[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
02/04: Add (guix cve).
|
From: |
Ludovic Courtès |
|
Subject: |
02/04: Add (guix cve). |
|
Date: |
Thu, 26 Nov 2015 22:21:39 +0000 |
civodul pushed a commit to branch master
in repository guix.
commit 0eef7551303e3fc855809d84eed8421d2a075cfa
Author: Ludovic Courtès <address@hidden>
Date: Thu Nov 26 21:52:25 2015 +0100
Add (guix cve).
* guix/cve.scm, tests/cve-sample.xml, tests/cve.scm: New files.
* Makefile.am (MODULES): Add guix/cve.scm.
(SCM_TESTS): Add tests/cve.scm.
(EXTRA_DIST): Add tests/cve-sample.scm.
---
Makefile.am | 3 +
guix/cve.scm | 177 +++++++++++++++
tests/cve-sample.xml | 616 ++++++++++++++++++++++++++++++++++++++++++++++++++
tests/cve.scm | 69 ++++++
4 files changed, 865 insertions(+), 0 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 43be2ec..245070b 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -51,6 +51,7 @@ MODULES = \
guix/upstream.scm \
guix/licenses.scm \
guix/graph.scm \
+ guix/cve.scm \
guix/build-system.scm \
guix/build-system/cmake.scm \
guix/build-system/emacs.scm \
@@ -224,6 +225,7 @@ SCM_TESTS = \
tests/size.scm \
tests/graph.scm \
tests/challenge.scm \
+ tests/cve.scm \
tests/file-systems.scm \
tests/services.scm \
tests/containers.scm
@@ -312,6 +314,7 @@ EXTRA_DIST =
\
tests/test.drv \
tests/signing-key.pub \
tests/signing-key.sec \
+ tests/cve-sample.xml \
build-aux/config.rpath \
bootstrap \
release.nix \
diff --git a/guix/cve.scm b/guix/cve.scm
new file mode 100644
index 0000000..a7b0bde
--- /dev/null
+++ b/guix/cve.scm
@@ -0,0 +1,177 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2015 Ludovic Courtès <address@hidden>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (guix cve)
+ #:use-module (guix utils)
+ #:use-module (guix http-client)
+ #:use-module (sxml ssax)
+ #:use-module (web uri)
+ #:use-module (srfi srfi-1)
+ #:use-module (srfi srfi-9)
+ #:use-module (srfi srfi-19)
+ #:use-module (ice-9 match)
+ #:use-module (ice-9 regex)
+ #:use-module (ice-9 vlist)
+ #:export (vulnerability?
+ vulnerability-id
+ vulnerability-packages
+
+ xml->vulnerabilities
+ current-vulnerabilities
+ vulnerabilities->lookup-proc))
+
+;;; Commentary:
+;;;
+;;; This modules provides the tools to fetch, parse, and digest part of the
+;;; Common Vulnerabilities and Exposures (CVE) feeds provided by the US NIST
+;;; at <https://nvd.nist.gov/download.cfm#CVE_FEED>.
+;;;
+;;; Code:
+
+(define-record-type <vulnerability>
+ (vulnerability id packages)
+ vulnerability?
+ (id vulnerability-id)
+ (packages vulnerability-packages))
+
+(define %cve-feed-uri
+ (string->uri
+ "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Modified.xml.gz";))
+
+(define %ttl
+ ;; According to <https://nvd.nist.gov/download.cfm#CVE_FEED>, feeds are
+ ;; updated "approximately every two hours."
+ (* 3600 3))
+
+(define (call-with-cve-port proc)
+ "Pass PROC an input port from which to read the CVE stream."
+ (let ((port (http-fetch/cached %cve-feed-uri #:ttl %ttl)))
+ (dynamic-wind
+ (const #t)
+ (lambda ()
+ (call-with-decompressed-port 'gzip port
+ proc))
+ (lambda ()
+ (close-port port)))))
+
+(define %cpe-package-rx
+ ;; For applications: "cpe:/a:VENDOR:PACKAGE:VERSION".
+ (make-regexp "^cpe:/a:([^:]+):([^:]+):([^:]+)"))
+
+(define (cpe->package-name cpe)
+ "Converts the Common Platform Enumeration (CPE) string CPE to a package
+name, in a very naive way. Return #f if CPE does not look like an application
+CPE string."
+ (and=> (regexp-exec %cpe-package-rx (string-trim-both cpe))
+ (lambda (matches)
+ (cons (match:substring matches 2)
+ (match:substring matches 3)))))
+
+(define %parse-vulnerability-feed
+ ;; Parse the XML vulnerability feed from
+ ;; <https://nvd.nist.gov/download.cfm#CVE_FEED> and return a list of
+ ;; vulnerability objects.
+ (ssax:make-parser NEW-LEVEL-SEED
+ (lambda (elem-gi attributes namespaces expected-content
+ seed)
+ (match elem-gi
+ ((name-space . 'entry)
+ (cons (assoc-ref attributes 'id) seed))
+ ((name-space . 'vulnerable-software-list)
+ (cons '() seed))
+ ((name-space . 'product)
+ (cons 'product seed))
+ (x seed)))
+
+ FINISH-ELEMENT
+ (lambda (elem-gi attributes namespaces parent-seed
+ seed)
+ (match elem-gi
+ ((name-space . 'entry)
+ (match seed
+ (((? string? id) . rest)
+ ;; Some entries have no vulnerable-software-list.
+ rest)
+ ((products id . rest)
+ (match (filter-map cpe->package-name products)
+ (()
+ ;; No application among PRODUCTS.
