GLSA-200605-10 : pdnsd: Denial of Service and potential arbitrary code execution

2006-05-13T00:00:00
ID GENTOO_GLSA-200605-10.NASL
Type nessus
Reporter Tenable
Modified 2018-07-11T00:00:00

Description

The remote host is affected by the vulnerability described in GLSA-200605-10 (pdnsd: Denial of Service and potential arbitrary code execution)

The pdnsd team has discovered an unspecified buffer overflow     vulnerability. The PROTOS DNS Test Suite, by the Oulu University Secure     Programming Group (OUSPG), has also revealed a memory leak error within     the handling of the QTYPE and QCLASS DNS queries, leading to     consumption of large amounts of memory.

Impact :

An attacker can craft malicious DNS queries leading to a Denial of     Service, and potentially the execution of arbitrary code.

Workaround :

There is no known workaround at this time.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200605-10.
#
# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include("compat.inc");

if (description)
{
  script_id(21352);
  script_version("1.14");
  script_cvs_date("Date: 2018/07/11 17:09:25");

  script_cve_id("CVE-2006-2076", "CVE-2006-2077");
  script_xref(name:"GLSA", value:"200605-10");

  script_name(english:"GLSA-200605-10 : pdnsd: Denial of Service and potential arbitrary code execution");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200605-10
(pdnsd: Denial of Service and potential arbitrary code execution)

    The pdnsd team has discovered an unspecified buffer overflow
    vulnerability. The PROTOS DNS Test Suite, by the Oulu University Secure
    Programming Group (OUSPG), has also revealed a memory leak error within
    the handling of the QTYPE and QCLASS DNS queries, leading to
    consumption of large amounts of memory.
  
Impact :

    An attacker can craft malicious DNS queries leading to a Denial of
    Service, and potentially the execution of arbitrary code.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200605-10"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All pdnsd users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=net-dns/pdnsd-1.2.4-r1'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:pdnsd");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2006/05/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/05/13");
  script_set_attribute(attribute:"vuln_publication_date", value:"2006/01/10");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"net-dns/pdnsd", unaffected:make_list("ge 1.2.4"), vulnerable:make_list("lt 1.2.4"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "pdnsd");
}