home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2003-006.nasl < prev    next >
Text File  |  2005-01-14  |  8KB  |  301 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2003:006
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(13991);
  12.  script_bugtraq_id(6328, 6620);
  13.  script_version ("$Revision: 1.3 $");
  14.  script_cve_id("CAN-2002-1378", "CAN-2002-1379");
  15.  
  16.  name["english"] = "MDKSA-2003:006: openldap";
  17.  
  18.  script_name(english:name["english"]);
  19.  
  20.  desc["english"] = "
  21. The remote host is missing the patch for the advisory MDKSA-2003:006 (openldap).
  22.  
  23.  
  24. A review was completed by the SuSE Security Team on the OpenLDAP server
  25. software, and this audit revealed several buffer overflows and other bugs that
  26. remote attackers could exploit to gain unauthorized access to the system running
  27. the vulnerable OpenLDAP servers. Additionally, various locally exploitable bugs
  28. in the OpenLDAP v2 libraries have been fixed as well.
  29.  
  30.  
  31. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:006
  32. Risk factor : High";
  33.  
  34.  
  35.  
  36.  script_description(english:desc["english"]);
  37.  
  38.  summary["english"] = "Check for the version of the openldap package";
  39.  script_summary(english:summary["english"]);
  40.  
  41.  script_category(ACT_GATHER_INFO);
  42.  
  43.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  44.  family["english"] = "Mandrake Local Security Checks";
  45.  script_family(english:family["english"]);
  46.  
  47.  script_dependencies("ssh_get_info.nasl");
  48.  script_require_keys("Host/Mandrake/rpm-list");
  49.  exit(0);
  50. }
  51.  
  52. include("rpm.inc");
  53. if ( rpm_check( reference:"libldap2-2.0.21-2.1mdk", release:"MDK8.0", yank:"mdk") )
  54. {
  55.  security_hole(0);
  56.  exit(0);
  57. }
  58. if ( rpm_check( reference:"libldap2-devel-2.0.21-2.1mdk", release:"MDK8.0", yank:"mdk") )
  59. {
  60.  security_hole(0);
  61.  exit(0);
  62. }
  63. if ( rpm_check( reference:"libldap2-devel-static-2.0.21-2.1mdk", release:"MDK8.0", yank:"mdk") )
  64. {
  65.  security_hole(0);
  66.  exit(0);
  67. }
  68. if ( rpm_check( reference:"openldap-2.0.21-2.1mdk", release:"MDK8.0", yank:"mdk") )
  69. {
  70.  security_hole(0);
  71.  exit(0);
  72. }
  73. if ( rpm_check( reference:"openldap-back_dnssrv-2.0.21-2.1mdk", release:"MDK8.0", yank:"mdk") )
  74. {
  75.  security_hole(0);
  76.  exit(0);
  77. }
  78. if ( rpm_check( reference:"openldap-back_ldap-2.0.21-2.1mdk", release:"MDK8.0", yank:"mdk") )
  79. {
  80.  security_hole(0);
  81.  exit(0);
  82. }
  83. if ( rpm_check( reference:"openldap-back_passwd-2.0.21-2.1mdk", release:"MDK8.0", yank:"mdk") )
  84. {
  85.  security_hole(0);
  86.  exit(0);
  87. }
  88. if ( rpm_check( reference:"openldap-back_sql-2.0.21-2.1mdk", release:"MDK8.0", yank:"mdk") )
  89. {
  90.  security_hole(0);
  91.  exit(0);
  92. }
  93. if ( rpm_check( reference:"openldap-clients-2.0.21-2.1mdk", release:"MDK8.0", yank:"mdk") )
  94. {
  95.  security_hole(0);
  96.  exit(0);
  97. }
  98. if ( rpm_check( reference:"openldap-guide-2.0.21-2.1mdk", release:"MDK8.0", yank:"mdk") )
  99. {
