ID ALA_ALAS-2012-130.NASL Type nessus Reporter Tenable Modified 2018-04-18T00:00:00
Description
Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2012-130.
#
include("compat.inc");
if (description)
{
script_id(69620);
script_version("1.5");
script_cvs_date("Date: 2018/04/18 15:09:34");
script_cve_id("CVE-2012-3512");
script_xref(name:"ALAS", value:"2012-130");
script_name(english:"Amazon Linux AMI : munin (ALAS-2012-130)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Amazon Linux AMI host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Munin before 2.0.6 stores plugin state files that run as root in the
same group-writable directory as non-root plugins, which allows local
users to execute arbitrary code by replacing a state file, as
demonstrated using the smart_ plugin."
);
script_set_attribute(
attribute:"see_also",
value:"https://alas.aws.amazon.com/ALAS-2012-130.html"
);
script_set_attribute(
attribute:"solution",
value:"Run 'yum update munin' to update your system."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:munin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:munin-async");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:munin-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:munin-java-plugins");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:munin-node");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
script_set_attribute(attribute:"patch_publication_date", value:"2012/10/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/04");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
script_family(english:"Amazon Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (rpm_check(release:"ALA", reference:"munin-2.0.6-2.9.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"munin-async-2.0.6-2.9.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"munin-common-2.0.6-2.9.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"munin-java-plugins-2.0.6-2.9.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"munin-node-2.0.6-2.9.amzn1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "munin / munin-async / munin-common / munin-java-plugins / etc");
}
{"id": "ALA_ALAS-2012-130.NASL", "bulletinFamily": "scanner", "title": "Amazon Linux AMI : munin (ALAS-2012-130)", "description": "Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.", "published": "2013-09-04T00:00:00", "modified": "2018-04-18T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=69620", "reporter": "Tenable", "references": ["https://alas.aws.amazon.com/ALAS-2012-130.html"], "cvelist": ["CVE-2012-3512"], "type": "nessus", "lastseen": "2019-02-21T01:19:56", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:amazon:linux:munin-node", "p-cpe:/a:amazon:linux:munin", "p-cpe:/a:amazon:linux:munin-java-plugins", "p-cpe:/a:amazon:linux:munin-async", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:munin-common"], "cvelist": ["CVE-2012-3512"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.", "edition": 5, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "19a09859403ad45cfeb367c93e5bdf18875c705be740d463ab30f2bc2d0ced0c", "hashmap": [{"hash": "3a563f6c8fdbd90bbb8c08cb30b7904d", "key": "cpe"}, {"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "modified"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "85ccb4f7744ea3219fb87c139bc48074", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "de25676891f23b04ab869e6e7840e9a3", "key": "published"}, {"hash": "8507ab18213a38b53174dd6a0d1755c8", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "df5cd238ab6ba820ee0b13c493f1bcd6", "key": "naslFamily"}, {"hash": "8a05597749ce2274bd8a9369ab0bbc6d", "key": "pluginID"}, {"hash": "67f263ca10eccb51da165508113b8455", "key": "cvelist"}, {"hash": "36ed4fd7f4abb6c29a83721692fdf837", "key": "href"}, {"hash": "023e8b4c0b70e445920da1a50e87cc38", "key": "references"}, {"hash": "6bde6a83a8024c396422352eb6477aac", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=69620", "id": "ALA_ALAS-2012-130.NASL", "lastseen": "2018-09-01T23:34:17", "modified": "2018-04-18T00:00:00", "naslFamily": "Amazon Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "69620", "published": "2013-09-04T00:00:00", "references": ["https://alas.aws.amazon.com/ALAS-2012-130.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-130.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69620);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-3512\");\n script_xref(name:\"ALAS\", value:\"2012-130\");\n\n script_name(english:\"Amazon Linux AMI : munin (ALAS-2012-130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Munin before 2.0.6 stores plugin state files that run as root in the\nsame group-writable directory as non-root plugins, which allows local\nusers to execute arbitrary code by replacing a state file, as\ndemonstrated using the smart_ plugin.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-130.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update munin' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-async\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-java-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-node\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"munin-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-async-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-common-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-java-plugins-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-node-2.0.6-2.9.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"munin / munin-async / munin-common / munin-java-plugins / etc\");\n}\n", "title": "Amazon Linux AMI : munin (ALAS-2012-130)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-09-01T23:34:17"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:amazon:linux:munin-node", "p-cpe:/a:amazon:linux:munin", "p-cpe:/a:amazon:linux:munin-java-plugins", "p-cpe:/a:amazon:linux:munin-async", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:munin-common"], "cvelist": ["CVE-2012-3512"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.", "edition": 4, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "687bfa17a6ad7a260aa0c37a40967c5b2e5a6b786239d311de19069d24278ab9", "hashmap": [{"hash": "3a563f6c8fdbd90bbb8c08cb30b7904d", "key": "cpe"}, {"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "modified"}, {"hash": "85ccb4f7744ea3219fb87c139bc48074", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "de25676891f23b04ab869e6e7840e9a3", "key": "published"}, {"hash": "8507ab18213a38b53174dd6a0d1755c8", "key": "title"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "df5cd238ab6ba820ee0b13c493f1bcd6", "key": "naslFamily"}, {"hash": "8a05597749ce2274bd8a9369ab0bbc6d", "key": "pluginID"}, {"hash": "67f263ca10eccb51da165508113b8455", "key": "cvelist"}, {"hash": "36ed4fd7f4abb6c29a83721692fdf837", "key": "href"}, {"hash": "023e8b4c0b70e445920da1a50e87cc38", "key": "references"}, {"hash": "6bde6a83a8024c396422352eb6477aac", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=69620", "id": "ALA_ALAS-2012-130.NASL", "lastseen": "2018-08-30T19:31:30", "modified": "2018-04-18T00:00:00", "naslFamily": "Amazon Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "69620", "published": "2013-09-04T00:00:00", "references": ["https://alas.aws.amazon.com/ALAS-2012-130.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-130.