Lucene search
This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_11_2_LIBXML2-110104.NASLHistoryMay 05, 2011 - 12:00 a.m.
openSUSE Security Update : libxml2 (openSUSE-SU-2011:0255-1)
2011-05-0500:00:00
This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.7%
A bug in the Xpath processing inside libxml2 has been fixed.
CVE-2010-4494 has been assigned to this issue.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update libxml2-3758.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(53766);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2010-4494");
script_name(english:"openSUSE Security Update : libxml2 (openSUSE-SU-2011:0255-1)");
script_summary(english:"Check for the libxml2-3758 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"A bug in the Xpath processing inside libxml2 has been fixed.
CVE-2010-4494 has been assigned to this issue."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=661471"
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.opensuse.org/opensuse-updates/2011-03/msg00036.html"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected libxml2 packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libxml2-devel-32bit");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2");
script_set_attribute(attribute:"patch_publication_date", value:"2011/01/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/05/05");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE11.2", reference:"libxml2-2.7.3-2.5.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"libxml2-devel-2.7.3-2.5.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", cpu:"x86_64", reference:"libxml2-32bit-2.7.3-2.5.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", cpu:"x86_64", reference:"libxml2-devel-32bit-2.7.3-2.5.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libxml2");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | 11.2 | cpe:/o:novell:opensuse:11.2 |
| novell | opensuse | libxml2 | p-cpe:/a:novell:opensuse:libxml2 |
| novell | opensuse | libxml2-32bit | p-cpe:/a:novell:opensuse:libxml2-32bit |
| novell | opensuse | libxml2-devel | p-cpe:/a:novell:opensuse:libxml2-devel |
| novell | opensuse | libxml2-devel-32bit | p-cpe:/a:novell:opensuse:libxml2-devel-32bit |
Related
openvas
openvas
Mandriva Update for libxml2 MDVSA-2010:260 (libxml2)
2011-01-04 00:00:00
Fedora Update for libxml2 FEDORA-2011-2699
2011-04-19 00:00:00
Fedora Update for libxml2 FEDORA-2011-2697
2011-03-15 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : libxml2 (MDVSA-2010:260)
2011-01-28 00:00:00
Debian DSA-2137-1 : libxml2 - several vulnerabilities
2011-01-03 00:00:00
Fedora 13 : libxml2-2.7.7-2.fc13 (2011-2699)
2011-04-15 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: libxml2-2.7.8-6.fc15
2011-03-30 05:34:42
[SECURITY] Fedora 13 Update: libxml2-2.7.7-2.fc13
2011-04-14 20:57:28
[SECURITY] Fedora 14 Update: libxml2-2.7.7-3.fc14
2011-03-13 21:19:17
altlinux
altlinux
Security fix for the ALT Linux 9 package libxml2 version 1:2.7.8-alt3
2010-12-27 00:00:00
Security fix for the ALT Linux 10 package libxml2 version 1:2.7.8-alt3
2010-12-27 00:00:00
Security fix for the ALT Linux 5 package libxml2 version 1:2.7.8-alt3
2010-12-27 00:00:00
cvelist
cvelist
CVE-2010-4494
2010-12-07 20:00:00
nvd
nvd
CVE-2010-4494
2010-12-07 21:00:09
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:52:18
cve
cve
CVE-2010-4494
2010-12-07 21:00:09
osv
osv
libxml2 - several vulnerabilities
2010-12-26 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2137-1] Security update for libxml2
2010-12-28 00:00:00
libxml double free vulnerability
2010-12-28 00:00:00
debiancve
debiancve
CVE-2010-4494
2010-12-07 21:00:09
f5
f5
K51182024 : libxml2 2.7.8 vulnerability CVE-2010-4494
2020-06-17 00:00:00
prion
prion
Double free
2010-12-07 21:00:00
ubuntucve
ubuntucve
CVE-2010-4494
2010-12-07 00:00:00
debian
debian
[SECURITY] [DSA 2137-1] Security update for libxml2
2010-12-26 15:46:41
gentoo
gentoo
libxml2: Multiple vulnerabilities
2011-10-26 00:00:00
oraclelinux
oraclelinux
libxml2 security and bug fix update
2011-12-14 00:00:00
mingw32-libxml2 security update
2013-01-31 00:00:00
redhat
redhat
(RHSA-2011:1749) Low: libxml2 security and bug fix update
2011-12-06 00:00:00
(RHSA-2013:0217) Important: mingw32-libxml2 security update
2013-01-31 00:00:00
vmware
vmware
VMware ESXi update to third party library
2012-07-12 00:00:00
centos
centos
mingw32 security update
2013-02-01 00:53:30
freebsd
freebsd
openoffice.org -- Multiple vulnerabilities
2010-08-04 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.7%
Related for SUSE_11_2_LIBXML2-110104.NASL