Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.ALA_ALAS-2013-270.NASL
HistoryDec 23, 2013 - 12:00 a.m.

Amazon Linux AMI : glibc (ALAS-2013-270)

2013-12-2300:00:00
This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
www.tenable.com
7
JSON

Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in glibc’s memory allocator functions (pvalloc, valloc, and memalign). If an application used such a function, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2013-4332)

A flaw was found in the regular expression matching routines that process multibyte character input. If an application utilized the glibc regular expression matching mechanism, an attacker could provide specially crafted input that, when processed, would cause the application to crash. (CVE-2013-0242)

It was found that getaddrinfo() did not limit the amount of stack memory used during name resolution. An attacker able to make an application resolve an attacker-controlled hostname or IP address could possibly cause the application to exhaust all stack memory and crash. (CVE-2013-1914)

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2013-270.
#

include("compat.inc");

if (description)
{
  script_id(71582);
  script_version("1.5");
  script_cvs_date("Date: 2018/04/18 15:09:35");

  script_cve_id("CVE-2013-0242", "CVE-2013-1914", "CVE-2013-4332");
  script_xref(name:"ALAS", value:"2013-270");
  script_xref(name:"RHSA", value:"2013:1605");

  script_name(english:"Amazon Linux AMI : glibc (ALAS-2013-270)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux AMI host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Multiple integer overflow flaws, leading to heap-based buffer
overflows, were found in glibc's memory allocator functions (pvalloc,
valloc, and memalign). If an application used such a function, it
could cause the application to crash or, potentially, execute
arbitrary code with the privileges of the user running the
application. (CVE-2013-4332)

A flaw was found in the regular expression matching routines that
process multibyte character input. If an application utilized the
glibc regular expression matching mechanism, an attacker could provide
specially crafted input that, when processed, would cause the
application to crash. (CVE-2013-0242)

It was found that getaddrinfo() did not limit the amount of stack
memory used during name resolution. An attacker able to make an
application resolve an attacker-controlled hostname or IP address
could possibly cause the application to exhaust all stack memory and
crash. (CVE-2013-1914)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/ALAS-2013-270.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Run 'yum update glibc' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-debuginfo-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-static");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-utils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:nscd");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/12/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/23");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"glibc-2.12-1.132.45.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"glibc-common-2.12-1.132.45.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"glibc-debuginfo-2.12-1.132.45.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"glibc-debuginfo-common-2.12-1.132.45.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"glibc-devel-2.12-1.132.45.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"glibc-headers-2.12-1.132.45.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"glibc-static-2.12-1.132.45.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"glibc-utils-2.12-1.132.45.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"nscd-2.12-1.132.45.amzn1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc");
}
VendorProductVersionCPE
amazonlinuxglibcp-cpe:/a:amazon:linux:glibc
amazonlinuxglibc-commonp-cpe:/a:amazon:linux:glibc-common
amazonlinuxglibc-debuginfop-cpe:/a:amazon:linux:glibc-debuginfo
amazonlinuxglibc-debuginfo-commonp-cpe:/a:amazon:linux:glibc-debuginfo-common
amazonlinuxglibc-develp-cpe:/a:amazon:linux:glibc-devel
amazonlinuxglibc-headersp-cpe:/a:amazon:linux:glibc-headers
amazonlinuxglibc-staticp-cpe:/a:amazon:linux:glibc-static
amazonlinuxglibc-utilsp-cpe:/a:amazon:linux:glibc-utils
amazonlinuxnscdp-cpe:/a:amazon:linux:nscd
amazonlinuxcpe:/o:amazon:linux

