Security fix for CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984, CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, CVE-2017-5486
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2017-7ecbc90157.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(97172);
script_version("3.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2016-7922", "CVE-2016-7923", "CVE-2016-7924", "CVE-2016-7925", "CVE-2016-7926", "CVE-2016-7927", "CVE-2016-7928", "CVE-2016-7929", "CVE-2016-7930", "CVE-2016-7931", "CVE-2016-7932", "CVE-2016-7933", "CVE-2016-7934", "CVE-2016-7935", "CVE-2016-7936", "CVE-2016-7937", "CVE-2016-7938", "CVE-2016-7939", "CVE-2016-7940", "CVE-2016-7973", "CVE-2016-7974", "CVE-2016-7975", "CVE-2016-7983", "CVE-2016-7984", "CVE-2016-7985", "CVE-2016-7986", "CVE-2016-7992", "CVE-2016-7993", "CVE-2016-8574", "CVE-2016-8575", "CVE-2017-5202", "CVE-2017-5203", "CVE-2017-5204", "CVE-2017-5205", "CVE-2017-5341", "CVE-2017-5342", "CVE-2017-5482", "CVE-2017-5483", "CVE-2017-5484", "CVE-2017-5485", "CVE-2017-5486");
script_xref(name:"FEDORA", value:"2017-7ecbc90157");
script_name(english:"Fedora 25 : 14:tcpdump (2017-7ecbc90157)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Security fix for CVE-2016-7922, CVE-2016-7923, CVE-2016-7924,
CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928,
CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932,
CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936,
CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940,
CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983,
CVE-2016-7984, CVE-2016-7985, CVE-2016-7986, CVE-2016-7992,
CVE-2016-7993, CVE-2016-8574, CVE-2016-8575, CVE-2017-5202,
CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, CVE-2017-5341,
CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484,
CVE-2017-5485, CVE-2017-5486
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bodhi.fedoraproject.org/updates/FEDORA-2017-7ecbc90157"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected 14:tcpdump package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:14:tcpdump");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:25");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/01/28");
script_set_attribute(attribute:"patch_publication_date", value:"2017/02/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/02/15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^25([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 25", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC25", reference:"tcpdump-4.9.0-1.fc25", epoch:"14")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "14:tcpdump");
}
Vendor | Product | Version | CPE |
---|---|---|---|
fedoraproject | fedora | 14 | p-cpe:/a:fedoraproject:fedora:14:tcpdump |
fedoraproject | fedora | 25 | cpe:/o:fedoraproject:fedora:25 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7922
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7923
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7924
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7925
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7926
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7927
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7928
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7929
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7930
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7931
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7932
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7933
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7934
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7935
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7936
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7937
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7938
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7939
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7940
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7973
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7974
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7975
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7983
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7984
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7985
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7986
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7992
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7993
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8574
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8575
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5202
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5203
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5204
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5205
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5341
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5342
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5482
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5483
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5484
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5485
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5486
bodhi.fedoraproject.org/updates/FEDORA-2017-7ecbc90157