+ rest)
+ (packages
+ (cons (vulnerability id (reverse packages))
+ rest))))))
+ (x
+ seed)))
+
+ CHAR-DATA-HANDLER
+ (lambda (str _ seed)
+ (match seed
+ (('product software-list . rest)
+ ;; Add STR to the vulnerable software list this
+ ;; <product> tag is part of.
+ (cons (cons str software-list) rest))
+ (x x)))))
+
+(define (xml->vulnerabilities port)
+ "Read from PORT an XML feed of vulnerabilities and return a list of
+vulnerability objects."
+ (reverse (%parse-vulnerability-feed port '())))
+
+(define (current-vulnerabilities)
+ "Return the current list of Common Vulnerabilities and Exposures (CVE) as
+published by the US NIST."
+ (call-with-cve-port
+ (lambda (port)
+ ;; XXX: The SSAX "error port" is used to send pointless warnings such as
+ ;; "warning: Skipping PI". Turn that off.
+ (parameterize ((current-ssax-error-port (%make-void-port "w")))
+ (xml->vulnerabilities port)))))
+
+(define (vulnerabilities->lookup-proc vulnerabilities)
+ "Return a lookup procedure built from VULNERABILITIES that takes a package
+name and optionally a version number. When the version is omitted, the lookup
+procedure returns a list of version/vulnerability pairs; otherwise, it returns
+a list of vulnerabilities affection the given package version."
+ (define table
+ ;; Map package names to lists of version/vulnerability pairs.
+ (fold (lambda (vuln table)
+ (match vuln
+ (($ <vulnerability> id packages)
+ (fold (lambda (package table)
+ (match package
+ ((name . version)
+ (vhash-cons name (cons version vuln)
+ table))))
+ table
+ packages))))
+ vlist-null
+ vulnerabilities))
+
+ (lambda* (package #:optional version)
+ (vhash-fold* (if version
+ (lambda (pair result)
+ (match pair
+ ((v . vuln)
+ (if (string=? v version)
+ (cons vuln result)
+ result))))
+ cons)
+ '()
+ package table)))
+
+;;; cve.scm ends here
diff --git a/tests/cve-sample.xml b/tests/cve-sample.xml
new file mode 100644
index 0000000..ce15849
--- /dev/null
+++ b/tests/cve-sample.xml
@@ -0,0 +1,616 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<nvd xmlns:scap-core="http://scap.nist.gov/schema/scap-core/0.1";
xmlns:cvss="http://scap.nist.gov/schema/cvss-v2/0.2";
xmlns:vuln="http://scap.nist.gov/schema/vulnerability/0.4";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:patch="http://scap.nist.gov/schema/patch/0.1";
xmlns="http://scap.nist.gov/schema/feed/vulnerability/2.0";
xmlns:cpe-lang="http://cpe.mitre.org/language/2.0"; nvd_xml_version="2.0"
pub_date="2015-11-25T08:07:01" xsi:schemaLocation="http://scap.nist.gov/schem
[...]
+ <entry id="CVE-2003-0001">
+ <vuln:vulnerable-configuration id="http://nvd.nist.gov/";>
+ <cpe-lang:logical-test operator="OR" negate="false">
+ <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.2"/>
+ <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.3"/>
+ <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.4"/>
+ <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.5"/>
+ <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.6"/>
+ <cpe-lang:fact-ref name="cpe:/o:freebsd:freebsd:4.7"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.1"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.10"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.11"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.12"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.13"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.14"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.15"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.16"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.17"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.18"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.19"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.2"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.20"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.3"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.4"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.5"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.6"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.7"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.8"/>
+ <cpe-lang:fact-ref name="cpe:/o:linux:linux_kernel:2.4.9"/>
+ <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000:::advanced_server"/>
+ <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000:::datacenter_server"/>
+ <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000:::professional"/>
+ <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000:::server"/>
+ <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000::sp1:advanced_server"/>
+ <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000::sp1:datacenter_server"/>
+ <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000::sp1:professional"/>
+ <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000::sp1:server"/>
+ <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000::sp2:advanced_server"/>
+ <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000::sp2:datacenter_server"/>
+ <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000::sp2:professional"/>
+ <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000::sp2:server"/>
+ <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000_terminal_services"/>
+ <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000_terminal_services::sp1"/>
+ <cpe-lang:fact-ref
name="cpe:/o:microsoft:windows_2000_terminal_services::sp2"/>
+ <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.5"/>