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69620);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-3512\");\n script_xref(name:\"ALAS\", value:\"2012-130\");\n\n script_name(english:\"Amazon Linux AMI : munin (ALAS-2012-130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Munin before 2.0.6 stores plugin state files that run as root in the\nsame group-writable directory as non-root plugins, which allows local\nusers to execute arbitrary code by replacing a state file, as\ndemonstrated using the smart_ plugin.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-130.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update munin' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-async\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-java-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-node\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"munin-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-async-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-common-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-java-plugins-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-node-2.0.6-2.9.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"munin / munin-async / munin-common / munin-java-plugins / etc\");\n}\n", "title": "Amazon Linux AMI : munin (ALAS-2012-130)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:31:30"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2012-3512"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.", "edition": 1, "enchantments": {}, "hash": "7bd289158972ef59561fa4c852082e2216922138e928f9bc3223a40c418dae50", "hashmap": [{"hash": "e1457f9ff792302f285d891cbef22831", "key": "sourceData"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "de25676891f23b04ab869e6e7840e9a3", "key": "published"}, {"hash": "8507ab18213a38b53174dd6a0d1755c8", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "df5cd238ab6ba820ee0b13c493f1bcd6", "key": "naslFamily"}, {"hash": "8a05597749ce2274bd8a9369ab0bbc6d", "key": "pluginID"}, {"hash": "67f263ca10eccb51da165508113b8455", "key": "cvelist"}, {"hash": "953188e6f812ff64dfbb546f22d3eaf8", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "36ed4fd7f4abb6c29a83721692fdf837", "key": "href"}, {"hash": "023e8b4c0b70e445920da1a50e87cc38", "key": "references"}, {"hash": "6bde6a83a8024c396422352eb6477aac", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=69620", "id": "ALA_ALAS-2012-130.NASL", "lastseen": "2016-09-26T17:23:19", "modified": "2015-01-30T00:00:00", "naslFamily": "Amazon Linux Local Security Checks", "objectVersion": "1.2", "pluginID": "69620", "published": "2013-09-04T00:00:00", "references": ["https://alas.aws.amazon.com/ALAS-2012-130.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-130.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69620);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/01/30 14:43:52 $\");\n\n script_cve_id(\"CVE-2012-3512\");\n script_xref(name:\"ALAS\", value:\"2012-130\");\n\n script_name(english:\"Amazon Linux AMI : munin (ALAS-2012-130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Munin before 2.0.6 stores plugin state files that run as root in the\nsame group-writable directory as non-root plugins, which allows local\nusers to execute arbitrary code by replacing a state file, as\ndemonstrated using the smart_ plugin.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-130.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update munin' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-async\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-java-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-node\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/AmazonLinux/release\")) audit(AUDIT_OS_NOT, \"Amazon Linux AMI\");\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"munin-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-async-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-common-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-java-plugins-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-node-2.0.6-2.9.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"munin / munin-async / munin-common / munin-java-plugins / etc\");\n}\n", "title": "Amazon Linux AMI : munin (ALAS-2012-130)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:23:19"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:amazon:linux:munin-node", "p-cpe:/a:amazon:linux:munin", "p-cpe:/a:amazon:linux:munin-java-plugins", "p-cpe:/a:amazon:linux:munin-async", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:munin-common"], "cvelist": ["CVE-2012-3512"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Munin before 2.0.6 stores plugin state files that run as root in the\nsame group-writable directory as non-root plugins, which allows local\nusers to execute arbitrary code by replacing a state file, as\ndemonstrated using the smart_ plugin.", "edition": 6, "enchantments": {"dependencies": {"modified": "2019-01-16T20:17:08", "references": [{"idList": ["ALAS-2012-130"], "type": "amazon"}, {"idList": ["GLSA-201405-17"], "type": "gentoo"}, {"idList": ["OPENVAS:1361412562310864734", "OPENVAS:1361412562310121192", "OPENVAS:864734", "OPENVAS:841205", "OPENVAS:864726", "OPENVAS:1361412562310864726", "OPENVAS:1361412562310120331", "OPENVAS:1361412562310841205"], "type": "openvas"}, {"idList": ["DEBIAN_DLA-20.NASL", "FEDORA_2012-13683.NASL", "FEDORA_2012-13649.NASL", "GENTOO_GLSA-201405-17.NASL", "FEDORA_2012-13110.NASL", "MANDRIVA_MDVSA-2013-105.NASL", "UBUNTU_USN-1622-1.NASL"], "type": "nessus"}, {"idList": ["DEBIAN:DLA-20-1:FBD14"], "type": "debian"}, {"idList": ["SECURITYVULNS:DOC:28736", "SECURITYVULNS:VULN:12697"], "type": "securityvulns"}, {"idList": ["USN-1622-1"], "type": "ubuntu"}, {"idList": ["CVE-2012-3512"], "type": "cve"}]}, "score": {"value": 7.2, "vector": "NONE"}}, "hash": "cbdddc2e05c4e0d00e694e5fdd426c1de3b0a83095e3ae57a7c7c2474665e1cd", "hashmap": [{"hash": "3a563f6c8fdbd90bbb8c08cb30b7904d", "key": "cpe"}, {"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "modified"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "85ccb4f7744ea3219fb87c139bc48074", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "df4648c6fd756627257faba99c6c34dd", "key": "description"}, {"hash": "de25676891f23b04ab869e6e7840e9a3", "key": "published"}, {"hash": "8507ab18213a38b53174dd6a0d1755c8", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "df5cd238ab6ba820ee0b13c493f1bcd6", "key": "naslFamily"}, {"hash": "8a05597749ce2274bd8a9369ab0bbc6d", "key": "pluginID"}, {"hash": "67f263ca10eccb51da165508113b8455", "key": "cvelist"}, {"hash": "36ed4fd7f4abb6c29a83721692fdf837", "key": "href"}, {"hash": "023e8b4c0b70e445920da1a50e87cc38", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=69620", "id": "ALA_ALAS-2012-130.NASL", "lastseen": "2019-01-16T20:17:08", "modified": "2018-04-18T00:00:00", "naslFamily": "Amazon Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "69620", "published": "2013-09-04T00:00:00", "references": ["https://alas.aws.amazon.com/ALAS-2012-130.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-130.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69620);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-3512\");\n script_xref(name:\"ALAS\", value:\"2012-130\");\n\n script_name(english:\"Amazon Linux AMI : munin (ALAS-2012-130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Munin before 2.0.6 stores plugin state files that run as root in the\nsame group-writable directory as non-root plugins, which allows local\nusers to execute arbitrary code by replacing a state file, as\ndemonstrated using the smart_ plugin.