ID CVE-2009-0798 Type cve Reporter NVD Modified 2017-09-28T21:34:02
Description
ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop.
{"openvas": [{"lastseen": "2018-04-06T11:39:17", "references": [], "pluginID": "136141256231064045", "description": "The remote host is missing updates announced in\nadvisory GLSA 200905-06.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-25T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200905-06 (acpid)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064045", "id": "OPENVAS:136141256231064045", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An error in acpid might allow remote attackers to cause a Denial of\n Service.\";\ntag_solution = \"All acpid users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-power/acpid-1.0.10'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200905-06\nhttp://bugs.gentoo.org/show_bug.cgi?id=268079\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200905-06.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64045\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-0798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200905-06 (acpid)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"sys-power/acpid\", unaffected: make_list(\"ge 1.0.10\"), vulnerable: make_list(\"lt 1.0.10\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:36", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=502583"], "pluginID": "64072", "description": "The remote host is missing an update to acpid\nannounced via advisory FEDORA-2009-5608.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-06-05T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Fedora Core 9 FEDORA-2009-5608 (acpid)", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64072", "id": "OPENVAS:64072", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5608.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5608 (acpid)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFixed CVE-2009-0798 (too many open files DoS)\nChangeLog:\n\n* Wed May 27 2009 Zdenek Prikryl - 1.0.6-8\n- Fixed CVE-2009-0798 (too many open files DoS) (#502583)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update acpid' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5608\";\ntag_summary = \"The remote host is missing an update to acpid\nannounced via advisory FEDORA-2009-5608.\";\n\n\n\nif(description)\n{\n script_id(64072);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-0798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-5608 (acpid)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=502583\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.6~8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid-debuginfo\", rpm:\"acpid-debuginfo~1.0.6~8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:56", "references": ["http://lists.centos.org/pipermail/centos-announce/2009-May/015926.html", "2009:0474"], "pluginID": "880915", "description": "Check for the Version of acpid", "edition": 2, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "published": "2011-08-09T00:00:00", "title": "CentOS Update for acpid CESA-2009:0474 centos4 i386", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=880915", "id": "OPENVAS:880915", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for acpid CESA-2009:0474 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"acpid is a daemon that dispatches ACPI (Advanced Configuration and Power\n Interface) events to user-space programs.\n\n Anthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw\n in the acpid daemon's error handling. If an attacker could exhaust the\n sockets open to acpid, the daemon would enter an infinite loop, consuming\n most CPU resources and preventing acpid from communicating with legitimate\n processes. (CVE-2009-0798)\n \n Users are advised to upgrade to this updated package, which contains a\n backported patch to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"acpid on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-May/015926.html\");\n script_id(880915);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2009:0474\");\n script_cve_id(\"CVE-2009-0798\");\n script_name(\"CentOS Update for acpid CESA-2009:0474 centos4 i386\");\n\n script_summary(\"Check for the Version of acpid\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.3~2.el4_7.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:26", "references": [], "pluginID": "66363", "description": "The remote host is missing an update to acpid\nannounced via advisory MDVSA-2009:107-1.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-12-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Mandriva Security Advisory MDVSA-2009:107-1 (acpid)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66363", "id": "OPENVAS:66363", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_107_1.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:107-1 (acpid)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The daemon in acpid before 1.0.10 allows remote attackers to cause a\ndenial of service (CPU consumption and connectivity loss) by opening\na large number of UNIX sockets without closing them, which triggers\nan infinite loop (CVE-2009-0798).\n\nThe updated packages have been patched to prevent this.\n\nUpdate:\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:107-1\";\ntag_summary = \"The remote host is missing an update to acpid\nannounced via advisory MDVSA-2009:107-1.\";\n\n \n\nif(description)\n{\n script_id(66363);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-0798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:107-1 (acpid)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.6~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:39", "references": [], "pluginID": "136141256231063938", "description": "The remote host is missing an update to acpid\nannounced via advisory DSA 1786-1.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-05T00:00:00", "title": "Debian Security Advisory DSA 1786-1 (acpid)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063938", "id": "OPENVAS:136141256231063938", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1786_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1786-1 (acpid)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that acpid, a daemon for delivering ACPI events, is\nprone to a denial of service attack by opening a large number of UNIX\nsockets, which are not closed properly.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0.8-1lenny1.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.0.4-5etch1.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem has been fixed in version 1.0.10-1.\n\n\nWe recommend that you upgrade your acpid packages.