Lucene search

K

Fedora 19 : rtkit-0.11-7.fc19 (2013-17529)

🗓️ 27 Sep 2013 00:00:00Reported by This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.Type 
nessus
 nessus
🔗 www.tenable.com👁 19 Views

Fedora 19 rtkit-0.11-7.fc19 (2013-17529) security update fixing insecure calling of polkit in rtkit packag

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
Fedora
[SECURITY] Fedora 20 Update: rtkit-0.11-7.fc20
12 Oct 201304:29
fedora
Fedora
[SECURITY] Fedora 18 Update: rtkit-0.11-7.fc18
10 Oct 201301:03
fedora
Fedora
[SECURITY] Fedora 19 Update: rtkit-0.11-7.fc19
26 Sep 201306:08
fedora
UbuntuCve
CVE-2013-4326
18 Sep 201300:00
ubuntucve
OSV
Red Hat Security Advisory: rtkit security update
15 Sep 202421:06
osv
OSV
rtkit-0.11+git.20130926-3.1 on GA media
15 Jun 202400:00
osv
OpenVAS
CentOS Update for rtkit CESA-2013:1282 centos6
3 Oct 201300:00
openvas
OpenVAS
RedHat Update for rtkit RHSA-2013:1282-01
3 Oct 201300:00
openvas
OpenVAS
Fedora Update for rtkit FEDORA-2013-17529
3 Oct 201300:00
openvas
OpenVAS
Fedora Update for rtkit FEDORA-2013-17583
11 Oct 201300:00
openvas
Rows per page
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2013-17529.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(70159);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2013-4326");
  script_bugtraq_id(62505);
  script_xref(name:"FEDORA", value:"2013-17529");

  script_name(english:"Fedora 19 : rtkit-0.11-7.fc19 (2013-17529)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update fixes :

  - Bug #1009543 - CVE-2013-4326 rtkit: insecure calling of
    polkit [fedora-all]

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1009543"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2013-September/116906.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?3434a95b"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected rtkit package.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:rtkit");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/09/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/27");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^19([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC19", reference:"rtkit-0.11-7.fc19")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rtkit");
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
27 Sep 2013 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS24.6
EPSS0.0004
19
.json
Report