Possible cross-site scripting vulnerability in libxml after commit 960f0e2.

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3665-1 advisory.

  - Possible cross-site scripting vulnerability in libxml after commit 960f0e2. (CVE-2016-3709)

  - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference     and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. (CVE-2023-28484)

  - An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML     document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic     and memory errors, such as a double free. This behavior occurs because there is an attempt to use the     first byte of an empty string, and any value is possible (not solely the '\0' value). (CVE-2023-29469)

  - ** DISPUTED ** Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the     xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial     of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does     not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.
    (CVE-2023-39615)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4767 advisory.

  - libxml2: Incorrect server side include parsing can lead to XSS (CVE-2016-3709)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.2.2. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-23 advisory. Several of the third-party components were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with best practice, Tenable has opted to upgrade these components to address the potential impact of the issues. Nessus Network Monitor 6.2.2 updates the following components:

  - c-ares from version 1.10.0 to version 1.19.1.
  - curl from version 7.79.1 to version 8.1.2.
  - libbzip2 from version 1.0.6 to version 1.0.8.
  - libpcre from version 8.42 to version 8.44.
  - libxml2 from version 2.7.7 to version 2.11.1.
  - libxslt from version 1.1.26 to version 1.1.37.
  - libxmlsec from version 1.2.18 to version 1.2.37.
  - sqlite from version 3.27.2 to version 3.40.1.
  - jQuery Cookie from version 1.3.1 to version 1.4.1.
  - jQuery UI from version 1.13.0 to version 1.13.2.
  - OpenSSL from version 3.0.8 to version 3.0.9.

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - Possible cross-site scripting vulnerability in libxml after commit 960f0e2. (CVE-2016-3709)

  - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the     XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to     access an array at a negative 2GB offset, typically leading to a segmentation fault. (CVE-2022-40303)

  - An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a     hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be     provoked. (CVE-2022-40304)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7715 advisory.

  - Possible cross-site scripting vulnerability in libxml after commit 960f0e2. (CVE-2016-3709)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7715 advisory.

  - Possible cross-site scripting vulnerability in libxml after commit 960f0e2. (CVE-2016-3709)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7715 advisory.

  - Possible cross-site scripting vulnerability in libxml after commit 960f0e2. (CVE-2016-3709)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7715 advisory.

  - libxml2: Incorrect server side include parsing can lead to XSS (CVE-2016-3709)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:7715 advisory.

  - libxml2: Incorrect server side include parsing can lead to XSS (CVE-2016-3709)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3871-1 advisory.

  - Possible cross-site scripting vulnerability in libxml after commit 960f0e2. (CVE-2016-3709)

  - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the     XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to     access an array at a negative 2GB offset, typically leading to a segmentation fault. (CVE-2022-40303)

  - An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a     hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be     provoked. (CVE-2022-40304)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3717-1 advisory.

  - Possible cross-site scripting vulnerability in libxml after commit 960f0e2. (CVE-2016-3709)

  - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the     XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to     access an array at a negative 2GB offset, typically leading to a segmentation fault. (CVE-2022-40303)

  - An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a     hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be     provoked. (CVE-2022-40304)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - Possible cross-site scripting vulnerability in libxml after commit 960f0e2. (CVE-2016-3709)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5548-1 advisory.

  - Possible cross-site scripting vulnerability in libxml after commit 960f0e2. (CVE-2016-3709)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
181575	SUSE SLES12 Security Update : libxml2 (SUSE-SU-2023:3665-1)	Nessus	SuSE Local Security Checks	medium
180214	RHEL 8 : libxml2 (RHSA-2023:4767)	Nessus	Red Hat Local Security Checks	medium
177842	Nessus Network Monitor < 6.2.2 Multiple Vulnerabilities (TNS-2023-23)	Nessus	Misc.	critical
177179	EulerOS Virtualization 3.0.6.0 : libxml2 (EulerOS-SA-2023-2212)	Nessus	Huawei Local Security Checks	high
167814	Rocky Linux 8 : libxml2 (RLSA-2022:7715)	Nessus	Rocky Linux Local Security Checks	medium
167563	Oracle Linux 8 : libxml2 (ELSA-2022-7715)	Nessus	Oracle Linux Local Security Checks	medium
167292	AlmaLinux 8 : libxml2 (ALSA-2022:7715)	Nessus	Alma Linux Local Security Checks	medium
167167	RHEL 8 : libxml2 (RHSA-2022:7715)	Nessus	Red Hat Local Security Checks	medium
167159	CentOS 8 : libxml2 (CESA-2022:7715)	Nessus	CentOS Local Security Checks	medium
167037	SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2022:3871-1)	Nessus	SuSE Local Security Checks	high
166526	SUSE SLES12 Security Update : libxml2 (SUSE-SU-2022:3717-1)	Nessus	SuSE Local Security Checks	high
165861	EulerOS 2.0 SP8 : libxml2 (EulerOS-SA-2022-2471)	Nessus	Huawei Local Security Checks	medium
163871	Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : libxml2 vulnerability (USN-5548-1)	Nessus	Ubuntu Local Security Checks	medium

Detections

Analytics

CVE-2016-3709

medium

Tenable Plugins

medium

medium

critical

high

medium

medium

medium

medium

medium

high

high

medium

medium