Lucene search

HistoryMay 12, 2016 - 12:00 a.m.

Fedora 23 : glibc-2.22-15.fc23 (2016-68abc0be35)

2016-05-1200:00:00

www.tenable.com

100

This update contains minor security fixes (for CVE-2016-3075, CVE-2016-1234, CVE-2015-8778, CVE-2015-8776, CVE-2014-9761, CVE-2015-8779) and collects fixes for bugs encountered by Fedora users.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2016-68abc0be35.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(91063);
  script_version("2.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2014-9761", "CVE-2015-8776", "CVE-2015-8778", "CVE-2015-8779", "CVE-2016-1234", "CVE-2016-3075");
  script_xref(name:"FEDORA", value:"2016-68abc0be35");

  script_name(english:"Fedora 23 : glibc-2.22-15.fc23 (2016-68abc0be35)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update contains minor security fixes (for CVE-2016-3075,
CVE-2016-1234, CVE-2015-8778, CVE-2015-8776, CVE-2014-9761,
CVE-2015-8779) and collects fixes for bugs encountered by Fedora
users.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1288740"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1293139"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1300300"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1300304"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1300311"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1300314"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1307234"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1313404"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1315648"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1316972"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1321372"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1321861"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1321954"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1332912"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1332914"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1332917"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1333901"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1333940"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1333945"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?d5fd1005"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected glibc package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:23");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/05/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/05/12");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^23([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 23.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC23", reference:"glibc-2.22-15.fc23")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc");
}

VendorProductVersionCPE
fedoraprojectfedoraglibcp-cpe:/a:fedoraproject:fedora:glibc
fedoraprojectfedora23cpe:/o:fedoraproject:fedora:23

Vendor	Product	Version	CPE
fedoraproject	fedora	glibc	p-cpe:/a:fedoraproject:fedora:glibc
fedoraproject	fedora	23	cpe:/o:fedoraproject:fedora:23

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9761

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8776

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8778

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8779

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1234

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3075

www.nessus.org/u?d5fd1005

bugzilla.redhat.com/show_bug.cgi?id=1288740

bugzilla.redhat.com/show_bug.cgi?id=1293139

bugzilla.redhat.com/show_bug.cgi?id=1300300

bugzilla.redhat.com/show_bug.cgi?id=1300304

bugzilla.redhat.com/show_bug.cgi?id=1300311

bugzilla.redhat.com/show_bug.cgi?id=1300314

bugzilla.redhat.com/show_bug.cgi?id=1307234

bugzilla.redhat.com/show_bug.cgi?id=1313404

bugzilla.redhat.com/show_bug.cgi?id=1315648

bugzilla.redhat.com/show_bug.cgi?id=1316972

bugzilla.redhat.com/show_bug.cgi?id=1321372

bugzilla.redhat.com/show_bug.cgi?id=1321861

bugzilla.redhat.com/show_bug.cgi?id=1321954

bugzilla.redhat.com/show_bug.cgi?id=1332912

bugzilla.redhat.com/show_bug.cgi?id=1332914

bugzilla.redhat.com/show_bug.cgi?id=1332917

bugzilla.redhat.com/show_bug.cgi?id=1333901

bugzilla.redhat.com/show_bug.cgi?id=1333940

bugzilla.redhat.com/show_bug.cgi?id=1333945

JSON

Related for FEDORA_2016-68ABC0BE35.NASL