Lucene search
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2002-042.NASLHistoryJul 31, 2004 - 12:00 a.m.
Mandrake Linux Security Advisory : LPRng (MDKSA-2002:042)
2004-07-3100:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
7
Matthew Caron pointed out that using the LPRng default configuration, the lpd daemon will accept job submissions from any remote host. These updated LPRng packages modify the job submission policy in /etc/lpd.perms to refuse print jobs from remote hosts by default.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandrake Linux Security Advisory MDKSA-2002:042.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(13946);
script_version("1.18");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2002-0378");
script_xref(name:"MDKSA", value:"2002:042");
script_name(english:"Mandrake Linux Security Advisory : LPRng (MDKSA-2002:042)");
script_summary(english:"Checks rpm output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Mandrake Linux host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Matthew Caron pointed out that using the LPRng default configuration,
the lpd daemon will accept job submissions from any remote host. These
updated LPRng packages modify the job submission policy in
/etc/lpd.perms to refuse print jobs from remote hosts by default."
);
script_set_attribute(attribute:"solution", value:"Update the affected LPRng package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:LPRng");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.2");
script_set_attribute(attribute:"patch_publication_date", value:"2002/07/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"LPRng-3.7.4-7.1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"LPRng-3.8.6-2.1mdk", yank:"mdk")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mandriva | linux | lprng | p-cpe:/a:mandriva:linux:lprng |
| mandrakesoft | mandrake_linux | 8.1 | cpe:/o:mandrakesoft:mandrake_linux:8.1 |
| mandrakesoft | mandrake_linux | 8.2 | cpe:/o:mandrakesoft:mandrake_linux:8.2 |
Related
nessus
nessus
RHEL 2.1 : LPRng (RHSA-2002:120)
2004-07-06 00:00:00
cve
cve
CVE-2002-0378
2002-07-03 04:00:00
Related for MANDRAKE_MDKSA-2002-042.NASL