home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / redhat-RHSA-2003-003.nasl < prev    next >
Text File  |  2005-01-14  |  4KB  |  174 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. #
  5. # The text of this plugin is (C) Red Hat Inc.
  6.  
  7. if ( ! defined_func("bn_random") ) exit(0);
  8. if(description)
  9. {
  10.  script_id(12347);
  11.  script_version ("$Revision: 1.4 $");
  12.  script_cve_id("CAN-2002-1393");
  13.  
  14.  name["english"] = "RHSA-2003-003: arts";
  15.  
  16.  script_name(english:name["english"]);
  17.  
  18.  desc["english"] = '
  19.  
  20.   A security issue has been found in KDE. This errata provides updates which
  21.   resolve these issues.
  22.  
  23.   KDE is a graphical desktop environment for the X Window System.
  24.  
  25.   KDE fails in multiple places to properly quote URLs and filenames
  26.   before passing them to a command shell. This could allow remote
  27.   attackers to execute arbitrary commands through carefully crafted URLs,
  28.   filenames, or email addresses.
  29.  
  30.   Users of KDE are advised to install the updated packages which contain
  31.   backported patches to correct this issue.
  32.  
  33.   Please note that for the Itanium (IA64) architecture only, this update also
  34.   fixes several other vulnerabilities. Details concerning these
  35.   vulnerabilities can be found in advisory RHSA-2002:221 and correspond to
  36.   CVE names CAN-2002-0970, CAN-2002-1151, CAN-2002-1247, and CAN-2002-1306.
  37.  
  38.  
  39.  
  40.  
  41. Solution : http://rhn.redhat.com/errata/RHSA-2003-003.html
  42. Risk factor : High';
  43.  
  44.  script_description(english:desc["english"]);
  45.  
  46.  summary["english"] = "Check for the version of the arts packages";
  47.  script_summary(english:summary["english"]);
  48.  
  49.  script_category(ACT_GATHER_INFO);
  50.  
  51.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  52.  family["english"] = "Red Hat Local Security Checks";
  53.  script_family(english:family["english"]);
  54.  
  55.  script_dependencies("ssh_get_info.nasl");
  56.  
  57.  script_require_keys("Host/RedHat/rpm-list");
  58.  exit(0);
  59. }
  60.  
  61. include("rpm.inc");
  62. if ( rpm_check( reference:"arts-2.2.2-6", release:"RHEL2.1") )
  63. {
  64.  security_hole(0);
  65.  exit(0);
  66. }
  67. if ( rpm_check( reference:"kdebase-2.2.2-6", release:"RHEL2.1") )
  68. {
  69.  security_hole(0);
  70.  exit(0);
  71. }
  72. if ( rpm_check( reference:"kdebase-devel-2.2.2-6", release:"RHEL2.1") )
  73. {
  74.  security_hole(0);
  75.  exit(0);
  76. }
  77. if ( rpm_check( reference:"kdegames-2.2.2-2", release:"RHEL2.1") )
  78. {
  79.  security_hole(0);
  80.  exit(0);
  81. }
  82. if ( rpm_check( reference:"kdegraphics-2.2.2-3", release:"RHEL2.1") )
  83. {
  84.  security_hole(0);
  85.  exit(0);
  86. }
  87. if ( rpm_check( reference:"kdegraphics-devel-2.2.2-3", release:"RHEL2.1") )
  88. {
  89.  security_hole(0);
  90.  exit(0);
  91. }
  92. if ( rpm_check( reference:"kdelibs-2.2.2-6", release:"RHEL2.1") )
  93. {
  94.  security_hole(0);
  95.  exit(0);
  96. }
  97. if ( rpm_check( reference:"kdelibs-devel-2.2.2-6", release:"RHEL2.1") )
  98. {
  99.  security_hole(0);
  100.  exit(0);
  101. }
  102. if ( rpm_check( reference:"kdelibs-sound-2.2.2-6", release:"RHEL2.1") )
  103. {
  104.  security_hole(0);
  105.  exit(0);
  106. }
  107. if ( rpm_check( reference:"kdelibs-sound-devel-2.2.2-6", release:"RHEL2.1") )
  108. {
  109.  security_hole(0);
  110.  exit(0);
  111. }
  112. if ( rpm_check( reference:"kdemultimedia-2.2.2-4", release:"RHEL2.1") )
  113. {
  114.  security_hole(0);
  115.  exit(0);
  116. }
  117. if ( rpm_check( reference:"kdemultimedia-devel-2.2.2-4", release:"RHEL2.1") )
  118. {
  119.  security_hole(0);
  120.  exit(0);
  121. }
  122. if ( rpm_check( reference:"kdenetwork-2.2.2-3", release:"RHEL2.1") )
  123. {
  124.  security_hole(0);
  125.  exit(0);
  126. }
  127. if ( rpm_check( reference:"kdenetwork-ppp-2.2.2-3", release:"RHEL2.1") )
  128. {
  129.  security_hole(0);
  130.  exit(0);
  131. }
  132. if ( rpm_check( reference:"kdepim-2.2.2-4", release:"RHEL2.1") )
  133. {
  134.  security_hole(0);
  135.  exit(0);
  136. }
  137. if ( rpm_check( reference:"kdepim-cellphone-2.2.2-4", release:"RHEL2.1") )
  138. {
  139.  security_hole(0);
  140.  exit(0);
  141. }
  142. if ( rpm_check( reference:"kdepim-devel-2.2.2-4", release:"RHEL2.1") )
  143. {
  144.  security_hole(0);
  145.  exit(0);
  146. }
  147. if ( rpm_check( reference:"kdepim-pilot-2.2.2-4", release:"RHEL2.1") )
  148. {
  149.  security_hole(0);
  150.  exit(0);
  151. }
  152. if ( rpm_check( reference:"kdesdk-2.2.2-2", release:"RHEL2.1") )
  153. {
  154.  security_hole(0);
  155.  exit(0);
  156. }
  157. if ( rpm_check( reference:"kdesdk-devel-2.2.2-2", release:"RHEL2.1") )
  158. {
  159.  security_hole(0);
  160.  exit(0);
  161. }
  162. if ( rpm_check( reference:"kdeutils-2.2.2-2", release:"RHEL2.1") )
  163. {
  164.  security_hole(0);
  165.  exit(0);
  166. }
  167.  
  168. if ( rpm_exists(rpm:"arts-", release:"RHEL2.1") )
  169. {
  170.  set_kb_item(name:"CAN-2002-1393", value:TRUE);
  171. }
  172.  
  173. set_kb_item(name:"RHSA-2003-003", value:TRUE);
  174.