\";\ntag_summary = \"The remote host is missing an update to acpid\nannounced via advisory DSA 1786-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201786-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63938\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 16:00:35 +0200 (Tue, 05 May 2009)\");\n script_cve_id(\"CVE-2009-0798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 1786-1 (acpid)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"acpid\", ver:\"1.0.4-5etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"acpid\", ver:\"1.0.8-1lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:49", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=502583"], "pluginID": "64084", "description": "The remote host is missing an update to acpid\nannounced via advisory FEDORA-2009-5578.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-06-05T00:00:00", "title": "Fedora Core 10 FEDORA-2009-5578 (acpid)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64084", "id": "OPENVAS:64084", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5578.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5578 (acpid)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFixed CVE-2009-0798 (too many open files DoS)\n\nChangeLog:\n\n* Wed May 27 2009 Zdenek Prikryl - 1.0.6-11\n- Fixed CVE-2009-0798 (too many open files DoS) (#502583)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update acpid' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5578\";\ntag_summary = \"The remote host is missing an update to acpid\nannounced via advisory FEDORA-2009-5578.\";\n\n\n\nif(description)\n{\n script_id(64084);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-0798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-5578 (acpid)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=502583\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.6~11.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid-debuginfo\", rpm:\"acpid-debuginfo~1.0.6~11.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:11", "references": [], "pluginID": "63938", "description": "The remote host is missing an update to acpid\nannounced via advisory DSA 1786-1.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-05T00:00:00", "title": "Debian Security Advisory DSA 1786-1 (acpid)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63938", "id": "OPENVAS:63938", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1786_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1786-1 (acpid)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that acpid, a daemon for delivering ACPI events, is\nprone to a denial of service attack by opening a large number of UNIX\nsockets, which are not closed properly.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0.8-1lenny1.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.0.4-5etch1.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem has been fixed in version 1.0.10-1.\n\n\nWe recommend that you upgrade your acpid packages.\";\ntag_summary = \"The remote host is missing an update to acpid\nannounced via advisory DSA 1786-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201786-1\";\n\n\nif(description)\n{\n script_id(63938);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 16:00:35 +0200 (Tue, 05 May 2009)\");\n script_cve_id(\"CVE-2009-0798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 1786-1 (acpid)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"acpid\", ver:\"1.0.4-5etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"acpid\", ver:\"1.0.8-1lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:56:03", "references": ["http://www.redhat.com/security/updates/classification/#moderate", "http://rhn.redhat.com/errata/RHSA-2009-0474.html"], "pluginID": "63948", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0474.\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and Power\nInterface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw\nin the acpid daemon's error handling. If an attacker could exhaust the\nsockets open to acpid, the daemon would enter an infinite loop, consuming\nmost CPU resources and preventing acpid from communicating with legitimate\nprocesses. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct this issue.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-11T00:00:00", "title": "RedHat Security Advisory RHSA-2009:0474", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2017-07-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63948", "id": "OPENVAS:63948", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0474.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0474 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0474.\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and Power\nInterface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw\nin the acpid daemon's error handling. If an attacker could exhaust the\nsockets open to acpid, the daemon would enter an infinite loop, consuming\nmost CPU resources and preventing acpid from communicating with legitimate\nprocesses. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct this issue.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63948);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-11 20:24:31 +0200 (Mon, 11 May 2009)\");\n script_cve_id(\"CVE-2009-0798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:0474\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0474.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.1~3\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.2~4\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid-debuginfo\", rpm:\"acpid-debuginfo~1.0.2~4\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.3~2.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid-debuginfo\", rpm:\"acpid-debuginfo~1.0.3~2.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.4~7.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid-debuginfo\", rpm:\"acpid-debuginfo~1.0.4~7.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:01", "references": [], "pluginID": "136141256231064127", "description": "The remote host is missing an update to acpid\nannounced via advisory MDVSA-2009:107.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:107 (acpid)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064127", "id": "OPENVAS:136141256231064127", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_107.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:107 (acpid)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The daemon in acpid before 1.0.10 allows remote attackers to cause a\ndenial of service (CPU consumption and connectivity loss) by opening\na large number of UNIX sockets without closing them, which triggers\nan infinite loop (CVE-2009-0798).\n\nThe updated packages have been patched to prevent this.\n\nAffected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:107\";\ntag_summary = \"The remote host is missing an update to acpid\nannounced via advisory MDVSA-2009:107.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64127\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-0798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:107 (acpid)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.6~4.1mnb1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.6~6.1mnb2\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.8~1.1mnb2\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.2~4.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.4~6.3.