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-130.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update munin' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-async\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-java-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-node\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"munin-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-async-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-common-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-java-plugins-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-node-2.0.6-2.9.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"munin / munin-async / munin-common / munin-java-plugins / etc\");\n}\n", "title": "Amazon Linux AMI : munin (ALAS-2012-130)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 6, "lastseen": "2019-01-16T20:17:08"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:amazon:linux:munin-node", "p-cpe:/a:amazon:linux:munin", "p-cpe:/a:amazon:linux:munin-java-plugins", "p-cpe:/a:amazon:linux:munin-async", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:munin-common"], "cvelist": ["CVE-2012-3512"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.", "edition": 3, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "19a09859403ad45cfeb367c93e5bdf18875c705be740d463ab30f2bc2d0ced0c", "hashmap": [{"hash": "3a563f6c8fdbd90bbb8c08cb30b7904d", "key": "cpe"}, {"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "modified"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "85ccb4f7744ea3219fb87c139bc48074", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "de25676891f23b04ab869e6e7840e9a3", "key": "published"}, {"hash": "8507ab18213a38b53174dd6a0d1755c8", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "df5cd238ab6ba820ee0b13c493f1bcd6", "key": "naslFamily"}, {"hash": "8a05597749ce2274bd8a9369ab0bbc6d", "key": "pluginID"}, {"hash": "67f263ca10eccb51da165508113b8455", "key": "cvelist"}, {"hash": "36ed4fd7f4abb6c29a83721692fdf837", "key": "href"}, {"hash": "023e8b4c0b70e445920da1a50e87cc38", "key": "references"}, {"hash": "6bde6a83a8024c396422352eb6477aac", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=69620", "id": "ALA_ALAS-2012-130.NASL", "lastseen": "2018-04-19T07:25:48", "modified": "2018-04-18T00:00:00", "naslFamily": "Amazon Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "69620", "published": "2013-09-04T00:00:00", "references": ["https://alas.aws.amazon.com/ALAS-2012-130.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-130.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69620);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-3512\");\n script_xref(name:\"ALAS\", value:\"2012-130\");\n\n script_name(english:\"Amazon Linux AMI : munin (ALAS-2012-130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Munin before 2.0.6 stores plugin state files that run as root in the\nsame group-writable directory as non-root plugins, which allows local\nusers to execute arbitrary code by replacing a state file, as\ndemonstrated using the smart_ plugin.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-130.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update munin' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-async\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-java-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-node\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"munin-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-async-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-common-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-java-plugins-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-node-2.0.6-2.9.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"munin / munin-async / munin-common / munin-java-plugins / etc\");\n}\n", "title": "Amazon Linux AMI : munin (ALAS-2012-130)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-04-19T07:25:48"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:amazon:linux:munin-node", "p-cpe:/a:amazon:linux:munin", "p-cpe:/a:amazon:linux:munin-java-plugins", "p-cpe:/a:amazon:linux:munin-async", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:munin-common"], "cvelist": ["CVE-2012-3512"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.", "edition": 2, "enchantments": {"score": {"modified": "2017-10-29T13:33:50", "value": 3.8, "vector": "AV:L/AC:M/Au:M/C:P/I:P/A:P/"}}, "hash": "764d2df91e42bb0da9d35ba67d215d40214da040058a9222806322d8fa249c31", "hashmap": [{"hash": "3a563f6c8fdbd90bbb8c08cb30b7904d", "key": "cpe"}, {"hash": "e1457f9ff792302f285d891cbef22831", "key": "sourceData"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "de25676891f23b04ab869e6e7840e9a3", "key": "published"}, {"hash": "8507ab18213a38b53174dd6a0d1755c8", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "df5cd238ab6ba820ee0b13c493f1bcd6", "key": "naslFamily"}, {"hash": "8a05597749ce2274bd8a9369ab0bbc6d", "key": "pluginID"}, {"hash": "67f263ca10eccb51da165508113b8455", "key": "cvelist"}, {"hash": "953188e6f812ff64dfbb546f22d3eaf8", "key": "modified"}, {"hash": "36ed4fd7f4abb6c29a83721692fdf837", "key": "href"}, {"hash": "023e8b4c0b70e445920da1a50e87cc38", "key": "references"}, {"hash": "6bde6a83a8024c396422352eb6477aac", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=69620", "id": "ALA_ALAS-2012-130.NASL", "lastseen": "2017-10-29T13:33:50", "modified": "2015-01-30T00:00:00", "naslFamily": "Amazon Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "69620", "published": "2013-09-04T00:00:00", "references": ["https://alas.aws.amazon.com/ALAS-2012-130.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-130.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69620);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/01/30 14:43:52 $\");\n\n script_cve_id(\"CVE-2012-3512\");\n script_xref(name:\"ALAS\", value:\"2012-130\");\n\n script_name(english:\"Amazon Linux AMI : munin (ALAS-2012-130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Munin before 2.0.6 stores plugin state files that run as root in the\nsame group-writable directory as non-root plugins, which allows local\nusers to execute arbitrary code by replacing a state file, as\ndemonstrated using the smart_ plugin.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-130.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update munin' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-async\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-java-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-node\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/AmazonLinux/release\")) audit(AUDIT_OS_NOT, \"Amazon Linux AMI\");\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"munin-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-async-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-common-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-java-plugins-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-node-2.0.6-2.9.