home *** CD-ROM | disk | FTP | other *** search

---

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2004-077.nasl

< prev

next >

Wrap

Text File  |  2005-01-14  |  2KB  |  87 lines

---

1. #
2. # (C) Tenable Network Security
3. #
4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2004:077
5. #
6.  
7.  
8. if ( ! defined_func("bn_random") ) exit(0);
9. if(description)
10. {
11.  script_id(14175);
12.  script_bugtraq_id(10699);
13.  script_version ("$Revision: 1.3 $");
14.  script_cve_id("CAN-2004-0645");
15.  
16.  name["english"] = "MDKSA-2004:077: wv";
17.  
18.  script_name(english:name["english"]);
19.  
20.  desc["english"] = "
21. The remote host is missing the patch for the advisory MDKSA-2004:077 (wv).
22.  
23.  
24. iDefense discovered a buffer overflow vulnerability in the wv package which
25. could allow an attacker to execute arbitrary code with the privileges of the
26. user running the vulnerable application.
27. The updated packages are patched to protect against this problem.
28.  
29.  
30. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:077
31. Risk factor : High";
32.  
33.  
34.  
35.  script_description(english:desc["english"]);
36.  
37.  summary["english"] = "Check for the version of the wv package";
38.  script_summary(english:summary["english"]);
39.  
40.  script_category(ACT_GATHER_INFO);
41.  
42.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
43.  family["english"] = "Mandrake Local Security Checks";
44.  script_family(english:family["english"]);
45.  
46.  script_dependencies("ssh_get_info.nasl");
47.  script_require_keys("Host/Mandrake/rpm-list");
48.  exit(0);
49. }
50.  
51. include("rpm.inc");
52. if ( rpm_check( reference:"libwv-1.0_0-1.0.0-1.1.100mdk", release:"MDK10.0", yank:"mdk") )
53. {
54.  security_hole(0);
55.  exit(0);
56. }
57. if ( rpm_check( reference:"libwv-1.0_0-devel-1.0.0-1.1.100mdk", release:"MDK10.0", yank:"mdk") )
58. {
59.  security_hole(0);
60.  exit(0);
61. }
62. if ( rpm_check( reference:"wv-1.0.0-1.1.100mdk", release:"MDK10.0", yank:"mdk") )
63. {
64.  security_hole(0);
65.  exit(0);
66. }
67. if ( rpm_check( reference:"libwv-1.0_0-1.0.0-1.1.92mdk", release:"MDK9.2", yank:"mdk") )
68. {
69.  security_hole(0);
70.  exit(0);
71. }
72. if ( rpm_check( reference:"libwv-1.0_0-devel-1.0.0-1.1.92mdk", release:"MDK9.2", yank:"mdk") )
73. {
74.  security_hole(0);
75.  exit(0);
76. }
77. if ( rpm_check( reference:"wv-1.0.0-1.1.92mdk", release:"MDK9.2", yank:"mdk") )
78. {
79.  security_hole(0);
80.  exit(0);
81. }
82. if (rpm_exists(rpm:"wv-", release:"MDK10.0")
83.  || rpm_exists(rpm:"wv-", release:"MDK9.2") )
84. {
85.  set_kb_item(name:"CAN-2004-0645", value:TRUE);
86. }
87.