Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.ALA_ALAS-2015-557.NASL
HistoryJul 08, 2015 - 12:00 a.m.

Amazon Linux AMI : tcpdump (ALAS-2015-557)

2015-07-0800:00:00
This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
www.tenable.com
16
JSON

Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value.
(CVE-2015-0261)

The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value.
(CVE-2015-2154)

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2015-557.
#

include("compat.inc");

if (description)
{
  script_id(84593);
  script_version("2.2");
  script_cvs_date("Date: 2018/04/18 15:09:35");

  script_cve_id("CVE-2015-0261", "CVE-2015-2154");
  script_xref(name:"ALAS", value:"2015-557");

  script_name(english:"Amazon Linux AMI : tcpdump (ALAS-2015-557)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux AMI host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Integer signedness error in the mobility_opt_print function in the
IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers
to cause a denial of service (out-of-bounds read and crash) or
possibly execute arbitrary code via a negative length value.
(CVE-2015-0261)

The osi_print_cksum function in print-isoclns.c in the ethernet
printer in tcpdump before 4.7.2 allows remote attackers to cause a
denial of service (out-of-bounds read and crash) via a crafted (1)
length, (2) offset, or (3) base pointer checksum value.
(CVE-2015-2154)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/ALAS-2015-557.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Run 'yum update tcpdump' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tcpdump");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tcpdump-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2015/07/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/07/08");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"tcpdump-4.0.0-3.20090921gitdf3cb4.2.10.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"tcpdump-debuginfo-4.0.0-3.20090921gitdf3cb4.2.10.amzn1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "tcpdump / tcpdump-debuginfo");
}
VendorProductVersionCPE
amazonlinuxtcpdumpp-cpe:/a:amazon:linux:tcpdump
amazonlinuxtcpdump-debuginfop-cpe:/a:amazon:linux:tcpdump-debuginfo
amazonlinuxcpe:/o:amazon:linux

Related

amazon 1
openvas 16
osv 1
nessus 19
debian 3
fedora 3
f5 2
gentoo 1
mageia 1
ubuntu 1
kaspersky 1
prion 2
securityvulns 2
debiancve 2
ubuntucve 2
cve 2
archlinux 1
ibm 2
redhat 1
centos 1
oraclelinux 1
amazon
amazon
Medium: tcpdump
2015-07-07 12:31:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2015-557)
2015-09-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0692-1)
2021-06-09 00:00:00
Debian: Security Advisory (DLA-174-1)
2023-03-08 00:00:00
osv
osv
tcpdump - security update
2015-03-17 00:00:00
nessus
nessus
Debian DLA-174-1 : tcpdump security update
2015-03-26 00:00:00
SuSE 11.3 Security Update : tcpdump (SAT Patch Number 10509)
2015-04-09 00:00:00
Debian DSA-3193-1 : tcpdump - security update
2015-03-18 00:00:00
debian
debian
[SECURITY] [DLA 174-1] tcpdump security update
2015-03-17 09:57:43
[SECURITY] [DSA 3193-1] tcpdump security update
2015-03-17 14:48:44
[SECURITY] [DSA 3193-1] tcpdump security update
2015-03-17 14:48:44
fedora
fedora
[SECURITY] Fedora 22 Update: tcpdump-4.7.3-1.fc22
2015-03-31 21:44:28
[SECURITY] Fedora 20 Update: tcpdump-4.5.1-4.fc20
2015-04-18 09:48:14
[SECURITY] Fedora 21 Update: tcpdump-4.7.3-1.fc21
2015-03-30 07:01:09
f5
f5
K16837 : tcpdump before 4.7.2 vulnerabilities CVE-2015-0261, CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155
2015-07-02 00:00:00
SOL16837 - tcpdump before 4.7.2 vulnerabilities CVE-2015-0261, CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155
2015-07-02 00:00:00
gentoo
gentoo
tcpdump: Multiple vulnerabilities
2015-10-31 00:00:00
mageia
mageia
Updated tcpdump package fixes security vulnerabilities
2015-03-24 02:58:37
ubuntu
ubuntu
tcpdump vulnerabilities
2015-04-27 00:00:00
kaspersky
kaspersky
KLA10498 Denial of service vulnerabilities in tcpdump
2015-03-24 00:00:00
prion
prion
Integer overflow
2015-03-24 17:59:00
Out-of-bounds
2015-03-24 17:59:00
securityvulns
securityvulns
tcpdump multiple security vulnerabilities
2015-03-16 00:00:00
tcpdump 4.7.2 remote crashes
2015-03-16 00:00:00
debiancve
debiancve
CVE-2015-2154
2015-03-24 17:59:00
CVE-2015-0261
2015-03-24 17:59:00
ubuntucve
ubuntucve
CVE-2015-2154
2015-03-24 00:00:00
CVE-2015-0261
2015-03-24 00:00:00
cve
cve
CVE-2015-0261
2015-03-24 17:59:00
CVE-2015-2154
2015-03-24 17:59:00
archlinux
archlinux
tcpdump: multiple issues
2015-03-20 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in tcpdump affect PowerKVM
2018-06-18 01:38:06
Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in tcpdump
2018-06-16 22:02:20
redhat
redhat
(RHSA-2017:1871) Moderate: tcpdump security, bug fix, and enhancement update
2017-08-01 03:03:57
centos
centos
tcpdump security update
2017-08-24 01:41:48
oraclelinux
oraclelinux
tcpdump security, bug fix, and enhancement update
2017-08-07 00:00:00
JSON
Related for ALA_ALAS-2015-557.NASL
amazon1openvas16osv1nessus19debian3fedora3f52gentoo1mageia1ubuntu1kaspersky1prion2securityvulns2debiancve2ubuntucve2cve2archlinux1ibm2redhat1centos1oraclelinux1