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"munin / munin-async / munin-common / munin-java-plugins / etc\");\n}\n", "title": "Amazon Linux AMI : munin (ALAS-2012-130)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:33:50"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "3a563f6c8fdbd90bbb8c08cb30b7904d"}, {"key": "cvelist", "hash": "67f263ca10eccb51da165508113b8455"}, {"key": "cvss", "hash": "cfd16da9581e0c21db590e40dfd9e493"}, {"key": "description", "hash": "6bde6a83a8024c396422352eb6477aac"}, {"key": "href", "hash": "36ed4fd7f4abb6c29a83721692fdf837"}, {"key": "modified", "hash": "5ba3c9d875bfe1d4088cbfd233ef0c85"}, {"key": "naslFamily", "hash": "df5cd238ab6ba820ee0b13c493f1bcd6"}, {"key": "pluginID", "hash": "8a05597749ce2274bd8a9369ab0bbc6d"}, {"key": "published", "hash": "de25676891f23b04ab869e6e7840e9a3"}, {"key": "references", "hash": "023e8b4c0b70e445920da1a50e87cc38"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "85ccb4f7744ea3219fb87c139bc48074"}, {"key": "title", "hash": "8507ab18213a38b53174dd6a0d1755c8"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "19a09859403ad45cfeb367c93e5bdf18875c705be740d463ab30f2bc2d0ced0c", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-3512"]}, {"type": "openvas", "idList": ["OPENVAS:864726", "OPENVAS:1361412562310864734", "OPENVAS:1361412562310120331", "OPENVAS:1361412562310864726", "OPENVAS:864734", "OPENVAS:841205", "OPENVAS:1361412562310121192", "OPENVAS:1361412562310841205"]}, {"type": "amazon", "idList": ["ALAS-2012-130"]}, {"type": "nessus", "idList": ["FEDORA_2012-13683.NASL", "FEDORA_2012-13110.NASL", "FEDORA_2012-13649.NASL", "GENTOO_GLSA-201405-17.NASL", "DEBIAN_DLA-20.NASL", "UBUNTU_USN-1622-1.NASL", "MANDRIVA_MDVSA-2013-105.NASL"]}, {"type": "gentoo", "idList": ["GLSA-201405-17"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12697", "SECURITYVULNS:DOC:28736"]}, {"type": "ubuntu", "idList": ["USN-1622-1"]}, {"type": "debian", "idList": ["DEBIAN:DLA-20-1:FBD14"]}], "modified": "2019-02-21T01:19:56"}, "score": {"value": 7.2, "vector": "NONE", "modified": "2019-02-21T01:19:56"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-130.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69620);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-3512\");\n script_xref(name:\"ALAS\", value:\"2012-130\");\n\n script_name(english:\"Amazon Linux AMI : munin (ALAS-2012-130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Munin before 2.0.6 stores plugin state files that run as root in the\nsame group-writable directory as non-root plugins, which allows local\nusers to execute arbitrary code by replacing a state file, as\ndemonstrated using the smart_ plugin.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-130.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update munin' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-async\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-java-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:munin-node\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"munin-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-async-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-common-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-java-plugins-2.0.6-2.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"munin-node-2.0.6-2.9.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"munin / munin-async / munin-common / munin-java-plugins / etc\");\n}\n", "naslFamily": "Amazon Linux Local Security Checks", "pluginID": "69620", "cpe": ["p-cpe:/a:amazon:linux:munin-node", "p-cpe:/a:amazon:linux:munin", "p-cpe:/a:amazon:linux:munin-java-plugins", "p-cpe:/a:amazon:linux:munin-async", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:munin-common"], "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:12:23", "bulletinFamily": "NVD", "description": "Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.", "modified": "2013-04-05T03:12:00", "id": "CVE-2012-3512", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3512", "published": "2012-11-21T23:55:00", "title": "CVE-2012-3512", "type": "cve", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2019-02-21T01:17:42", "bulletinFamily": "scanner", "description": "added DBDIRNODE for munin-node and remove File::Path as it is no longer needed. Update to 2.0.6, and bug fixes Added init files for asyncd Updated to 2.0.5 Update to munin 2\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-20T00:00:00", "id": "FEDORA_2012-13649.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62319", "published": "2012-09-27T00:00:00", "title": "Fedora 16 : munin-2.0.6-2.fc16 (2012-13649)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-13649.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62319);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:25:12 $\");\n\n script_cve_id(\"CVE-2012-3512\");\n script_xref(name:\"FEDORA\", value:\"2012-13649\");\n\n script_name(english:\"Fedora 16 : munin-2.0.6-2.fc16 (2012-13649)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"added DBDIRNODE for munin-node and remove File::Path as it is no\nlonger needed. Update to 2.0.6, and bug fixes Added init files for\nasyncd Updated to 2.0.5 Update to munin 2\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=603344\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=812893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=812894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=823533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=825820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=834055\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=839786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=840496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=849831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=849834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=851375\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-September/088260.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5503bfd1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected munin package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"munin-2.0.6-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"munin\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:39", "bulletinFamily": "scanner", "description": "Update to 2.0.6, and bug fixes Added init files for asyncd\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-20T00:00:00", "id": "FEDORA_2012-13110.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62143", "published": "2012-09-18T00:00:00", "title": "Fedora 18 : munin-2.0.6-1.fc18 (2012-13110)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-13110.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62143);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:25:12 $\");\n\n script_cve_id(\"CVE-2012-3512\");\n script_xref(name:\"FEDORA\", value:\"2012-13110\");\n\n script_name(english:\"Fedora 18 : munin-2.0.6-1.fc18 (2012-13110)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 2.0.6, and bug fixes Added init files for asyncd\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=849831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=849834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=851375\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-September/086375.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a3a9aae2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected munin package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"munin-2.0.6-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"munin\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:42", "bulletinFamily": "scanner", "description": "added DBDIRNODE for munin-node and remove File::Path as it is no longer needed. Update to 2.0.6, and bug fixes Added init files for asyncd Updated to 2.0.5 Update to munin 2\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-20T00:00:00", "id": "FEDORA_2012-13683.