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.2~4.1.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-28T18:24:33", "references": ["http://linux.oracle.com/errata/ELSA-2009-0474.html"], "pluginID": "1361412562310122488", "description": "Oracle Linux Local Security Checks ELSA-2009-0474", "edition": 6, "reporter": "Eero Volotinen", "published": "2015-10-08T00:00:00", "title": "Oracle Linux Local Check: ELSA-2009-0474", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122488", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122488", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-0474.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122488\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:46:28 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-0474\");\n script_tag(name:\"insight\", value:\"ELSA-2009-0474 - acpid security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-0474\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-0474.html\");\n script_cve_id(\"CVE-2009-0798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"acpid\", rpm:\"acpid~1.0.4~7.el5_3.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T18:52:20", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "BUGTRAQ ID: 34692\r\nCVE(CAN) ID: CVE-2009-0798\r\n\r\nACPID\u662f\u4e00\u4e2a\u7075\u6d3b\u3001\u53ef\u6269\u5c55\u7684ACPI\u4e8b\u4ef6\u9012\u9001\u5b88\u62a4\u7a0b\u5e8f\u3002\r\n\r\nacpid\u5b88\u62a4\u7a0b\u5e8f\u5904\u7406\u51fa\u9519\u60c5\u51b5\u7684\u65b9\u5f0f\u5b58\u5728\u9519\u8bef\uff0c\u5373\u4f7f\u5df2\u7ecf\u5173\u95ed\u4e86\u5957\u63a5\u5b57\u7684\u53e6\u4e00\u7aef\uff0c\u4e5f\u53ef\u4ee5\u901a\u8fc7\u5f3a\u5236\u4e0d\u5173\u95ed\u5f00\u653e\u7684UNIX\u5957\u63a5\u5b57\u5bfc\u81f4\u5b88\u62a4\u7a0b\u5e8f\u9677\u5165\u6b7b\u5faa\u73af\uff0c\u8017\u5c3d\u5927\u91cfCPU\u8d44\u6e90\u5e76\u59a8\u788d\u5408\u6cd5\u8fdb\u7a0b\u4e0eacpid\u7684\u901a\u8baf\u3002\n\nacpid acpid 1.0.8\r\nacpid acpid 1.0.3\r\nacpid acpid 1.0.1\n acpid\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://sourceforge.net/project/downloading.php?group_id=33140&filename=acpid-1.0.10.tar.gz&a=32826711 target=_blank rel=external nofollow>http://sourceforge.net/project/downloading.php?group_id=33140&filename=acpid-1.0.10.tar.gz&a=32826711</a>", "reporter": "Root", "published": "2009-04-28T00:00:00", "title": "acpid\u5957\u63a5\u5b57\u8017\u5c3d\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-0798"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-04-28T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-5115", "id": "SSV:5115", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "", "status": "details"}], "nessus": [{"lastseen": "2018-11-29T19:40:08", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=502583", "http://www.nessus.org/u?6a9e0a7a"], "pluginID": "38942", "description": "Fixed CVE-2009-0798 (too many open files DoS)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2009-05-28T00:00:00", "title": "Fedora 9 : acpid-1.0.6-8.fc9 (2009-5608)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2018-11-28T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:9", "p-cpe:/a:fedoraproject:fedora:acpid"], "id": "FEDORA_2009-5608.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38942", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-5608.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38942);\n script_version (\"1.13\");\n script_cvs_date(\"Date: 2018/11/28 22:47:43\");\n\n script_cve_id(\"CVE-2009-0798\");\n script_bugtraq_id(34692);\n script_xref(name:\"FEDORA\", value:\"2009-5608\");\n\n script_name(english:\"Fedora 9 : acpid-1.0.6-8.fc9 (2009-5608)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixed CVE-2009-0798 (too many open files DoS)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=502583\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024266.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6a9e0a7a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected acpid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:acpid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"acpid-1.0.6-8.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acpid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-29T19:33:52", "references": ["http://www.nessus.org/u?82f162c3", "https://bugzilla.redhat.com/show_bug.cgi?id=502583"], "pluginID": "38941", "description": "Fixed CVE-2009-0798 (too many open files DoS)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2009-05-28T00:00:00", "title": "Fedora 10 : acpid-1.0.6-11.fc10 (2009-5578)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2018-11-28T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:acpid"], "id": "FEDORA_2009-5578.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38941", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-5578.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38941);\n script_version (\"1.13\");\n script_cvs_date(\"Date: 2018/11/28 22:47:43\");\n\n script_cve_id(\"CVE-2009-0798\");\n script_bugtraq_id(34692);\n script_xref(name:\"FEDORA\", value:\"2009-5578\");\n\n script_name(english:\"Fedora 10 : acpid-1.0.6-11.fc10 (2009-5578)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixed CVE-2009-0798 (too many open files DoS)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=502583\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024243.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?82f162c3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected acpid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:acpid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"acpid-1.0.6-11.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acpid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-29T19:19:16", "references": ["https://usn.ubuntu.com/766-1/"], "pluginID": "38195", "description": "It was discovered that acpid did not properly handle a large number of connections. A local user could exploit this and monopolize CPU resources, leading to a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2009-04-28T00:00:00", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : acpid vulnerability (USN-766-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2018-11-28T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:acpid", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-766-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38195", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-766-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38195);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/28 22:47:45\");\n\n script_cve_id(\"CVE-2009-0798\");\n script_bugtraq_id(34692);\n script_xref(name:\"USN\", value:\"766-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : acpid vulnerability (USN-766-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that acpid did not properly handle a large number of\nconnections. A local user could exploit this and monopolize CPU\nresources, leading to a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/766-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected acpid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:acpid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2018 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"acpid\", pkgver:\"1.0.4-1ubuntu11.