  100.  security_hole(0);
  101.  exit(0);
  102. }
  103. if ( rpm_check( reference:"openldap-migration-2.0.21-2.1mdk", release:"MDK8.0", yank:"mdk") )
  104. {
  105.  security_hole(0);
  106.  exit(0);
  107. }
  108. if ( rpm_check( reference:"openldap-servers-2.0.21-2.1mdk", release:"MDK8.0", yank:"mdk") )
  109. {
  110.  security_hole(0);
  111.  exit(0);
  112. }
  113. if ( rpm_check( reference:"libldap2-2.0.21-2.1mdk", release:"MDK8.1", yank:"mdk") )
  114. {
  115.  security_hole(0);
  116.  exit(0);
  117. }
  118. if ( rpm_check( reference:"libldap2-devel-2.0.21-2.1mdk", release:"MDK8.1", yank:"mdk") )
  119. {
  120.  security_hole(0);
  121.  exit(0);
  122. }
  123. if ( rpm_check( reference:"libldap2-devel-static-2.0.21-2.1mdk", release:"MDK8.1", yank:"mdk") )
  124. {
  125.  security_hole(0);
  126.  exit(0);
  127. }
  128. if ( rpm_check( reference:"openldap-2.0.21-2.1mdk", release:"MDK8.1", yank:"mdk") )
  129. {
  130.  security_hole(0);
  131.  exit(0);
  132. }
  133. if ( rpm_check( reference:"openldap-back_dnssrv-2.0.21-2.1mdk", release:"MDK8.1", yank:"mdk") )
  134. {
  135.  security_hole(0);
  136.  exit(0);
  137. }
  138. if ( rpm_check( reference:"openldap-back_ldap-2.0.21-2.1mdk", release:"MDK8.1", yank:"mdk") )
  139. {
  140.  security_hole(0);
  141.  exit(0);
  142. }
  143. if ( rpm_check( reference:"openldap-back_passwd-2.0.21-2.1mdk", release:"MDK8.1", yank:"mdk") )
  144. {
  145.  security_hole(0);
  146.  exit(0);
  147. }
  148. if ( rpm_check( reference:"openldap-back_sql-2.0.21-2.1mdk", release:"MDK8.1", yank:"mdk") )
  149. {
  150.  security_hole(0);
  151.  exit(0);
  152. }
  153. if ( rpm_check( reference:"openldap-clients-2.0.21-2.1mdk", release:"MDK8.1", yank:"mdk") )
  154. {
  155.  security_hole(0);
  156.  exit(0);
  157. }
  158. if ( rpm_check( reference:"openldap-guide-2.0.21-2.1mdk", release:"MDK8.1", yank:"mdk") )
  159. {
  160.  security_hole(0);
  161.  exit(0);
  162. }
  163. if ( rpm_check( reference:"openldap-migration-2.0.21-2.1mdk", release:"MDK8.1", yank:"mdk") )
  164. {
  165.  security_hole(0);
  166.  exit(0);
  167. }
  168. if ( rpm_check( reference:"openldap-servers-2.0.21-2.1mdk", release:"MDK8.1", yank:"mdk") )
  169. {
  170.  security_hole(0);
  171.  exit(0);
  172. }
  173. if ( rpm_check( reference:"libldap2-2.0.21-4.1mdk", release:"MDK8.2", yank:"mdk") )
  174. {
  175.  security_hole(0);
  176.  exit(0);
  177. }
  178. if ( rpm_check( reference:"libldap2-devel-2.0.21-4.1mdk", release:"MDK8.2", yank:"mdk") )
  179. {
  180.  security_hole(0);
  181.  exit(0);
  182. }
  183. if ( rpm_check( reference:"libldap2-devel-static-2.0.21-4.1mdk", release:"MDK8.2", yank:"mdk") )
  184. {
  185.  security_hole(0);
  186.  exit(0);
  187. }
  188. if ( rpm_check( reference:"openldap-2.0.21-4.1mdk", release:"MDK8.2", yank:"mdk") )
  189. {
  190.  security_hole(0);
  191.  exit(0);
  192. }
  193. if ( rpm_check( reference:"openldap-back_dnssrv-2.0.21-4.1mdk", release:"MDK8.2", yank:"mdk") )
  194. {
  195.  security_hole(0);
  196.  exit(0);
  197. }
  198. if ( rpm_check( reference:"openldap-back_ldap-2.0.21-4.1mdk", release:"MDK8.2", yank:"mdk") )
  199. {
  200.  security_hole(0);
  201.  exit(0);
  202. }