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62321", "published": "2012-09-27T00:00:00", "title": "Fedora 17 : munin-2.0.6-2.fc17 (2012-13683)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-13683.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62321);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:25:12 $\");\n\n script_cve_id(\"CVE-2012-3512\");\n script_xref(name:\"FEDORA\", value:\"2012-13683\");\n\n script_name(english:\"Fedora 17 : munin-2.0.6-2.fc17 (2012-13683)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"added DBDIRNODE for munin-node and remove File::Path as it is no\nlonger needed. Update to 2.0.6, and bug fixes Added init files for\nasyncd Updated to 2.0.5 Update to munin 2\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=603344\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=812893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=812894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=823533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=825820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=834055\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=839786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=840496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=849831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=849834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=851375\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-September/088239.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?73fdc524\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected munin package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"munin-2.0.6-2.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"munin\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:54", "bulletinFamily": "scanner", "description": "It was discovered that the Munin qmailscan plugin incorrectly handled temporary files. A local attacker could use this issue to possibly overwrite arbitrary files. This issue only affected Ubuntu 10.04 LTS, Ubuntu 11.10, and Ubuntu 12.04 LTS. (CVE-2012-2103)\n\nIt was discovered that Munin incorrectly handled plugin state file permissions. An attacker obtaining privileges of the munin user could use this issue to escalate privileges to root. (CVE-2012-3512)\n\nIt was discovered that Munin incorrectly handled specifying an alternate configuration file. A remote attacker could possibly use this issue to execute arbitrary code with the privileges of the web server. This issue only affected Ubuntu 12.10. (CVE-2012-3513).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-1622-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62816", "published": "2012-11-06T00:00:00", "title": "Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : munin vulnerabilities (USN-1622-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1622-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62816);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 13:19:07\");\n\n script_cve_id(\"CVE-2012-2103\", \"CVE-2012-3512\", \"CVE-2012-3513\");\n script_bugtraq_id(53031, 55698);\n script_xref(name:\"USN\", value:\"1622-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : munin vulnerabilities (USN-1622-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Munin qmailscan plugin incorrectly handled\ntemporary files. A local attacker could use this issue to possibly\noverwrite arbitrary files. This issue only affected Ubuntu 10.04 LTS,\nUbuntu 11.10, and Ubuntu 12.04 LTS. (CVE-2012-2103)\n\nIt was discovered that Munin incorrectly handled plugin state file\npermissions. An attacker obtaining privileges of the munin user could\nuse this issue to escalate privileges to root. (CVE-2012-3512)\n\nIt was discovered that Munin incorrectly handled specifying an\nalternate configuration file. A remote attacker could possibly use\nthis issue to execute arbitrary code with the privileges of the web\nserver. This issue only affected Ubuntu 12.10. (CVE-2012-3513).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1622-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected munin package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|11\\.10|12\\.04|12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.10 / 12.04 / 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"munin\", pkgver:\"1.4.4-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"munin\", pkgver:\"1.4.5-3ubuntu4.11.10.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"munin\", pkgver:\"1.4.6-3ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"munin\", pkgver:\"2.0.2-1ubuntu2.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"munin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:18:50", "bulletinFamily": "scanner", "description": "Updated munin packages fix security vulnerabilities :\n\nThe qmailscan plugin for Munin before 2.0 rc6 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names (CVE-2012-2103).\n\nMunin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin (CVE-2012-3512).\n\nmunin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command (CVE-2012-3513).", "modified": "2019-01-02T00:00:00", "id": "MANDRIVA_MDVSA-2013-105.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=66117", "published": "2013-04-20T00:00:00", "title": "Mandriva Linux Security Advisory : munin (MDVSA-2013:105)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:105. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66117);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/01/02 16:37:54\");\n\n script_cve_id(\"CVE-2012-2103\", \"CVE-2012-3512\", \"CVE-2012-3513\");\n script_bugtraq_id(53031, 55698, 56398);\n script_xref(name:\"MDVSA\", value:\"2013:105\");\n script_xref(name:\"MGASA\", value:\"2012-0358\");\n\n script_name(english:\"Mandriva Linux Security Advisory : munin (MDVSA-2013:105)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated munin packages fix security vulnerabilities :\n\nThe qmailscan plugin for Munin before 2.0 rc6 allows local users to\noverwrite arbitrary files via a symlink attack on temporary files with\npredictable names (CVE-2012-2103).\n\nMunin before 2.0.6 stores plugin state files that run as root in the\nsame group-writable directory as non-root plugins, which allows local\nusers to execute arbitrary code by replacing a state file, as\ndemonstrated using the smart_ plugin (CVE-2012-3512).\n\nmunin-cgi-graph in Munin before 2.0.6, when running as a CGI module\nunder Apache, allows remote attackers to load new configurations and\ncreate files in arbitrary directories via the logdir command\n(CVE-2012-3513).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected munin, munin-master and / or munin-node packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:munin-master\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:munin-node\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"munin-2.0-0.rc5.3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"munin-master-2.0-0.rc5.3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"munin-node-2.0-0.rc5.3.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:21:12", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201405-17 (Munin: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Munin. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application.