Related

openvas 38
nessus 46
redhat 4
oraclelinux 3
amazon 1
centos 3
veracode 3
securityvulns 4
ubuntu 1
ibm 5
cve 4
ubuntucve 4
prion 4
debiancve 4
altlinux 3
fedora 6
vmware 4
suse 2
mageia 1
gentoo 1
debian 1
osv 1
f5 2
packetstorm 1
zdt 1
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2013-270)
2015-09-08 00:00:00
RedHat Update for glibc RHSA-2013:1605-02
2013-11-21 00:00:00
RedHat Update for glibc RHSA-2013:1605-02
2013-11-21 00:00:00
nessus
nessus
Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20131121)
2013-12-04 00:00:00
CentOS 6 : glibc (CESA-2013:1605)
2014-11-12 00:00:00
Oracle Linux 6 : glibc (ELSA-2013-1605)
2013-11-27 00:00:00
redhat
redhat
(RHSA-2013:1605) Moderate: glibc security, bug fix, and enhancement update
2013-11-21 00:00:00
(RHSA-2013:0769) Low: glibc security and bug fix update
2013-04-24 00:00:00
(RHSA-2013:1411) Moderate: glibc security and bug fix update
2013-10-08 00:00:00
oraclelinux
oraclelinux
glibc security, bug fix, and enhancement update
2013-11-25 00:00:00
glibc security and bug fix update
2013-04-24 00:00:00
glibc security and bug fix update
2013-10-08 00:00:00
amazon
amazon
Medium: glibc
2013-12-17 21:39:00
centos
centos
glibc, nscd security update
2013-11-26 13:31:38
glibc, nscd security update
2013-04-24 21:58:40
glibc, nscd security update
2013-10-08 20:20:03
veracode
veracode
Stack-based Buffer Overflow
2019-05-02 04:44:45
Denial Of Service (DoS)
2019-01-15 09:00:29
Denial Of Service (DoS)
2019-01-15 08:52:21
securityvulns
securityvulns
[ MDVSA-2013:163 ] glibc
2013-05-09 00:00:00
GNU glibc security vulnerabilities
2013-05-09 00:00:00
[ MDVSA-2013:284 ] glibc
2013-12-01 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2013-10-21 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in glibc affects Integrated Management Module 2 (IMM2) (CVE-2013-4332)
2019-01-31 01:55:01
Security Bulletin: Vulnerabilities in glibc affect the IBM Flex System Manager (FSM): (CVE-2013-4332, CVE-2014-0475, CVE-2014-5119)
2019-01-31 01:35:01
Security Bulletin: Apache Tomcat vulnerabilities on IBM SAN Volume Controller and Storwize Family (CVE-2013-4286 CVE-2013-4322 CVE-2014-0075 CVE-2014-0099)
2023-03-29 01:48:02
cve
cve
CVE-2013-4332
2013-10-09 22:55:00
CVE-2013-1914
2013-04-29 22:55:00
CVE-2013-0242
2013-02-08 20:55:00
ubuntucve
ubuntucve
CVE-2013-4332
2013-10-09 00:00:00
CVE-2013-0242
2013-02-08 00:00:00
CVE-2013-1914
2013-04-29 00:00:00
prion
prion
Integer overflow
2013-10-09 22:55:00
Stack overflow
2013-04-29 22:55:00
Buffer overflow
2013-02-08 20:55:00
debiancve
debiancve
CVE-2013-4332
2013-10-09 22:55:00
CVE-2013-1914
2013-04-29 22:55:00
CVE-2013-0242
2013-02-08 20:55:00
altlinux
altlinux
Security fix for the ALT Linux 6 package glibc version 6:2.11.3-alt8.M60P.3
2015-12-23 00:00:00
Security fix for the ALT Linux 7 package glibc version 6:2.17-alt6
2014-01-11 00:00:00
Security fix for the ALT Linux 9 package glibc version 6:2.17-alt6
2014-01-11 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: glibc-2.15-59.fc17
2013-06-02 01:58:33
[SECURITY] Fedora 18 Update: glibc-2.16-30.fc18
2013-03-30 21:30:28
[SECURITY] Fedora 20 Update: glibc-2.18-9.fc20
2013-09-26 06:13:02
vmware
vmware
VMware vSphere product updates to third party libraries
2014-09-09 00:00:00
VMware vSphere product updates to third party libraries
2014-09-09 00:00:00
VMware vSphere updates to third party libraries
2014-03-11 00:00:00
suse
suse
Security update for glibc (important)
2014-09-12 06:04:16
Security update for glibc (important)
2014-09-15 19:04:18
mageia
mageia
Updated glibc package fixes security vulnerabilities
2013-11-22 22:44:49
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2015-03-08 00:00:00
debian
debian
[SECURITY] [DLA 165-1] eglibc security update
2015-03-06 15:39:53
osv
osv
eglibc - security update
2015-03-06 00:00:00
f5
f5
K15640 : GNU C Library (glibc) vulnerabilities CVE-2014-0475, CVE-2014-5119, CVE-2013-4458
2014-10-02 00:00:00
SOL15640 - GNU C Library (glibc) vulnerabilities CVE-2014-0475, CVE-2014-5119, CVE-2013-4458
2014-10-02 00:00:00
packetstorm
packetstorm
Moxa Command Injection / Cross Site Scripting / Vulnerable Software
2021-09-01 00:00:00
zdt
zdt
Moxa Command Injection / Cross Site Scripting Vulnerabilities
2021-09-01 00:00:00
JSON
Related for ALA_ALAS-2013-270.NASL
openvas38nessus46redhat4oraclelinux3amazon1centos3veracode3securityvulns4ubuntu1ibm5cve4ubuntucve4prion4debiancve4altlinux3fedora6vmware4suse2mageia1gentoo1debian1osv1f52packetstorm1zdt1