home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2003-037.nasl < prev    next >
Text File  |  2005-01-14  |  5KB  |  213 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2003:037
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(14021);
  12.  script_version ("$Revision: 1.2 $");
  13.  script_cve_id("CAN-2003-0028");
  14.  
  15.  name["english"] = "MDKSA-2003:037: glibc";
  16.  
  17.  script_name(english:name["english"]);
  18.  
  19.  desc["english"] = "
  20. The remote host is missing the patch for the advisory MDKSA-2003:037 (glibc).
  21.  
  22.  
  23. An integer overflow was discovered by eEye Digital Security in the
  24. xdrmem_getbytes() function of glibc 2.3.1 and earlier. This function is part of
  25. the XDR encoder/decoder derived from Sun's RPC implementation. Depending upon
  26. the application, this vulnerability can cause buffer overflows and could
  27. possibly be exploited to execute arbitray code.
  28. The provided packages contain patches that correct this issue and all users
  29. should upgrade. Please note that users of Mandrake Linux 9.1 already have this
  30. fix in the 9.1-released glibc packages.
  31.  
  32.  
  33. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:037
  34. Risk factor : High";
  35.  
  36.  
  37.  
  38.  script_description(english:desc["english"]);
  39.  
  40.  summary["english"] = "Check for the version of the glibc package";
  41.  script_summary(english:summary["english"]);
  42.  
  43.  script_category(ACT_GATHER_INFO);
  44.  
  45.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  46.  family["english"] = "Mandrake Local Security Checks";
  47.  script_family(english:family["english"]);
  48.  
  49.  script_dependencies("ssh_get_info.nasl");
  50.  script_require_keys("Host/Mandrake/rpm-list");
  51.  exit(0);
  52. }
  53.  
  54. include("rpm.inc");
  55. if ( rpm_check( reference:"glibc-2.1.3-21.3mdk", release:"MDK7.2", yank:"mdk") )
  56. {
  57.  security_hole(0);
  58.  exit(0);
  59. }
  60. if ( rpm_check( reference:"glibc-devel-2.1.3-21.3mdk", release:"MDK7.2", yank:"mdk") )
  61. {
  62.  security_hole(0);
  63.  exit(0);
  64. }
  65. if ( rpm_check( reference:"glibc-profile-2.1.3-21.3mdk", release:"MDK7.2", yank:"mdk") )
  66. {
  67.  security_hole(0);
  68.  exit(0);
  69. }
  70. if ( rpm_check( reference:"nscd-2.1.3-21.3mdk", release:"MDK7.2", yank:"mdk") )
  71. {
  72.  security_hole(0);
  73.  exit(0);
  74. }
  75. if ( rpm_check( reference:"glibc-2.2.2-8.2mdk", release:"MDK8.0", yank:"mdk") )
  76. {
  77.  security_hole(0);
  78.  exit(0);
  79. }
  80. if ( rpm_check( reference:"glibc-devel-2.2.2-8.2mdk", release:"MDK8.0", yank:"mdk") )
  81. {
  82.  security_hole(0);
  83.  exit(0);
  84. }
  85. if ( rpm_check( reference:"glibc-profile-2.2.2-8.2mdk", release:"MDK8.0", yank:"mdk") )
  86. {
  87.  security_hole(0);
  88.  exit(0);
  89. }
  90. if ( rpm_check( reference:"ldconfig-2.2.2-8.2mdk", release:"MDK8.0", yank:"mdk") )
  91. {
  92.  security_hole(0);
  93.  exit(0);
  94. }
  95. if ( rpm_check( reference:"nscd-2.2.2-8.2mdk", release:"MDK8.0", yank:"mdk") )
  96. {
  97.  security_hole(0);
  98.  exit(0);
  99. }
  100. if ( rpm_check( reference:"glibc-2.2.4-11.2mdk", release:"MDK8.1", yank:"mdk") )
  101. {
  102.  security_hole(0);
  103.  exit(0);
  104. }
