cons `(,package ,sexp) packages)))))))
+
+(define (merge-package-lists lst)
+ "Merge the list in LST, each of which has the form (p sexp), where P
+is the name of a package and SEXP is an sexp that constrains matching
+versions."
+ (fold (lambda (plist result) ;XXX: quadratic
+ (fold (match-lambda*
+ (((package version) result)
+ (match (assoc-ref result package)
+ (#f
+ (cons `(,package ,version) result))
+ ((previous)
+ (cons `(,package (or ,version ,previous))
+ (alist-delete package result))))))
+ result
+ plist))
+ '()
+ lst))
+
+(define (cve-item->vulnerability item)
+ "Return a <vulnerability> corresponding to ITEM, a <cve-item> record;
+return #f if ITEM does not list any configuration or if it does not list
+any \"a\" (application) configuration."
+ (let ((id (cve-id (cve-item-cve item))))
+ (match (cve-item-configurations item)
+ (() ;no configurations
+ #f)
+ ((configs ...)
+ (vulnerability id
+ (merge-package-lists
+ (map cve-configuration->package-list configs)))))))
+
+(define (json->vulnerabilities json)
+ "Parse JSON, an input port or a string, and return the list of
+vulnerabilities found therein."
+ (filter-map cve-item->vulnerability (json->cve-items json)))
+
(define (write-cache input cache)
- "Read vulnerabilities as gzipped XML from INPUT, and write it as a compact
+ "Read vulnerabilities as gzipped JSON from INPUT, and write it as a compact
sexp to CACHE."
(call-with-decompressed-port 'gzip input
(lambda (input)
- ;; XXX: The SSAX "error port" is used to send pointless warnings such as
- ;; "warning: Skipping PI". Turn that off.
(define vulns
- (parameterize ((current-ssax-error-port (%make-void-port "w")))
- (xml->vulnerabilities input)))
+ (json->vulnerabilities input))
(write `(vulnerabilities
1 ;format version
@@ -215,7 +359,7 @@ the given TTL (fetch from the NIST web site when TTL has
expired)."
(lambda ()
(read-options options)))))
- ;; Note: We used to keep the original XML files in cache but parsing it
+ ;; Note: We used to keep the original JSON files in cache but parsing it
;; would take typically ~15s for a year of data. Thus, we instead store a
;; summarized version thereof as an sexp, which can be parsed in 1s or so.
(let* ((port (http-fetch/cached (yearly-feed-uri year)
@@ -269,8 +413,8 @@ vulnerabilities affecting the given package version."
(vhash-fold* (if version
(lambda (pair result)
(match pair
- ((vuln . versions)
- (if (member version versions)
+ ((vuln sexp)
+ (if (version-matches? version sexp)
(cons vuln result)
result))))
(lambda (pair result)
diff --git a/tests/cve-sample.json b/tests/cve-sample.json
new file mode 100644
index 0000000000..39816f9dd4
--- /dev/null
+++ b/tests/cve-sample.json
@@ -0,0 +1,1279 @@
+{
+ "CVE_data_type" : "CVE",
+ "CVE_data_format" : "MITRE",
+ "CVE_data_version" : "4.0",
+ "CVE_data_numberOfCVEs" : "9826",
+ "CVE_data_timestamp" : "2019-10-17T07:00Z",
+ "CVE_Items" : [ {
+ "cve" : {
+ "data_type" : "CVE",
+ "data_format" : "MITRE",
+ "data_version" : "4.0",
+ "CVE_data_meta" : {
+ "ID" : "CVE-2019-0001",
+ "ASSIGNER" : "address@hidden"
+ },
+ "problemtype" : {
+ "problemtype_data" : [ {
+ "description" : [ {
+ "lang" : "en",
+ "value" : "CWE-400"
+ } ]
+ } ]
+ },
+ "references" : {
+ "reference_data" : [ {
+ "url" : "http://www.securityfocus.com/bid/106541";,
+ "name" : "106541",
+ "refsource" : "BID",
+ "tags" : [ "Third Party Advisory", "VDB Entry" ]
+ }, {
+ "url" : "https://kb.juniper.net/JSA10900";,
+ "name" : "https://kb.juniper.net/JSA10900";,
+ "refsource" : "CONFIRM",
+ "tags" : [ "Vendor Advisory" ]
+ } ]
+ },
+ "description" : {
+ "description_data" : [ {
+ "lang" : "en",
+ "value" : "Receipt of a malformed packet on MX Series devices with
dynamic vlan configuration can trigger an uncontrolled recursion loop in the
Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU
usage and a crash of the bbe-smgd service. Repeated receipt of the same packet
can result in an extended denial of service condition for the device. Affected
releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S1; 16.2
versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2
versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S1; 17.4 versions prior
to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2."
+ } ]
+ }
+ },
+ "configurations" : {
+ "CVE_data_version" : "4.0",
+ "nodes" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*"
+ } ]
+ } {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.2:*:*:*:*:*:*:*"
+ } ]
+ }, {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.1:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.1:r2:*:*:*:*:*:*"
+ } ]
+ }, {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:a:juniper:junos:18.2:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:a:juniper:junos:18.2:r1-s3:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:a:juniper:junos:18.2:r1-s4:*:*:*:*:*:*"
+ } ]
+ } ]
+ },
+ "impact" : {
+ "baseMetricV3" : {
+ "cvssV3" : {
+ "version" : "3.0",
+ "vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "attackVector" : "NETWORK",
+ "attackComplexity" : "HIGH",
+ "privilegesRequired" : "NONE",
+ "userInteraction" : "NONE",
+ "scope" : "UNCHANGED",
+ "confidentialityImpact" : "NONE",
+ "integrityImpact" : "NONE",
+ "availabilityImpact" : "HIGH",
+ "baseScore" : 5.9,
+ "baseSeverity" : "MEDIUM"
+ },
+ "exploitabilityScore" : 2.2,
+ "impactScore" : 3.6
+ },
+ "baseMetricV2" : {
+ "cvssV2" : {
+ "version" : "2.0",
+ "vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "accessVector" : "NETWORK",
+ "accessComplexity" : "MEDIUM",
+ "authentication" : "NONE",
+ "confidentialityImpact" : "NONE",
+ "integrityImpact" : "NONE",
+ "availabilityImpact" : "COMPLETE",
+ "baseScore" : 7.1
+ },
+ "severity" : "HIGH",
+ "exploitabilityScore" : 8.6,
+ "impactScore" : 6.9,
+ "acInsufInfo" : false,
+ "obtainAllPrivilege" : false,
+ "obtainUserPrivilege" : false,
+ "obtainOtherPrivilege" : false,
+ "userInteractionRequired" : false
+ }
+ },
+ "publishedDate" : "2019-01-15T21:29Z",
+ "lastModifiedDate" : "2019-10-09T23:43Z"
+ }, {
+ "cve" : {
+ "data_type" : "CVE",
+ "data_format" : "MITRE",
+ "data_version" : "4.0",
+ "CVE_data_meta" : {
+ "ID" : "CVE-2019-0005",
+ "ASSIGNER" : "address@hidden"
+ },
+ "problemtype" : {
+ "problemtype_data" : [ {
+ "description" : [ {
+ "lang" : "en",
+ "value" : "CWE-400"
+ } ]
+ } ]
+ },
+ "references" : {
+ "reference_data" : [ {
+ "url" : "http://www.securityfocus.com/bid/106665";,
+ "name" : "106665",
+ "refsource" : "BID",
+ "tags" : [ "Third Party Advisory" ]
+ }, {
+ "url" : "https://kb.juniper.net/JSA10905";,
+ "name" : "https://kb.juniper.net/JSA10905";,
+ "refsource" : "CONFIRM",
+ "tags" : [ "Vendor Advisory" ]
+ } ]
+ },
+ "description" : {
+ "description_data" : [ {
+ "lang" : "en",
+ "value" : "On EX2300, EX3400, EX4600, QFX3K and QFX5K series,
firewall filter configuration cannot perform packet matching on any IPv6
extension headers. This issue may allow IPv6 packets that should have been
blocked to be forwarded. IPv4 packet filtering is unaffected by this
vulnerability. Affected releases are Juniper Networks Junos OS on EX and QFX
series;: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R7;
15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 series; 15.1X53
versions prior to 15.1X53-D591 on EX2300/EX3400 series; 16.1 versions prior to
16.1R7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to
17.2R3; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1
versions prior to 18.1R2."
