Lucene search

K

Amazon Linux AMI : lighttpd (ALAS-2012-107)

πŸ—“οΈΒ 04 Sep 2013Β 00:00:00Reported byΒ This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.TypeΒ 
nessus
Β nessus
πŸ”—Β www.tenable.comπŸ‘Β 36Β Views

The Amazon Linux AMI is missing a security update for the lighttpd package due to an integer signedness error in the HTTP authentication functionality, allowing remote attackers to cause denial of service

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
Fedora
[SECURITY] Fedora 17 Update: lighttpd-1.4.31-1.fc17
26 Jun 201200:44
–fedora
Fedora
[SECURITY] Fedora 16 Update: lighttpd-1.4.31-1.fc16
26 Jun 201200:31
–fedora
seebug.org
Lighttpd 1.4.30 / 1.5 Denial Of Service
27 Dec 201100:00
–seebug
seebug.org
lighttpd Denial of Service Vulnerability PoC
1 Jul 201400:00
–seebug
seebug.org
Lighttpd Proof of Concept code for CVE-2011-4362
2 Jan 201200:00
–seebug
seebug.org
lighttpd mod_auth樑块base64 ζ‹’η»ζœεŠ‘ζΌζ΄ž
1 Dec 201100:00
–seebug
OpenVAS
Fedora Update for lighttpd FEDORA-2012-9040
30 Aug 201200:00
–openvas
OpenVAS
FreeBSD Ports: lighttpd
13 Feb 201200:00
–openvas
OpenVAS
FreeBSD Ports: lighttpd
13 Feb 201200:00
–openvas
OpenVAS
Fedora Update for lighttpd FEDORA-2012-9040
30 Aug 201200:00
–openvas
Rows per page
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2012-107.
#

include("compat.inc");

if (description)
{
  script_id(69597);
  script_version("1.5");
  script_cvs_date("Date: 2018/04/18 15:09:34");

  script_cve_id("CVE-2011-4362");
  script_xref(name:"ALAS", value:"2012-107");

  script_name(english:"Amazon Linux AMI : lighttpd (ALAS-2012-107)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux AMI host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Integer signedness error in the base64_decode function in the HTTP
authentication functionality (http_auth.c) in lighttpd 1.4 before
1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to
cause a denial of service (segmentation fault) via crafted base64
input that triggers an out-of-bounds read with a negative index."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/ALAS-2012-107.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Run 'yum update lighttpd' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:lighttpd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:lighttpd-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:lighttpd-fastcgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:lighttpd-mod_geoip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:lighttpd-mod_mysql_vhost");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/07/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/04");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"lighttpd-1.4.31-1.2.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"lighttpd-debuginfo-1.4.31-1.2.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"lighttpd-fastcgi-1.4.31-1.2.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"lighttpd-mod_geoip-1.4.31-1.2.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"lighttpd-mod_mysql_vhost-1.4.31-1.2.amzn1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "lighttpd / lighttpd-debuginfo / lighttpd-fastcgi / etc");
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo