home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2001-065.nasl < prev    next >
Text File  |  2005-01-14  |  2KB  |  79 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2001:065
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(13880);
  12.  script_version ("$Revision: 1.2 $");
  13.  
  14.  name["english"] = "MDKSA-2001:065: openssl";
  15.  
  16.  script_name(english:name["english"]);
  17.  
  18.  desc["english"] = "
  19. The remote host is missing the patch for the advisory MDKSA-2001:065 (openssl).
  20.  
  21.  
  22. The pseudo-random number generator in OpenSSL versions up to 0.9.6a has a design
  23. flaw. By knowing the output of specific PRNG requests, an attacker would be able
  24. to determine the PRNG's internal state and thus predict future PRNG output.
  25.  
  26.  
  27. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2001:065
  28. Risk factor : High";
  29.  
  30.  
  31.  
  32.  script_description(english:desc["english"]);
  33.  
  34.  summary["english"] = "Check for the version of the openssl package";
  35.  script_summary(english:summary["english"]);
  36.  
  37.  script_category(ACT_GATHER_INFO);
  38.  
  39.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  40.  family["english"] = "Mandrake Local Security Checks";
  41.  script_family(english:family["english"]);
  42.  
  43.  script_dependencies("ssh_get_info.nasl");
  44.  script_require_keys("Host/Mandrake/rpm-list");
  45.  exit(0);
  46. }
  47.  
  48. include("rpm.inc");
  49. if ( rpm_check( reference:"openssl-0.9.5a-3.1mdk", release:"MDK7.1", yank:"mdk") )
  50. {
  51.  security_hole(0);
  52.  exit(0);
  53. }
  54. if ( rpm_check( reference:"openssl-devel-0.9.5a-3.1mdk", release:"MDK7.1", yank:"mdk") )
  55. {
  56.  security_hole(0);
  57.  exit(0);
  58. }
  59. if ( rpm_check( reference:"openssl-0.9.5a-8.1mdk", release:"MDK7.2", yank:"mdk") )
  60. {
  61.  security_hole(0);
  62.  exit(0);
  63. }
  64. if ( rpm_check( reference:"openssl-devel-0.9.5a-8.1mdk", release:"MDK7.2", yank:"mdk") )
  65. {
  66.  security_hole(0);
  67.  exit(0);
  68. }
  69. if ( rpm_check( reference:"openssl-0.9.6-7.1mdk", release:"MDK8.0", yank:"mdk") )
  70. {
  71.  security_hole(0);
  72.  exit(0);
  73. }
  74. if ( rpm_check( reference:"openssl-devel-0.9.6-7.1mdk", release:"MDK8.0", yank:"mdk") )
  75. {
  76.  security_hole(0);
  77.  exit(0);
  78. }
  79.