Lucene search

K
nessus
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.GENTOO_GLSA-200901-01.NASL
HistoryJan 12, 2009 - 12:00 a.m.

GLSA-200901-01 : NDISwrapper: Arbitrary remote code execution

2009-01-1200:00:00
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
www.tenable.com
8

The remote host is affected by the vulnerability described in GLSA-200901-01 (NDISwrapper: Arbitrary remote code execution)

Anders Kaseorg reported multiple buffer overflows related to long     ESSIDs.

Impact :

A physically proximate attacker could send packets over a wireless     network that might lead to the execution of arbitrary code with root     privileges.

Workaround :

There is no known workaround at this time.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200901-01.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(35345);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2008-4395");
  script_xref(name:"GLSA", value:"200901-01");

  script_name(english:"GLSA-200901-01 : NDISwrapper: Arbitrary remote code execution");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200901-01
(NDISwrapper: Arbitrary remote code execution)

    Anders Kaseorg reported multiple buffer overflows related to long
    ESSIDs.
  
Impact :

    A physically proximate attacker could send packets over a wireless
    network that might lead to the execution of arbitrary code with root
    privileges.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200901-01"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All NDISwrapper users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=net-wireless/ndiswrapper-1.53-r1'"
  );
  script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ndiswrapper");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/01/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/01/12");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"net-wireless/ndiswrapper", unaffected:make_list("ge 1.53-r1"), vulnerable:make_list("lt 1.53-r1"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "NDISwrapper");
}
How to find holes in your network?

Try incredible fast Vulners Perimeter Scanner and find vulnerabilities and unnecessary ip and ports in network devices inside your network before anyone else.

Try Network Scanner
Related for GENTOO_GLSA-200901-01.NASL