Lucene search
This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.DEBIAN_DLA-276.NASLHistoryJul 20, 2015 - 12:00 a.m.
Debian DLA-276-1 : inspircd security update
2015-07-2000:00:00
This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.
www.tenable.com
8
Adam <[email protected]>, upstream author of inspircd found the Debian patch that fixed CVE-2012-1836 was incomplete. Furthermore, it introduced an issue, since invalid dns packets caused an infinite loop. This upload corrects these problems.
As of today, no CVEs has been assigned to these Debian-specific flaws.
For the Squeeze distribution, these issues have been fixed in version 1.1.22+dfsg-4+squeeze2 of inspircd.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-276-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(84834);
script_version("2.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_name(english:"Debian DLA-276-1 : inspircd security update");
script_summary(english:"Checks dpkg output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Adam <[email protected]>, upstream author of inspircd found the Debian
patch that fixed CVE-2012-1836 was incomplete. Furthermore, it
introduced an issue, since invalid dns packets caused an infinite
loop. This upload corrects these problems.
As of today, no CVEs has been assigned to these Debian-specific flaws.
For the Squeeze distribution, these issues have been fixed in version
1.1.22+dfsg-4+squeeze2 of inspircd.
NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.debian.org/debian-lts-announce/2015/07/msg00012.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/squeeze-lts/inspircd"
);
script_set_attribute(
attribute:"solution",
value:"Upgrade the affected inspircd, and inspircd-dbg packages."
);
script_set_attribute(attribute:"risk_factor", value:"High");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:inspircd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:inspircd-dbg");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
script_set_attribute(attribute:"patch_publication_date", value:"2015/07/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/07/20");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"6.0", prefix:"inspircd", reference:"1.1.22+dfsg-4+squeeze2")) flag++;
if (deb_check(release:"6.0", prefix:"inspircd-dbg", reference:"1.1.22+dfsg-4+squeeze2")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | inspircd | p-cpe:/a:debian:debian_linux:inspircd |
| debian | debian_linux | inspircd-dbg | p-cpe:/a:debian:debian_linux:inspircd-dbg |
| debian | debian_linux | 6.0 | cpe:/o:debian:debian_linux:6.0 |
Related
nessus
nessus
GLSA-201204-02 : InspIRCd: Arbitrary code execution
2012-06-21 00:00:00
FreeBSD : inspircd -- buffer overflow (f5f00804-a03b-11e1-a284-0023ae8e59f0)
2012-05-18 00:00:00
Debian DSA-2448-1 : inspircd - buffer overflow
2012-04-11 00:00:00
debian
debian
[SECURITY] [DSA 3226-1] inspircd security update
2015-04-15 15:42:18
[SECURITY] [DSA 3226-1] inspircd security update
2015-04-15 15:42:37
[SECURITY] [DSA 2448-1] inspircd security update
2012-04-10 02:35:43
openvas
openvas
Debian: Security Advisory (DSA-2448-1)
2012-04-30 00:00:00
Gentoo Security Advisory GLSA 201204-02 (InspIRCd)
2012-04-30 00:00:00
Debian Security Advisory DSA 2448-1 (inspircd)
2012-04-30 00:00:00
gentoo
gentoo
InspIRCd: Arbitrary code execution
2012-04-10 00:00:00
freebsd
freebsd
inspircd -- buffer overflow
2012-03-19 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3226-1] inspircd security update
2015-04-17 00:00:00
[SECURITY] [DSA 2448-1] inspircd security update
2012-04-24 00:00:00
InspIRCd buffer overflow
2012-04-24 00:00:00
ubuntucve
ubuntucve
debiancve
debiancve
cve
cve
prion
prion
Heap overflow
2012-03-22 03:28:00
Design/Logic Flaw
2017-09-25 21:29:00
Buffer overflow
2017-04-13 14:59:00
cvelist
cvelist
osv
osv
inspircd - security update
2015-07-18 00:00:00
inspircd - security update
2015-04-15 00:00:00
Related for DEBIAN_DLA-276.NASL