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"acpid\", pkgver:\"1.0.4-5ubuntu9.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"acpid\", pkgver:\"1.0.6-9ubuntu4.8.10.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"acpid\", pkgver:\"1.0.6-9ubuntu4.9.04.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acpid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:43:10", "references": ["https://security.gentoo.org/glsa/200905-06"], "pluginID": "38887", "description": "The remote host is affected by the vulnerability described in GLSA-200905-06 (acpid: Denial of Service)\n\n The acpid daemon allows opening a large number of UNIX sockets without closing them, triggering an infinite loop.\n Impact :\n\n Remote attackers can cause a Denial of Service (CPU consumption and connectivity loss).\n Workaround :\n\n There is no known workaround at this time.", "edition": 5, "reporter": "Tenable", "published": "2009-05-26T00:00:00", "title": "GLSA-200905-06 : acpid: Denial of Service", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2018-08-10T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:acpid", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200905-06.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38887", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200905-06.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38887);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/08/10 18:07:07\");\n\n script_cve_id(\"CVE-2009-0798\");\n script_xref(name:\"GLSA\", value:\"200905-06\");\n\n script_name(english:\"GLSA-200905-06 : acpid: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200905-06\n(acpid: Denial of Service)\n\n The acpid daemon allows opening a large number of UNIX sockets without\n closing them, triggering an infinite loop.\n \nImpact :\n\n Remote attackers can cause a Denial of Service (CPU consumption and\n connectivity loss).\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200905-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All acpid users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-power/acpid-1.0.10'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:acpid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"sys-power/acpid\", unaffected:make_list(\"ge 1.0.10\"), vulnerable:make_list(\"lt 1.0.10\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acpid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-29T19:39:23", "references": ["https://access.redhat.com/errata/RHSA-2009:0474", "https://access.redhat.com/security/cve/cve-2009-0798"], "pluginID": "38710", "description": "An updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and Power Interface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw in the acpid daemon's error handling. If an attacker could exhaust the sockets open to acpid, the daemon would enter an infinite loop, consuming most CPU resources and preventing acpid from communicating with legitimate processes. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a backported patch to correct this issue.", "edition": 7, "reporter": "Tenable", "published": "2009-05-08T00:00:00", "title": "RHEL 3 / 4 / 5 : acpid (RHSA-2009:0474)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2018-11-27T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:acpid", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-0474.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38710", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0474. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38710);\n script_version (\"1.21\");\n script_cvs_date(\"Date: 2018/11/27 13:31:32\");\n\n script_cve_id(\"CVE-2009-0798\");\n script_bugtraq_id(34692);\n script_xref(name:\"RHSA\", value:\"2009:0474\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : acpid (RHSA-2009:0474)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated acpid package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and\nPower Interface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service\nflaw in the acpid daemon's error handling. If an attacker could\nexhaust the sockets open to acpid, the daemon would enter an infinite\nloop, consuming most CPU resources and preventing acpid from\ncommunicating with legitimate processes. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0474\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected acpid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:acpid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(2\\.1|3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0474\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"acpid-1.0.2-4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"acpid-1.0.3-2.el4_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"acpid-1.0.3-2.el4_7.1\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"acpid-1.0.4-7.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"acpid-1.0.4-7.el5_3.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acpid\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:53:19", "references": ["https://oss.oracle.com/pipermail/oraclevm-errata/2009-May/000022.html"], "pluginID": "79455", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\nCVE-2009-0798 \n\nThe daemon in acpid before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop.\n\n - Updated the License entry\n\n - Fixed CVE-2009-0798 (too many open files DoS)\n\n - Resolves: #496291\n\n - Minor fixes in init script\n\n - Resolves: #237752\n\n - Review of init script\n\n - Fixed fd leaking\n\n - Resolves: #237752 #441686", "edition": 6, "reporter": "Tenable", "published": "2014-11-26T00:00:00", "title": "OracleVM 2.1 : acpid (OVMSA-2009-0008)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "OracleVM Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2017-02-14T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:acpid", "cpe:/o:oracle:vm_server:2.1"], "id": "ORACLEVM_OVMSA-2009-0008.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79455", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2009-0008.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79455);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2017/02/14 17:16:23 $\");\n\n script_cve_id(\"CVE-2009-0798\");\n script_bugtraq_id(34692);\n\n script_name(english:\"OracleVM 2.1 : acpid (OVMSA-2009-0008)\");\n script_summary(english:\"Checks the RPM output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\nCVE-2009-0798 \n\nThe daemon in acpid before 1.0.10 allows remote attackers to cause a\ndenial of service (CPU consumption and connectivity loss) by opening a\nlarge number of UNIX sockets without closing them, which triggers an\ninfinite loop.\n\n - Updated the License entry\n\n - Fixed CVE-2009-0798 (too many open files DoS)\n\n - Resolves: #496291\n\n - Minor fixes in init script\n\n - Resolves: #237752\n\n - Review of init script\n\n - Fixed fd leaking\n\n - Resolves: #237752 #441686\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2009-May/000022.