+ <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.5.1"/>
+ <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.5.2"/>
+ <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.5.3"/>
+ <cpe-lang:fact-ref name="cpe:/o:netbsd:netbsd:1.6"/>
+ </cpe-lang:logical-test>
+ </vuln:vulnerable-configuration>
+ <vuln:vulnerable-software-list>
+
<vuln:product>cpe:/o:microsoft:windows_2000::sp2:professional</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.4</vuln:product>
+
<vuln:product>cpe:/o:microsoft:windows_2000_terminal_services::sp1</vuln:product>
+
<vuln:product>cpe:/o:microsoft:windows_2000::sp1:advanced_server</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.19</vuln:product>
+
<vuln:product>cpe:/o:microsoft:windows_2000::sp2:advanced_server</vuln:product>
+
<vuln:product>cpe:/o:microsoft:windows_2000_terminal_services</vuln:product>
+
<vuln:product>cpe:/o:microsoft:windows_2000:::advanced_server</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.20</vuln:product>
+ <vuln:product>cpe:/o:netbsd:netbsd:1.5.1</vuln:product>
+
<vuln:product>cpe:/o:microsoft:windows_2000_terminal_services::sp2</vuln:product>
+ <vuln:product>cpe:/o:netbsd:netbsd:1.5.3</vuln:product>
+ <vuln:product>cpe:/o:netbsd:netbsd:1.5.2</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.6</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.9</vuln:product>
+
<vuln:product>cpe:/o:microsoft:windows_2000:::datacenter_server</vuln:product>
+ <vuln:product>cpe:/o:netbsd:netbsd:1.6</vuln:product>
+ <vuln:product>cpe:/o:netbsd:netbsd:1.5</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.7</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.8</vuln:product>
+
<vuln:product>cpe:/o:microsoft:windows_2000::sp1:datacenter_server</vuln:product>
+
<vuln:product>cpe:/o:microsoft:windows_2000::sp2:datacenter_server</vuln:product>
+ <vuln:product>cpe:/o:freebsd:freebsd:4.3</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.10</vuln:product>
+ <vuln:product>cpe:/o:microsoft:windows_2000::sp1:server</vuln:product>
+ <vuln:product>cpe:/o:freebsd:freebsd:4.5</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.12</vuln:product>
+ <vuln:product>cpe:/o:freebsd:freebsd:4.2</vuln:product>
+ <vuln:product>cpe:/o:freebsd:freebsd:4.7</vuln:product>
+ <vuln:product>cpe:/o:freebsd:freebsd:4.4</vuln:product>
+ <vuln:product>cpe:/o:freebsd:freebsd:4.6</vuln:product>
+ <vuln:product>cpe:/o:microsoft:windows_2000::sp2:server</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.18</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.1</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.15</vuln:product>
+ <vuln:product>cpe:/o:microsoft:windows_2000:::server</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.17</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.14</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.2</vuln:product>
+ <vuln:product>cpe:/o:microsoft:windows_2000:::professional</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.11</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.5</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.16</vuln:product>
+
<vuln:product>cpe:/o:microsoft:windows_2000::sp1:professional</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.13</vuln:product>
+ <vuln:product>cpe:/o:linux:linux_kernel:2.4.3</vuln:product>
+ </vuln:vulnerable-software-list>
+ <vuln:cve-id>CVE-2003-0001</vuln:cve-id>
+
<vuln:published-datetime>2003-01-17T00:00:00.000-05:00</vuln:published-datetime>
+
<vuln:last-modified-datetime>2015-11-24T13:05:47.073-05:00</vuln:last-modified-datetime>
+ <vuln:cvss>
+ <cvss:base_metrics>
+ <cvss:score>5.0</cvss:score>
+ <cvss:access-vector>NETWORK</cvss:access-vector>
+ <cvss:access-complexity>LOW</cvss:access-complexity>
+ <cvss:authentication>NONE</cvss:authentication>
+ <cvss:confidentiality-impact>PARTIAL</cvss:confidentiality-impact>
+ <cvss:integrity-impact>NONE</cvss:integrity-impact>
+ <cvss:availability-impact>NONE</cvss:availability-impact>
+ <cvss:source>http://nvd.nist.gov</cvss:source>
+
<cvss:generated-on-datetime>2015-11-24T12:23:33.593-05:00</cvss:generated-on-datetime>
+ </cvss:base_metrics>
+ </vuln:cvss>
+ <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2665";
name="oval:org.mitre.oval:def:2665"/>
+ <vuln:cwe id="CWE-200"/>
+ <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
+ <vuln:source>CERT-VN</vuln:source>
+ <vuln:reference href="http://www.kb.cert.org/vuls/id/412115";
xml:lang="en">VU#412115</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>BUGTRAQ</vuln:source>
+ <vuln:reference
href="http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded";
xml:lang="en">20150402 NEW : VMSA-2015-0003 VMware product updates address
critical information disclosure issue in JRE</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>BUGTRAQ</vuln:source>
+ <vuln:reference
href="http://www.securityfocus.com/archive/1/archive/1/307564/30/26270/threaded";
xml:lang="en">20030117 Re: More information regarding
Etherleak</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>BUGTRAQ</vuln:source>
+ <vuln:reference
href="http://www.securityfocus.com/archive/1/archive/1/305335/30/26420/threaded";
xml:lang="en">20030106 Etherleak: Ethernet frame padding information leakage
(A010603-1)</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>REDHAT</vuln:source>
+ <vuln:reference
href="http://www.redhat.com/support/errata/RHSA-2003-088.html";
xml:lang="en">RHSA-2003:088</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>REDHAT</vuln:source>
