Lucene search
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2013-697.NASLHistoryJun 13, 2014 - 12:00 a.m.
openSUSE Security Update : python3 (openSUSE-SU-2013:1439-1)
2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
57.5%
This python update includes a SSL certificates fix.
- handle NULL bytes in certain fields of SSL certificates (CVE-2013-4238, bnc#834601, CVE-2013-4238_py33.patch)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2013-697.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(75138);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2013-4238");
script_name(english:"openSUSE Security Update : python3 (openSUSE-SU-2013:1439-1)");
script_summary(english:"Check for the openSUSE-2013-697 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"This python update includes a SSL certificates fix.
- handle NULL bytes in certain fields of SSL certificates
(CVE-2013-4238, bnc#834601, CVE-2013-4238_py33.patch)"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=834601"
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.opensuse.org/opensuse-updates/2013-09/msg00028.html"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected python3 packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpython3_3m1_0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpython3_3m1_0-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpython3_3m1_0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpython3_3m1_0-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-base-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-base-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-base-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-curses");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-curses-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-dbm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-dbm-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-doc-pdf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-idle");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-testsuite");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-testsuite-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-tk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-tk-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-tools");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.3");
script_set_attribute(attribute:"patch_publication_date", value:"2013/09/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE12.3", reference:"libpython3_3m1_0-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"libpython3_3m1_0-debuginfo-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-3.3.0-6.11.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-base-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-base-debuginfo-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-base-debugsource-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-curses-3.3.0-6.11.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-curses-debuginfo-3.3.0-6.11.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-dbm-3.3.0-6.11.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-dbm-debuginfo-3.3.0-6.11.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-debuginfo-3.3.0-6.11.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-debugsource-3.3.0-6.11.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-devel-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-devel-debuginfo-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-doc-pdf-3.3.0-6.11.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-idle-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-testsuite-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-testsuite-debuginfo-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-tk-3.3.0-6.11.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-tk-debuginfo-3.3.0-6.11.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"python3-tools-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libpython3_3m1_0-32bit-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libpython3_3m1_0-debuginfo-32bit-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"python3-32bit-3.3.0-6.11.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"python3-base-32bit-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"python3-base-debuginfo-32bit-3.3.0-6.11.3") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"python3-debuginfo-32bit-3.3.0-6.11.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpython3_3m1_0 / libpython3_3m1_0-32bit / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | libpython3_3m1_0 | p-cpe:/a:novell:opensuse:libpython3_3m1_0 |
| novell | opensuse | libpython3_3m1_0-32bit | p-cpe:/a:novell:opensuse:libpython3_3m1_0-32bit |
| novell | opensuse | libpython3_3m1_0-debuginfo | p-cpe:/a:novell:opensuse:libpython3_3m1_0-debuginfo |
| novell | opensuse | libpython3_3m1_0-debuginfo-32bit | p-cpe:/a:novell:opensuse:libpython3_3m1_0-debuginfo-32bit |
| novell | opensuse | python3 | p-cpe:/a:novell:opensuse:python3 |
| novell | opensuse | python3-32bit | p-cpe:/a:novell:opensuse:python3-32bit |
| novell | opensuse | python3-base | p-cpe:/a:novell:opensuse:python3-base |
| novell | opensuse | python3-base-32bit | p-cpe:/a:novell:opensuse:python3-base-32bit |
| novell | opensuse | python3-base-debuginfo | p-cpe:/a:novell:opensuse:python3-base-debuginfo |
| novell | opensuse | python3-base-debuginfo-32bit | p-cpe:/a:novell:opensuse:python3-base-debuginfo-32bit |
Related
nessus
nessus
Ubuntu 10.04 LTS : python2.6 vulnerability (USN-1982-1)
2013-10-02 00:00:00
openSUSE Security Update : python (openSUSE-SU-2013:1438-1)
2014-06-13 00:00:00
CentOS 6 : python (CESA-2013:1582)
2014-11-12 00:00:00
openvas
openvas
Ubuntu Update for python2.6 USN-1982-1
2013-10-03 00:00:00
Fedora Update for python FEDORA-2013-15146
2013-08-27 00:00:00
Fedora Update for python3 FEDORA-2013-21418
2013-11-26 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: python3-3.3.2-6.fc19
2013-08-27 23:35:51
[SECURITY] Fedora 19 Update: python3-3.3.2-8.fc19
2013-11-26 04:01:31
[SECURITY] Fedora 19 Update: python-2.7.5-4.fc19
2013-08-24 22:27:19
centos
centos
python, tkinter security update
2013-11-26 13:32:42
oraclelinux
oraclelinux
python security, bug fix, and enhancement update
2013-11-26 00:00:00
redhat
redhat
(RHSA-2013:1582) Moderate: python security, bug fix, and enhancement update
2013-11-21 00:00:00
(RHSA-2013:1527) Important: rhev-hypervisor6 security and bug fix update
2013-11-21 00:00:00
ubuntu
ubuntu
Python 2.6 vulnerability
2013-10-01 00:00:00
Python 3.2 vulnerabilities
2013-10-01 00:00:00
Python 3.3 vulnerabilities
2013-10-01 00:00:00
securityvulns
securityvulns
Python SSL certificate check bypass
2013-10-02 00:00:00
veracode
veracode
Man-in-the-Middle (MitM)
2019-01-15 08:51:35
mageia
mageia
Updated python packages fix CVE-2013-4328 and pip
2013-08-17 12:43:24
Updated python3, bzr and some python packages fix security vulnerabilties
2013-08-22 21:58:14
prion
prion
Design/Logic Flaw
2013-08-27 03:34:00
Design/Logic Flaw
2013-08-18 02:52:00
debiancve
debiancve
CVE-2013-4238
2013-08-18 02:52:22
cve
cve
CVE-2013-4328
2022-10-03 16:14:58
CVE-2013-4238
2013-08-18 02:52:22
debian
debian
[SECURITY] [DSA 2880-1] python2.7 security update
2014-03-17 18:07:37
[DLA 25-1] python2.6 security update
2014-07-31 21:07:32
osv
osv
python2.7 - security update
2014-03-17 00:00:00
python2.6 - regression update
2014-07-31 00:00:00
python2.6 - regression update
2014-07-31 00:00:00
f5
f5
SOL15638 - Python vulnerability CVE-2013-4238
2014-09-29 00:00:00
K15638 : Python vulnerability CVE-2013-4238
2014-10-17 00:00:00
cvelist
cvelist
CVE-2013-4238
2013-08-18 01:00:00
amazon
amazon
Medium: python27
2013-09-04 13:31:00
Medium: python26
2013-11-03 12:09:00
ubuntucve
ubuntucve
CVE-2013-4238
2013-08-17 00:00:00
nvd
nvd
CVE-2013-4238
2013-08-18 02:52:22
CVE-2013-4328
2013-08-27 03:34:35
seebug
seebug
Pythonๅคไธชๅฎๅ
จๆผๆด
2013-12-30 00:00:00
vmware
vmware
VMware vSphere product updates address security vulnerabilities
2014-12-04 00:00:00
VMware vSphere product updates address security vulnerabilities
2014-12-04 00:00:00
ibm
ibm
suse
suse
Security update for python3 (important)
2020-01-21 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
57.5%
Related for OPENSUSE-2013-697.NASL