Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-158.NASL
HistoryMar 26, 2015 - 12:00 a.m.

Debian DLA-158-1 : request-tracker3.8 security update

2015-03-2600:00:00
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
JSON

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system. The Common Vulnerabilities and Exposures project identifies the following problems :

CVE-2014-9472

Christian Loos discovered a remote denial of service vulnerability, exploitable via the email gateway and affecting any installation which accepts mail from untrusted sources. Depending on RT’s logging configuration, a remote attacker can take advantage of this flaw to cause CPU and excessive disk usage.

CVE-2015-1165

Christian Loos discovered an information disclosure flaw which may reveal RSS feeds URLs, and thus ticket data.

CVE-2015-1464

It was discovered that RSS feed URLs can be leveraged to perform session hijacking, allowing a user with the URL to log in as the user that created the feed.

For the oldstable distribution (squeeze), these problems have been fixed in version 3.8.8-7+squeeze9.

We recommend that you upgrade your request-tracker3.8 packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-158-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(82141);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2014-9472", "CVE-2015-1165", "CVE-2015-1464");
  script_bugtraq_id(72832, 72833, 72837);

  script_name(english:"Debian DLA-158-1 : request-tracker3.8 security update");
  script_summary(english:"Checks dpkg output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Multiple vulnerabilities have been discovered in Request Tracker, an
extensible trouble-ticket tracking system. The Common Vulnerabilities
and Exposures project identifies the following problems :

CVE-2014-9472

Christian Loos discovered a remote denial of service vulnerability,
exploitable via the email gateway and affecting any installation which
accepts mail from untrusted sources. Depending on RT's logging
configuration, a remote attacker can take advantage of this flaw to
cause CPU and excessive disk usage.

CVE-2015-1165

Christian Loos discovered an information disclosure flaw which may
reveal RSS feeds URLs, and thus ticket data.

CVE-2015-1464

It was discovered that RSS feed URLs can be leveraged to perform
session hijacking, allowing a user with the URL to log in as the user
that created the feed.

For the oldstable distribution (squeeze), these problems have been
fixed in version 3.8.8-7+squeeze9.

We recommend that you upgrade your request-tracker3.8 packages.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.debian.org/debian-lts-announce/2015/02/msg00012.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/squeeze-lts/request-tracker3.8"
  );
  script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:request-tracker3.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:rt3.8-apache2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:rt3.8-clients");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:rt3.8-db-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:rt3.8-db-postgresql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:rt3.8-db-sqlite");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2015/02/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/26");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"6.0", prefix:"request-tracker3.8", reference:"3.8.8-7+squeeze8")) flag++;
if (deb_check(release:"6.0", prefix:"rt3.8-apache2", reference:"3.8.8-7+squeeze8")) flag++;
if (deb_check(release:"6.0", prefix:"rt3.8-clients", reference:"3.8.8-7+squeeze8")) flag++;
if (deb_check(release:"6.0", prefix:"rt3.8-db-mysql", reference:"3.8.8-7+squeeze8")) flag++;
if (deb_check(release:"6.0", prefix:"rt3.8-db-postgresql", reference:"3.8.8-7+squeeze8")) flag++;
if (deb_check(release:"6.0", prefix:"rt3.8-db-sqlite", reference:"3.8.8-7+squeeze8")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxrequest-tracker3.8p-cpe:/a:debian:debian_linux:request-tracker3.8
debiandebian_linuxrt3.8-apache2p-cpe:/a:debian:debian_linux:rt3.8-apache2
debiandebian_linuxrt3.8-clientsp-cpe:/a:debian:debian_linux:rt3.8-clients
debiandebian_linuxrt3.8-db-mysqlp-cpe:/a:debian:debian_linux:rt3.8-db-mysql
debiandebian_linuxrt3.8-db-postgresqlp-cpe:/a:debian:debian_linux:rt3.8-db-postgresql
debiandebian_linuxrt3.8-db-sqlitep-cpe:/a:debian:debian_linux:rt3.8-db-sqlite
debiandebian_linux6.0cpe:/o:debian:debian_linux:6.0

Related

nessus 5
osv 2
debian 3
freebsd 1
openvas 6
fedora 2
securityvulns 2
cve 3
cvelist 3
ubuntucve 3
debiancve 3
prion 3
mageia 1
nessus
nessus
Debian DSA-3176-1 : request-tracker4 - security update
2015-02-27 00:00:00
Request Tracker 4.0.x < 4.0.23 / 4.2.x < 4.2.10 Multiple Vulnerabilities
2015-04-29 00:00:00
Fedora 21 : rt-4.2.10-2.fc21 (2015-4666)
2015-04-07 00:00:00
osv
osv
request-tracker3.8 - security update
2015-02-27 00:00:00
request-tracker4 - security update
2015-02-26 00:00:00
debian
debian
[SECURITY] [DSA 3176-1] request-tracker4 security update
2015-02-26 17:01:02
[SECURITY] [DLA 158-1] request-tracker3.8 security update
2015-02-27 00:27:05
[SECURITY] [DSA 3176-1] request-tracker4 security update
2015-02-26 17:00:44
freebsd
freebsd
rt -- Remote DoS, Information disclosure and Session Hijackingvulnerabilities
2015-02-26 00:00:00
openvas
openvas
Fedora Update for rt FEDORA-2015-4698
2015-07-07 00:00:00
Debian: Security Advisory (DSA-3176-1)
2015-02-25 00:00:00
Debian: Security Advisory (DLA-158-1)
2023-03-08 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: rt-4.2.10-2.fc21
2015-04-04 07:20:34
[SECURITY] Fedora 22 Update: rt-4.2.10-2.fc22
2015-03-31 21:48:30
securityvulns
securityvulns
[SECURITY] [DSA 3176-1] request-tracker4 security update
2015-03-23 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2015-03-23 00:00:00
cve
cve
CVE-2014-9472
2015-03-09 14:59:00
CVE-2015-1464
2015-03-09 14:59:00
CVE-2015-1165
2015-03-09 14:59:00
cvelist
cvelist
CVE-2014-9472
2015-03-09 14:00:00
CVE-2015-1464
2015-03-09 14:00:00
CVE-2015-1165
2015-03-09 14:00:00
ubuntucve
ubuntucve
CVE-2014-9472
2015-03-09 00:00:00
CVE-2015-1165
2015-03-09 00:00:00
CVE-2015-1464
2015-03-09 00:00:00
debiancve
debiancve
CVE-2014-9472
2015-03-09 14:59:00
CVE-2015-1165
2015-03-09 14:59:00
CVE-2015-1464
2015-03-09 14:59:00
prion
prion
Design/Logic Flaw
2015-03-09 14:59:00
Design/Logic Flaw
2015-03-09 14:59:00
Design/Logic Flaw
2015-03-09 14:59:00
mageia
mageia
Updated rt/perl-Encode packages fix security vulnerability
2017-09-03 17:31:33
JSON
Related for DEBIAN_DLA-158.NASL
nessus5osv2debian3freebsd1openvas6fedora2securityvulns2cve3cvelist3ubuntucve3debiancve3prion3mageia1