+ } ]
+ }
+ },
+ "configurations" : {
+ "CVE_data_version" : "4.0",
+ "nodes" : [ {
+ "operator" : "AND",
+ "children" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d42:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d43:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d44:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*"
+ } ]
+ }, {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*"
+ } ]
+ } ]
+ }, {
+ "operator" : "AND",
+ "children" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*"
+ } ]
+ }, {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*"
+ } ]
+ } ]
+ }, {
+ "operator" : "AND",
+ "children" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d51:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d52:*:*:*:*:*:*"
+ } ]
+ }, {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*"
+ } ]
+ } ]
+ }, {
+ "operator" : "AND",
+ "children" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d230:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d234:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d51:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d52:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d55:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d57:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d58:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d59:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:15.1x53:d590:*:*:*:*:*:*"
+ } ]
+ }, {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*"
+ } ]
+ } ]
+ }, {
+ "operator" : "AND",
+ "children" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r3-s10:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r6:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r6-s6:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:*"
+ } ]
+ }, {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*"
+ } ]
+ } ]
+ }, {
+ "operator" : "AND",
+ "children" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.1:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*"
+ } ]
+ }, {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*"
+ } ]
+ } ]
+ }, {
+ "operator" : "AND",
+ "children" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.2:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.2:r1-s7:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*"
+ } ]
+ }, {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*"
+ } ]
+ } ]
+ }, {
+ "operator" : "AND",
+ "children" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*"
+ } ]
+ }, {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:gfx3600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*"
+ } ]
+ } ]
+ }, {
+ "operator" : "AND",
+ "children" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*"
+ } ]
+ }, {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*"
+ } ]
+ } ]
+ }, {
+ "operator" : "AND",
+ "children" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:a:juniper:junos:18.1:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:a:juniper:junos:18.1:r1:*:*:*:*:*:*"
+ } ]
+ }, {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*"
+ }, {
+ "vulnerable" : false,
+ "cpe23Uri" : "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*"
+ } ]
+ } ]
+ } ]
+ },
+ "impact" : {
+ "baseMetricV3" : {
+ "cvssV3" : {
+ "version" : "3.0",
+ "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+ "attackVector" : "NETWORK",
+ "attackComplexity" : "LOW",
+ "privilegesRequired" : "NONE",
+ "userInteraction" : "NONE",
+ "scope" : "UNCHANGED",
+ "confidentialityImpact" : "NONE",
+ "integrityImpact" : "LOW",
+ "availabilityImpact" : "NONE",
+ "baseScore" : 5.3,
+ "baseSeverity" : "MEDIUM"
+ },
+ "exploitabilityScore" : 3.9,
+ "impactScore" : 1.4
+ },
+ "baseMetricV2" : {
+ "cvssV2" : {
+ "version" : "2.0",
+ "vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "accessVector" : "NETWORK",
+ "accessComplexity" : "LOW",
+ "authentication" : "NONE",
+ "confidentialityImpact" : "NONE",
+ "integrityImpact" : "PARTIAL",
+ "availabilityImpact" : "NONE",
+ "baseScore" : 5.0
+ },
+ "severity" : "MEDIUM",
+ "exploitabilityScore" : 10.0,
+ "impactScore" : 2.9,
+ "acInsufInfo" : false,
+ "obtainAllPrivilege" : false,
+ "obtainUserPrivilege" : false,
+ "obtainOtherPrivilege" : false,
+ "userInteractionRequired" : false
+ }
+ },
+ "publishedDate" : "2019-01-15T21:29Z",
+ "lastModifiedDate" : "2019-02-14T18:40Z"
+ }, {
+ "cve" : {
+ "data_type" : "CVE",
+ "data_format" : "MITRE",
+ "data_version" : "4.0",
+ "CVE_data_meta" : {
+ "ID" : "CVE-2019-14811",
+ "ASSIGNER" : "address@hidden"
+ },
+ "problemtype" : {
+ "problemtype_data" : [ {
+ "description" : [ {
+ "lang" : "en",
+ "value" : "CWE-264"
+ } ]
+ } ]
+ },
+ "references" : {
+ "reference_data" : [ {
+ "url" :
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html";,
+ "name" : "openSUSE-SU-2019:2223",
+ "refsource" : "SUSE",
+ "tags" : [ ]
+ }, {
+ "url" :
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00090.html";,
+ "name" : "openSUSE-SU-2019:2222",
+ "refsource" : "SUSE",
+ "tags" : [ ]
+ }, {
+ "url" : "https://access.redhat.com/errata/RHBA-2019:2824";,
+ "name" : "RHBA-2019:2824",
+ "refsource" : "REDHAT",
+ "tags" : [ ]
+ }, {
+ "url" : "https://access.redhat.com/errata/RHSA-2019:2594";,
+ "name" : "RHSA-2019:2594",
+ "refsource" : "REDHAT",
+ "tags" : [ ]
+ }, {
+ "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14811";,
+ "name" :
"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14811";,
+ "refsource" : "CONFIRM",
+ "tags" : [ "Exploit", "Issue Tracking", "Mitigation", "Patch",
"Third Party Advisory" ]
+ }, {
+ "url" :
"https://lists.debian.org/debian-lts-announce/2019/09/msg00007.html";,
+ "name" : "[debian-lts-announce] 20190909 [SECURITY] [DLA 1915-1]
ghostscript security update",
+ "refsource" : "MLIST",
+ "tags" : [ ]
+ }, {
+ "url" :
"https://lists.fedoraproject.org/archives/list/address@hidden/message/6AATIHU32MYKUOXQDJQU4X4DDVL7NAY3/";,
+ "name" : "FEDORA-2019-ebd6c4f15a",
+ "refsource" : "FEDORA",
+ "tags" : [ ]
+ }, {
+ "url" :
"https://lists.fedoraproject.org/archives/list/address@hidden/message/LBUC4DBBJTRFNCR3IODBV4IXB2C2HI3V/";,
+ "name" : "FEDORA-2019-0a9d525d71",
+ "refsource" : "FEDORA",
+ "tags" : [ ]
+ }, {
+ "url" :
"https://lists.fedoraproject.org/archives/list/address@hidden/message/ZP34D27RKYV2POJ3NJLSVCHUA5V5C45A/";,
+ "name" : "FEDORA-2019-953fc0f16d",
+ "refsource" : "FEDORA",
+ "tags" : [ ]
+ }, {
+ "url" : "https://seclists.org/bugtraq/2019/Sep/15";,
+ "name" : "20190910 [SECURITY] [DSA 4518-1] ghostscript security
update",
+ "refsource" : "BUGTRAQ",
+ "tags" : [ ]
+ }, {
+ "url" : "https://www.debian.org/security/2019/dsa-4518";,
+ "name" : "DSA-4518",
+ "refsource" : "DEBIAN",
+ "tags" : [ ]
+ } ]
+ },
+ "description" : {
+ "description_data" : [ {
+ "lang" : "en",
+ "value" : "A flaw was found in, ghostscript versions prior to 9.28,
in the .pdf_hook_DSC_Creator procedure where it did not properly secure its
privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A
specially crafted PostScript file could disable security protection and then
have access to the file system, or execute arbitrary commands."
