Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 Tenable Network Security, Inc.FEDORA_2004-551.NASL
HistoryDec 15, 2004 - 12:00 a.m.

Fedora Core 3 : kdebase-3.3.1-4.3.FC3 (2004-551)

2004-12-1500:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
12
JSON

  • Tue Dec 14 2004 Than Ngo <than at redhat.com> 6:3.3.1-4.3.FC3

    • apply the patch to fix Konqueror Window Injection Vulnerability #142510 CVE-2004-1158, Thanks to KDE security team

    • Fri Dec 10 2004 Than Ngo <than at redhat.com> 6:3.3.1-4.2.FC3

    • Security Advisory: plain text password exposure, thanks to KDE security team

    • the existing icon is lost, add patch to fix this problem #140196

      • add patch to fix kfind hang on search #137582

      • rebuild against samba-3.0.9 #139894

      • add CVS patch to fix konqueror crash by dragging some text over the navigation panel

    • fix rpm conflict

      • apply patch number 86

      • add patch to fix man page problem konqueror, thanks to Andy Shevchenko

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2004-551.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(15980);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_xref(name:"FEDORA", value:"2004-551");

  script_name(english:"Fedora Core 3 : kdebase-3.3.1-4.3.FC3 (2004-551)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora Core host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"  - Tue Dec 14 2004 Than Ngo <than at redhat.com>
    6:3.3.1-4.3.FC3

  - apply the patch to fix Konqueror Window Injection
    Vulnerability #142510 CVE-2004-1158, Thanks to KDE
    security team

  - Fri Dec 10 2004 Than Ngo <than at redhat.com>
    6:3.3.1-4.2.FC3

  - Security Advisory: plain text password exposure, thanks
    to KDE security team

  - the existing icon is lost, add patch to fix this problem
    #140196

    - add patch to fix kfind hang on search #137582

    - rebuild against samba-3.0.9 #139894

    - add CVS patch to fix konqueror crash by dragging some
      text over the navigation panel

  - fix rpm conflict

    - apply patch number 86

    - add patch to fix man page problem konqueror, thanks to
      Andy Shevchenko

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  # https://lists.fedoraproject.org/pipermail/announce/2004-December/000506.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?a90c859d"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Update the affected kdebase, kdebase-debuginfo and / or kdebase-devel
packages."
  );
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:3");

  script_set_attribute(attribute:"patch_publication_date", value:"2004/12/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/12/15");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 3.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC3", reference:"kdebase-3.3.1-4.3.FC3")) flag++;
if (rpm_check(release:"FC3", reference:"kdebase-debuginfo-3.3.1-4.3.FC3")) flag++;
if (rpm_check(release:"FC3", reference:"kdebase-devel-3.3.1-4.3.FC3")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kdebase / kdebase-debuginfo / kdebase-devel");
}
VendorProductVersionCPE
fedoraprojectfedorakdebasep-cpe:/a:fedoraproject:fedora:kdebase
fedoraprojectfedorakdebase-debuginfop-cpe:/a:fedoraproject:fedora:kdebase-debuginfo
fedoraprojectfedorakdebase-develp-cpe:/a:fedoraproject:fedora:kdebase-devel
fedoraprojectfedora_core3cpe:/o:fedoraproject:fedora_core:3

Related

nessus 7
cve 1
ubuntucve 1
openvas 6
gentoo 1
redhat 1
freebsd 1
nessus
nessus
Fedora Core 2 : kdelibs-3.2.2-10.FC2 (2004-548)
2004-12-15 00:00:00
Fedora Core 2 : kdebase-3.2.2-8.FC2 (2004-549)
2004-12-15 00:00:00
Fedora Core 3 : kdelibs-3.3.1-2.4.FC3 (2004-550)
2004-12-15 00:00:00
cve
cve
CVE-2004-1158
2005-01-10 05:00:00
ubuntucve
ubuntucve
CVE-2004-1158
2005-01-10 00:00:00
openvas
openvas
SLES9: Security update for kdelibs3
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200412-16 (KDE)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200412-16 (KDE)
2008-09-24 00:00:00
gentoo
gentoo
kdelibs, kdebase: Multiple vulnerabilities
2004-12-19 00:00:00
redhat
redhat
(RHSA-2005:009) kdelibs, kdebase security update
2005-02-10 00:00:00
freebsd
freebsd
web browsers -- window injection vulnerabilities
2004-12-08 00:00:00
JSON
Related for FEDORA_2004-551.NASL
nessus7cve1ubuntucve1openvas6gentoo1redhat1freebsd1