+ <vuln:reference
href="http://www.redhat.com/support/errata/RHSA-2003-025.html";
xml:lang="en">RHSA-2003:025</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>OSVDB</vuln:source>
+ <vuln:reference href="http://www.osvdb.org/9962";
xml:lang="en">9962</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>CONFIRM</vuln:source>
+ <vuln:reference
href="http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html";
xml:lang="en">http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MISC</vuln:source>
+ <vuln:reference
href="http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf";
xml:lang="en">http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
+ <vuln:source>ATSTAKE</vuln:source>
+ <vuln:reference
href="http://www.atstake.com/research/advisories/2003/a010603-1.txt";
xml:lang="en">A010603-1</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>FULLDISC</vuln:source>
+ <vuln:reference href="http://seclists.org/fulldisclosure/2015/Apr/5";
xml:lang="en">20150402 NEW : VMSA-2015-0003 VMware product updates address
critical information disclosure issue in JRE</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MISC</vuln:source>
+ <vuln:reference
href="http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html";
xml:lang="en">http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
+ <vuln:source>BUGTRAQ</vuln:source>
+ <vuln:reference
href="http://marc.theaimsgroup.com/?l=bugtraq&m=104222046632243&w=2";
xml:lang="en">20030110 More information regarding Etherleak</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>VULNWATCH</vuln:source>
+ <vuln:reference
href="http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html";
xml:lang="en">20030110 More information regarding Etherleak</vuln:reference>
+ </vuln:references>
+ <vuln:scanner>
+ <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:2665";
name="oval:org.mitre.oval:def:2665"/>
+ </vuln:scanner>
+ <vuln:summary>Multiple ethernet Network Interface Card (NIC) device
drivers do not pad frames with null bytes, which allows remote attackers to
obtain information from previous packets or kernel memory by using malformed
packets, as demonstrated by Etherleak.</vuln:summary>
+ </entry>
+ <entry id="CVE-2004-0230">
+ <vuln:vulnerable-configuration id="http://nvd.nist.gov/";>
+ <cpe-lang:logical-test operator="OR" negate="false">
+ <cpe-lang:fact-ref name="cpe:/a:tcp:tcp"/>
+ </cpe-lang:logical-test>
+ </vuln:vulnerable-configuration>
+ <vuln:vulnerable-software-list>
+ <vuln:product>cpe:/a:tcp:tcp</vuln:product>
+ </vuln:vulnerable-software-list>
+ <vuln:cve-id>CVE-2004-0230</vuln:cve-id>
+
<vuln:published-datetime>2004-08-18T00:00:00.000-04:00</vuln:published-datetime>
+
<vuln:last-modified-datetime>2015-11-24T13:06:40.597-05:00</vuln:last-modified-datetime>
+ <vuln:cvss>
+ <cvss:base_metrics>
+ <cvss:score>5.0</cvss:score>
+ <cvss:access-vector>NETWORK</cvss:access-vector>
+ <cvss:access-complexity>LOW</cvss:access-complexity>
+ <cvss:authentication>NONE</cvss:authentication>
+ <cvss:confidentiality-impact>NONE</cvss:confidentiality-impact>
+ <cvss:integrity-impact>NONE</cvss:integrity-impact>
+ <cvss:availability-impact>PARTIAL</cvss:availability-impact>
+ <cvss:source>http://nvd.nist.gov</cvss:source>
+
<cvss:generated-on-datetime>2015-11-24T12:17:30.930-05:00</cvss:generated-on-datetime>
+ </cvss:base_metrics>
+ </vuln:cvss>
+ <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5711";
name="oval:org.mitre.oval:def:5711"/>
+ <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4791";
name="oval:org.mitre.oval:def:4791"/>
+ <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:3508";
name="oval:org.mitre.oval:def:3508"/>
+ <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:270";
name="oval:org.mitre.oval:def:270"/>
+ <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2689";
name="oval:org.mitre.oval:def:2689"/>
+ <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
+ <vuln:source>CERT</vuln:source>
+ <vuln:reference
href="http://www.us-cert.gov/cas/techalerts/TA04-111A.html";
xml:lang="en">TA04-111A</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>CERT-VN</vuln:source>
+ <vuln:reference href="http://www.kb.cert.org/vuls/id/415294";
xml:lang="en">VU#415294</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>CONFIRM</vuln:source>
+ <vuln:reference
href="https://kc.mcafee.com/corporate/index?page=content&id=SB10053";
xml:lang="en">https://kc.mcafee.com/corporate/index?page=content&id=SB10053</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
+ <vuln:source>XF</vuln:source>
+ <vuln:reference href="http://xforce.iss.net/xforce/xfdb/15886";
xml:lang="en">tcp-rst-dos(15886)</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>VUPEN</vuln:source>
+ <vuln:reference href="http://www.vupen.com/english/advisories/2006/3983";
xml:lang="en">ADV-2006-3983</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MISC</vuln:source>
+ <vuln:reference
href="http://www.uniras.gov.uk/vuls/2004/236929/index.htm";
xml:lang="en">http://www.uniras.gov.uk/vuls/2004/236929/index.htm</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
+ <vuln:source>BID</vuln:source>
+ <vuln:reference href="http://www.securityfocus.com/bid/10183";
xml:lang="en">10183</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>BUGTRAQ</vuln:source>
+ <vuln:reference
href="http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded";
xml:lang="en">20150402 NEW : VMSA-2015-0003 VMware product updates address