+ } ]
+ }
+ },
+ "configurations" : {
+ "CVE_data_version" : "4.0",
+ "nodes" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*",
+ "versionEndExcluding" : "9.28"
+ } ]
+ } ]
+ },
+ "impact" : {
+ "baseMetricV3" : {
+ "cvssV3" : {
+ "version" : "3.0",
+ "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "attackVector" : "LOCAL",
+ "attackComplexity" : "LOW",
+ "privilegesRequired" : "NONE",
+ "userInteraction" : "REQUIRED",
+ "scope" : "UNCHANGED",
+ "confidentialityImpact" : "HIGH",
+ "integrityImpact" : "HIGH",
+ "availabilityImpact" : "HIGH",
+ "baseScore" : 7.8,
+ "baseSeverity" : "HIGH"
+ },
+ "exploitabilityScore" : 1.8,
+ "impactScore" : 5.9
+ },
+ "baseMetricV2" : {
+ "cvssV2" : {
+ "version" : "2.0",
+ "vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "accessVector" : "NETWORK",
+ "accessComplexity" : "MEDIUM",
+ "authentication" : "NONE",
+ "confidentialityImpact" : "PARTIAL",
+ "integrityImpact" : "PARTIAL",
+ "availabilityImpact" : "PARTIAL",
+ "baseScore" : 6.8
+ },
+ "severity" : "MEDIUM",
+ "exploitabilityScore" : 8.6,
+ "impactScore" : 6.4,
+ "acInsufInfo" : false,
+ "obtainAllPrivilege" : false,
+ "obtainUserPrivilege" : false,
+ "obtainOtherPrivilege" : false,
+ "userInteractionRequired" : true
+ }
+ },
+ "publishedDate" : "2019-09-03T16:15Z",
+ "lastModifiedDate" : "2019-09-10T03:15Z"
+ }, {
+ "cve" : {
+ "data_type" : "CVE",
+ "data_format" : "MITRE",
+ "data_version" : "4.0",
+ "CVE_data_meta" : {
+ "ID" : "CVE-2019-17365",
+ "ASSIGNER" : "address@hidden"
+ },
+ "problemtype" : {
+ "problemtype_data" : [ {
+ "description" : [ {
+ "lang" : "en",
+ "value" : "CWE-276"
+ } ]
+ } ]
+ },
+ "references" : {
+ "reference_data" : [ {
+ "url" : "http://www.openwall.com/lists/oss-security/2019/10/09/4";,
+ "name" : "http://www.openwall.com/lists/oss-security/2019/10/09/4";,
+ "refsource" : "MISC",
+ "tags" : [ "Exploit", "Mailing List", "Third Party Advisory" ]
+ }, {
+ "url" : "http://www.openwall.com/lists/oss-security/2019/10/10/1";,
+ "name" : "[oss-security] 20191010 Re: CVE-2019-17365: Nix per-user
profile directory hijack",
+ "refsource" : "MLIST",
+ "tags" : [ "Third Party Advisory" ]
+ } ]
+ },
+ "description" : {
+ "description_data" : [ {
+ "lang" : "en",
+ "value" : "Nix through 2.3 allows local users to gain access to an
arbitrary user's account because the parent directory of the user-profile
directories is world writable."
+ } ]
+ }
+ },
+ "configurations" : {
+ "CVE_data_version" : "4.0",
+ "nodes" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:a:nixos:nix:*:*:*:*:*:*:*:*",
+ "versionEndIncluding" : "2.3"
+ } ]
+ } ]
+ },
+ "impact" : {
+ "baseMetricV3" : {
+ "cvssV3" : {
+ "version" : "3.1",
+ "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "attackVector" : "LOCAL",
+ "attackComplexity" : "LOW",
+ "privilegesRequired" : "LOW",
+ "userInteraction" : "NONE",
+ "scope" : "UNCHANGED",
+ "confidentialityImpact" : "HIGH",
+ "integrityImpact" : "HIGH",
+ "availabilityImpact" : "HIGH",
+ "baseScore" : 7.8,
+ "baseSeverity" : "HIGH"
+ },
+ "exploitabilityScore" : 1.8,
+ "impactScore" : 5.9
+ },
+ "baseMetricV2" : {
+ "cvssV2" : {
+ "version" : "2.0",
+ "vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "accessVector" : "LOCAL",
+ "accessComplexity" : "LOW",
+ "authentication" : "NONE",
+ "confidentialityImpact" : "PARTIAL",
+ "integrityImpact" : "PARTIAL",
+ "availabilityImpact" : "PARTIAL",
+ "baseScore" : 4.6
+ },
+ "severity" : "MEDIUM",
+ "exploitabilityScore" : 3.9,
+ "impactScore" : 6.4,
+ "acInsufInfo" : false,
+ "obtainAllPrivilege" : false,
+ "obtainUserPrivilege" : false,
+ "obtainOtherPrivilege" : false,
+ "userInteractionRequired" : false
+ }
+ },
+ "publishedDate" : "2019-10-09T22:15Z",
+ "lastModifiedDate" : "2019-10-11T13:19Z"
+ }, {
+ "cve" : {
+ "data_type" : "CVE",
+ "data_format" : "MITRE",
+ "data_version" : "4.0",
+ "CVE_data_meta" : {
+ "ID" : "CVE-2019-1010180",
+ "ASSIGNER" : "address@hidden"
+ },
+ "problemtype" : {
+ "problemtype_data" : [ {
+ "description" : [ {
+ "lang" : "en",
+ "value" : "CWE-119"
+ } ]
+ } ]
+ },
+ "references" : {
+ "reference_data" : [ {
+ "url" : "http://www.securityfocus.com/bid/109367";,
+ "name" : "109367",
+ "refsource" : "BID",
+ "tags" : [ "Third Party Advisory", "VDB Entry" ]
+ }, {
+ "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23657";,
+ "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23657";,
+ "refsource" : "MISC",
+ "tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
+ } ]
+ },
+ "description" : {
+ "description_data" : [ {
+ "lang" : "en",
+ "value" : "GNU gdb All versions is affected by: Buffer Overflow -
Out of bound memory access. The impact is: Deny of Service, Memory Disclosure,
and Possible Code Execution. The component is: The main gdb module. The attack
vector is: Open an ELF for debugging. The fixed version is: Not fixed yet."
+ } ]
+ }
+ },
+ "configurations" : {
+ "CVE_data_version" : "4.0",
+ "nodes" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:a:gnu:gdb:*:*:*:*:*:*:*:*"
+ } ]
+ } ]
+ },
+ "impact" : {
+ "baseMetricV3" : {
+ "cvssV3" : {
+ "version" : "3.0",
+ "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "attackVector" : "LOCAL",
+ "attackComplexity" : "LOW",
+ "privilegesRequired" : "NONE",
+ "userInteraction" : "REQUIRED",
+ "scope" : "UNCHANGED",
+ "confidentialityImpact" : "HIGH",
+ "integrityImpact" : "HIGH",
+ "availabilityImpact" : "HIGH",
+ "baseScore" : 7.8,
+ "baseSeverity" : "HIGH"
+ },
+ "exploitabilityScore" : 1.8,
+ "impactScore" : 5.9
+ },
+ "baseMetricV2" : {
+ "cvssV2" : {
+ "version" : "2.0",
+ "vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "accessVector" : "NETWORK",
+ "accessComplexity" : "MEDIUM",
+ "authentication" : "NONE",
+ "confidentialityImpact" : "PARTIAL",
+ "integrityImpact" : "PARTIAL",
+ "availabilityImpact" : "PARTIAL",
+ "baseScore" : 6.8
+ },
+ "severity" : "MEDIUM",
+ "exploitabilityScore" : 8.6,
+ "impactScore" : 6.4,
+ "acInsufInfo" : false,
+ "obtainAllPrivilege" : false,
+ "obtainUserPrivilege" : false,
+ "obtainOtherPrivilege" : false,
+ "userInteractionRequired" : true
+ }
+ },
+ "publishedDate" : "2019-07-24T13:15Z",
+ "lastModifiedDate" : "2019-08-01T15:39Z"
+ }, {
+ "cve" : {
+ "data_type" : "CVE",
+ "data_format" : "MITRE",
+ "data_version" : "4.0",
+ "CVE_data_meta" : {
+ "ID" : "CVE-2019-1010204",
+ "ASSIGNER" : "address@hidden"
+ },
+ "problemtype" : {
+ "problemtype_data" : [ {
+ "description" : [ {
+ "lang" : "en",
+ "value" : "CWE-125"
+ }, {
+ "lang" : "en",
+ "value" : "CWE-20"
+ } ]
+ } ]
+ },
+ "references" : {
+ "reference_data" : [ {
+ "url" : "https://security.netapp.com/advisory/ntap-20190822-0001/";,
+ "name" : "https://security.netapp.com/advisory/ntap-20190822-0001/";,
+ "refsource" : "CONFIRM",
+ "tags" : [ ]
+ }, {
+ "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23765";,
+ "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23765";,
+ "refsource" : "MISC",
+ "tags" : [ "Issue Tracking", "Third Party Advisory" ]
+ } ]
+ },
+ "description" : {
+ "description_data" : [ {
+ "lang" : "en",
+ "value" : "GNU binutils gold gold v1.11-v1.16 (GNU binutils
v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned
Comparison, Out-of-bounds Read. The impact is: Denial of service. The component
is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An
ELF file with an invalid e_shoff header field must be opened."