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected acpid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:acpid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:2.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! ereg(pattern:\"^OVS\" + \"2\\.1\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 2.1\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS2.1\", reference:\"acpid-1.0.4-7.el5_3.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acpid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:54:47", "references": ["http://www.nessus.org/u?8a87d53b"], "pluginID": "60580", "description": "Anthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw in the acpid daemon's error handling. If an attacker could exhaust the sockets open to acpid, the daemon would enter an infinite loop, consuming most CPU resources and preventing acpid from communicating with legitimate processes. (CVE-2009-0798)", "edition": 4, "reporter": "Tenable", "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : acpid on SL3.x, SL4.x, SL5.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090507_ACPID_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60580", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60580);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2012/08/01 14:38:53 $\");\n\n script_cve_id(\"CVE-2009-0798\");\n\n script_name(english:\"Scientific Linux Security Update : acpid on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Anthony de Almeida Lopes of Outpost24 AB reported a denial of service\nflaw in the acpid daemon's error handling. If an attacker could\nexhaust the sockets open to acpid, the daemon would enter an infinite\nloop, consuming most CPU resources and preventing acpid from\ncommunicating with legitimate processes. (CVE-2009-0798)\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind0905&L=scientific-linux-errata&T=0&P=664\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8a87d53b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected acpid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", cpu:\"x86_64\", reference:\"acpid-1.0.2-4\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"acpid-1.0.3-2.el4_7.1\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"acpid-1.0.4-7.el5_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:41:34", "references": ["https://oss.oracle.com/pipermail/el-errata/2009-May/000996.html", "https://oss.oracle.com/pipermail/el-errata/2009-May/000999.html", "https://oss.oracle.com/pipermail/el-errata/2009-May/000998.html"], "pluginID": "67855", "description": "From Red Hat Security Advisory 2009:0474 :\n\nAn updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and Power Interface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw in the acpid daemon's error handling. If an attacker could exhaust the sockets open to acpid, the daemon would enter an infinite loop, consuming most CPU resources and preventing acpid from communicating with legitimate processes. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a backported patch to correct this issue.", "edition": 4, "reporter": "Tenable", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 / 5 : acpid (ELSA-2009-0474)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2015-12-01T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:3", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:acpid"], "id": "ORACLELINUX_ELSA-2009-0474.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=67855", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0474 and \n# Oracle Linux Security Advisory ELSA-2009-0474 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67855);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2015/12/01 16:41:03 $\");\n\n script_cve_id(\"CVE-2009-0798\");\n script_bugtraq_id(34692);\n script_xref(name:\"RHSA\", value:\"2009:0474\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : acpid (ELSA-2009-0474)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0474 :\n\nAn updated acpid package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and\nPower Interface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service\nflaw in the acpid daemon's error handling. If an attacker could\nexhaust the sockets open to acpid, the daemon would enter an infinite\nloop, consuming most CPU resources and preventing acpid from\ncommunicating with legitimate processes. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-May/000996.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-May/000998.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-May/000999.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected acpid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:acpid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"acpid-1.0.2-4\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"acpid-1.0.3-2.el4_7.1\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"acpid-1.0.4-7.el5_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acpid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-29T19:32:53", "references": ["http://www.nessus.org/u?566ba839", "http://www.nessus.org/u?a4af514d", "http://www.nessus.org/u?5f54063c", "http://www.nessus.org/u?1e2abf06", "http://www.nessus.org/u?6d7730d6", "http://www.nessus.org/u?968fdae6", "http://www.nessus.org/u?24f189da"], "pluginID": "38903", "description": "An updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and Power Interface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw in the acpid daemon's error handling. If an attacker could exhaust the sockets open to acpid, the daemon would enter an infinite loop, consuming most CPU resources and preventing acpid from communicating with legitimate processes. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a backported patch to correct this issue.", "edition": 7, "reporter": "Tenable", "published": "2009-05-26T00:00:00", "title": "CentOS 3 / 4 / 5 : acpid (CESA-2009:0474)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2018-11-28T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:acpid", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-0474.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38903", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0474 and \n# CentOS Errata and Security Advisory 2009:0474 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38903);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/28 22:47:41\");\n\n script_cve_id(\"CVE-2009-0798\");\n script_bugtraq_id(34692);\n script_xref(name:\"RHSA\", value:\"2009:0474\");\n\n script_name(english:\"CentOS 3 / 4 / 5 : acpid (CESA-2009:0474)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated acpid package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and\nPower Interface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service\nflaw in the acpid daemon's error handling. If an attacker could\nexhaust the sockets open to acpid, the daemon would enter an infinite\nloop, consuming most CPU resources and preventing acpid from\ncommunicating with legitimate processes. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015846.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?968fdae6\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015859.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6d7730d6\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015861.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a4af514d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015873.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1e2abf06\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015874.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5f54063c\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015926.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?566ba839\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015927.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?24f189da\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected acpid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:acpid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"ia64\", reference:\"acpid-1.0.2-4\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"acpid-1.0.2-4\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"acpid-1.0.3-2.el4_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"acpid-1.0.3-2.c4.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"acpid-1.0.3-2.el4_7.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"acpid-1.0.4-7.el5_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:33:24", "references": [], "pluginID": "38707", "description": "The daemon in acpid before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop (CVE-2009-0798).\n\nThe updated packages have been patched to prevent this.\n\nUpdate :\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers", "edition": 5, "reporter": "Tenable", "published": "2009-05-08T00:00:00", "title": "Mandriva Linux Security Advisory : acpid (MDVSA-2009:107-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0798"], "modified": "2018-07-19T00:00:00", "cpe": ["cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:acpid"], "id": "MANDRIVA_MDVSA-2009-107.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38707", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:107. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38707);\n script_version (\"1.13\");\n script_cvs_date(\"Date: 2018/07/19 20:59:16\");\n\n script_cve_id(\"CVE-2009-0798\");\n script_bugtraq_id(34692);\n script_xref(name:\"MDVSA\", value:\"2009:107-1\");\n\n script_name(english:\"Mandriva Linux Security Advisory : acpid (MDVSA-2009:107-1)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandriva Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The daemon in acpid before 1.0.10 allows remote attackers to cause a\ndenial of service (CPU consumption and connectivity loss) by opening a\nlarge number of UNIX sockets without closing them, which triggers an\ninfinite loop (CVE-2009-0798).\n\nThe updated packages have been patched to prevent this.\n\nUpdate :\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected acpid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:acpid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"acpid-1.0.6-1.2mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:00", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0798"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "1.0.6-9ubuntu4.9.04.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "acpid", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "1.0.4-1ubuntu11.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "acpid", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "1.0.4-5ubuntu9.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "acpid", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "1.0.6-9ubuntu4.8.10.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "acpid", "operator": "lt"}], "description": "It was discovered that acpid did not properly handle a large number of connections. A local user could exploit this and monopolize CPU resources, leading to a denial of service.", "edition": 3, "reporter": "Ubuntu", "published": "2009-04-27T00:00:00", "title": "acpid vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0798"], "modified": "2009-04-27T00:00:00", "id": "USN-766-1", "href": "https://usn.ubuntu.com/766-1/", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-05-27T21:43:23", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.0.4-7.el5_3.1", "arch": "i386", "packageName": "acpid", "packageFilename": "acpid-1.0.4-7.el5_3.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "1.0.2-4", "arch": "ia64", "packageName": "acpid", "packageFilename": "acpid-1.0.2-4.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "x86_64", "packageName": "acpid", "packageFilename": "acpid-1.0.3-2.el4_7.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "1.0.1-3", "arch": "ia64", "packageName": "acpid", "packageFilename": "acpid-1.0.1-3.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "i386", "packageName": "acpid", "packageFilename": "acpid-1.0.3-2.el4_7.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.0.4-7.el5_3.1", "arch": "x86_64", "packageName": "acpid", "packageFilename": "acpid-1.0.4-7.el5_3.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "ia64", "packageName": "acpid", "packageFilename": "acpid-1.0.3-2.el4_7.1.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.0.4-7.el5_3.1", "arch": "ia64", "packageName": "acpid", "packageFilename": "acpid-1.0.4-7.el5_3.1.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "1.0.2-4", "arch": "x86_64", "packageName": "acpid", "packageFilename": "acpid-1.0.2-4.x86_64.rpm", "operator": "lt"}], "description": "acpid is a daemon that dispatches ACPI (Advanced Configuration and Power\nInterface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw\nin the acpid daemon's error handling. If an attacker could exhaust the\nsockets open to acpid, the daemon would enter an infinite loop, consuming\nmost CPU resources and preventing acpid from communicating with legitimate\nprocesses. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct this issue.", "reporter": "RedHat", "published": "2009-05-07T04:00:00", "type": "redhat", "title": "(RHSA-2009:0474) Moderate: acpid security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0798"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-05-26T04:26:18", "id": "RHSA-2009:0474", "href": "https://access.redhat.com/errata/RHSA-2009:0474", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-12T14:46:07", "references": ["http://pasi.pirhonen.eu/", "https://rhn.redhat.com/errata/RHSA-2009-0474.html", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B", "https://rhn.redhat.com/errata/RHSA-2009-0457.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.0.4-7.el5_3.1", "arch": "any", "packageName": "acpid", "packageFilename": "acpid-1.0.4-7.el5_3.1.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.0.4-7.el5_3.1", "arch": "any", "packageName": "acpid", "packageFilename": "acpid-1.0.4-7.el5_3.1.