Fix CVE-2014-7817 glibc: command execution in wordexp() with WRDE_NOCMD specified
Fix CVE-2014-9402 glibc: denial of service in getnetbyname function
CVE-2015-1472 glibc: heap buffer overflow in glibc swscanf
Fix segfault when LD_LIBRARY_PATH is set to non-existent directory.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2015-2837.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(81615);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2014-7817", "CVE-2014-9402", "CVE-2015-1472");
script_xref(name:"FEDORA", value:"2015-2837");
script_name(english:"Fedora 21 : glibc-2.20-8.fc21 (2015-2837)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
" - Fix CVE-2014-7817 glibc: command execution in wordexp()
with WRDE_NOCMD specified
- Fix CVE-2014-9402 glibc: denial of service in
getnetbyname function
- CVE-2015-1472 glibc: heap buffer overflow in glibc
swscanf
- Fix segfault when LD_LIBRARY_PATH is set to
non-existent directory.
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1157689"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1175369"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1188235"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2015-March/150644.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?690fb7f0"
);
script_set_attribute(attribute:"solution", value:"Update the affected glibc package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:21");
script_set_attribute(attribute:"patch_publication_date", value:"2015/02/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/05");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^21([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 21.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC21", reference:"glibc-2.20-8.fc21")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc");
}
Vendor | Product | Version | CPE |
---|---|---|---|
fedoraproject | fedora | glibc | p-cpe:/a:fedoraproject:fedora:glibc |
fedoraproject | fedora | 21 | cpe:/o:fedoraproject:fedora:21 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7817
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9402
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1472
www.nessus.org/u?690fb7f0
bugzilla.redhat.com/show_bug.cgi?id=1157689
bugzilla.redhat.com/show_bug.cgi?id=1175369
bugzilla.redhat.com/show_bug.cgi?id=1188235