critical information disclosure issue in JRE</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>HP</vuln:source>
+ <vuln:reference
href="http://www.securityfocus.com/archive/1/archive/1/449179/100/0/threaded";
xml:lang="en">SSRT061264</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>OSVDB</vuln:source>
+ <vuln:reference href="http://www.osvdb.org/4030";
xml:lang="en">4030</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>CONFIRM</vuln:source>
+ <vuln:reference
href="http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html";
xml:lang="en">http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MS</vuln:source>
+ <vuln:reference
href="http://www.microsoft.com/technet/security/Bulletin/MS06-064.mspx";
xml:lang="en">MS06-064</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MS</vuln:source>
+ <vuln:reference
href="http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx";
xml:lang="en">MS05-019</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>CISCO</vuln:source>
+ <vuln:reference
href="http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml";
xml:lang="en">20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco
Products</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>FULLDISC</vuln:source>
+ <vuln:reference href="http://seclists.org/fulldisclosure/2015/Apr/5";
xml:lang="en">20150402 NEW : VMSA-2015-0003 VMware product updates address
critical information disclosure issue in JRE</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MISC</vuln:source>
+ <vuln:reference
href="http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html";
xml:lang="en">http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>HP</vuln:source>
+ <vuln:reference
href="http://marc.theaimsgroup.com/?l=bugtraq&m=108506952116653&w=2";
xml:lang="en">SSRT4696</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>BUGTRAQ</vuln:source>
+ <vuln:reference
href="http://marc.theaimsgroup.com/?l=bugtraq&m=108302060014745&w=2";
xml:lang="en">20040425 Perl code exploting TCP not checking RST
ACK.</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>CONFIRM</vuln:source>
+ <vuln:reference href="http://kb.juniper.net/JSA10638";
xml:lang="en">http://kb.juniper.net/JSA10638</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>SGI</vuln:source>
+ <vuln:reference
href="ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc";
xml:lang="en">20040403-01-A</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>SCO</vuln:source>
+ <vuln:reference
href="ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt";
xml:lang="en">SCOSA-2005.14</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>SCO</vuln:source>
+ <vuln:reference
href="ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt";
xml:lang="en">SCOSA-2005.9</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>SCO</vuln:source>
+ <vuln:reference
href="ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt";
xml:lang="en">SCOSA-2005.3</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>NETBSD</vuln:source>
+ <vuln:reference
href="ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc";
xml:lang="en">NetBSD-SA2004-006</vuln:reference>
+ </vuln:references>
+ <vuln:scanner>
+ <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:3508";
name="oval:org.mitre.oval:def:3508"/>
+ </vuln:scanner>
+ <vuln:scanner>
+ <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:270";
name="oval:org.mitre.oval:def:270"/>
+ </vuln:scanner>
+ <vuln:scanner>
+ <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:2689";
name="oval:org.mitre.oval:def:2689"/>
+ </vuln:scanner>
+ <vuln:scanner>
+ <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:5711";
name="oval:org.mitre.oval:def:5711"/>
+ </vuln:scanner>
+ <vuln:scanner>
+ <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:4791";
name="oval:org.mitre.oval:def:4791"/>
+ </vuln:scanner>
+ <vuln:summary>TCP, when using a large Window Size, makes it easier for
remote attackers to guess sequence numbers and cause a denial of service
(connection loss) to persistent TCP connections by repeatedly injecting a TCP
RST packet, especially in protocols that use long-lived connections, such as
BGP.</vuln:summary>
+ </entry>
+ <entry id="CVE-2008-2335">
+ <vuln:vulnerable-configuration id="http://nvd.nist.gov/";>
+ <cpe-lang:logical-test operator="OR" negate="false">
+ <cpe-lang:fact-ref name="cpe:/a:vastal:phpvid:1.2"/>
+ <cpe-lang:fact-ref name="cpe:/a:vastal:phpvid:1.1"/>
+ </cpe-lang:logical-test>
+ </vuln:vulnerable-configuration>
+ <vuln:vulnerable-software-list>
+ <vuln:product>cpe:/a:vastal:phpvid:1.1</vuln:product>
+ <vuln:product>cpe:/a:vastal:phpvid:1.2</vuln:product>
+ </vuln:vulnerable-software-list>
+ <vuln:cve-id>CVE-2008-2335</vuln:cve-id>
+
<vuln:published-datetime>2008-05-19T09:20:00.000-04:00</vuln:published-datetime>
+
<vuln:last-modified-datetime>2015-11-24T11:45:25.057-05:00</vuln:last-modified-datetime>
+ <vuln:cvss>
+ <cvss:base_metrics>
+ <cvss:score>4.3</cvss:score>
+ <cvss:access-vector>NETWORK</cvss:access-vector>
+ <cvss:access-complexity>MEDIUM</cvss:access-complexity>
+ <cvss:authentication>NONE</cvss:authentication>
+ <cvss:confidentiality-impact>NONE</cvss:confidentiality-impact>
+ <cvss:integrity-impact>PARTIAL</cvss:integrity-impact>
+ <cvss:availability-impact>NONE</cvss:availability-impact>
+ <cvss:source>http://nvd.nist.gov</cvss:source>
+
<cvss:generated-on-datetime>2015-11-24T10:50:05.737-05:00</cvss:generated-on-datetime>
+ </cvss:base_metrics>
+ </vuln:cvss>
