Lucene search
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-494.NASLHistoryMay 31, 2016 - 12:00 a.m.
Debian DLA-494-1 : eglibc security update
2016-05-3100:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23
Several vulnerabilities have been fixed in the Debian GNU C Library, eglibc :
CVE-2016-1234
Alexander Cherepanov discovered that the glibc’s glob implementation suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name.
CVE-2016-3075
The getnetbyname implementation in nss_dns was susceptible to a stack overflow and a crash if it was invoked on a very long name.
CVE-2016-3706
Michael Petlan reported that getaddrinfo copied large amounts of address data to the stack, possibly leading to a stack overflow. This complements the fix for CVE-2013-4458.
For Debian 7 ‘Wheezy’, these problems have been fixed in version 2.13-38+deb7u11.
We recommend you to upgrade your eglibc packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-494-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(91361);
script_version("2.11");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2016-1234", "CVE-2016-3075", "CVE-2016-3706");
script_name(english:"Debian DLA-494-1 : eglibc security update");
script_summary(english:"Checks dpkg output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Several vulnerabilities have been fixed in the Debian GNU C Library,
eglibc :
CVE-2016-1234
Alexander Cherepanov discovered that the glibc's glob implementation
suffered from a stack-based buffer overflow when it was called with
the GLOB_ALTDIRFUNC flag and encountered a long file name.
CVE-2016-3075
The getnetbyname implementation in nss_dns was susceptible to a stack
overflow and a crash if it was invoked on a very long name.
CVE-2016-3706
Michael Petlan reported that getaddrinfo copied large amounts of
address data to the stack, possibly leading to a stack overflow. This
complements the fix for CVE-2013-4458.
For Debian 7 'Wheezy', these problems have been fixed in version
2.13-38+deb7u11.
We recommend you to upgrade your eglibc packages.
NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.debian.org/debian-lts-announce/2016/05/msg00047.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/wheezy/eglibc"
);
script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:eglibc-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:glibc-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc-bin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc-dev-bin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc0.1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc0.1-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc0.1-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc0.1-dev-i386");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc0.1-i386");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc0.1-i686");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc0.1-pic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc0.1-prof");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-amd64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dev-amd64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dev-i386");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dev-mips64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dev-mipsn32");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dev-ppc64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dev-s390");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dev-s390x");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dev-sparc64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-i386");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-i686");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-loongson2f");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-mips64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-mipsn32");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-pic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-ppc64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-prof");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-s390");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-s390x");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-sparc64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6.1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6.1-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6.1-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6.1-pic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6.1-prof");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:locales");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:locales-all");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:multiarch-support");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:nscd");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");
script_set_attribute(attribute:"patch_publication_date", value:"2016/05/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/05/31");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"7.0", prefix:"eglibc-source", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"glibc-doc", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc-bin", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc-dev-bin", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc0.1", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc0.1-dbg", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc0.1-dev", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc0.1-dev-i386", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc0.1-i386", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc0.1-i686", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc0.1-pic", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc0.1-prof", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-amd64", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-dbg", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-dev", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-dev-amd64", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-dev-i386", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-dev-mips64", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-dev-mipsn32", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-dev-ppc64", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-dev-s390", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-dev-s390x", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-dev-sparc64", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-i386", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-i686", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-loongson2f", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-mips64", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-mipsn32", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-pic", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-ppc64", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-prof", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-s390", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-s390x", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-sparc64", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6-xen", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6.1", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6.1-dbg", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6.1-dev", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6.1-pic", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"libc6.1-prof", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"locales", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"locales-all", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"multiarch-support", reference:"2.13-38+deb7u11")) flag++;
if (deb_check(release:"7.0", prefix:"nscd", reference:"2.13-38+deb7u11")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | eglibc-source | p-cpe:/a:debian:debian_linux:eglibc-source |
| debian | debian_linux | glibc-doc | p-cpe:/a:debian:debian_linux:glibc-doc |
| debian | debian_linux | libc-bin | p-cpe:/a:debian:debian_linux:libc-bin |
| debian | debian_linux | libc-dev-bin | p-cpe:/a:debian:debian_linux:libc-dev-bin |
| debian | debian_linux | libc0.1 | p-cpe:/a:debian:debian_linux:libc0.1 |
| debian | debian_linux | libc0.1-dbg | p-cpe:/a:debian:debian_linux:libc0.1-dbg |
| debian | debian_linux | libc0.1-dev | p-cpe:/a:debian:debian_linux:libc0.1-dev |
| debian | debian_linux | libc0.1-dev-i386 | p-cpe:/a:debian:debian_linux:libc0.1-dev-i386 |
| debian | debian_linux | libc0.1-i386 | p-cpe:/a:debian:debian_linux:libc0.1-i386 |
| debian | debian_linux | libc0.1-i686 | p-cpe:/a:debian:debian_linux:libc0.1-i686 |
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0206)
2022-01-28 00:00:00
Fedora Update for glibc FEDORA-2016-b321728d74
2016-06-08 00:00:00
Debian: Security Advisory (DLA-494-1)
2023-03-08 00:00:00
debian
debian
[SECURITY] [DLA 494-1] eglibc security update
2016-05-30 04:24:49
[SECURITY] [DLA 165-1] eglibc security update
2015-03-06 15:39:53
mageia
mageia
Updated glibc packages fix security vulnerabilities
2016-05-24 01:00:58
Updated glibc package fixes security vulnerabilities
2013-11-22 22:44:49
osv
osv
eglibc - security update
2016-05-30 00:00:00
eglibc - security update
2015-03-06 00:00:00
nessus
nessus
Fedora 24 : glibc (2016-b321728d74)
2016-07-14 00:00:00
Photon OS 1.0: Glibc PHSA-2017-0013
2019-02-07 00:00:00
F5 Networks BIG-IP : glibc vulnerability (K06493172)
2018-12-18 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package glibc version 6:2.23-alt2
2016-05-10 00:00:00
Security fix for the ALT Linux 9 package glibc version 6:2.17-alt6
2014-01-11 00:00:00
Security fix for the ALT Linux 7 package glibc version 6:2.17-alt6
2014-01-11 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: glibc-2.23.1-7.fc24
2016-05-14 23:42:24
[SECURITY] Fedora 23 Update: glibc-2.22-16.fc23
2016-05-12 20:56:11
[SECURITY] Fedora 23 Update: glibc-2.22-15.fc23
2016-05-10 18:01:37
android
android
CVE-2016-3706
2017-12-01 00:00:00
ubuntucve
ubuntucve
f5
f5
K06493172 : glibc vulnerability CVE-2016-3706
2016-08-05 00:00:00
SOL06493172 - glibc vulnerability CVE-2016-3706
2016-08-05 00:00:00
SOL15439022 - glibc vulnerability CVE-2016-3075
2016-05-23 00:00:00
cve
cve
debiancve
debiancve
prion
prion
archlinux
archlinux
glibc: multiple issues
2016-05-13 00:00:00
lib32-glibc: multiple issues
2016-05-13 00:00:00
lib32-glibc: denial of service
2016-08-08 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in GNU C Library affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems
2023-04-14 14:32:25
photon
photon
redhat
redhat
(RHSA-2016:2573) Low: glibc security, bug fix, and enhancement update
2016-11-03 06:07:14
(RHSA-2014:1391) Moderate: glibc security, bug fix, and enhancement update
2014-10-14 00:00:00
centos
centos
glibc, nscd security update
2016-11-25 15:25:38
glibc, nscd security update
2014-10-20 18:08:56
amazon
amazon
Low: glibc
2017-02-06 18:00:00
ubuntu
ubuntu
GNU C Library regression
2017-03-24 00:00:00
GNU C Library vulnerabilities
2017-03-21 00:00:00
GNU C Library Regression
2017-03-21 00:00:00
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2017-02-19 00:00:00
GNU C Library: Multiple vulnerabilities
2015-03-08 00:00:00
cloudfoundry
cloudfoundry
USN-3239-2: GNU C Library Regression | Cloud Foundry
2017-03-31 00:00:00
USN-2985-2 GNU C Library regression | Cloud Foundry
2016-06-13 00:00:00
oraclelinux
oraclelinux
glibc security, bug fix, and enhancement update
2014-10-15 00:00:00
glibc security update
2016-11-09 00:00:00
glibc security, bug fix, and enhancement update
2016-11-09 00:00:00
securityvulns
securityvulns
glibc security vulnerabilities
2013-12-01 00:00:00
[ MDVSA-2013:284 ] glibc
2013-12-01 00:00:00
zdt
zdt
Moxa Command Injection / Cross Site Scripting Vulnerabilities
2021-09-01 00:00:00
packetstorm
packetstorm
Moxa Command Injection / Cross Site Scripting / Vulnerable Software
2021-09-01 00:00:00
slackware
slackware
[slackware-security] glibc
2014-10-24 05:36:04
suse
suse
Security update for glibc (important)
2016-02-16 20:15:44
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53
rosalinux
rosalinux
Advisory ROSA-SA-2021-1844
2021-07-02 16:56:21
Related for DEBIAN_DLA-494.NASL