  203. if ( rpm_check( reference:"openldap-back_passwd-2.0.21-4.1mdk", release:"MDK8.2", yank:"mdk") )
  204. {
  205.  security_hole(0);
  206.  exit(0);
  207. }
  208. if ( rpm_check( reference:"openldap-back_sql-2.0.21-4.1mdk", release:"MDK8.2", yank:"mdk") )
  209. {
  210.  security_hole(0);
  211.  exit(0);
  212. }
  213. if ( rpm_check( reference:"openldap-clients-2.0.21-4.1mdk", release:"MDK8.2", yank:"mdk") )
  214. {
  215.  security_hole(0);
  216.  exit(0);
  217. }
  218. if ( rpm_check( reference:"openldap-guide-2.0.21-4.1mdk", release:"MDK8.2", yank:"mdk") )
  219. {
  220.  security_hole(0);
  221.  exit(0);
  222. }
  223. if ( rpm_check( reference:"openldap-migration-2.0.21-4.1mdk", release:"MDK8.2", yank:"mdk") )
  224. {
  225.  security_hole(0);
  226.  exit(0);
  227. }
  228. if ( rpm_check( reference:"openldap-servers-2.0.21-4.1mdk", release:"MDK8.2", yank:"mdk") )
  229. {
  230.  security_hole(0);
  231.  exit(0);
  232. }
  233. if ( rpm_check( reference:"libldap2-2.0.25-7.1mdk", release:"MDK9.0", yank:"mdk") )
  234. {
  235.  security_hole(0);
  236.  exit(0);
  237. }
  238. if ( rpm_check( reference:"libldap2-devel-2.0.25-7.1mdk", release:"MDK9.0", yank:"mdk") )
  239. {
  240.  security_hole(0);
  241.  exit(0);
  242. }
  243. if ( rpm_check( reference:"libldap2-devel-static-2.0.25-7.1mdk", release:"MDK9.0", yank:"mdk") )
  244. {
  245.  security_hole(0);
  246.  exit(0);
  247. }
  248. if ( rpm_check( reference:"openldap-2.0.25-7.1mdk", release:"MDK9.0", yank:"mdk") )
  249. {
  250.  security_hole(0);
  251.  exit(0);
  252. }
  253. if ( rpm_check( reference:"openldap-back_dnssrv-2.0.25-7.1mdk", release:"MDK9.0", yank:"mdk") )
  254. {
  255.  security_hole(0);
  256.  exit(0);
  257. }
  258. if ( rpm_check( reference:"openldap-back_ldap-2.0.25-7.1mdk", release:"MDK9.0", yank:"mdk") )
  259. {
  260.  security_hole(0);
  261.  exit(0);
  262. }
  263. if ( rpm_check( reference:"openldap-back_passwd-2.0.25-7.1mdk", release:"MDK9.0", yank:"mdk") )
  264. {
  265.  security_hole(0);
  266.  exit(0);
  267. }
  268. if ( rpm_check( reference:"openldap-back_sql-2.0.25-7.1mdk", release:"MDK9.0", yank:"mdk") )
  269. {
  270.  security_hole(0);
  271.  exit(0);
  272. }
  273. if ( rpm_check( reference:"openldap-clients-2.0.25-7.1mdk", release:"MDK9.0", yank:"mdk") )
  274. {
  275.  security_hole(0);
  276.  exit(0);
  277. }
  278. if ( rpm_check( reference:"openldap-guide-2.0.25-7.1mdk", release:"MDK9.0", yank:"mdk") )
  279. {
  280.  security_hole(0);
  281.  exit(0);
  282. }
  283. if ( rpm_check( reference:"openldap-migration-2.0.25-7.1mdk", release:"MDK9.0", yank:"mdk") )
  284. {
  285.  security_hole(0);
  286.  exit(0);
  287. }
  288. if ( rpm_check( reference:"openldap-servers-2.0.25-7.1mdk", release:"MDK9.0", yank:"mdk") )
  289. {
  290.  security_hole(0);
  291.  exit(0);
  292. }
  293. if (rpm_exists(rpm:"openldap-", release:"MDK8.0")
  294.  || rpm_exists(rpm:"openldap-", release:"MDK8.1")
  295.  || rpm_exists(rpm:"openldap-", release:"MDK8.2")
  296.  || rpm_exists(rpm:"openldap-", release:"MDK9.0") )
  297. {
  298.  set_kb_item(name:"CAN-2002-1378", value:TRUE);
  299.  set_kb_item(name:"CAN-2002-1379", value:TRUE);
  300. }
  301.