home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2002-019.nasl < prev    next >
Text File  |  2005-01-14  |  4KB  |  151 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2002:019
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(13927);
  12.  script_version ("$Revision: 1.2 $");
  13.  
  14.  name["english"] = "MDKSA-2002:019: openssh";
  15.  
  16.  script_name(english:name["english"]);
  17.  
  18.  desc["english"] = "
  19. The remote host is missing the patch for the advisory MDKSA-2002:019 (openssh).
  20.  
  21.  
  22. Joost Pol found a bug in the channel code of all versions of OpenSSH from 2.0 to
  23. 3.0.2. This bug can allow authenticated users with an existing account on the
  24. vulnerable system to obtain root privilege or by a malicious server attacking a
  25. vulnerable client. OpenSSH 3.1 is not vulnerable to this problem. The provided
  26. packages fix this vulnerability.
  27.  
  28.  
  29. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:019
  30. Risk factor : High";
  31.  
  32.  
  33.  
  34.  script_description(english:desc["english"]);
  35.  
  36.  summary["english"] = "Check for the version of the openssh package";
  37.  script_summary(english:summary["english"]);
  38.  
  39.  script_category(ACT_GATHER_INFO);
  40.  
  41.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  42.  family["english"] = "Mandrake Local Security Checks";
  43.  script_family(english:family["english"]);
  44.  
  45.  script_dependencies("ssh_get_info.nasl");
  46.  script_require_keys("Host/Mandrake/rpm-list");
  47.  exit(0);
  48. }
  49.  
  50. include("rpm.inc");
  51. if ( rpm_check( reference:"openssh-3.0.2p1-1.7mdk", release:"MDK7.1", yank:"mdk") )
  52. {
  53.  security_hole(0);
  54.  exit(0);
  55. }
  56. if ( rpm_check( reference:"openssh-askpass-3.0.2p1-1.7mdk", release:"MDK7.1", yank:"mdk") )
  57. {
  58.  security_hole(0);
  59.  exit(0);
  60. }
  61. if ( rpm_check( reference:"openssh-askpass-gnome-3.0.2p1-1.7mdk", release:"MDK7.1", yank:"mdk") )
  62. {
  63.  security_hole(0);
  64.  exit(0);
  65. }
  66. if ( rpm_check( reference:"openssh-clients-3.0.2p1-1.7mdk", release:"MDK7.1", yank:"mdk") )
  67. {
  68.  security_hole(0);
  69.  exit(0);
  70. }
  71. if ( rpm_check( reference:"openssh-server-3.0.2p1-1.7mdk", release:"MDK7.1", yank:"mdk") )
  72. {
  73.  security_hole(0);
  74.  exit(0);
  75. }
  76. if ( rpm_check( reference:"openssh-3.0.2p1-1.6mdk", release:"MDK7.2", yank:"mdk") )
  77. {
  78.  security_hole(0);
  79.  exit(0);
  80. }
  81. if ( rpm_check( reference:"openssh-askpass-3.0.2p1-1.6mdk", release:"MDK7.2", yank:"mdk") )
  82. {
  83.  security_hole(0);
  84.  exit(0);
  85. }
  86. if ( rpm_check( reference:"openssh-askpass-gnome-3.0.2p1-1.6mdk", release:"MDK7.2", yank:"mdk") )
  87. {
  88.  security_hole(0);
  89.  exit(0);
  90. }
  91. if ( rpm_check( reference:"openssh-clients-3.0.2p1-1.6mdk", release:"MDK7.2", yank:"mdk") )
  92. {
  93.  security_hole(0);
  94.  exit(0);
  95. }
  96. if ( rpm_check( reference:"openssh-server-3.0.2p1-1.6mdk", release:"MDK7.2", yank:"mdk") )
  97. {
  98.  security_hole(0);
  99.  exit(0);
  100. }
  101. if ( rpm_check( reference:"openssh-3.1p1-1.1mdk", release:"MDK8.0", yank:"mdk") )
  102. {
  103.  security_hole(0);
  104.  exit(0);
  105. }
  106. if ( rpm_check( reference:"openssh-askpass-3.1p1-1.1mdk", release:"MDK8.0", yank:"mdk") )
  107. {
  108.  security_hole(0);
  109.  exit(0);
  110. }
  111. if ( rpm_check( reference:"openssh-askpass-gnome-3.1p1-1.1mdk", release:"MDK8.0", yank:"mdk") )
  112. {
  113.  security_hole(0);
  114.  exit(0);
  115. }
  116. if ( rpm_check( reference:"openssh-clients-3.1p1-1.1mdk", release:"MDK8.0", yank:"mdk") )
  117. {
  118.  security_hole(0);
  119.  exit(0);
  120. }
  121. if ( rpm_check( reference:"openssh-server-3.1p1-1.1mdk", release:"MDK8.0", yank:"mdk") )
  122. {
  123.  security_hole(0);
  124.  exit(0);
  125. }
  126. if ( rpm_check( reference:"openssh-3.1p1-1.1mdk", release:"MDK8.1", yank:"mdk") )
  127. {
  128.  security_hole(0);
  129.  exit(0);
  130. }
  131. if ( rpm_check( reference:"openssh-askpass-3.1p1-1.1mdk", release:"MDK8.1", yank:"mdk") )
  132. {
  133.  security_hole(0);
  134.  exit(0);
  135. }
  136. if ( rpm_check( reference:"openssh-askpass-gnome-3.1p1-1.1mdk", release:"MDK8.1", yank:"mdk") )
  137. {
  138.  security_hole(0);
  139.  exit(0);
  140. }
  141. if ( rpm_check( reference:"openssh-clients-3.1p1-1.1mdk", release:"MDK8.1", yank:"mdk") )
  142. {
  143.  security_hole(0);
  144.  exit(0);
  145. }
  146. if ( rpm_check( reference:"openssh-server-3.1p1-1.1mdk", release:"MDK8.1", yank:"mdk") )
  147. {
  148.  security_hole(0);
  149.  exit(0);
  150. }
  151.