+ } ]
+ }
+ },
+ "configurations" : {
+ "CVE_data_version" : "4.0",
+ "nodes" : [ {
+ "operator" : "OR",
+ "cpe_match" : [ {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*",
+ "versionStartIncluding" : "2.21",
+ "versionEndIncluding" : "2.31.1"
+ }, {
+ "vulnerable" : true,
+ "cpe23Uri" : "cpe:2.3:a:gnu:binutils_gold:*:*:*:*:*:*:*:*",
+ "versionStartIncluding" : "1.11",
+ "versionEndIncluding" : "1.16"
+ } ]
+ } ]
+ },
+ "impact" : {
+ "baseMetricV3" : {
+ "cvssV3" : {
+ "version" : "3.0",
+ "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+ "attackVector" : "LOCAL",
+ "attackComplexity" : "LOW",
+ "privilegesRequired" : "NONE",
+ "userInteraction" : "REQUIRED",
+ "scope" : "UNCHANGED",
+ "confidentialityImpact" : "NONE",
+ "integrityImpact" : "NONE",
+ "availabilityImpact" : "HIGH",
+ "baseScore" : 5.5,
+ "baseSeverity" : "MEDIUM"
+ },
+ "exploitabilityScore" : 1.8,
+ "impactScore" : 3.6
+ },
+ "baseMetricV2" : {
+ "cvssV2" : {
+ "version" : "2.0",
+ "vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "accessVector" : "NETWORK",
+ "accessComplexity" : "MEDIUM",
+ "authentication" : "NONE",
+ "confidentialityImpact" : "NONE",
+ "integrityImpact" : "NONE",
+ "availabilityImpact" : "PARTIAL",
+ "baseScore" : 4.3
+ },
+ "severity" : "MEDIUM",
+ "exploitabilityScore" : 8.6,
+ "impactScore" : 2.9,
+ "acInsufInfo" : false,
+ "obtainAllPrivilege" : false,
+ "obtainUserPrivilege" : false,
+ "obtainOtherPrivilege" : false,
+ "userInteractionRequired" : true
+ }
+ },
+ "publishedDate" : "2019-07-23T14:15Z",
+ "lastModifiedDate" : "2019-08-22T07:15Z"
+ }, {
+ "cve" : {
+ "data_type" : "CVE",
+ "data_format" : "MITRE",
+ "data_version" : "4.0",
+ "CVE_data_meta" : {
+ "ID" : "CVE-2019-18192",
+ "ASSIGNER" : "address@hidden"
+ },
+ "problemtype" : {
+ "problemtype_data" : [ {
+ "description" : [ ]
+ } ]
+ },
+ "references" : {
+ "reference_data" : [ {
+ "url" : "http://www.openwall.com/lists/oss-security/2019/10/17/3";,
+ "name" : "[oss-security] 20191017 CVE-2019-18192: Insecure
permissions on Guix profile directory",
+ "refsource" : "MLIST",
+ "tags" : [ ]
+ }, {
+ "url" : "https://issues.guix.gnu.org/issue/37744";,
+ "name" : "https://issues.guix.gnu.org/issue/37744";,
+ "refsource" : "MISC",
+ "tags" : [ ]
+ } ]
+ },
+ "description" : {
+ "description_data" : [ {
+ "lang" : "en",
+ "value" : "GNU Guix 1.0.1 allows local users to gain access to an
arbitrary user's account because the parent directory of the user-profile
directories is world writable, a similar issue to CVE-2019-17365."
+ } ]
+ }
+ },
+ "configurations" : {
+ "CVE_data_version" : "4.0",
+ "nodes" : [ ]
+ },
+ "impact" : { },
+ "publishedDate" : "2019-10-17T20:15Z",
+ "lastModifiedDate" : "2019-10-17T20:29Z"
+ } ]
+}
diff --git a/tests/cve-sample.xml b/tests/cve-sample.xml
deleted file mode 100644
index ce158490f1..0000000000
--- a/tests/cve-sample.xml
+++ /dev/null
@@ -1,616 +0,0 @@
-<?xml version='1.0' encoding='UTF-8'?>
-<nvd xmlns:scap-core="http://scap.nist.gov/schema/scap-core/0.1";
xmlns:cvss="http://scap.nist.gov/schema/cvss-v2/0.2";
xmlns:vuln="http://scap.nist.gov/schema/vulnerability/0.4";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:patch="http://scap.nist.gov/schema/patch/0.1";
xmlns="http://scap.nist.gov/schema/feed/vulnerability/2.0";
xmlns:cpe-lang="http://cpe.mitre.org/language/2.0"; nvd_xml_version="2.0"
pub_date="2015-11-25T08:07:01"
xsi:schemaLocation="http://scap.nist.gov/schema/patch/0.1
http://nvd.nist.gov/schema/patch_0.1.xsd
http://scap.nist.gov/schema/feed/vulnerability/2.0
http://nvd.nist.gov/schema/nvd-cve-feed_2.0.xsd
http://scap.nist.gov/schema/scap-core/0.1
http://nvd.nist.gov/schema/scap-core_0.1.xsd";>
- <entry id="CVE-2003-0001">
- <vuln:vulnerable-configuration id="http://nvd.nist.gov/";>
- <cpe-lang:logical-test operator="OR" negate="false">
- <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.2"/>
- <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.3"/>
- <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.4"/>
- <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.5"/>
- <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.6"/>
- <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.7"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.1"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.10"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.11"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.12"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.13"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.14"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.15"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.16"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.17"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.18"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.19"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.2"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.20"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.3"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.4"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.5"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.6"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.7"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.8"/>
- <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.9"/>
- <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000:::advanced_server"/>
- <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000:::datacenter_server"/>
- <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000:::professional"/>
- <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000:::server"/>
- <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000::sp1:advanced_server"/>
- <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000::sp1:datacenter_server"/>
- <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000::sp1:professional"/>
- <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000::sp1:server"/>
- <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000::sp2:advanced_server"/>
- <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000::sp2:datacenter_server"/>
- <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000::sp2:professional"/>
- <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000::sp2:server"/>
- <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000_terminal_services"/>
- <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000_terminal_services::sp1"/>
- <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000_terminal_services::sp2"/>
- <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.5"/>
- <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.5.1"/>
- <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.5.2"/>
- <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.5.3"/>
- <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.6"/>
- </cpe-lang:logical-test>
- </vuln:vulnerable-configuration>
- <vuln:vulnerable-software-list>
-
<vuln:product>cpe:/o:microsoft:windows_2000::sp2:professional</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.4</vuln:product>
-
<vuln:product>cpe:/o:microsoft:windows_2000_terminal_services::sp1</vuln:product>
-
<vuln:product>cpe:/o:microsoft:windows_2000::sp1:advanced_server</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.19</vuln:product>
-
<vuln:product>cpe:/o:microsoft:windows_2000::sp2:advanced_server</vuln:product>
-
<vuln:product>cpe:/o:microsoft:windows_2000_terminal_services</vuln:product>
-
<vuln:product>cpe:/o:microsoft:windows_2000:::advanced_server</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.20</vuln:product>
- <vuln:product>cpe:/o:netbsd:netbsd:1.5.1</vuln:product>
-
<vuln:product>cpe:/o:microsoft:windows_2000_terminal_services::sp2</vuln:product>
- <vuln:product>cpe:/o:netbsd:netbsd:1.5.3</vuln:product>
- <vuln:product>cpe:/o:netbsd:netbsd:1.5.2</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.6</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.9</vuln:product>
-
<vuln:product>cpe:/o:microsoft:windows_2000:::datacenter_server</vuln:product>
- <vuln:product>cpe:/o:netbsd:netbsd:1.6</vuln:product>
- <vuln:product>cpe:/o:netbsd:netbsd:1.5</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.7</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.8</vuln:product>