+ <vuln:cwe id="CWE-79"/>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>XF</vuln:source>
+ <vuln:reference href="http://xforce.iss.net/xforce/xfdb/42450";
xml:lang="en">phpvid-query-xss(42450)</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>VUPEN</vuln:source>
+ <vuln:reference href="http://www.vupen.com/english/advisories/2008/2552";
xml:lang="en">ADV-2008-2552</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>BID</vuln:source>
+ <vuln:reference href="http://www.securityfocus.com/bid/29238";
xml:lang="en">29238</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MILW0RM</vuln:source>
+ <vuln:reference href="http://www.milw0rm.com/exploits/6422";
xml:lang="en">6422</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>EXPLOIT-DB</vuln:source>
+ <vuln:reference href="http://www.exploit-db.com/exploits/27519";
xml:lang="en">27519</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MISC</vuln:source>
+ <vuln:reference
href="http://tetraph.com/security/xss-vulnerability/vastal-i-tech-phpvid-1-2-3-multiple-xss-cross-site-scripting-security-vulnerabilities/";
xml:lang="en">http://tetraph.com/security/xss-vulnerability/vastal-i-tech-phpvid-1-2-3-multiple-xss-cross-site-scripting-security-vulnerabilities/</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>FULLDISC</vuln:source>
+ <vuln:reference href="http://seclists.org/fulldisclosure/2015/Mar/59";
xml:lang="en">20150310 Vastal I-tech phpVID 1.2.3 Multiple XSS (Cross-site
Scripting) Security Vulnerabilities</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MISC</vuln:source>
+ <vuln:reference
href="http://packetstormsecurity.com/files/130755/Vastal-I-tech-phpVID-1.2.3-Cross-Site-Scripting.html";
xml:lang="en">http://packetstormsecurity.com/files/130755/Vastal-I-tech-phpVID-1.2.3-Cross-Site-Scripting.html</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MISC</vuln:source>
+ <vuln:reference
href="http://packetstormsecurity.com/files/122746/PHP-VID-XSS-SQL-Injection-CRLF-Injection.html";
xml:lang="en">http://packetstormsecurity.com/files/122746/PHP-VID-XSS-SQL-Injection-CRLF-Injection.html</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>OSVDB</vuln:source>
+ <vuln:reference href="http://osvdb.org/show/osvdb/45171";
xml:lang="en">45171</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MISC</vuln:source>
+ <vuln:reference href="http://holisticinfosec.org/content/view/65/45/";
xml:lang="en">http://holisticinfosec.org/content/view/65/45/</vuln:reference>
+ </vuln:references>
+ <vuln:summary>Cross-site scripting (XSS) vulnerability in
search_results.php in Vastal I-Tech phpVID 1.1 and 1.2 allows remote attackers
to inject arbitrary web script or HTML via the query parameter. NOTE: some of
these details are obtained from third party information. NOTE: it was later
reported that 1.2.3 is also affected.</vuln:summary>
+ </entry>
+ <entry id="CVE-2008-3522">
+ <vuln:vulnerable-configuration id="http://nvd.nist.gov/";>
+ <cpe-lang:logical-test operator="OR" negate="false">
+ <cpe-lang:fact-ref name="cpe:/a:redhat:enterprise_virtualization:3.5"/>
+ </cpe-lang:logical-test>
+ </vuln:vulnerable-configuration>
+ <vuln:vulnerable-configuration id="http://nvd.nist.gov/";>
+ <cpe-lang:logical-test operator="OR" negate="false">
+ <cpe-lang:fact-ref name="cpe:/a:jasper_project:jasper:1.900.1"/>
+ </cpe-lang:logical-test>
+ </vuln:vulnerable-configuration>
+ <vuln:vulnerable-software-list>
+ <vuln:product>cpe:/a:redhat:enterprise_virtualization:3.5</vuln:product>
+ <vuln:product>cpe:/a:jasper_project:jasper:1.900.1</vuln:product>
+ </vuln:vulnerable-software-list>
+ <vuln:cve-id>CVE-2008-3522</vuln:cve-id>
+
<vuln:published-datetime>2008-10-02T14:18:05.790-04:00</vuln:published-datetime>
+
<vuln:last-modified-datetime>2015-11-24T11:46:04.933-05:00</vuln:last-modified-datetime>
+ <vuln:cvss>
+ <cvss:base_metrics>
+ <cvss:score>10.0</cvss:score>
+ <cvss:access-vector>NETWORK</cvss:access-vector>
+ <cvss:access-complexity>LOW</cvss:access-complexity>
+ <cvss:authentication>NONE</cvss:authentication>
+ <cvss:confidentiality-impact>COMPLETE</cvss:confidentiality-impact>
+ <cvss:integrity-impact>COMPLETE</cvss:integrity-impact>
+ <cvss:availability-impact>COMPLETE</cvss:availability-impact>
+ <cvss:source>http://nvd.nist.gov</cvss:source>
+
<cvss:generated-on-datetime>2015-11-24T10:05:46.467-05:00</cvss:generated-on-datetime>
+ </cvss:base_metrics>
+ </vuln:cvss>
+ <vuln:security-protection>ALLOWS_ADMIN_ACCESS</vuln:security-protection>
+ <vuln:cwe id="CWE-119"/>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>XF</vuln:source>
+ <vuln:reference href="http://xforce.iss.net/xforce/xfdb/45623";
xml:lang="en">jasper-jasstreamprintf-bo(45623)</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>UBUNTU</vuln:source>
+ <vuln:reference href="http://www.ubuntu.com/usn/USN-742-1";
xml:lang="en">USN-742-1</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>BID</vuln:source>
+ <vuln:reference href="http://www.securityfocus.com/bid/31470";
xml:lang="en">31470</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MANDRIVA</vuln:source>
+ <vuln:reference
href="http://www.mandriva.com/security/advisories?name=MDVSA-2009:164";
xml:lang="en">MDVSA-2009:164</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MANDRIVA</vuln:source>
+ <vuln:reference
href="http://www.mandriva.com/security/advisories?name=MDVSA-2009:144";
xml:lang="en">MDVSA-2009:144</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MANDRIVA</vuln:source>