  105. if ( rpm_check( reference:"glibc-devel-2.2.4-11.2mdk", release:"MDK8.1", yank:"mdk") )
  106. {
  107.  security_hole(0);
  108.  exit(0);
  109. }
  110. if ( rpm_check( reference:"glibc-profile-2.2.4-11.2mdk", release:"MDK8.1", yank:"mdk") )
  111. {
  112.  security_hole(0);
  113.  exit(0);
  114. }
  115. if ( rpm_check( reference:"ldconfig-2.2.4-11.2mdk", release:"MDK8.1", yank:"mdk") )
  116. {
  117.  security_hole(0);
  118.  exit(0);
  119. }
  120. if ( rpm_check( reference:"nscd-2.2.4-11.2mdk", release:"MDK8.1", yank:"mdk") )
  121. {
  122.  security_hole(0);
  123.  exit(0);
  124. }
  125. if ( rpm_check( reference:"glibc-2.2.4-26.2mdk", release:"MDK8.2", yank:"mdk") )
  126. {
  127.  security_hole(0);
  128.  exit(0);
  129. }
  130. if ( rpm_check( reference:"glibc-devel-2.2.4-26.2mdk", release:"MDK8.2", yank:"mdk") )
  131. {
  132.  security_hole(0);
  133.  exit(0);
  134. }
  135. if ( rpm_check( reference:"glibc-profile-2.2.4-26.2mdk", release:"MDK8.2", yank:"mdk") )
  136. {
  137.  security_hole(0);
  138.  exit(0);
  139. }
  140. if ( rpm_check( reference:"ldconfig-2.2.4-26.2mdk", release:"MDK8.2", yank:"mdk") )
  141. {
  142.  security_hole(0);
  143.  exit(0);
  144. }
  145. if ( rpm_check( reference:"nscd-2.2.4-26.2mdk", release:"MDK8.2", yank:"mdk") )
  146. {
  147.  security_hole(0);
  148.  exit(0);
  149. }
  150. if ( rpm_check( reference:"glibc-2.2.5-16.2mdk", release:"MDK9.0", yank:"mdk") )
  151. {
  152.  security_hole(0);
  153.  exit(0);
  154. }
  155. if ( rpm_check( reference:"glibc-devel-2.2.5-16.2mdk", release:"MDK9.0", yank:"mdk") )
  156. {
  157.  security_hole(0);
  158.  exit(0);
  159. }
  160. if ( rpm_check( reference:"glibc-doc-2.2.5-16.2mdk", release:"MDK9.0", yank:"mdk") )
  161. {
  162.  security_hole(0);
  163.  exit(0);
  164. }
  165. if ( rpm_check( reference:"glibc-doc-pdf-2.2.5-16.2mdk", release:"MDK9.0", yank:"mdk") )
  166. {
  167.  security_hole(0);
  168.  exit(0);
  169. }
  170. if ( rpm_check( reference:"glibc-i18ndata-2.2.5-16.2mdk", release:"MDK9.0", yank:"mdk") )
  171. {
  172.  security_hole(0);
  173.  exit(0);
  174. }
  175. if ( rpm_check( reference:"glibc-profile-2.2.5-16.2mdk", release:"MDK9.0", yank:"mdk") )
  176. {
  177.  security_hole(0);
  178.  exit(0);
  179. }
  180. if ( rpm_check( reference:"glibc-static-devel-2.2.5-16.2mdk", release:"MDK9.0", yank:"mdk") )
  181. {
  182.  security_hole(0);
  183.  exit(0);
  184. }
  185. if ( rpm_check( reference:"glibc-utils-2.2.5-16.2mdk", release:"MDK9.0", yank:"mdk") )
  186. {
  187.  security_hole(0);
  188.  exit(0);
  189. }
  190. if ( rpm_check( reference:"ldconfig-2.2.5-16.2mdk", release:"MDK9.0", yank:"mdk") )
  191. {
  192.  security_hole(0);
  193.  exit(0);
  194. }
  195. if ( rpm_check( reference:"nscd-2.2.5-16.2mdk", release:"MDK9.0", yank:"mdk") )
  196. {
  197.  security_hole(0);
  198.  exit(0);
  199. }
  200. if ( rpm_check( reference:"timezone-2.2.5-16.2mdk", release:"MDK9.0", yank:"mdk") )
  201. {
  202.  security_hole(0);
  203.  exit(0);
  204. }
  205. if (rpm_exists(rpm:"glibc-", release:"MDK7.2")
  206.  || rpm_exists(rpm:"glibc-", release:"MDK8.0")
  207.  || rpm_exists(rpm:"glibc-", release:"MDK8.1")
  208.  || rpm_exists(rpm:"glibc-", release:"MDK8.2")
  209.  || rpm_exists(rpm:"glibc-", release:"MDK9.0") )
  210. {
  211.  set_kb_item(name:"CAN-2003-0028", value:TRUE);
  212. }
  213.