Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 Tenable Network Security, Inc.FEDORA_2016-7F37D42ADD.NASL
HistoryApr 25, 2016 - 12:00 a.m.

Fedora 24 : binutils-2.26-18.fc24 / kernel-4.5.2-301.fc24 (2016-7f37d42add)

2016-04-2500:00:00
This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.
www.tenable.com
27
JSON

The 4.5.2 stable update contains a number of important fixes across the tree. This build should also boot on some of the i686 systems that would not boot before.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2016-7f37d42add.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(90693);
  script_version("2.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2016-3955", "CVE-2016-3961");
  script_xref(name:"FEDORA", value:"2016-7f37d42add");

  script_name(english:"Fedora 24 : binutils-2.26-18.fc24 / kernel-4.5.2-301.fc24 (2016-7f37d42add)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The 4.5.2 stable update contains a number of important fixes across
the tree. This build should also boot on some of the i686 systems that
would not boot before.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1323956"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1328478"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2016-April/183041.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?7db9d5e1"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2016-April/183042.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?e5b31da1"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected binutils and / or kernel packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:binutils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:24");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/04/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/25");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^24([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 24.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC24", reference:"binutils-2.26-18.fc24")) flag++;
if (rpm_check(release:"FC24", reference:"kernel-4.5.2-301.fc24")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "binutils / kernel");
}
VendorProductVersionCPE
fedoraprojectfedorabinutilsp-cpe:/a:fedoraproject:fedora:binutils
fedoraprojectfedorakernelp-cpe:/a:fedoraproject:fedora:kernel
fedoraprojectfedora24cpe:/o:fedoraproject:fedora:24

Related

nessus 28
fedora 4
openvas 29
ubuntucve 2
cve 2
debiancve 2
prion 2
xen 1
ubuntu 20
cloudfoundry 1
amazon 1
debian 3
osv 2
mageia 3
suse 3
nessus
nessus
Fedora 23 : kernel-4.4.8-300.fc23 (2016-8a1f49149e)
2016-04-28 00:00:00
Fedora 22 : kernel-4.4.8-200.fc22 (2016-373c063e79)
2016-05-09 00:00:00
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3127-1)
2016-11-11 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: kernel-4.5.2-301.fc24
2016-04-23 23:49:25
[SECURITY] Fedora 23 Update: kernel-4.4.8-300.fc23
2016-04-27 21:52:00
[SECURITY] Fedora 24 Update: binutils-2.26-18.fc24
2016-04-23 23:49:26
openvas
openvas
Fedora Update for binutils FEDORA-2016-7
2016-04-24 00:00:00
Fedora Update for kernel FEDORA-2016-7-fc24
2016-04-24 00:00:00
Fedora Update for kernel FEDORA-2016-373
2016-05-07 00:00:00
ubuntucve
ubuntucve
CVE-2016-3955
2016-04-20 00:00:00
CVE-2016-3961
2016-04-15 00:00:00
cve
cve
CVE-2016-3955
2016-07-03 21:59:00
CVE-2016-3961
2016-04-15 14:59:00
debiancve
debiancve
CVE-2016-3955
2016-07-03 21:59:00
CVE-2016-3961
2016-04-15 14:59:00
prion
prion
Out-of-bounds
2016-07-03 21:59:00
Design/Logic Flaw
2016-04-15 14:59:00
xen
xen
hugetlbfs use may crash PV Linux guests
2016-04-14 12:00:00
ubuntu
ubuntu
Linux kernel (Trusty HWE) vulnerabilities
2016-11-11 00:00:00
Linux kernel (OMAP4) vulnerabilities
2016-08-10 00:00:00
Linux kernel vulnerabilities
2016-11-11 00:00:00
cloudfoundry
cloudfoundry
USN-3001-1 Linux kernel (Vivid HWE) vulnerabilities | Cloud Foundry
2016-06-15 00:00:00
amazon
amazon
Medium: kernel
2016-05-18 14:00:00
debian
debian
[SECURITY] [DLA 516-1] linux security update
2016-06-17 12:12:11
[SECURITY] [DSA 3607-1] linux security update
2016-06-28 09:56:48
[SECURITY] [DSA 3607-1] linux security update
2016-06-28 09:56:48
osv
osv
linux - security update
2016-06-17 00:00:00
linux - security update
2016-06-28 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2016-06-22 22:08:04
Updated kernel packages fix security vulnerabilities
2016-06-13 18:55:41
Updated kernel-tmb packages fix security vulnerabilities
2016-06-22 22:08:04
suse
suse
Security update for the Linux Kernel (important)
2016-06-21 14:08:17
Security update for the Linux Kernel (important)
2016-09-06 15:08:57
Security update for the Linux Kernel (important)
2016-05-03 19:07:56
JSON
Related for FEDORA_2016-7F37D42ADD.NASL
nessus28fedora4openvas29ubuntucve2cve2debiancve2prion2xen1ubuntu20cloudfoundry1amazon1debian3osv2mageia3suse3