Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2021 Tenable Network Security, Inc.DEBIAN_DLA-97.NASL
HistoryMar 26, 2015 - 12:00 a.m.

Debian DLA-97-1 : eglibc security update

2015-03-2600:00:00
This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.
www.tenable.com
12
JSON

CVE-2012-6656

Fix validation check when converting from ibm930 to utf. When converting IBM930 code with iconv(), if IBM930 code which includes invalid multibyte character ‘0xffff’ is specified, then iconv() segfaults.

CVE-2014-6040

Crashes on invalid input in IBM gconv modules [BZ #17325] These changes are based on the fix for BZ #14134 in commit 6e230d11837f3ae7b375ea69d7905f0d18eb79e5.

CVE-2014-7817

The function wordexp() fails to properly handle the WRDE_NOCMD flag when processing arithmetic inputs in the form of ‘$((… ``))’ where ‘…’ can be anything valid. The backticks in the arithmetic epxression are evaluated by in a shell even if WRDE_NOCMD forbade command substitution. This allows an attacker to attempt to pass dangerous commands via constructs of the above form, and bypass the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD in exec_comm(), the only place that can execute a shell. All other checks for WRDE_NOCMD are superfluous and removed.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-97-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(82242);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2012-6656", "CVE-2014-6040", "CVE-2014-7817");
  script_bugtraq_id(69470, 69472, 71216);

  script_name(english:"Debian DLA-97-1 : eglibc security update");
  script_summary(english:"Checks dpkg output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"CVE-2012-6656

Fix validation check when converting from ibm930 to utf. When
converting IBM930 code with iconv(), if IBM930 code which includes
invalid multibyte character '0xffff' is specified, then iconv()
segfaults.

CVE-2014-6040

Crashes on invalid input in IBM gconv modules [BZ #17325] These
changes are based on the fix for BZ #14134 in commit
6e230d11837f3ae7b375ea69d7905f0d18eb79e5.

CVE-2014-7817

The function wordexp() fails to properly handle the WRDE_NOCMD flag
when processing arithmetic inputs in the form of '$((... ``))' where
'...' can be anything valid. The backticks in the arithmetic
epxression are evaluated by in a shell even if WRDE_NOCMD forbade
command substitution. This allows an attacker to attempt to pass
dangerous commands via constructs of the above form, and bypass the
WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD in
exec_comm(), the only place that can execute a shell. All other checks
for WRDE_NOCMD are superfluous and removed.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.debian.org/debian-lts-announce/2014/11/msg00015.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/squeeze-lts/eglibc"
  );
  script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:eglibc-source");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:glibc-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc-bin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc-dev-bin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-amd64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dev-amd64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-dev-i386");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-i386");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-i686");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-pic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-prof");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-udeb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libc6-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libnss-dns-udeb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libnss-files-udeb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:locales");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:locales-all");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:nscd");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/11/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/26");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"6.0", prefix:"eglibc-source", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"glibc-doc", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc-bin", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc-dev-bin", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc6", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc6-amd64", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc6-dbg", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc6-dev", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc6-dev-amd64", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc6-dev-i386", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc6-i386", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc6-i686", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc6-pic", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc6-prof", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc6-udeb", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libc6-xen", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libnss-dns-udeb", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"libnss-files-udeb", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"locales", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"locales-all", reference:"2.11.3-4+deb6u2")) flag++;
if (deb_check(release:"6.0", prefix:"nscd", reference:"2.11.3-4+deb6u2")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxeglibc-sourcep-cpe:/a:debian:debian_linux:eglibc-source
debiandebian_linuxglibc-docp-cpe:/a:debian:debian_linux:glibc-doc
debiandebian_linuxlibc-binp-cpe:/a:debian:debian_linux:libc-bin
debiandebian_linuxlibc-dev-binp-cpe:/a:debian:debian_linux:libc-dev-bin
debiandebian_linuxlibc6p-cpe:/a:debian:debian_linux:libc6
debiandebian_linuxlibc6-amd64p-cpe:/a:debian:debian_linux:libc6-amd64
debiandebian_linuxlibc6-dbgp-cpe:/a:debian:debian_linux:libc6-dbg
debiandebian_linuxlibc6-devp-cpe:/a:debian:debian_linux:libc6-dev
debiandebian_linuxlibc6-dev-amd64p-cpe:/a:debian:debian_linux:libc6-dev-amd64
debiandebian_linuxlibc6-dev-i386p-cpe:/a:debian:debian_linux:libc6-dev-i386
Rows per page:
1-10 of 221

