Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2006-2021 Tenable Network Security, Inc.FEDORA_2006-014.NASL
HistoryJan 15, 2006 - 12:00 a.m.

Fedora Core 3 : mod_auth_pgsql-2.0.1-6.2 (2006-014)

2006-01-1500:00:00
This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.
www.tenable.com
7
JSON

Several format string flaws were found in the way mod_auth_pgsql logs information. It may be possible for a remote attacker to execute arbitrary code as the ‘apache’ user if mod_auth_pgsql is used for user authentication. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-3656 to this issue.

Please note that this issue only affects servers which have mod_auth_pgsql installed and configured to perform user authentication against a PostgreSQL database.

Red Hat would like to thank iDefense for reporting this issue.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2006-014.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(20404);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2005-3656");
  script_xref(name:"FEDORA", value:"2006-014");

  script_name(english:"Fedora Core 3 : mod_auth_pgsql-2.0.1-6.2 (2006-014)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora Core host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several format string flaws were found in the way mod_auth_pgsql logs
information. It may be possible for a remote attacker to execute
arbitrary code as the 'apache' user if mod_auth_pgsql is used for user
authentication. The Common Vulnerabilities and Exposures project
assigned the name CVE-2005-3656 to this issue.

Please note that this issue only affects servers which have
mod_auth_pgsql installed and configured to perform user authentication
against a PostgreSQL database.

Red Hat would like to thank iDefense for reporting this issue.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  # https://lists.fedoraproject.org/pipermail/announce/2006-January/001720.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?9a06230c"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Update the affected mod_auth_pgsql and / or mod_auth_pgsql-debuginfo
packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mod_auth_pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mod_auth_pgsql-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:3");

  script_set_attribute(attribute:"patch_publication_date", value:"2006/01/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/15");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 3.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC3", reference:"mod_auth_pgsql-2.0.1-6.2")) flag++;
if (rpm_check(release:"FC3", reference:"mod_auth_pgsql-debuginfo-2.0.1-6.2")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mod_auth_pgsql / mod_auth_pgsql-debuginfo");
}
VendorProductVersionCPE
fedoraprojectfedoramod_auth_pgsqlp-cpe:/a:fedoraproject:fedora:mod_auth_pgsql
fedoraprojectfedoramod_auth_pgsql-debuginfop-cpe:/a:fedoraproject:fedora:mod_auth_pgsql-debuginfo
fedoraprojectfedora_core3cpe:/o:fedoraproject:fedora_core:3

Related

debian 2
nessus 7
securityvulns 2
cve 1
debiancve 1
cvelist 1
openvas 4
redhat 1
ubuntucve 1
ubuntu 1
checkpoint_advisories 2
gentoo 1
centos 1
debian
debian
[SECURITY] [DSA 935-1] New libapache2-mod-auth-pgsql packages fix arbitrary code execution
2006-01-10 14:14:01
[SECURITY] [DSA 935-1] New libapache2-mod-auth-pgsql packages fix arbitrary code execution
2006-01-10 00:00:00
nessus
nessus
CentOS 3 / 4 : mod_auth_pgsql (CESA-2006:0164)
2006-07-03 00:00:00
Mandrake Linux Security Advisory : apache2-mod_auth_pgsql (MDKSA-2006:009)
2006-01-15 00:00:00
Fedora Core 4 : mod_auth_pgsql-2.0.1-8.1 (2006-015)
2006-01-15 00:00:00
securityvulns
securityvulns
[Full-disclosure] [USN-239-1] libapache2-mod-auth-pgsql vulnerability
2006-01-09 00:00:00
iDefense Security Advisory 01.09.06: Multiple Vendor mod_auth_pgsql Format String Vulnerability
2006-01-10 00:00:00
cve
cve
CVE-2005-3656
2005-12-31 05:00:00
debiancve
debiancve
CVE-2005-3656
2005-12-31 05:00:00
cvelist
cvelist
CVE-2005-3656
2006-01-06 11:00:00
openvas
openvas
Debian Security Advisory DSA 935-1 (libapache2-mod-auth-pgsql)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200601-05 (mod_auth_pgsql)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200601-05 (mod_auth_pgsql)
2008-09-24 00:00:00
redhat
redhat
(RHSA-2006:0164) mod_auth_pgsql security update
2006-01-05 00:00:00
ubuntucve
ubuntucve
CVE-2005-3656
2005-12-31 00:00:00
ubuntu
ubuntu
libapache2-mod-auth-pgsql vulnerability
2006-01-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against A Format String Vulnerability in mod_auth_pgsql for Apache
2006-02-12 00:00:00
Apache HTTP Server auth_ldap Logging Function Format String (CVE-2005-3656; CVE-2006-0150)
2010-08-17 00:00:00
gentoo
gentoo
mod_auth_pgsql: Multiple format string vulnerabilities
2006-01-10 00:00:00
centos
centos
mod_auth_pgsql security update
2006-01-06 08:44:52
JSON
Related for FEDORA_2006-014.NASL
debian2nessus7securityvulns2cve1debiancve1cvelist1openvas4redhat1ubuntucve1ubuntu1checkpoint_advisories2gentoo1centos1