Lucene search
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.CENTOS_RHSA-2007-0310.NASLHistoryJun 29, 2013 - 12:00 a.m.
CentOS 4 : gdm / openldap (CESA-2007:0310)
2013-06-2900:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
A updated openldap packages that fix a security flaw is now available for Red Hat Enterprise Linux 4.
This update has been rated as having low security impact by the Red Hat Security Response Team.
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools.
A flaw was found in the way OpenLDAP handled selfwrite access. Users with selfwrite access were able to modify the distinguished name of any user. (CVE-2006-4600)
All users are advised to upgrade to these updated openldap packages, which contain a backported patch to correct this issue.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2007:0310 and
# CentOS Errata and Security Advisory 2007:0310 respectively.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(67049);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2006-4600");
script_xref(name:"RHSA", value:"2007:0310");
script_name(english:"CentOS 4 : gdm / openldap (CESA-2007:0310)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote CentOS host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"A updated openldap packages that fix a security flaw is now available
for Red Hat Enterprise Linux 4.
This update has been rated as having low security impact by the Red
Hat Security Response Team.
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools.
A flaw was found in the way OpenLDAP handled selfwrite access. Users
with selfwrite access were able to modify the distinguished name of
any user. (CVE-2006-4600)
All users are advised to upgrade to these updated openldap packages,
which contain a backported patch to correct this issue."
);
# https://lists.centos.org/pipermail/centos-announce/2007-May/013703.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?e78e9513"
);
# https://lists.centos.org/pipermail/centos-announce/2007-May/013704.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?bc6d6290"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected gdm and / or openldap packages."
);
script_set_cvss_base_vector("CVSS2#AV:A/AC:M/Au:S/C:N/I:P/A:N");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:compat-openldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gdm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openldap-clients");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openldap-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openldap-servers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openldap-servers-sql");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4");
script_set_attribute(attribute:"vuln_publication_date", value:"2006/09/06");
script_set_attribute(attribute:"patch_publication_date", value:"2007/05/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/06/29");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"CentOS Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x", "CentOS " + os_ver);
if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
flag = 0;
if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"compat-openldap-2.1.30-7.4E")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"gdm-2.6.0.5-7.rhel4.15")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"openldap-2.2.13-7.4E")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"openldap-clients-2.2.13-7.4E")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"openldap-devel-2.2.13-7.4E")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"openldap-servers-2.2.13-7.4E")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"openldap-servers-sql-2.2.13-7.4E")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_NOTE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "compat-openldap / gdm / openldap / openldap-clients / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| centos | centos | compat-openldap | p-cpe:/a:centos:centos:compat-openldap |
| centos | centos | gdm | p-cpe:/a:centos:centos:gdm |
| centos | centos | openldap | p-cpe:/a:centos:centos:openldap |
| centos | centos | openldap-clients | p-cpe:/a:centos:centos:openldap-clients |
| centos | centos | openldap-devel | p-cpe:/a:centos:centos:openldap-devel |
| centos | centos | openldap-servers | p-cpe:/a:centos:centos:openldap-servers |
| centos | centos | openldap-servers-sql | p-cpe:/a:centos:centos:openldap-servers-sql |
| centos | centos | 4 | cpe:/o:centos:centos:4 |
Related
nessus
nessus
FreeBSD : openldap -- slapd acl selfwrite Security Issue (ae7124ff-547c-11db-8f1a-000a48049292)
2006-10-10 00:00:00
Scientific Linux Security Update : openldap on SL3.x i386/x86_64
2012-08-01 00:00:00
RHEL 4 : openldap (RHSA-2007:0310)
2007-05-02 00:00:00
cve
cve
CVE-2006-4600
2006-09-07 00:04:00
openvas
openvas
FreeBSD Ports: openldap-server, openldap-sasl-server
2008-09-04 00:00:00
FreeBSD Ports: openldap-server, openldap-sasl-server
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200711-23 (vmware-workstation vmware-player)
2008-09-24 00:00:00
redhat
redhat
(RHSA-2007:0310) Low: openldap security update
2007-05-01 00:00:00
(RHSA-2007:0430) Low: openldap security and bug-fix update
2007-06-11 13:45:45
oraclelinux
oraclelinux
Low: openldap security update
2007-05-17 00:00:00
centos
centos
compat, gdm, openldap security update
2007-05-02 08:52:57
openldap security update
2007-06-11 21:07:22
freebsd
freebsd
openldap -- slapd acl selfwrite Security Issue
2006-06-14 00:00:00
ubuntucve
ubuntucve
CVE-2006-4600
2006-09-07 00:00:00
gentoo
gentoo
VMware Workstation and Player: Multiple vulnerabilities
2007-11-18 00:00:00
securityvulns
securityvulns
Related for CENTOS_RHSA-2007-0310.NASL