-
<vuln:product>cpe:/o:microsoft:windows_2000::sp1:datacenter_server</vuln:product>
-
<vuln:product>cpe:/o:microsoft:windows_2000::sp2:datacenter_server</vuln:product>
- <vuln:product>cpe:/o:freebsd:freebsd:4.3</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.10</vuln:product>
- <vuln:product>cpe:/o:microsoft:windows_2000::sp1:server</vuln:product>
- <vuln:product>cpe:/o:freebsd:freebsd:4.5</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.12</vuln:product>
- <vuln:product>cpe:/o:freebsd:freebsd:4.2</vuln:product>
- <vuln:product>cpe:/o:freebsd:freebsd:4.7</vuln:product>
- <vuln:product>cpe:/o:freebsd:freebsd:4.4</vuln:product>
- <vuln:product>cpe:/o:freebsd:freebsd:4.6</vuln:product>
- <vuln:product>cpe:/o:microsoft:windows_2000::sp2:server</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.18</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.1</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.15</vuln:product>
- <vuln:product>cpe:/o:microsoft:windows_2000:::server</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.17</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.14</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.2</vuln:product>
- <vuln:product>cpe:/o:microsoft:windows_2000:::professional</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.11</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.5</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.16</vuln:product>
-
<vuln:product>cpe:/o:microsoft:windows_2000::sp1:professional</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.13</vuln:product>
- <vuln:product>cpe:/o:linux:linux_kernel:2.4.3</vuln:product>
- </vuln:vulnerable-software-list>
- <vuln:cve-id>CVE-2003-0001</vuln:cve-id>
-
<vuln:published-datetime>2003-01-17T00:00:00.000-05:00</vuln:published-datetime>
-
<vuln:last-modified-datetime>2015-11-24T13:05:47.073-05:00</vuln:last-modified-datetime>
- <vuln:cvss>
- <cvss:base_metrics>
- <cvss:score>5.0</cvss:score>
- <cvss:access-vector>NETWORK</cvss:access-vector>
- <cvss:access-complexity>LOW</cvss:access-complexity>
- <cvss:authentication>NONE</cvss:authentication>
- <cvss:confidentiality-impact>PARTIAL</cvss:confidentiality-impact>
- <cvss:integrity-impact>NONE</cvss:integrity-impact>
- <cvss:availability-impact>NONE</cvss:availability-impact>
- <cvss:source>http://nvd.nist.gov</cvss:source>
-
<cvss:generated-on-datetime>2015-11-24T12:23:33.593-05:00</cvss:generated-on-datetime>
- </cvss:base_metrics>
- </vuln:cvss>
- <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2665";
name="oval:org.mitre.oval:def:2665"/>
- <vuln:cwe id="CWE-200"/>
- <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
- <vuln:source>CERT-VN</vuln:source>
- <vuln:reference href="http://www.kb.cert.org/vuls/id/412115";
xml:lang="en">VU#412115</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>BUGTRAQ</vuln:source>
- <vuln:reference
href="http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded";
xml:lang="en">20150402 NEW : VMSA-2015-0003 VMware product updates address
critical information disclosure issue in JRE</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>BUGTRAQ</vuln:source>
- <vuln:reference
href="http://www.securityfocus.com/archive/1/archive/1/307564/30/26270/threaded";
xml:lang="en">20030117 Re: More information regarding
Etherleak</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>BUGTRAQ</vuln:source>
- <vuln:reference
href="http://www.securityfocus.com/archive/1/archive/1/305335/30/26420/threaded";
xml:lang="en">20030106 Etherleak: Ethernet frame padding information leakage
(A010603-1)</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>REDHAT</vuln:source>
- <vuln:reference
href="http://www.redhat.com/support/errata/RHSA-2003-088.html";
xml:lang="en">RHSA-2003:088</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>REDHAT</vuln:source>
- <vuln:reference
href="http://www.redhat.com/support/errata/RHSA-2003-025.html";
xml:lang="en">RHSA-2003:025</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>OSVDB</vuln:source>
- <vuln:reference href="http://www.osvdb.org/9962";
xml:lang="en">9962</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>CONFIRM</vuln:source>
- <vuln:reference
href="http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html";
xml:lang="en">http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MISC</vuln:source>
- <vuln:reference
href="http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf";
xml:lang="en">http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
- <vuln:source>ATSTAKE</vuln:source>
- <vuln:reference
href="http://www.atstake.com/research/advisories/2003/a010603-1.txt";
xml:lang="en">A010603-1</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>FULLDISC</vuln:source>
- <vuln:reference href="http://seclists.org/fulldisclosure/2015/Apr/5";
xml:lang="en">20150402 NEW : VMSA-2015-0003 VMware product updates address
critical information disclosure issue in JRE</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MISC</vuln:source>
- <vuln:reference
href="http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html";
xml:lang="en">http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
- <vuln:source>BUGTRAQ</vuln:source>
- <vuln:reference
href="http://marc.theaimsgroup.com/?l=bugtraq&m=104222046632243&w=2";
xml:lang="en">20030110 More information regarding Etherleak</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>VULNWATCH</vuln:source>
- <vuln:reference
href="http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html";
xml:lang="en">20030110 More information regarding Etherleak</vuln:reference>
- </vuln:references>
- <vuln:scanner>
- <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:2665";
name="oval:org.mitre.oval:def:2665"/>
- </vuln:scanner>
- <vuln:summary>Multiple ethernet Network Interface Card (NIC) device
drivers do not pad frames with null bytes, which allows remote attackers to
obtain information from previous packets or kernel memory by using malformed
packets, as demonstrated by Etherleak.</vuln:summary>
- </entry>
- <entry id="CVE-2004-0230">
- <vuln:vulnerable-configuration id="http://nvd.nist.gov/";>
- <cpe-lang:logical-test operator="OR" negate="false">
- <cpe-lang:fact-ref name="cpe:/a:tcp:tcp"/>
- </cpe-lang:logical-test>
- </vuln:vulnerable-configuration>
- <vuln:vulnerable-software-list>
- <vuln:product>cpe:/a:tcp:tcp</vuln:product>
- </vuln:vulnerable-software-list>
- <vuln:cve-id>CVE-2004-0230</vuln:cve-id>
-
<vuln:published-datetime>2004-08-18T00:00:00.000-04:00</vuln:published-datetime>
-
<vuln:last-modified-datetime>2015-11-24T13:06:40.597-05:00</vuln:last-modified-datetime>
- <vuln:cvss>
- <cvss:base_metrics>
- <cvss:score>5.0</cvss:score>
- <cvss:access-vector>NETWORK</cvss:access-vector>
- <cvss:access-complexity>LOW</cvss:access-complexity>
- <cvss:authentication>NONE</cvss:authentication>
- <cvss:confidentiality-impact>NONE</cvss:confidentiality-impact>
- <cvss:integrity-impact>NONE</cvss:integrity-impact>
- <cvss:availability-impact>PARTIAL</cvss:availability-impact>
- <cvss:source>http://nvd.nist.gov</cvss:source>
-
<cvss:generated-on-datetime>2015-11-24T12:17:30.930-05:00</cvss:generated-on-datetime>
- </cvss:base_metrics>
- </vuln:cvss>
- <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5711";
name="oval:org.mitre.oval:def:5711"/>
- <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4791";
name="oval:org.mitre.oval:def:4791"/>
- <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:3508";
name="oval:org.mitre.oval:def:3508"/>
- <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:270";
name="oval:org.mitre.oval:def:270"/>
- <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2689";
name="oval:org.mitre.oval:def:2689"/>
- <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
- <vuln:source>CERT</vuln:source>
- <vuln:reference
href="http://www.us-cert.gov/cas/techalerts/TA04-111A.html";
xml:lang="en">TA04-111A</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>CERT-VN</vuln:source>
- <vuln:reference href="http://www.kb.cert.org/vuls/id/415294";
xml:lang="en">VU#415294</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>CONFIRM</vuln:source>
- <vuln:reference
href="https://kc.mcafee.com/corporate/index?page=content&id=SB10053";
