The 3.10.11 stable update contains a number of important fixes across the tree.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2013-16336.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(69910);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2899");
script_bugtraq_id(62042, 62043, 62044, 62045, 62046, 62047, 62048, 62049, 62050, 62052);
script_xref(name:"FEDORA", value:"2013-16336");
script_name(english:"Fedora 18 : kernel-3.10.11-100.fc18 (2013-16336)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"The 3.10.11 stable update contains a number of important fixes across
the tree.
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1000137"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1000360"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1000373"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1000414"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1000429"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1000451"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1000494"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1000536"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=999890"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=999960"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2013-September/115710.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?cbf797dc"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected kernel package."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:18");
script_set_attribute(attribute:"patch_publication_date", value:"2013/09/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/16");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^18([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 18.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC18", reference:"kernel-3.10.11-100.fc18")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
Vendor | Product | Version | CPE |
---|---|---|---|
fedoraproject | fedora | kernel | p-cpe:/a:fedoraproject:fedora:kernel |
fedoraproject | fedora | 18 | cpe:/o:fedoraproject:fedora:18 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2888
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2891
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2892
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2894
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2895
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899
www.nessus.org/u?cbf797dc
bugzilla.redhat.com/show_bug.cgi?id=1000137
bugzilla.redhat.com/show_bug.cgi?id=1000360
bugzilla.redhat.com/show_bug.cgi?id=1000373
bugzilla.redhat.com/show_bug.cgi?id=1000414
bugzilla.redhat.com/show_bug.cgi?id=1000429
bugzilla.redhat.com/show_bug.cgi?id=1000451
bugzilla.redhat.com/show_bug.cgi?id=1000494
bugzilla.redhat.com/show_bug.cgi?id=1000536
bugzilla.redhat.com/show_bug.cgi?id=999890
bugzilla.redhat.com/show_bug.cgi?id=999960