+ <vuln:reference
href="http://www.mandriva.com/security/advisories?name=MDVSA-2009:142";
xml:lang="en">MDVSA-2009:142</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>GENTOO</vuln:source>
+ <vuln:reference
href="http://security.gentoo.org/glsa/glsa-200812-18.xml";
xml:lang="en">GLSA-200812-18</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>REDHAT</vuln:source>
+ <vuln:reference href="http://rhn.redhat.com/errata/RHSA-2015-0698.html";
xml:lang="en">RHSA-2015:0698</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MISC</vuln:source>
+ <vuln:reference href="http://bugs.gentoo.org/show_bug.cgi?id=222819";
xml:lang="en">http://bugs.gentoo.org/show_bug.cgi?id=222819</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MISC</vuln:source>
+ <vuln:reference
href="http://bugs.gentoo.org/attachment.cgi?id=163282&action=view";
xml:lang="en">http://bugs.gentoo.org/attachment.cgi?id=163282&action=view</vuln:reference>
+ </vuln:references>
+ <vuln:summary>Buffer overflow in the jas_stream_printf function in
libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent
attackers to have an unknown impact via vectors related to the mif_hdr_put
function and use of vsprintf.</vuln:summary>
+ </entry>
+ <entry id="CVE-2009-3301">
+ <vuln:vulnerable-configuration id="http://www.nist.gov/";>
+ <cpe-lang:logical-test operator="OR" negate="false">
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:3.1.1"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:3.1.0"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:3.0.1"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:3.0.0"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.4.1"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.4.0"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.1.0"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:1.1.0"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.4.2"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.4.3"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.3.0"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.3.1"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.2.0"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.2.1"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.0.0"/>
+ <cpe-lang:fact-ref name="cpe:/a:sun:openoffice.org:2.0.3"/>
+ </cpe-lang:logical-test>
+ </vuln:vulnerable-configuration>
+ <vuln:vulnerable-configuration id="http://www.nist.gov/";>
+ <cpe-lang:logical-test operator="OR" negate="false">
+ <cpe-lang:fact-ref
name="cpe:/o:canonical:ubuntu_linux:10.04::~~lts~~~"/>
+ <cpe-lang:fact-ref name="cpe:/o:canonical:ubuntu_linux:10.10"/>
+ <cpe-lang:fact-ref name="cpe:/o:canonical:ubuntu_linux:9.10"/>
+ <cpe-lang:fact-ref name="cpe:/o:canonical:ubuntu_linux:8.04:-:lts"/>
+ </cpe-lang:logical-test>
+ </vuln:vulnerable-configuration>
+ <vuln:vulnerable-software-list>
+
<vuln:product>cpe:/o:canonical:ubuntu_linux:10.04::~~lts~~~</vuln:product>
+ <vuln:product>cpe:/o:canonical:ubuntu_linux:8.04:-:lts</vuln:product>
+ <vuln:product>cpe:/o:canonical:ubuntu_linux:10.10</vuln:product>
+ <vuln:product>cpe:/a:sun:openoffice.org:2.1.0</vuln:product>
+ <vuln:product>cpe:/a:sun:openoffice.org:2.3.0</vuln:product>
+ <vuln:product>cpe:/a:sun:openoffice.org:2.2.1</vuln:product>
+ <!-- snipped -->
+ </vuln:vulnerable-software-list>
+ <vuln:cve-id>CVE-2009-3301</vuln:cve-id>
+
<vuln:published-datetime>2010-02-16T14:30:00.533-05:00</vuln:published-datetime>
+
<vuln:last-modified-datetime>2015-11-17T10:59:44.723-05:00</vuln:last-modified-datetime>
+ <vuln:cvss>
+ <cvss:base_metrics>
+ <cvss:score>9.3</cvss:score>
+ <cvss:access-vector>NETWORK</cvss:access-vector>
+ <cvss:access-complexity>MEDIUM</cvss:access-complexity>
+ <cvss:authentication>NONE</cvss:authentication>
+ <cvss:confidentiality-impact>COMPLETE</cvss:confidentiality-impact>
+ <cvss:integrity-impact>COMPLETE</cvss:integrity-impact>
+ <cvss:availability-impact>COMPLETE</cvss:availability-impact>
+ <cvss:source>http://nvd.nist.gov</cvss:source>
+
<cvss:generated-on-datetime>2015-11-17T10:02:50.097-05:00</cvss:generated-on-datetime>
+ </cvss:base_metrics>
+ </vuln:cvss>
+ <vuln:assessment_check
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10423";
name="oval:org.mitre.oval:def:10423"/>
+ <vuln:cwe id="CWE-189"/>
+ <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
+ <vuln:source>CERT</vuln:source>
+ <vuln:reference
href="http://www.us-cert.gov/cas/techalerts/TA10-287A.html";
xml:lang="en">TA10-287A</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>CONFIRM</vuln:source>
+ <vuln:reference
href="https://bugzilla.redhat.com/show_bug.cgi?id=533038";
xml:lang="en">https://bugzilla.redhat.com/show_bug.cgi?id=533038</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>XF</vuln:source>
+ <vuln:reference href="http://xforce.iss.net/xforce/xfdb/56240";
xml:lang="en">openoffice-word-sprmtdeftable-bo(56240)</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>VUPEN</vuln:source>
+ <vuln:reference href="http://www.vupen.com/english/advisories/2010/2905";
xml:lang="en">ADV-2010-2905</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>VUPEN</vuln:source>
+ <vuln:reference href="http://www.vupen.com/english/advisories/2010/0635";
xml:lang="en">ADV-2010-0635</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
+ <vuln:source>VUPEN</vuln:source>
+ <vuln:reference href="http://www.vupen.com/english/advisories/2010/0366";
xml:lang="en">ADV-2010-0366</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>UBUNTU</vuln:source>