xml:lang="en">https://kc.mcafee.com/corporate/index?page=content&id=SB10053</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
- <vuln:source>XF</vuln:source>
- <vuln:reference href="http://xforce.iss.net/xforce/xfdb/15886";
xml:lang="en">tcp-rst-dos(15886)</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>VUPEN</vuln:source>
- <vuln:reference href="http://www.vupen.com/english/advisories/2006/3983";
xml:lang="en">ADV-2006-3983</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MISC</vuln:source>
- <vuln:reference
href="http://www.uniras.gov.uk/vuls/2004/236929/index.htm";
xml:lang="en">http://www.uniras.gov.uk/vuls/2004/236929/index.htm</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
- <vuln:source>BID</vuln:source>
- <vuln:reference href="http://www.securityfocus.com/bid/10183";
xml:lang="en">10183</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>BUGTRAQ</vuln:source>
- <vuln:reference
href="http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded";
xml:lang="en">20150402 NEW : VMSA-2015-0003 VMware product updates address
critical information disclosure issue in JRE</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>HP</vuln:source>
- <vuln:reference
href="http://www.securityfocus.com/archive/1/archive/1/449179/100/0/threaded";
xml:lang="en">SSRT061264</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>OSVDB</vuln:source>
- <vuln:reference href="http://www.osvdb.org/4030";
xml:lang="en">4030</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>CONFIRM</vuln:source>
- <vuln:reference
href="http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html";
xml:lang="en">http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MS</vuln:source>
- <vuln:reference
href="http://www.microsoft.com/technet/security/Bulletin/MS06-064.mspx";
xml:lang="en">MS06-064</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MS</vuln:source>
- <vuln:reference
href="http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx";
xml:lang="en">MS05-019</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>CISCO</vuln:source>
- <vuln:reference
href="http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml";
xml:lang="en">20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco
Products</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>FULLDISC</vuln:source>
- <vuln:reference href="http://seclists.org/fulldisclosure/2015/Apr/5";
xml:lang="en">20150402 NEW : VMSA-2015-0003 VMware product updates address
critical information disclosure issue in JRE</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MISC</vuln:source>
- <vuln:reference
href="http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html";
xml:lang="en">http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>HP</vuln:source>
- <vuln:reference
href="http://marc.theaimsgroup.com/?l=bugtraq&m=108506952116653&w=2";
xml:lang="en">SSRT4696</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>BUGTRAQ</vuln:source>
- <vuln:reference
href="http://marc.theaimsgroup.com/?l=bugtraq&m=108302060014745&w=2";
xml:lang="en">20040425 Perl code exploting TCP not checking RST
ACK.</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>CONFIRM</vuln:source>
- <vuln:reference href="http://kb.juniper.net/JSA10638";
xml:lang="en">http://kb.juniper.net/JSA10638</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>SGI</vuln:source>
- <vuln:reference
href="ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc";
xml:lang="en">20040403-01-A</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>SCO</vuln:source>
- <vuln:reference
href="ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt";
xml:lang="en">SCOSA-2005.14</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>SCO</vuln:source>
- <vuln:reference
href="ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt";
xml:lang="en">SCOSA-2005.9</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>SCO</vuln:source>
- <vuln:reference
href="ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt";
xml:lang="en">SCOSA-2005.3</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>NETBSD</vuln:source>
- <vuln:reference
href="ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc";
xml:lang="en">NetBSD-SA2004-006</vuln:reference>
- </vuln:references>
- <vuln:scanner>
- <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:3508";
name="oval:org.mitre.oval:def:3508"/>
- </vuln:scanner>
- <vuln:scanner>
- <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:270";
name="oval:org.mitre.oval:def:270"/>
- </vuln:scanner>
- <vuln:scanner>
- <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:2689";
name="oval:org.mitre.oval:def:2689"/>
- </vuln:scanner>
- <vuln:scanner>
- <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:5711";
name="oval:org.mitre.oval:def:5711"/>
- </vuln:scanner>
- <vuln:scanner>
- <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:4791";
name="oval:org.mitre.oval:def:4791"/>
- </vuln:scanner>
- <vuln:summary>TCP, when using a large Window Size, makes it easier for
remote attackers to guess sequence numbers and cause a denial of service
(connection loss) to persistent TCP connections by repeatedly injecting a TCP
RST packet, especially in protocols that use long-lived connections, such as
BGP.</vuln:summary>
- </entry>
- <entry id="CVE-2008-2335">
- <vuln:vulnerable-configuration id="http://nvd.nist.gov/";>
- <cpe-lang:logical-test operator="OR" negate="false">
- <cpe-lang:fact-ref name="cpe:/a:vastal:phpvid:1.2"/>
- <cpe-lang:fact-ref name="cpe:/a:vastal:phpvid:1.1"/>
- </cpe-lang:logical-test>
- </vuln:vulnerable-configuration>
- <vuln:vulnerable-software-list>
- <vuln:product>cpe:/a:vastal:phpvid:1.1</vuln:product>
- <vuln:product>cpe:/a:vastal:phpvid:1.2</vuln:product>
- </vuln:vulnerable-software-list>
- <vuln:cve-id>CVE-2008-2335</vuln:cve-id>
-
<vuln:published-datetime>2008-05-19T09:20:00.000-04:00</vuln:published-datetime>
-
<vuln:last-modified-datetime>2015-11-24T11:45:25.057-05:00</vuln:last-modified-datetime>
- <vuln:cvss>
- <cvss:base_metrics>
- <cvss:score>4.3</cvss:score>
- <cvss:access-vector>NETWORK</cvss:access-vector>
- <cvss:access-complexity>MEDIUM</cvss:access-complexity>
- <cvss:authentication>NONE</cvss:authentication>
- <cvss:confidentiality-impact>NONE</cvss:confidentiality-impact>
- <cvss:integrity-impact>PARTIAL</cvss:integrity-impact>
- <cvss:availability-impact>NONE</cvss:availability-impact>
- <cvss:source>http://nvd.nist.gov</cvss:source>
-
<cvss:generated-on-datetime>2015-11-24T10:50:05.737-05:00</cvss:generated-on-datetime>
- </cvss:base_metrics>
- </vuln:cvss>
- <vuln:cwe id="CWE-79"/>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>XF</vuln:source>
- <vuln:reference href="http://xforce.iss.net/xforce/xfdb/42450";
xml:lang="en">phpvid-query-xss(42450)</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>VUPEN</vuln:source>
- <vuln:reference href="http://www.vupen.com/english/advisories/2008/2552";
xml:lang="en">ADV-2008-2552</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>BID</vuln:source>
- <vuln:reference href="http://www.securityfocus.com/bid/29238";
xml:lang="en">29238</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MILW0RM</vuln:source>
- <vuln:reference href="http://www.milw0rm.com/exploits/6422";
xml:lang="en">6422</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>EXPLOIT-DB</vuln:source>
- <vuln:reference href="http://www.exploit-db.com/exploits/27519";
xml:lang="en">27519</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MISC</vuln:source>
- <vuln:reference
href="http://tetraph.com/security/xss-vulnerability/vastal-i-tech-phpvid-1-2-3-multiple-xss-cross-site-scripting-security-vulnerabilities/";
xml:lang="en">http://tetraph.com/security/xss-vulnerability/vastal-i-tech-phpvid-1-2-3-multiple-xss-cross-site-scripting-security-vulnerabilities/</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>FULLDISC</vuln:source>
- <vuln:reference href="http://seclists.org/fulldisclosure/2015/Mar/59";
xml:lang="en">20150310 Vastal I-tech phpVID 1.2.3 Multiple XSS (Cross-site
Scripting) Security Vulnerabilities</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MISC</vuln:source>
- <vuln:reference
href="http://packetstormsecurity.com/files/130755/Vastal-I-tech-phpVID-1.2.3-Cross-Site-Scripting.html";
