Lucene search

K
nessusThis script is Copyright (C) 2004-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2002-079.NASL
HistoryJul 31, 2004 - 12:00 a.m.

Mandrake Linux Security Advisory : kdelibs (MDKSA-2002:079)

2004-07-3100:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
13

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.092

Percentile

94.7%

Vulnerabilities were discovered in the KIO subsystem support for various network protocols. The implementation of the rlogin protocol affects all KDE versions from 2.1 up to 3.0.4, while the flawed implementation of the telnet protocol only affects KDE 2.x. They allow a carefully crafted URL in an HTML page, HTML email, or other KIO-enabled application to execute arbitrary commands as the victim with their privilege.

The KDE team provided a patch for KDE3 which has been applied in these packages. No patch was provided for KDE2, however the KDE team recommends disabling both the rlogin and telnet KIO protocols. This can be accomplished by removing, as root, the following files:
/usr/share/services/telnet.protocol and /usr/share/services/rlogin.protocol. If either file also exists in a user’s ~/.kde/share/services directory, they should likewise be removed.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2002:079. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(13977);
  script_version("1.16");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2002-1281", "CVE-2002-1282");
  script_xref(name:"MDKSA", value:"2002:079");

  script_name(english:"Mandrake Linux Security Advisory : kdelibs (MDKSA-2002:079)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandrake Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Vulnerabilities were discovered in the KIO subsystem support for
various network protocols. The implementation of the rlogin protocol
affects all KDE versions from 2.1 up to 3.0.4, while the flawed
implementation of the telnet protocol only affects KDE 2.x. They allow
a carefully crafted URL in an HTML page, HTML email, or other
KIO-enabled application to execute arbitrary commands as the victim
with their privilege.

The KDE team provided a patch for KDE3 which has been applied in these
packages. No patch was provided for KDE2, however the KDE team
recommends disabling both the rlogin and telnet KIO protocols. This
can be accomplished by removing, as root, the following files:
/usr/share/services/telnet.protocol and
/usr/share/services/rlogin.protocol. If either file also exists in a
user's ~/.kde/share/services directory, they should likewise be
removed."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.kde.org/info/security/advisory-20021111-1.txt"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected kdelibs and / or kdelibs-devel packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kdelibs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kdelibs-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2002/11/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"kdelibs-3.0.3-30.1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"kdelibs-devel-3.0.3-30.1mdk", yank:"mdk")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxkdelibsp-cpe:/a:mandriva:linux:kdelibs
mandrivalinuxkdelibs-develp-cpe:/a:mandriva:linux:kdelibs-devel
mandrakesoftmandrake_linux9.0cpe:/o:mandrakesoft:mandrake_linux:9.0

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.092

Percentile

94.7%

Related for MANDRAKE_MDKSA-2002-079.NASL