+ <vuln:reference href="http://www.ubuntu.com/usn/USN-903-1";
xml:lang="en">USN-903-1</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>BID</vuln:source>
+ <vuln:reference href="http://www.securityfocus.com/bid/38218";
xml:lang="en">38218</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>REDHAT</vuln:source>
+ <vuln:reference
href="http://www.redhat.com/support/errata/RHSA-2010-0101.html";
xml:lang="en">RHSA-2010:0101</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>CONFIRM</vuln:source>
+ <vuln:reference
href="http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html";
xml:lang="en">http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
+ <vuln:source>CONFIRM</vuln:source>
+ <vuln:reference
href="http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html";
xml:lang="en">http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
+ <vuln:source>CONFIRM</vuln:source>
+ <vuln:reference href="http://www.openoffice.org/security/bulletin.html";
xml:lang="en">http://www.openoffice.org/security/bulletin.html</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MANDRIVA</vuln:source>
+ <vuln:reference
href="http://www.mandriva.com/security/advisories?name=MDVSA-2010:221";
xml:lang="en">MDVSA-2010:221</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>GENTOO</vuln:source>
+ <vuln:reference
href="http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml";
xml:lang="en">GLSA-201408-19</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>DEBIAN</vuln:source>
+ <vuln:reference href="http://www.debian.org/security/2010/dsa-1995";
xml:lang="en">DSA-1995</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>SECTRACK</vuln:source>
+ <vuln:reference href="http://securitytracker.com/id?1023591";
xml:lang="en">1023591</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>SUSE</vuln:source>
+ <vuln:reference
href="http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html";
xml:lang="en">SUSE-SA:2010:017</vuln:reference>
+ </vuln:references>
+ <vuln:scanner>
+ <vuln:definition
system="http://oval.mitre.org/XMLSchema/oval-definitions-5";
href="http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10423";
name="oval:org.mitre.oval:def:10423"/>
+ </vuln:scanner>
+ <vuln:summary>Integer underflow in filter/ww8/ww8par2.cxx in
OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of
service (application crash) or possibly execute arbitrary code via a crafted
sprmTDefTable table property modifier in a Word document.</vuln:summary>
+ </entry>
+ <entry id="CVE-2015-8330">
+ <vuln:cve-id>CVE-2015-8330</vuln:cve-id>
+
<vuln:published-datetime>2015-11-24T15:59:25.897-05:00</vuln:published-datetime>
+
<vuln:last-modified-datetime>2015-11-24T15:59:26.930-05:00</vuln:last-modified-datetime>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MISC</vuln:source>
+ <vuln:reference
href="https://www.onapsis.com/blog/analyzing-sap-security-notes-november-2015";
xml:lang="en">https://www.onapsis.com/blog/analyzing-sap-security-notes-november-2015</vuln:reference>
+ </vuln:references>
+ <vuln:references xml:lang="en" reference_type="UNKNOWN">
+ <vuln:source>MISC</vuln:source>
+ <vuln:reference
href="http://erpscan.com/advisories/erpscan-15-032-sap-pco-agent-dos-vulnerability/";
xml:lang="en">http://erpscan.com/advisories/erpscan-15-032-sap-pco-agent-dos-vulnerability/</vuln:reference>
+ </vuln:references>
+ <vuln:summary>The PCo agent in SAP Plant Connectivity (PCo) allows remote
attackers to cause a denial of service (memory corruption and agent crash) via
crafted xMII requests, aka SAP Security Note 2238619.</vuln:summary>
+ </entry>
+</nvd>
diff --git a/tests/cve.scm b/tests/cve.scm
new file mode 100644
index 0000000..26bc560
--- /dev/null
+++ b/tests/cve.scm
@@ -0,0 +1,69 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2015 Ludovic Courtès <address@hidden>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (test-cve)
+ #:use-module (guix cve)
+ #:use-module (srfi srfi-1)
+ #:use-module (srfi srfi-64))
+
+(define %sample
+ (search-path %load-path "tests/cve-sample.xml"))
+
+(define (vulnerability id packages)
+ (make-struct (@@ (guix cve) <vulnerability>) 0 id packages))
+
+(define %expected-vulnerabilities
+ ;; What we should get when reading %SAMPLE.
+ (list
+ ;; CVE-2003-0001 has no "/a" in its product list so it is omitted.
+ ;; CVE-2004-0230 lists "tcp" as an application, but lacks a version number.
+ (vulnerability "CVE-2008-2335" '(("phpvid" . "1.1") ("phpvid" . "1.2")))
+ (vulnerability "CVE-2008-3522" '(("enterprise_virtualization" . "3.5")
+ ("jasper" . "1.900.1")))
+ (vulnerability "CVE-2009-3301" '(("openoffice.org" . "2.1.0")
+ ("openoffice.org" . "2.3.0")
+ ("openoffice.org" . "2.2.1")))
+ ;; CVE-2015-8330 has no software list.
+ ))
+
+�
+(test-begin "cve")
+
+(test-equal "xml->vulnerabilities"
+ %expected-vulnerabilities
+ (call-with-input-file %sample xml->vulnerabilities))
+
+(test-equal ""
+ (list `(("1.1" . ,(first %expected-vulnerabilities))
+ ("1.2" . ,(first %expected-vulnerabilities)))
+ '()
+ '()
+ (list (second %expected-vulnerabilities))
+ (list (third %expected-vulnerabilities)))
+ (let* ((vulns (call-with-input-file %sample xml->vulnerabilities))
+ (lookup (vulnerabilities->lookup-proc vulns)))
+ (list (lookup "phpvid")
+ (lookup "jasper" "2.0")
+ (lookup "foobar")
+ (lookup "jasper" "1.900.1")
+ (lookup "openoffice.org" "2.3.0"))))
+
+(test-end "cve")
+
+�
+(exit (= (test-runner-fail-count (test-runner-current)) 0))