xml:lang="en">http://packetstormsecurity.com/files/130755/Vastal-I-tech-phpVID-1.2.3-Cross-Site-Scripting.html</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MISC</vuln:source>
- <vuln:reference
href="http://packetstormsecurity.com/files/122746/PHP-VID-XSS-SQL-Injection-CRLF-Injection.html";
xml:lang="en">http://packetstormsecurity.com/files/122746/PHP-VID-XSS-SQL-Injection-CRLF-Injection.html</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>OSVDB</vuln:source>
- <vuln:reference href="http://osvdb.org/show/osvdb/45171";
xml:lang="en">45171</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MISC</vuln:source>
- <vuln:reference href="http://holisticinfosec.org/content/view/65/45/";
xml:lang="en">http://holisticinfosec.org/content/view/65/45/</vuln:reference>
- </vuln:references>
- <vuln:summary>Cross-site scripting (XSS) vulnerability in
search_results.php in Vastal I-Tech phpVID 1.1 and 1.2 allows remote attackers
to inject arbitrary web script or HTML via the query parameter. NOTE: some of
these details are obtained from third party information. NOTE: it was later
reported that 1.2.3 is also affected.</vuln:summary>
- </entry>
- <entry id="CVE-2008-3522">
- <vuln:vulnerable-configuration id="http://nvd.nist.gov/";>
- <cpe-lang:logical-test operator="OR" negate="false">
- <cpe-lang:fact-ref name="cpe:/a:redhat:enterprise_virtualization:3.5"/>
- </cpe-lang:logical-test>
- </vuln:vulnerable-configuration>
- <vuln:vulnerable-configuration id="http://nvd.nist.gov/";>
- <cpe-lang:logical-test operator="OR" negate="false">
- <cpe-lang:fact-ref name="cpe:/a:jasper_project:jasper:1.900.1"/>
- </cpe-lang:logical-test>
- </vuln:vulnerable-configuration>
- <vuln:vulnerable-software-list>
- <vuln:product>cpe:/a:redhat:enterprise_virtualization:3.5</vuln:product>
- <vuln:product>cpe:/a:jasper_project:jasper:1.900.1</vuln:product>
- </vuln:vulnerable-software-list>
- <vuln:cve-id>CVE-2008-3522</vuln:cve-id>
-
<vuln:published-datetime>2008-10-02T14:18:05.790-04:00</vuln:published-datetime>
-
<vuln:last-modified-datetime>2015-11-24T11:46:04.933-05:00</vuln:last-modified-datetime>
- <vuln:cvss>
- <cvss:base_metrics>
- <cvss:score>10.0</cvss:score>
- <cvss:access-vector>NETWORK</cvss:access-vector>
- <cvss:access-complexity>LOW</cvss:access-complexity>
- <cvss:authentication>NONE</cvss:authentication>
- <cvss:confidentiality-impact>COMPLETE</cvss:confidentiality-impact>
- <cvss:integrity-impact>COMPLETE</cvss:integrity-impact>
- <cvss:availability-impact>COMPLETE</cvss:availability-impact>
- <cvss:source>http://nvd.nist.gov</cvss:source>
-
<cvss:generated-on-datetime>2015-11-24T10:05:46.467-05:00</cvss:generated-on-datetime>
- </cvss:base_metrics>
- </vuln:cvss>
- <vuln:security-protection>ALLOWS_ADMIN_ACCESS</vuln:security-protection>
- <vuln:cwe id="CWE-119"/>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>XF</vuln:source>
- <vuln:reference href="http://xforce.iss.net/xforce/xfdb/45623";
xml:lang="en">jasper-jasstreamprintf-bo(45623)</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>UBUNTU</vuln:source>
- <vuln:reference href="http://www.ubuntu.com/usn/USN-742-1";
xml:lang="en">USN-742-1</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>BID</vuln:source>
- <vuln:reference href="http://www.securityfocus.com/bid/31470";
xml:lang="en">31470</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MANDRIVA</vuln:source>
- <vuln:reference
href="http://www.mandriva.com/security/advisories?name=MDVSA-2009:164";
xml:lang="en">MDVSA-2009:164</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MANDRIVA</vuln:source>
- <vuln:reference
href="http://www.mandriva.com/security/advisories?name=MDVSA-2009:144";
xml:lang="en">MDVSA-2009:144</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MANDRIVA</vuln:source>
- <vuln:reference
href="http://www.mandriva.com/security/advisories?name=MDVSA-2009:142";
xml:lang="en">MDVSA-2009:142</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>GENTOO</vuln:source>
- <vuln:reference
href="http://security.gentoo.org/glsa/glsa-200812-18.xml";
xml:lang="en">GLSA-200812-18</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>REDHAT</vuln:source>
- <vuln:reference href="http://rhn.redhat.com/errata/RHSA-2015-0698.html";
xml:lang="en">RHSA-2015:0698</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MISC</vuln:source>
- <vuln:reference href="http://bugs.gentoo.org/show_bug.cgi?id=222819";
xml:lang="en">http://bugs.gentoo.org/show_bug.cgi?id=222819</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MISC</vuln:source>
- <vuln:reference
href="http://bugs.gentoo.org/attachment.cgi?id=163282&action=view";
xml:lang="en">http://bugs.gentoo.org/attachment.cgi?id=163282&action=view</vuln:reference>
- </vuln:references>
- <vuln:summary>Buffer overflow in the jas_stream_printf function in
libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent
attackers to have an unknown impact via vectors related to the mif_hdr_put
function and use of vsprintf.</vuln:summary>
- </entry>
- <entry id="CVE-2009-3301">
- <vuln:vulnerable-configuration id="http://www.nist.gov/";>
- <cpe-lang:logical-test operator="OR" negate="false">
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:3.1.1"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:3.1.0"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:3.0.1"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:3.0.0"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.4.1"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.4.0"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.1.0"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:1.1.0"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.4.2"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.4.3"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.3.0"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.3.1"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.2.0"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.2.1"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.0.0"/>
- <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.0.3"/>
- </cpe-lang:logical-test>
- </vuln:vulnerable-configuration>
- <vuln:vulnerable-configuration id="http://www.nist.gov/";>
- <cpe-lang:logical-test operator="OR" negate="false">
- <cpe-lang:fact-ref
name="cpe:/o:canonical:ubuntu_linux:10.04::~~lts~~~"/>
- <cpe-lang:fact-ref name="cpe:/o:canonical:ubuntu_linux:10.10"/>
- <cpe-lang:fact-ref name="cpe:/o:canonical:ubuntu_linux:9.10"/>
- <cpe-lang:fact-ref name="cpe:/o:canonical:ubuntu_linux:8.04:-:lts"/>
- </cpe-lang:logical-test>
- </vuln:vulnerable-configuration>
- <vuln:vulnerable-software-list>
-
<vuln:product>cpe:/o:canonical:ubuntu_linux:10.04::~~lts~~~</vuln:product>
- <vuln:product>cpe:/o:canonical:ubuntu_linux:8.04:-:lts</vuln:product>
- <vuln:product>cpe:/o:canonical:ubuntu_linux:10.10</vuln:product>
- <vuln:product>cpe:/a:sun:openoffice.org:2.1.0</vuln:product>
- <vuln:product>cpe:/a:sun:openoffice.org:2.3.0</vuln:product>
- <vuln:product>cpe:/a:sun:openoffice.org:2.2.1</vuln:product>
- <!-- snipped -->
- </vuln:vulnerable-software-list>
- <vuln:cve-id>CVE-2009-3301</vuln:cve-id>
-
<vuln:published-datetime>2010-02-16T14:30:00.533-05:00</vuln:published-datetime>
-
<vuln:last-modified-datetime>2015-11-17T10:59:44.723-05:00</vuln:last-modified-datetime>
- <vuln:cvss>
- <cvss:base_metrics>
- <cvss:score>9.3</cvss:score>
- <cvss:access-vector>NETWORK</cvss:access-vector>
- <cvss:access-complexity>MEDIUM</cvss:access-complexity>
- <cvss:authentication>NONE</cvss:authentication>
- <cvss:confidentiality-impact>COMPLETE</cvss:confidentiality-impact>
- <cvss:integrity-impact>COMPLETE</cvss:integrity-impact>
- <cvss:availability-impact>COMPLETE</cvss:availability-impact>
- <cvss:source>http://nvd.nist.gov</cvss:source>
-
<cvss:generated-on-datetime>2015-11-17T10:02:50.097-05:00</cvss:generated-on-datetime>
- </cvss:base_metrics>
- </vuln:cvss>
- <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10423";
name="oval:org.mitre.oval:def:10423"/>
- <vuln:cwe id="CWE-189"/>
- <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
- <vuln:source>CERT</vuln:source>
- <vuln:reference
href="http://www.us-cert.gov/cas/techalerts/TA10-287A.html";
xml:lang="en">TA10-287A</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>CONFIRM</vuln:source>
