Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2021 Tenable Network Security, Inc.FEDORA_2011-17267.NASL
HistoryJan 06, 2012 - 12:00 a.m.

Fedora 16 : libvirt-0.9.6-4.fc16 (2011-17267)

2012-01-0600:00:00
This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.
www.tenable.com
10
JSON

This release of libvirt fixes a minor security problem with extraneous iptables rules being added when an externally managed network (new feature in 0.9.4) exists, along with several bugfixes. Another important change in this release is code to automatically convert guest definitions containing the deprecated ‘fedora-13’ machine type over to ‘pc-0.14’ - support for the ‘fedora-13’ machine type will be removed from qemu in Fedora 17, so all guests will need to be reconfigured before that time; the code in this update handles the reconfiguration automatically.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2011-17267.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(57437);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2011-4600");
  script_xref(name:"FEDORA", value:"2011-17267");

  script_name(english:"Fedora 16 : libvirt-0.9.6-4.fc16 (2011-17267)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This release of libvirt fixes a minor security problem with extraneous
iptables rules being added when an externally managed network (new
feature in 0.9.4) exists, along with several bugfixes. Another
important change in this release is code to automatically convert
guest definitions containing the deprecated 'fedora-13' machine type
over to 'pc-0.14' - support for the 'fedora-13' machine type will be
removed from qemu in Fedora 17, so all guests will need to be
reconfigured before that time; the code in this update handles the
reconfiguration automatically.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=738725"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=754772"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=754909"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=757382"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=758896"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=761329"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=766104"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/071633.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?ee12c63a"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected libvirt package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libvirt");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:16");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/12/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/06");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^16([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 16.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC16", reference:"libvirt-0.9.6-4.fc16")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt");
}
VendorProductVersionCPE
fedoraprojectfedoralibvirtp-cpe:/a:fedoraproject:fedora:libvirt
fedoraprojectfedora16cpe:/o:fedoraproject:fedora:16

Related

veracode 1
cve 1
openvas 9
fedora 4
ubuntucve 1
prion 1
nessus 2
debiancve 1
ubuntu 1
veracode
veracode
Authorization Bypass
2019-01-15 08:50:45
cve
cve
CVE-2011-4600
2016-04-14 15:59:00
openvas
openvas
Fedora Update for libvirt FEDORA-2011-17267
2012-04-02 00:00:00
Fedora Update for libvirt FEDORA-2011-17267
2012-04-02 00:00:00
Fedora Update for libvirt FEDORA-2012-15640
2012-10-19 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: libvirt-0.9.6-4.fc16
2012-01-05 21:00:08
[SECURITY] Fedora 16 Update: libvirt-0.9.6.3-1.fc16
2012-10-17 00:29:13
[SECURITY] Fedora 16 Update: libvirt-0.9.6.2-1.fc16
2012-08-22 21:11:41
ubuntucve
ubuntucve
CVE-2011-4600
2011-12-31 00:00:00
prion
prion
Authentication flaw
2016-04-14 15:59:00
nessus
nessus
openSUSE Security Update : libvirt (openSUSE-2012-78)
2014-06-13 00:00:00
Ubuntu 14.04 LTS : libvirt vulnerabilities (USN-2867-1)
2016-01-13 00:00:00
debiancve
debiancve
CVE-2011-4600
2016-04-14 15:59:00
ubuntu
ubuntu
libvirt vulnerabilities
2016-01-12 00:00:00
JSON
Related for FEDORA_2011-17267.NASL
veracode1cve1openvas9fedora4ubuntucve1prion1nessus2debiancve1ubuntu1