\n A remote attacker could create files or load new Munin configuration files.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2018-12-05T00:00:00", "id": "GENTOO_GLSA-201405-17.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74059", "published": "2014-05-19T00:00:00", "title": "GLSA-201405-17 : Munin: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201405-17.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74059);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/12/05 20:31:22\");\n\n script_cve_id(\"CVE-2012-2103\", \"CVE-2012-3512\", \"CVE-2012-3513\");\n script_bugtraq_id(53031, 55698, 56398);\n script_xref(name:\"GLSA\", value:\"201405-17\");\n\n script_name(english:\"GLSA-201405-17 : Munin: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201405-17\n(Munin: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Munin. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A local attacker could perform symlink attacks to overwrite arbitrary\n files with the privileges of the user running the application.\n A remote attacker could create files or load new Munin configuration\n files.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201405-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Munin users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/munin-2.0.8-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/munin\", unaffected:make_list(\"ge 2.0.8-r2\"), vulnerable:make_list(\"lt 2.0.8-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Munin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:23:47", "bulletinFamily": "scanner", "description": "[ Christoph Biedl ]\n\n - munin-node: more secure state file handling, introducing a new plugin state directory root, owned by uid 0. Then each plugin runs in its own UID plugin state directory, owned by that UID. (Closes: #684075), (Closes: #679897), closes CVE-2012-3512.\n\n - plugins: use runtime $ENV{MUNIN_PLUGSTATE}. So all properly written plugins will use /var/lib/munin-node/plugin-state/$uid/$some_file now - please report plugins that are still using /var/lib/munin/plugin-state/ - as those might pose a security risk!\n\n - Validate multigraph plugin name, CVE-2013-6048.\n\n - Don't abort data collection for a node due to malicious node, fixing munin#1397, CVE-2013-6359.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-28T00:00:00", "id": "DEBIAN_DLA-20.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82168", "published": "2015-03-26T00:00:00", "title": "Debian DLA-20-1 : munin security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-20-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82168);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/28 22:47:42\");\n\n script_cve_id(\"CVE-2012-3512\", \"CVE-2013-6048\", \"CVE-2013-6359\");\n script_bugtraq_id(55698, 64188, 64189);\n\n script_name(english:\"Debian DLA-20-1 : munin security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"[ Christoph Biedl ]\n\n - munin-node: more secure state file handling, introducing\n a new plugin state directory root, owned by uid 0. Then\n each plugin runs in its own UID plugin state directory,\n owned by that UID. (Closes: #684075), (Closes: #679897),\n closes CVE-2012-3512.\n\n - plugins: use runtime $ENV{MUNIN_PLUGSTATE}. So all\n properly written plugins will use\n /var/lib/munin-node/plugin-state/$uid/$some_file now -\n please report plugins that are still using\n /var/lib/munin/plugin-state/ - as those might pose a\n security risk!\n\n - Validate multigraph plugin name, CVE-2013-6048.\n\n - Don't abort data collection for a node due to malicious\n node, fixing munin#1397, CVE-2013-6359.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/08/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/munin\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:munin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:munin-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:munin-java-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:munin-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:munin-plugins-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"munin\", reference:\"1.4.5-3+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"munin-common\", reference:\"1.4.5-3+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"munin-java-plugins\", reference:\"1.4.5-3+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"munin-node\", reference:\"1.4.5-3+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"munin-plugins-extra\", reference:\"1.4.5-3+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-01-03T10:58:15", "bulletinFamily": "scanner", "description": "Check for the Version of munin", "modified": "2018-01-03T00:00:00", "published": "2012-09-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=864734", "id": "OPENVAS:864734", "title": "Fedora Update for munin FEDORA-2012-13649", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for munin FEDORA-2012-13649\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Munin is a highly flexible and powerful solution used to create graphs\n of virtually everything imaginable throughout your network, while still\n maintaining a rattling ease of installation and configuration.\n\n This package contains the grapher/gatherer. You will only need one instance of\n it in your network. It will periodically poll all the nodes in your network\n it's aware of for data, which it in turn will use to create graphs and HTML\n pages, suitable for viewing with your graphical web browser of choice.\n \n Munin is written in Perl, and relies heavily on Tobi Oetiker's excellent\n RRDtool.\";\n\ntag_affected = \"munin on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088260.html\");\n script_id(864734);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-27 09:04:32 +0530 (Thu, 27 Sep 2012)\");\n script_cve_id(\"CVE-2012-3512\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-13649\");\n script_name(\"Fedora Update for munin FEDORA-2012-13649\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of munin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"munin\", rpm:\"munin~2.0.6~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:35", "bulletinFamily": "scanner", "description": "Amazon Linux Local Security Checks", "modified": "2018-10-01T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120331", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120331", "title": "Amazon Linux Local Check: ALAS-2012-130", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2012-130.nasl 6578 2017-07-06 13:44:33Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120331\");\n script_version(\"$Revision: 11703 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:23:44 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 10:05:31 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: ALAS-2012-130\");\n script_tag(name:\"insight\", value:\"Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.\");\n script_tag(name:\"solution\", value:\"Run yum update munin to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-130.html\");\n script_cve_id(\"CVE-2012-3512\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"munin-common\", rpm:\"munin-common~2.0.6~2.9.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"munin-async\", rpm:\"munin-async~2.0.6~2.9.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"munin\", rpm:\"munin~2.0.6~2.9.