home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2004-009.nasl < prev    next >
Text File  |  2005-01-14  |  2KB  |  96 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2004:009
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(14109);
  12.  script_bugtraq_id(6116);
  13.  script_version ("$Revision: 1.3 $");
  14.  script_cve_id("CAN-2002-1146");
  15.  
  16.  name["english"] = "MDKSA-2004:009: glibc";
  17.  
  18.  script_name(english:name["english"]);
  19.  
  20.  desc["english"] = "
  21. The remote host is missing the patch for the advisory MDKSA-2004:009 (glibc).
  22.  
  23.  
  24. A read buffer overflow vulnerability exists in the resolver code in versions of
  25. glibc up to and including 2.2.5. The vulnerability is triggered by DNS packets
  26. larger than 1024 bytes, which can cause an application to crash.
  27. The updated packages have a patch applied to correct the problem.
  28.  
  29.  
  30. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:009
  31. Risk factor : High";
  32.  
  33.  
  34.  
  35.  script_description(english:desc["english"]);
  36.  
  37.  summary["english"] = "Check for the version of the glibc package";
  38.  script_summary(english:summary["english"]);
  39.  
  40.  script_category(ACT_GATHER_INFO);
  41.  
  42.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  43.  family["english"] = "Mandrake Local Security Checks";
  44.  script_family(english:family["english"]);
  45.  
  46.  script_dependencies("ssh_get_info.nasl");
  47.  script_require_keys("Host/Mandrake/rpm-list");
  48.  exit(0);
  49. }
  50.  
  51. include("rpm.inc");
  52. if ( rpm_check( reference:"glibc-2.2.5-16.4.90mdk", release:"MDK9.0", yank:"mdk") )
  53. {
  54.  security_hole(0);
  55.  exit(0);
  56. }
  57. if ( rpm_check( reference:"glibc-devel-2.2.5-16.4.90mdk", release:"MDK9.0", yank:"mdk") )
  58. {
  59.  security_hole(0);
  60.  exit(0);
  61. }
  62. if ( rpm_check( reference:"glibc-i18ndata-2.2.5-16.4.90mdk", release:"MDK9.0", yank:"mdk") )
  63. {
  64.  security_hole(0);
  65.  exit(0);
  66. }
  67. if ( rpm_check( reference:"glibc-profile-2.2.5-16.4.90mdk", release:"MDK9.0", yank:"mdk") )
  68. {
  69.  security_hole(0);
  70.  exit(0);
  71. }
  72. if ( rpm_check( reference:"glibc-static-devel-2.2.5-16.4.90mdk", release:"MDK9.0", yank:"mdk") )
  73. {
  74.  security_hole(0);
  75.  exit(0);
  76. }
  77. if ( rpm_check( reference:"glibc-utils-2.2.5-16.4.90mdk", release:"MDK9.0", yank:"mdk") )
  78. {
  79.  security_hole(0);
  80.  exit(0);
  81. }
  82. if ( rpm_check( reference:"ldconfig-2.2.5-16.4.90mdk", release:"MDK9.0", yank:"mdk") )
  83. {
  84.  security_hole(0);
  85.  exit(0);
  86. }
  87. if ( rpm_check( reference:"nscd-2.2.5-16.4.90mdk", release:"MDK9.0", yank:"mdk") )
  88. {
  89.  security_hole(0);
  90.  exit(0);
  91. }
  92. if (rpm_exists(rpm:"glibc-", release:"MDK9.0") )
  93. {
  94.  set_kb_item(name:"CAN-2002-1146", value:TRUE);
  95. }
  96.