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.0.4-7.el5_3.1", "arch": "i386", "packageName": "acpid", "packageFilename": "acpid-1.0.4-7.el5_3.1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "any", "packageName": "acpid", "packageFilename": "acpid-1.0.3-2.el4_7.1.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "any", "packageName": "acpid", "packageFilename": "acpid-1.0.3-2.el4_7.1.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.3-2.c4.1", "arch": "ia64", "packageName": "acpid", "packageFilename": "acpid-1.0.3-2.c4.1.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "1.0.2-4", "arch": "ia64", "packageName": "acpid", "packageFilename": "acpid-1.0.2-4.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "i386", "packageName": "acpid", "packageFilename": "acpid-1.0.3-2.el4_7.1.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "x86_64", "packageName": "acpid", "packageFilename": "acpid-1.0.3-2.el4_7.1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "1.0.2-4", "arch": "any", "packageName": "acpid", "packageFilename": "acpid-1.0.2-4.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.0.4-7.el5_3.1", "arch": "x86_64", "packageName": "acpid", "packageFilename": "acpid-1.0.4-7.el5_3.1.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "1.0.2-4", "arch": "x86_64", "packageName": "acpid", "packageFilename": "acpid-1.0.2-4.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:0474\n\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and Power\nInterface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw\nin the acpid daemon's error handling. If an attacker could exhaust the\nsockets open to acpid, the daemon would enter an infinite loop, consuming\nmost CPU resources and preventing acpid from communicating with legitimate\nprocesses. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015846.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015859.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015861.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015873.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015874.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015883.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015926.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015927.html\n\n**Affected packages:**\nacpid\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0457.html\nhttps://rhn.redhat.com/errata/RHSA-2009-0474.html", "edition": 2, "reporter": "CentOS Project", "published": "2009-05-07T21:36:32", "title": "acpid security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0798"], "modified": "2009-05-22T23:21:05", "href": "http://lists.centos.org/pipermail/centos-announce/2009-May/015846.html", "id": "CESA-2009:0474", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:30", "references": [], "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200905-06\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: acpid: Denial of Service\r\n Date: May 24, 2009\r\n Bugs: #268079\r\n ID: 200905-06\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nAn error in acpid might allow remote attackers to cause a Denial of\r\nService.\r\n\r\nBackground\r\n==========\r\n\r\nacpid is a daemon for the Advanced Configuration and Power Interface\r\n(ACPI).\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 sys-power/acpid < 1.0.10 >= 1.0.10\r\n\r\nDescription\r\n===========\r\n\r\nThe acpid daemon allows opening a large number of UNIX sockets without\r\nclosing them, triggering an infinite loop.\r\n\r\nImpact\r\n======\r\n\r\nRemote attackers can cause a Denial of Service (CPU consumption and\r\nconnectivity loss).\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll acpid users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=sys-power/acpid-1.0.10"\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CVE-2009-0798\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0798\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200905-06.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2009 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.5\r\n\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2009-05-26T00:00:00", "title": "[ GLSA 200905-06 ] acpid: Denial of Service", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:30", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-0798"], "modified": "2009-05-26T00:00:00", "id": "SECURITYVULNS:DOC:21885", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21885", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:33", "references": ["https://vulners.com/securityvulns/securityvulns:doc:21885"], "description": "Large number of connections leads to endless loop.", "edition": 1, "reporter": "BUGTRAQ", "published": "2011-10-23T00:00:00", "title": "acpid DoS", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:33", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "acpid", "version": "1.0", "operator": "eq"}, {"name": "acpid", "version": "2.0", "operator": "eq"}], "cvelist": ["CVE-2009-0798", "CVE-2011-1159"], "modified": "2011-10-23T00:00:00", "id": "SECURITYVULNS:VULN:9936", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9936", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:40", "references": ["https://bugs.gentoo.org/show_bug.cgi?id=268079", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0798"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.0.10", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "sys-power/acpid", "operator": "lt"}], "edition": 1, "description": "### Background\n\nacpid is a daemon for the Advanced Configuration and Power Interface (ACPI). \n\n### Description\n\nThe acpid daemon allows opening a large number of UNIX sockets without closing them, triggering an infinite loop. \n\n### Impact\n\nRemote attackers can cause a Denial of Service (CPU consumption and connectivity loss). \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll acpid users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-power/acpid-1.0.10\"", "reporter": "Gentoo Foundation", "published": "2009-05-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "gentoo", "title": "acpid: Denial of Service", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0798"], "modified": "2009-05-24T00:00:00", "id": "GLSA-200905-06", "href": "https://security.gentoo.org/glsa/200905-06", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:13:09", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "5", "packageVersion": "1.0.8-1lenny1", "arch": "all", "packageFilename": "acpid_1.0.8-1lenny1_all.deb", "packageName": "acpid", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "1.0.4-5etch1", "arch": "all", "packageFilename": "acpid_1.0.4-5etch1_all.deb", "packageName": "acpid", "operator": "lt"}], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1786-1 security@debian.org\nhttp://www.debian.org/security/ Steffen Joeris\nMay 02, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : acpid\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE Id : CVE-2009-0798\n\n\nIt was discovered that acpid, a daemon for delivering ACPI events, is\nprone to a denial of service attack by opening a large number of UNIX\nsockets, which are not closed properly.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.0.8-1lenny1.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.0.4-5etch1.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem has been fixed in version 1.0.10-1.\n\n\nWe recommend that you upgrade your acpid packages.\n\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/acpid/acpid_1.0.4.orig.tar.gz\n Size/MD5 checksum: 23416 3aff94e92186e99ed5fd6dcee2db7c74\n http://security.debian.org/pool/updates/main/a/acpid/acpid_1.0.4-5etch1.dsc\n Size/MD5 checksum: 623 5bdf431edd68f502a269c3ed93023416\n http://security.debian.org/pool/updates/main/a/acpid/acpid_1.0.4-5etch1.diff.gz\n Size/MD5 checksum: 12446 97300b3586c815e0954b8dbd4eea7aa2\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/acpid/acpid_1.0.4-5etch1_amd64.deb\n Size/MD5 checksum: 28616 626f43fa08946939e3d44092c30e8538\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/acpid/acpid_1.0.4-5etch1_i386.deb\n Size/MD5 checksum: 25372 7c0e2c68816e6ddb5d1e2ac0ae7f5580\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/acpid/acpid_1.0.4-5etch1_ia64.deb\n Size/MD5 checksum: 33650 e12d65573422a71a5529587543601146\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/acpid/acpid_1.0.8-1lenny1.diff.gz\n Size/MD5 checksum: 18689 bad776513fe975f1d028d605be805be3\n http://security.debian.org/pool/updates/main/a/acpid/acpid_1.0.8-1lenny1.dsc\n Size/MD5 checksum: 1289 6f9dc2ce42fbcd28d217f0208cdfd566\n http://security.debian.org/pool/updates/main/a/acpid/acpid_1.0.8.orig.tar.gz\n Size/MD5 checksum: 25308 ee48ff966292ec517ba83b37dd0a3256\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/acpid/acpid_1.0.8-1lenny1_amd64.deb\n Size/MD5 checksum: 37898 27be010a11b42cf1a92cced7f09dfc8b\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/acpid/acpid_1.0.8-1lenny1_i386.deb\n Size/MD5 checksum: 35596 4638a7439832ecdc869e592c6066ea4b\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/acpid/acpid_1.0.8-1lenny1_ia64.deb\n Size/MD5 checksum: 42846 1046165b9c0cdcdb9021375179279b2d\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 1, "reporter": "Debian", "published": "2009-05-02T01:53:13", "title": "[SECURITY] [DSA 1786-1] New acpid packages fix denial of service", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:13:09", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0798"], "modified": "2009-05-02T01:53:13", "id": "DEBIAN:DSA-1786-1:676F9", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00097.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:46:28", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "i386", "packageFilename": "acpid-1.0.3-2.el4_7.1.i386.rpm", "packageName": "acpid", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "1.0.2-4", "arch": "src", "packageFilename": "acpid-1.0.2-4.src.rpm", "packageName": "acpid", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "src", "packageFilename": "acpid-1.0.3-2.el4_7.1.src.rpm", "packageName": "acpid", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "src", "packageFilename": "acpid-1.0.3-2.el4_7.1.src.rpm", "packageName": "acpid", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "src", "packageFilename": "acpid-1.0.3-2.el4_7.1.src.rpm", "packageName": "acpid", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.0.4-7.el5_3.1", "arch": "i386", "packageFilename": "acpid-1.0.4-7.el5_3.1.i386.rpm", "packageName": "acpid", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "x86_64", "packageFilename": "acpid-1.0.3-2.el4_7.1.x86_64.rpm", "packageName": "acpid", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.0.4-7.el5_3.1", "arch": "x86_64", "packageFilename": "acpid-1.0.4-7.el5_3.1.x86_64.rpm", "packageName": "acpid", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.0.4-7.el5_3.1", "arch": "src", "packageFilename": "acpid-1.0.4-7.el5_3.1.src.rpm", "packageName": "acpid", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.0.4-7.el5_3.1", "arch": "src", "packageFilename": "acpid-1.0.4-7.el5_3.1.src.rpm", "packageName": "acpid", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.3-2.el4_7.1", "arch": "ia64", "packageFilename": "acpid-1.0.3-2.el4_7.1.ia64.rpm", "packageName": "acpid", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "1.0.2-4", "arch": "x86_64", "packageFilename": "acpid-1.0.2-4.x86_64.rpm", "packageName": "acpid", "operator": "lt"}], "description": "[1.0.4-7.el5_3.1]\n- Updated the License entry\n- Fixed CVE-2009-0798 (too many open files DoS)\n- Resolves: #496291 ", "edition": 3, "reporter": "Oracle", "published": "2009-05-07T00:00:00", "title": "acpid security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0798"], "modified": "2009-05-07T00:00:00", "id": "ELSA-2009-0474", "href": "http://linux.oracle.com/errata/ELSA-2009-0474.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "vmware": [{"lastseen": "2018-09-02T02:40:37", "references": [], "affectedPackage": [{"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX400-201003403-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "running on \n\t\t\t\t\tESX", "OSVersion": "any", "packageVersion": "3.0.3", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "eq"}, {"OS": "Redhat", "OSVersion": "5", "packageVersion": "4.0", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "vMA", "operator": "eq"}, {"OS": "running on \n\t\t\t\t\tESX", "OSVersion": "any", "packageVersion": "2.5.5", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "eq"}, {"OS": "running on \n\t\t\t\t\tESX", "OSVersion": "any", "packageVersion": "3.5", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "eq"}, {"OS": "running on \n\t\t\t\t\tRHEL5", "OSVersion": "any", "packageVersion": "4.0", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "vMA", "operator": "eq"}, {"OS": "running on \n\t\t\t\t\tESX", "OSVersion": "any", "packageVersion": "ESX400-201003405-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}], "description": "a. Service Console update for samba to 3.0.33-3.15.el5_4.1 \nThis update changes the samba packages to samba-client-3.0.33-3.15.el5_4.1 and samba-common-3.0.33-3.15.el5_4.1. These versions include fixes for security issues that were first fixed in samba-client-3.0.33-0.18.el4_8 and samba-common-3.0.33-0.18.el4_8. \n \nThe Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the names CVE-2009-2906, CVE-2009-1888,CVE-2009-2813 and CVE-2009-2948 to these issues. \n \nThe following table lists what action remediates the vulnerability (column 4) if a solution is available. \n\n", "edition": 4, "reporter": "VMware", "published": "2010-04-01T00:00:00", "title": "ESX Service Console updates for samba and acpid", "type": "vmware", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-2813", "CVE-2009-2906", "CVE-2009-0798", "CVE-2009-1888", "CVE-2009-2948"], "modified": "2010-10-25T00:00:00", "id": "VMSA-2010-0006", "href": "https://www.vmware.com/security/advisories/VMSA-2010-0006.html", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