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"munin-node\", rpm:\"munin-node~2.0.6~2.9.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"munin-java-plugins\", rpm:\"munin-java-plugins~2.0.6~2.9.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"munin\", rpm:\"munin~2.0.6~2.9.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:57:31", "bulletinFamily": "scanner", "description": "Check for the Version of munin", "modified": "2017-12-26T00:00:00", "published": "2012-09-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=864726", "id": "OPENVAS:864726", "title": "Fedora Update for munin FEDORA-2012-13683", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for munin FEDORA-2012-13683\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Munin is a highly flexible and powerful solution used to create graphs\n of virtually everything imaginable throughout your network, while still\n maintaining a rattling ease of installation and configuration.\n\n This package contains the grapher/gatherer. You will only need one instance of\n it in your network. It will periodically poll all the nodes in your network\n it's aware of for data, which it in turn will use to create graphs and HTML\n pages, suitable for viewing with your graphical web browser of choice.\n \n Munin is written in Perl, and relies heavily on Tobi Oetiker's excellent\n RRDtool.\";\n\ntag_affected = \"munin on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088239.html\");\n script_id(864726);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-27 09:04:18 +0530 (Thu, 27 Sep 2012)\");\n script_cve_id(\"CVE-2012-3512\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-13683\");\n script_name(\"Fedora Update for munin FEDORA-2012-13683\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of munin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"munin\", rpm:\"munin~2.0.6~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:24", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-09-27T00:00:00", "id": "OPENVAS:1361412562310864726", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864726", "title": "Fedora Update for munin FEDORA-2012-13683", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for munin FEDORA-2012-13683\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088239.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864726\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-27 09:04:18 +0530 (Thu, 27 Sep 2012)\");\n script_cve_id(\"CVE-2012-3512\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-13683\");\n script_name(\"Fedora Update for munin FEDORA-2012-13683\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'munin'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"munin on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"munin\", rpm:\"munin~2.0.6~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:56", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-09-27T00:00:00", "id": "OPENVAS:1361412562310864734", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864734", "title": "Fedora Update for munin FEDORA-2012-13649", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for munin FEDORA-2012-13649\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088260.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864734\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-27 09:04:32 +0530 (Thu, 27 Sep 2012)\");\n script_cve_id(\"CVE-2012-3512\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-13649\");\n script_name(\"Fedora Update for munin FEDORA-2012-13649\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'munin'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"munin on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"munin\", rpm:\"munin~2.0.6~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:00", "bulletinFamily": "scanner", "description": "Gentoo Linux Local Security Checks GLSA 201405-17", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121192", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121192", "title": "Gentoo Security Advisory GLSA 201405-17", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201405-17.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121192\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:27:12 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201405-17\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Munin. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201405-17\");\n script_cve_id(\"CVE-2012-2103\", \"CVE-2012-3512\", \"CVE-2012-3513\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201405-17\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-analyzer/munin\", unaffected: make_list(\"ge 2.0.8-r2\"), vulnerable: make_list(\"lt 2.0.8-r2\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:20:31", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1622-1", "modified": "2017-12-01T00:00:00", "published": "2012-11-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841205", "id": "OPENVAS:841205", "title": "Ubuntu Update for munin USN-1622-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1622_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for munin USN-1622-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the Munin qmailscan plugin incorrectly handled\n temporary files. A local attacker could use this issue to possibly\n overwrite arbitrary files. This issue only affected Ubuntu 10.04 LTS,\n Ubuntu 11.10, and Ubuntu 12.04 LTS. (CVE-2012-2103)\n\n It was discovered that Munin incorrectly handled plugin state file\n permissions. An attacker obtaining privileges of the munin user could use\n this issue to escalate privileges to root. (CVE-2012-3512)\n\n It was discovered that Munin incorrectly handled specifying an alternate\n configuration file. A remote attacker could possibly use this issue to\n execute arbitrary code with the privileges of the web server. This issue\n only affected Ubuntu 12.10. (CVE-2012-3513)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1622-1\";\ntag_affected = \"munin on Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1622-1/\");\n script_id(841205);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-06 17:48:38 +0530 (Tue, 06 Nov 2012)\");\n script_cve_id(\"CVE-2012-2103\", \"CVE-2012-3512\", \"CVE-2012-3513\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1622-1\");\n script_name(\"Ubuntu Update for munin USN-1622-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"munin\", ver:\"1.4.6-3ubuntu3.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"munin\", ver:\"1.4.5-3ubuntu4.11.10.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"munin\", ver:\"1.4.4-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"munin\", ver:\"2.0.2-1ubuntu2.