home *** CD-ROM | disk | FTP | other *** search

---

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2002-059.nasl

< prev

next >

Wrap

Text File  |  2005-01-14  |  3KB  |  120 lines

---

1. #
2. # (C) Tenable Network Security
3. #
4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2002:059
5. #
6.  
7.  
8. if ( ! defined_func("bn_random") ) exit(0);
9. if(description)
10. {
11.  script_id(13960);
12.  script_version ("$Revision: 1.2 $");
13.  script_cve_id("CAN-2001-1246");
14.  
15.  name["english"] = "MDKSA-2002:059: php";
16.  
17.  script_name(english:name["english"]);
18.  
19.  desc["english"] = "
20. The remote host is missing the patch for the advisory MDKSA-2002:059 (php).
21.  
22.  
23. A fifth parameter was added to PHP's mail() function in 4.0.5 that is not
24. properly sanitized when the server is running in safe mode. This vulnerability
25. would allow local users and, possibly, remote attackers to execute arbitrary
26. commands using shell metacharacters.
27. After upgrading to these packages, execute 'service httpd restart' as root in
28. order to close the hole immediately.
29.  
30.  
31. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:059
32. Risk factor : High";
33.  
34.  
35.  
36.  script_description(english:desc["english"]);
37.  
38.  summary["english"] = "Check for the version of the php package";
39.  script_summary(english:summary["english"]);
40.  
41.  script_category(ACT_GATHER_INFO);
42.  
43.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
44.  family["english"] = "Mandrake Local Security Checks";
45.  script_family(english:family["english"]);
46.  
47.  script_dependencies("ssh_get_info.nasl");
48.  script_require_keys("Host/Mandrake/rpm-list");
49.  exit(0);
50. }
51.  
52. include("rpm.inc");
53. if ( rpm_check( reference:"php-4.0.6-6.4mdk", release:"MDK7.1", yank:"mdk") )
54. {
55.  security_hole(0);
56.  exit(0);
57. }
58. if ( rpm_check( reference:"php-common-4.0.6-6.4mdk", release:"MDK7.1", yank:"mdk") )
59. {
60.  security_hole(0);
61.  exit(0);
62. }
63. if ( rpm_check( reference:"php-devel-4.0.6-6.4mdk", release:"MDK7.1", yank:"mdk") )
64. {
65.  security_hole(0);
66.  exit(0);
67. }
68. if ( rpm_check( reference:"php-4.0.6-6.3mdk", release:"MDK7.2", yank:"mdk") )
69. {
70.  security_hole(0);
71.  exit(0);
72. }
73. if ( rpm_check( reference:"php-common-4.0.6-6.3mdk", release:"MDK7.2", yank:"mdk") )
74. {
75.  security_hole(0);
76.  exit(0);
77. }
78. if ( rpm_check( reference:"php-devel-4.0.6-6.3mdk", release:"MDK7.2", yank:"mdk") )
79. {
80.  security_hole(0);
81.  exit(0);
82. }
83. if ( rpm_check( reference:"php-4.0.6-6.2mdk", release:"MDK8.0", yank:"mdk") )
84. {
85.  security_hole(0);
86.  exit(0);
87. }
88. if ( rpm_check( reference:"php-common-4.0.6-6.2mdk", release:"MDK8.0", yank:"mdk") )
89. {
90.  security_hole(0);
91.  exit(0);
92. }
93. if ( rpm_check( reference:"php-devel-4.0.6-6.2mdk", release:"MDK8.0", yank:"mdk") )
94. {
95.  security_hole(0);
96.  exit(0);
97. }
98. if ( rpm_check( reference:"php-4.0.6-6.1mdk", release:"MDK8.1", yank:"mdk") )
99. {
100.  security_hole(0);
101.  exit(0);
102. }
103. if ( rpm_check( reference:"php-common-4.0.6-6.1mdk", release:"MDK8.1", yank:"mdk") )
104. {
105.  security_hole(0);
106.  exit(0);
107. }
108. if ( rpm_check( reference:"php-devel-4.0.6-6.1mdk", release:"MDK8.1", yank:"mdk") )
109. {
110.  security_hole(0);
111.  exit(0);
112. }
113. if (rpm_exists(rpm:"php-", release:"MDK7.1")
114.  || rpm_exists(rpm:"php-", release:"MDK7.2")
115.  || rpm_exists(rpm:"php-", release:"MDK8.0")
116.  || rpm_exists(rpm:"php-", release:"MDK8.1") )
117. {
118.  set_kb_item(name:"CAN-2001-1246", value:TRUE);
119. }
120.