Related

debian 2
openvas 33
nessus 42
osv 2
ubuntu 1
oraclelinux 4
redhat 3
amazon 2
centos 3
securityvulns 3
ibm 12
fedora 2
suse 3
prion 3
ubuntucve 3
f5 6
cve 3
debiancve 3
altlinux 1
mageia 2
archlinux 1
gentoo 2
slackware 1
oracle 2
debian
debian
[SECURITY] [DLA 97-1] eglibc security update
2014-11-29 18:51:24
[SECURITY] [DSA 3142-1] eglibc security update
2015-01-27 15:39:01
openvas
openvas
Ubuntu: Security Advisory (USN-2432-1)
2022-08-26 00:00:00
Debian: Security Advisory (DLA-97-1)
2023-03-08 00:00:00
Debian Security Advisory DSA 3142-1 (eglibc - security update)
2015-01-27 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : GNU C Library vulnerabilities (USN-2432-1)
2014-12-04 00:00:00
Debian DSA-3142-1 : eglibc - security update
2015-01-28 00:00:00
Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20150107)
2015-01-08 00:00:00
osv
osv
eglibc - security update
2014-11-29 00:00:00
eglibc - security update
2015-01-27 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2014-12-03 00:00:00
oraclelinux
oraclelinux
glibc security and bug fix update
2015-01-07 00:00:00
glibc security and bug fix update
2015-03-09 00:00:00
glibc security and bug fix update
2014-12-18 00:00:00
redhat
redhat
(RHSA-2015:0016) Moderate: glibc security and bug fix update
2015-01-07 00:00:00
(RHSA-2014:2023) Moderate: glibc security and bug fix update
2014-12-18 00:00:00
(RHSA-2015:0327) Moderate: glibc security and bug fix update
2015-03-05 00:00:00
amazon
amazon
Medium: glibc
2015-01-08 12:38:00
Medium: glibc
2015-03-23 08:30:00
centos
centos
glibc, nscd security update
2015-01-07 22:45:41
glibc, nscd security update
2014-12-19 12:43:11
glibc, nscd security update
2015-03-17 13:28:04
securityvulns
securityvulns
GNU glibc buffer overflow
2014-09-01 00:00:00
GNU glibc code execution
2014-11-30 00:00:00
[ MDVSA-2014:232 ] glibc
2014-11-30 00:00:00
ibm
ibm
Security Bulletin: GNU C Library (glibc) Vulnerability Affects Power Hardware Management Console (CVE-2015-0235, CVE-2014-6040, CVE-2014-7817)
2021-09-23 01:31:39
Security Bulletin: PowerKVM is affected by glibc vulnerabilities (Multiple CVEs)
2018-06-18 01:28:19
Security Bulletin: GNU C library (glibc) vulnerability affect IBM DataPower Gateway appliances (CVE-2014-6040)
2018-06-15 07:02:32
fedora
fedora
[SECURITY] Fedora 20 Update: glibc-2.18-19.fc20
2015-03-04 10:25:31
[SECURITY] Fedora 21 Update: glibc-2.20-8.fc21
2015-03-04 10:27:01
suse
suse
Security update for glibc (important)
2014-09-15 19:06:41
Security update for glibc (important)
2014-09-15 19:04:18
glibc (important)
2014-09-11 09:04:39
prion
prion
Out-of-bounds
2014-12-05 16:59:00
Input validation
2014-11-24 15:59:00
Out-of-bounds
2014-12-05 16:59:00
ubuntucve
ubuntucve
CVE-2012-6656
2012-12-31 00:00:00
CVE-2014-7817
2014-11-24 00:00:00
CVE-2014-6040
2014-09-02 00:00:00
f5
f5
SOL16342 - GNU C Library (glibc) vulnerability CVE-2012-6656
2015-04-01 00:00:00
K16342 : GNU C Library (glibc) vulnerability CVE-2012-6656
2015-07-23 00:00:00
SOL16010 - GNU C Library (glibc) vulnerability CVE-2014-7817
2015-01-21 00:00:00
cve
cve
CVE-2012-6656
2014-12-05 16:59:00
CVE-2014-7817
2014-11-24 15:59:00
CVE-2014-6040
2014-12-05 16:59:00
debiancve
debiancve
CVE-2012-6656
2014-12-05 16:59:00
CVE-2014-7817
2014-11-24 15:59:00
CVE-2014-6040
2014-12-05 16:59:00
altlinux
altlinux
Security fix for the ALT Linux 6 package glibc version 6:2.11.3-alt8.M60P.3
2015-12-23 00:00:00
mageia
mageia
Updated glibc packages fix CVE-2014-7817
2014-11-26 20:29:06
Updated glibc packages fix multiple security vulnerabilities
2014-09-15 14:36:30
archlinux
archlinux
glibc: command execution
2014-11-21 00:00:00
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2016-02-17 00:00:00
GNU C Library: Multiple vulnerabilities
2015-03-08 00:00:00
slackware
slackware
[slackware-security] glibc
2014-10-24 05:36:04
oracle
oracle
Oracle Critical Patch Update - January 2018
2018-01-16 00:00:00
Oracle Critical Patch Update - October 2018
2018-12-18 00:00:00
JSON
Related for DEBIAN_DLA-97.NASL
debian2openvas33nessus42osv2ubuntu1oraclelinux4redhat3amazon2centos3securityvulns3ibm12fedora2suse3prion3ubuntucve3f56cve3debiancve3altlinux1mageia2archlinux1gentoo2slackware1oracle2