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:34", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1622-1", "modified": "2019-03-13T00:00:00", "published": "2012-11-06T00:00:00", "id": "OPENVAS:1361412562310841205", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841205", "title": "Ubuntu Update for munin USN-1622-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1622_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for munin USN-1622-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1622-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841205\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-06 17:48:38 +0530 (Tue, 06 Nov 2012)\");\n script_cve_id(\"CVE-2012-2103\", \"CVE-2012-3512\", \"CVE-2012-3513\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1622-1\");\n script_name(\"Ubuntu Update for munin USN-1622-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|11\\.10|10\\.04 LTS|12\\.10)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1622-1\");\n script_tag(name:\"affected\", value:\"munin on Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that the Munin qmailscan plugin incorrectly handled\n temporary files. A local attacker could use this issue to possibly\n overwrite arbitrary files. This issue only affected Ubuntu 10.04 LTS,\n Ubuntu 11.10, and Ubuntu 12.04 LTS. (CVE-2012-2103)\n\n It was discovered that Munin incorrectly handled plugin state file\n permissions. An attacker obtaining privileges of the munin user could use\n this issue to escalate privileges to root. (CVE-2012-3512)\n\n It was discovered that Munin incorrectly handled specifying an alternate\n configuration file. A remote attacker could possibly use this issue to\n execute arbitrary code with the privileges of the web server. This issue\n only affected Ubuntu 12.10. (CVE-2012-3513)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"munin\", ver:\"1.4.6-3ubuntu3.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"munin\", ver:\"1.4.5-3ubuntu4.11.10.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"munin\", ver:\"1.4.4-1ubuntu1.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"munin\", ver:\"2.0.2-1ubuntu2.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2019-05-29T17:22:32", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nMunin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.\n\n \n**Affected Packages:** \n\n\nmunin\n\n \n**Issue Correction:** \nRun _yum update munin_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n noarch: \n munin-common-2.0.6-2.9.amzn1.noarch \n munin-async-2.0.6-2.9.amzn1.noarch \n munin-2.0.6-2.9.amzn1.noarch \n munin-node-2.0.6-2.9.amzn1.noarch \n munin-java-plugins-2.0.6-2.9.amzn1.noarch \n \n src: \n munin-2.0.6-2.9.amzn1.src \n \n \n", "modified": "2014-09-14T17:07:00", "published": "2014-09-14T17:07:00", "id": "ALAS-2012-130", "href": "https://alas.aws.amazon.com/ALAS-2012-130.html", "title": "Medium: munin", "type": "amazon", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2019-05-29T17:22:49", "bulletinFamily": "unix", "description": "It was discovered that the Munin qmailscan plugin incorrectly handled temporary files. A local attacker could use this issue to possibly overwrite arbitrary files. This issue only affected Ubuntu 10.04 LTS, Ubuntu 11.10, and Ubuntu 12.04 LTS. (CVE-2012-2103)\n\nIt was discovered that Munin incorrectly handled plugin state file permissions. An attacker obtaining privileges of the munin user could use this issue to escalate privileges to root. (CVE-2012-3512)\n\nIt was discovered that Munin incorrectly handled specifying an alternate configuration file. A remote attacker could possibly use this issue to execute arbitrary code with the privileges of the web server. This issue only affected Ubuntu 12.10. (CVE-2012-3513)", "modified": "2012-11-05T00:00:00", "published": "2012-11-05T00:00:00", "id": "USN-1622-1", "href": "https://usn.ubuntu.com/1622-1/", "title": "Munin vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:49", "bulletinFamily": "software", "description": "Symbolic links vulnerability, code execution.", "modified": "2012-11-06T00:00:00", "published": "2012-11-06T00:00:00", "id": "SECURITYVULNS:VULN:12697", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12697", "title": "Munin security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1622-1\r\nNovember 05, 2012\r\n\r\nmunin vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 12.10\r\n- Ubuntu 12.04 LTS\r\n- Ubuntu 11.10\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in Munin.\r\n\r\nSoftware Description:\r\n- munin: Network-wide graphing framework\r\n\r\nDetails:\r\n\r\nIt was discovered that the Munin qmailscan plugin incorrectly handled\r\ntemporary files. A local attacker could use this issue to possibly\r\noverwrite arbitrary files. This issue only affected Ubuntu 10.04 LTS,\r\nUbuntu 11.10, and Ubuntu 12.04 LTS. (CVE-2012-2103)\r\n\r\nIt was discovered that Munin incorrectly handled plugin state file\r\npermissions. An attacker obtaining privileges of the munin user could use\r\nthis issue to escalate privileges to root. (CVE-2012-3512)\r\n\r\nIt was discovered that Munin incorrectly handled specifying an alternate\r\nconfiguration file. A remote attacker could possibly use this issue to\r\nexecute arbitrary code with the privileges of the web server. This issue\r\nonly affected Ubuntu 12.10. (CVE-2012-3513)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 12.10:\r\n munin 2.0.2-1ubuntu2.2\r\n\r\nUbuntu 12.04 LTS:\r\n munin 1.4.6-3ubuntu3.3\r\n\r\nUbuntu 11.10:\r\n munin 1.4.5-3ubuntu4.11.10.2\r\n\r\nUbuntu 10.04 LTS:\r\n munin 1.4.4-1ubuntu1.2\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1622-1\r\n CVE-2012-2103, CVE-2012-3512, CVE-2012-3513\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/munin/2.0.2-1ubuntu2.2\r\n https://launchpad.net/ubuntu/+source/munin/1.4.6-3ubuntu3.3\r\n https://launchpad.net/ubuntu/+source/munin/1.4.5-3ubuntu4.11.10.2\r\n https://launchpad.net/ubuntu/+source/munin/1.4.4-1ubuntu1.2\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "modified": "2012-11-06T00:00:00", "published": "2012-11-06T00:00:00", "id": "SECURITYVULNS:DOC:28736", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28736", "title": "[USN-1622-1] Munin vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2019-05-30T02:21:21", "bulletinFamily": "unix", "description": "Package : munin\nVersion : 1.4.5-3+deb6u1\nCVE ID : CVE-2012-3512 CVE-2013-6048 CVE-2013-6359\n\n[ Christoph Biedl ]\n* munin-node: more secure state file handling, introducing a new plugin\n state directory root, owned by uid 0. Then each plugin runs in its own\n UID plugin state directory, owned by that UID. (Closes: #684075),\n (Closes: #679897), closes CVE-2012-3512.\n* plugins: use runtime $ENV{MUNIN_PLUGSTATE}. So all properly written\n plugins will use /var/lib/munin-node/plugin-state/$uid/$some_file now -\n please report plugins that are still using /var/lib/munin/plugin-state/ -\n as those might pose a security risk!\n* Validate multigraph plugin name, CVE-2013-6048.\n* Don't abort data collection for a node due to malicious node, fixing\n munin#1397, CVE-2013-6359.\n", "modified": "2014-08-07T14:50:43", "published": "2014-08-07T14:50:43", "id": "DEBIAN:DLA-20-1:FBD14", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201408/msg00004.html", "title": "[DLA 20-1] munin security update", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:22", "bulletinFamily": "unix", "description": "### Background\n\nMunin is an open source server monitoring tool.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Munin. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application. \n\nA remote attacker could create files or load new Munin configuration files. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Munin users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/munin-2.0.8-r2\"", "modified": "2014-05-18T00:00:00", "published": "2014-05-18T00:00:00", "id": "GLSA-201405-17", "href": "https://security.gentoo.org/glsa/201405-17", "type": "gentoo", "title": "Munin: Multiple vulnerabilities", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