- <vuln:reference
href="https://bugzilla.redhat.com/show_bug.cgi?id=533038";
xml:lang="en">https://bugzilla.redhat.com/show_bug.cgi?id=533038</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>XF</vuln:source>
- <vuln:reference href="http://xforce.iss.net/xforce/xfdb/56240";
xml:lang="en">openoffice-word-sprmtdeftable-bo(56240)</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>VUPEN</vuln:source>
- <vuln:reference href="http://www.vupen.com/english/advisories/2010/2905";
xml:lang="en">ADV-2010-2905</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>VUPEN</vuln:source>
- <vuln:reference href="http://www.vupen.com/english/advisories/2010/0635";
xml:lang="en">ADV-2010-0635</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
- <vuln:source>VUPEN</vuln:source>
- <vuln:reference href="http://www.vupen.com/english/advisories/2010/0366";
xml:lang="en">ADV-2010-0366</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>UBUNTU</vuln:source>
- <vuln:reference href="http://www.ubuntu.com/usn/USN-903-1";
xml:lang="en">USN-903-1</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>BID</vuln:source>
- <vuln:reference href="http://www.securityfocus.com/bid/38218";
xml:lang="en">38218</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>REDHAT</vuln:source>
- <vuln:reference
href="http://www.redhat.com/support/errata/RHSA-2010-0101.html";
xml:lang="en">RHSA-2010:0101</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>CONFIRM</vuln:source>
- <vuln:reference
href="http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html";
xml:lang="en">http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
- <vuln:source>CONFIRM</vuln:source>
- <vuln:reference
href="http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html";
xml:lang="en">http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
- <vuln:source>CONFIRM</vuln:source>
- <vuln:reference href="http://www.openoffice.org/security/bulletin.html";
xml:lang="en">http://www.openoffice.org/security/bulletin.html</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MANDRIVA</vuln:source>
- <vuln:reference
href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:221";
xml:lang="en">MDVSA-2010:221</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>GENTOO</vuln:source>
- <vuln:reference
href="http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml";
xml:lang="en">GLSA-201408-19</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>DEBIAN</vuln:source>
- <vuln:reference href="http://www.debian.org/security/2010/dsa-1995";
xml:lang="en">DSA-1995</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>SECTRACK</vuln:source>
- <vuln:reference href="http://securitytracker.com/id?1023591";
xml:lang="en">1023591</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>SUSE</vuln:source>
- <vuln:reference
href="http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html";
xml:lang="en">SUSE-SA:2010:017</vuln:reference>
- </vuln:references>
- <vuln:scanner>
- <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10423";
name="oval:org.mitre.oval:def:10423"/>
- </vuln:scanner>
- <vuln:summary>Integer underflow in filter/ww8/ww8par2.cxx in
OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of
service (application crash) or possibly execute arbitrary code via a crafted
sprmTDefTable table property modifier in a Word document.</vuln:summary>
- </entry>
- <entry id="CVE-2015-8330">
- <vuln:cve-id>CVE-2015-8330</vuln:cve-id>
-
<vuln:published-datetime>2015-11-24T15:59:25.897-05:00</vuln:published-datetime>
-
<vuln:last-modified-datetime>2015-11-24T15:59:26.930-05:00</vuln:last-modified-datetime>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MISC</vuln:source>
- <vuln:reference
href="https://www.onapsis.com/blog/analyzing-sap-security-notes-november-2015";
xml:lang="en">https://www.onapsis.com/blog/analyzing-sap-security-notes-november-2015</vuln:reference>
- </vuln:references>
- <vuln:references xml:lang="en" reference_type="UNKNOWN">
- <vuln:source>MISC</vuln:source>
- <vuln:reference
href="http://erpscan.com/advisories/erpscan-15-032-sap-pco-agent-dos-vulnerability/";
xml:lang="en">http://erpscan.com/advisories/erpscan-15-032-sap-pco-agent-dos-vulnerability/</vuln:reference>
- </vuln:references>
- <vuln:summary>The PCo agent in SAP Plant Connectivity (PCo) allows remote
attackers to cause a denial of service (memory corruption and agent crash) via
crafted xMII requests, aka SAP Security Note 2238619.</vuln:summary>
- </entry>
-</nvd>
diff --git a/tests/cve.scm b/tests/cve.scm
index e95b21c073..b69da0e120 100644
--- a/tests/cve.scm
+++ b/tests/cve.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2015, 2016 Ludovic Courtès <address@hidden>
+;;; Copyright © 2015, 2016, 2019 Ludovic Courtès <address@hidden>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -19,10 +19,11 @@
(define-module (test-cve)
#:use-module (guix cve)
#:use-module (srfi srfi-1)
+ #:use-module (srfi srfi-19)
#:use-module (srfi srfi-64))
(define %sample
- (search-path %load-path "tests/cve-sample.xml"))
+ (search-path %load-path "tests/cve-sample.json"))
(define (vulnerability id packages)
(make-struct/no-tail (@@ (guix cve) <vulnerability>) id packages))
@@ -30,34 +31,76 @@
(define %expected-vulnerabilities
;; What we should get when reading %SAMPLE.
(list
- ;; CVE-2003-0001 has no "/a" in its product list so it is omitted.
- ;; CVE-2004-0230 lists "tcp" as an application, but lacks a version number.
- (vulnerability "CVE-2008-2335" '(("phpvid" "1.2" "1.1")))
- (vulnerability "CVE-2008-3522" '(("enterprise_virtualization" "3.5")
- ("jasper" "1.900.1")))
- (vulnerability "CVE-2009-3301" '(("openoffice.org" "2.3.0" "2.2.1"
"2.1.0")))
- ;; CVE-2015-8330 has no software list.
+ (vulnerability "CVE-2019-0001"
+ ;; Only the "a" CPE configurations are kept; the "o"
+ ;; configurations are discarded.
+ '(("junos" (or "18.21-s4" (or "18.21-s3" "18.2")))))
+ (vulnerability "CVE-2019-0005"
+ '(("junos" (or "18.11" "18.1"))))
+ ;; CVE-2019-0005 has no "a" configurations.
+ (vulnerability "CVE-2019-14811"
+ '(("ghostscript" (< "9.28"))))
+ (vulnerability "CVE-2019-17365"
+ '(("nix" (<= "2.3"))))
+ (vulnerability "CVE-2019-1010180"
+ '(("gdb" _))) ;any version
+ (vulnerability "CVE-2019-1010204"
+ '(("binutils" (and (>= "2.21") (<= "2.31.1")))
+ ("binutils_gold" (and (>= "1.11") (<= "1.16")))))
+ ;; CVE-2019-18192 has no associated configurations.
))
�
(test-begin "cve")
-(test-equal "xml->vulnerabilities"
+(test-equal "json->cve-items"
+ '("CVE-2019-0001"
+ "CVE-2019-0005"
+ "CVE-2019-14811"
+ "CVE-2019-17365"
+ "CVE-2019-1010180"
+ "CVE-2019-1010204"
+ "CVE-2019-18192")
+ (map (compose cve-id cve-item-cve)
+ (call-with-input-file %sample json->cve-items)))
+
+(test-equal "cve-item-published-date"
+ '(2019)
+ (delete-duplicates
+ (map (compose date-year cve-item-published-date)
+ (call-with-input-file %sample json->cve-items))))
+
+(test-equal "json->vulnerabilities"
%expected-vulnerabilities
- (call-with-input-file %sample xml->vulnerabilities))
+ (call-with-input-file %sample json->vulnerabilities))
(test-equal "vulnerabilities->lookup-proc"
- (list (list (first %expected-vulnerabilities))
+ (list (list (third %expected-vulnerabilities)) ;ghostscript
+ (list (third %expected-vulnerabilities))
+ '()
+
+ (list (fifth %expected-vulnerabilities)) ;gdb
+ (list (fifth %expected-vulnerabilities))
+
+ (list (fourth %expected-vulnerabilities)) ;nix
'()
+
+ (list (sixth %expected-vulnerabilities)) ;binutils
'()
- (list (second %expected-vulnerabilities))
- (list (third %expected-vulnerabilities)))
- (let* ((vulns (call-with-input-file %sample xml->vulnerabilities))
+ (list (sixth %expected-vulnerabilities))
+ '())
+ (let* ((vulns (call-with-input-file %sample json->vulnerabilities))
(lookup (vulnerabilities->lookup-proc vulns)))
- (list (lookup "phpvid")
- (lookup "jasper" "2.0")
- (lookup "foobar")
- (lookup "jasper" "1.900.1")
- (lookup "openoffice.org" "2.3.0"))))
+ (list (lookup "ghostscript")
+ (lookup "ghostscript" "9.27")
+ (lookup "ghostscript" "9.28")
+ (lookup "gdb")
+ (lookup "gdb" "42.0")
+ (lookup "nix")
+ (lookup "nix" "2.4")
+ (lookup "binutils" "2.31.1")
+ (lookup "binutils" "2.10")
+ (lookup "binutils_gold" "1.11")
+ (lookup "binutils" "2.32"))))
(test-end "cve")
--
2.23.0