home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2003-102.nasl < prev    next >
Text File  |  2005-01-14  |  6KB  |  214 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2003:102
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(14084);
  12.  script_version ("$Revision: 1.2 $");
  13.  script_cve_id("CAN-2003-0901");
  14.  
  15.  name["english"] = "MDKSA-2003:102: postgresql";
  16.  
  17.  script_name(english:name["english"]);
  18.  
  19.  desc["english"] = "
  20. The remote host is missing the patch for the advisory MDKSA-2003:102 (postgresql).
  21.  
  22.  
  23. Two bugs were discovered that lead to a buffer overflow in PostgreSQL versions
  24. 7.2.x and 7.3.x prior to 7.3.4, in the abstract data type (ADT) to ASCII
  25. conversion functions. It is believed that, under the right circumstances, an
  26. attacker may use this vulnerability to execute arbitrary instructions on the
  27. PostgreSQL server.
  28. The provided packages are patched to protect against this vulnerability and all
  29. users are encouraged to upgrade immediately.
  30.  
  31.  
  32. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:102
  33. Risk factor : High";
  34.  
  35.  
  36.  
  37.  script_description(english:desc["english"]);
  38.  
  39.  summary["english"] = "Check for the version of the postgresql package";
  40.  script_summary(english:summary["english"]);
  41.  
  42.  script_category(ACT_GATHER_INFO);
  43.  
  44.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  45.  family["english"] = "Mandrake Local Security Checks";
  46.  script_family(english:family["english"]);
  47.  
  48.  script_dependencies("ssh_get_info.nasl");
  49.  script_require_keys("Host/Mandrake/rpm-list");
  50.  exit(0);
  51. }
  52.  
  53. include("rpm.inc");
  54. if ( rpm_check( reference:"libecpg3-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  55. {
  56.  security_hole(0);
  57.  exit(0);
  58. }
  59. if ( rpm_check( reference:"libpgperl-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  60. {
  61.  security_hole(0);
  62.  exit(0);
  63. }
  64. if ( rpm_check( reference:"libpgsql2-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  65. {
  66.  security_hole(0);
  67.  exit(0);
  68. }
  69. if ( rpm_check( reference:"libpgsqlodbc0-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  70. {
  71.  security_hole(0);
  72.  exit(0);
  73. }
  74. if ( rpm_check( reference:"libpgtcl2-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  75. {
  76.  security_hole(0);
  77.  exit(0);
  78. }
  79. if ( rpm_check( reference:"postgresql-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  80. {
  81.  security_hole(0);
  82.  exit(0);
  83. }
  84. if ( rpm_check( reference:"postgresql-contrib-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  85. {
  86.  security_hole(0);
  87.  exit(0);
  88. }
  89. if ( rpm_check( reference:"postgresql-devel-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  90. {
  91.  security_hole(0);
  92.  exit(0);
  93. }
  94. if ( rpm_check( reference:"postgresql-docs-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  95. {
  96.  security_hole(0);
  97.  exit(0);
  98. }
  99. if ( rpm_check( reference:"postgresql-jdbc-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  100. {
  101.  security_hole(0);
  102.  exit(0);
  103. }
  104. if ( rpm_check( reference:"postgresql-python-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  105. {
  106.  security_hole(0);
  107.  exit(0);
  108. }
  109. if ( rpm_check( reference:"postgresql-server-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  110. {
  111.  security_hole(0);
  112.  exit(0);
  113. }
  114. if ( rpm_check( reference:"postgresql-tcl-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  115. {
  116.  security_hole(0);
  117.  exit(0);
  118. }
  119. if ( rpm_check( reference:"postgresql-test-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  120. {
  121.  security_hole(0);
  122.  exit(0);
  123. }
  124. if ( rpm_check( reference:"postgresql-tk-7.2.2-1.3.90mdk", release:"MDK9.0", yank:"mdk") )
  125. {
  126.  security_hole(0);
  127.  exit(0);
  128. }
  129. if ( rpm_check( reference:"libecpg3-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  130. {
  131.  security_hole(0);
  132.  exit(0);
  133. }
  134. if ( rpm_check( reference:"libecpg3-devel-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  135. {
  136.  security_hole(0);
  137.  exit(0);
  138. }
  139. if ( rpm_check( reference:"libpgtcl2-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  140. {
  141.  security_hole(0);
  142.  exit(0);
  143. }
  144. if ( rpm_check( reference:"libpgtcl2-devel-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  145. {
  146.  security_hole(0);
  147.  exit(0);
  148. }
  149. if ( rpm_check( reference:"libpq3-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  150. {
  151.  security_hole(0);
  152.  exit(0);
  153. }
  154. if ( rpm_check( reference:"libpq3-devel-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  155. {
  156.  security_hole(0);
  157.  exit(0);
  158. }
  159. if ( rpm_check( reference:"postgresql-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  160. {
  161.  security_hole(0);
  162.  exit(0);
  163. }
  164. if ( rpm_check( reference:"postgresql-contrib-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  165. {
  166.  security_hole(0);
  167.  exit(0);
  168. }
  169. if ( rpm_check( reference:"postgresql-devel-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  170. {
  171.  security_hole(0);
  172.  exit(0);
  173. }
  174. if ( rpm_check( reference:"postgresql-docs-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  175. {
  176.  security_hole(0);
  177.  exit(0);
  178. }
  179. if ( rpm_check( reference:"postgresql-jdbc-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  180. {
  181.  security_hole(0);
  182.  exit(0);
  183. }
  184. if ( rpm_check( reference:"postgresql-pl-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  185. {
  186.  security_hole(0);
  187.  exit(0);
  188. }
  189. if ( rpm_check( reference:"postgresql-python-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  190. {
  191.  security_hole(0);
  192.  exit(0);
  193. }
  194. if ( rpm_check( reference:"postgresql-server-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  195. {
  196.  security_hole(0);
  197.  exit(0);
  198. }
  199. if ( rpm_check( reference:"postgresql-tcl-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  200. {
  201.  security_hole(0);
  202.  exit(0);
  203. }
  204. if ( rpm_check( reference:"postgresql-test-7.3.2-5.1.91mdk", release:"MDK9.1", yank:"mdk") )
  205. {
  206.  security_hole(0);
  207.  exit(0);
  208. }
  209. if (rpm_exists(rpm:"postgresql-", release:"MDK9.0")
  210.  || rpm_exists(rpm:"postgresql-", release:"MDK9.1") )
  211. {
  212.  set_kb_item(name:"CAN-2003-0901", value:TRUE);
  213. }
  214.