home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2001-033.nasl < prev    next >
Text File  |  2005-01-14  |  4KB  |  136 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2001:033-2
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(14776);
  12.  script_version ("$Revision: 1.1 $");
  13.  
  14.  name["english"] = "MDKSA-2001:033-2: openssh";
  15.  
  16.  script_name(english:name["english"]);
  17.  
  18.  desc["english"] = "
  19. The remote host is missing the patch for the advisory MDKSA-2001:033-2 (openssh).
  20.  
  21.  
  22. There are several weaknesses in various implementations of the SSH (Secure
  23. Shell) protocols. When exploited, they let the attacker obtain sensitive
  24. information by passively monitoring encrypted SSH sessions. The information can
  25. later be used to speed up brute-force attacks on passwords, including the
  26. initial login password and other passwords appearing in interactive SSH
  27. sessions, such as those used with su. Versions of OpenSSH 2.5.2 and later have
  28. been fixed to reduce the impact of these traffic analysis problems, and as such
  29. all Linux- Mandrake users are encouraged to upgrade their version of openssh
  30. immediately.
  31. Update:
  32. A problem was introduced with a patch applied to the OpenSSH packages released
  33. in the previous update. This problem was due to the keepalive patch included,
  34. and it broke interoperability with older versions of OpenSSH and SSH. This
  35. update removes the patch, and also provides the latest version of OpenSSH which
  36. provides a number of new features and enhancements.
  37.  
  38.  
  39. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2001:033-2
  40. Risk factor : High";
  41.  
  42.  
  43.  
  44.  script_description(english:desc["english"]);
  45.  
  46.  summary["english"] = "Check for the version of the openssh package";
  47.  script_summary(english:summary["english"]);
  48.  
  49.  script_category(ACT_GATHER_INFO);
  50.  
  51.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  52.  family["english"] = "Mandrake Local Security Checks";
  53.  script_family(english:family["english"]);
  54.  
  55.  script_dependencies("ssh_get_info.nasl");
  56.  script_require_keys("Host/Mandrake/rpm-list");
  57.  exit(0);
  58. }
  59.  
  60. include("rpm.inc");
  61. if ( rpm_check( reference:"openssh-2.9p1-3.3mdk", release:"MDK7.1", yank:"mdk") )
  62. {
  63.  security_hole(0);
  64.  exit(0);
  65. }
  66. if ( rpm_check( reference:"openssh-askpass-2.9p1-3.3mdk", release:"MDK7.1", yank:"mdk") )
  67. {
  68.  security_hole(0);
  69.  exit(0);
  70. }
  71. if ( rpm_check( reference:"openssh-askpass-gnome-2.9p1-3.3mdk", release:"MDK7.1", yank:"mdk") )
  72. {
  73.  security_hole(0);
  74.  exit(0);
  75. }
  76. if ( rpm_check( reference:"openssh-clients-2.9p1-3.3mdk", release:"MDK7.1", yank:"mdk") )
  77. {
  78.  security_hole(0);
  79.  exit(0);
  80. }
  81. if ( rpm_check( reference:"openssh-server-2.9p1-3.3mdk", release:"MDK7.1", yank:"mdk") )
  82. {
  83.  security_hole(0);
  84.  exit(0);
  85. }
  86. if ( rpm_check( reference:"openssh-2.9p1-3.2mdk", release:"MDK7.2", yank:"mdk") )
  87. {
  88.  security_hole(0);
  89.  exit(0);
  90. }
  91. if ( rpm_check( reference:"openssh-askpass-2.9p1-3.2mdk", release:"MDK7.2", yank:"mdk") )
  92. {
  93.  security_hole(0);
  94.  exit(0);
  95. }
  96. if ( rpm_check( reference:"openssh-askpass-gnome-2.9p1-3.2mdk", release:"MDK7.2", yank:"mdk") )
  97. {
  98.  security_hole(0);
  99.  exit(0);
  100. }
  101. if ( rpm_check( reference:"openssh-clients-2.9p1-3.2mdk", release:"MDK7.2", yank:"mdk") )
  102. {
  103.  security_hole(0);
  104.  exit(0);
  105. }
  106. if ( rpm_check( reference:"openssh-server-2.9p1-3.2mdk", release:"MDK7.2", yank:"mdk") )
  107. {
  108.  security_hole(0);
  109.  exit(0);
  110. }
  111. if ( rpm_check( reference:"openssh-2.9p1-3.1mdk", release:"MDK8.0", yank:"mdk") )
  112. {
  113.  security_hole(0);
  114.  exit(0);
  115. }
  116. if ( rpm_check( reference:"openssh-askpass-2.9p1-3.1mdk", release:"MDK8.0", yank:"mdk") )
  117. {
  118.  security_hole(0);
  119.  exit(0);
  120. }
  121. if ( rpm_check( reference:"openssh-askpass-gnome-2.9p1-3.1mdk", release:"MDK8.0", yank:"mdk") )
  122. {
  123.  security_hole(0);
  124.  exit(0);
  125. }
  126. if ( rpm_check( reference:"openssh-clients-2.9p1-3.1mdk", release:"MDK8.0", yank:"mdk") )
  127. {
  128.  security_hole(0);
  129.  exit(0);
  130. }
  131. if ( rpm_check( reference:"openssh-server-2.9p1-3.1mdk", release:"MDK8.0", yank:"mdk") )
  132. {
  133.  security_hole(0);
  134.  exit(0);
  135. }
  136.