Mandrake Linux Security Advisory : dhcp (MDKSA-2003:007)

2004-07-3100:00:00

www.tenable.com

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.135 Low

EPSS

Percentile

95.6%

JSON

Several potential vulnerabilities were detected by the ISC (Internet Software Consortium) in their dhcp server software. The vulnerabilities affect the minires library and may be exploitable as stack buffer overflows, which could lead to remote code execution. All Mandrake Linux users are encouraged to upgrade; only Mandrake Linux 8.0 came with dhcp 2.x and is not vulnerable.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2003:007. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(13992);
  script_version("1.20");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2003-0026");
  script_xref(name:"CERT-CC", value:"CA-2003-01");
  script_xref(name:"MDKSA", value:"2003:007");

  script_name(english:"Mandrake Linux Security Advisory : dhcp (MDKSA-2003:007)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandrake Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several potential vulnerabilities were detected by the ISC (Internet
Software Consortium) in their dhcp server software. The
vulnerabilities affect the minires library and may be exploitable as
stack buffer overflows, which could lead to remote code execution. All
Mandrake Linux users are encouraged to upgrade; only Mandrake Linux
8.0 came with dhcp 2.x and is not vulnerable."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:dhcp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:dhcp-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:dhcp-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:dhcp-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:dhcp-relay");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:dhcp-server");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:7.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2003/01/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"dhcp-3.0b2pl9-4.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"dhcp-client-3.0b2pl9-4.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"dhcp-relay-3.0b2pl9-4.2mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"dhcp-client-3.0-0.rc12.2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"dhcp-common-3.0-0.rc12.2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"dhcp-devel-3.0-0.rc12.2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"dhcp-relay-3.0-0.rc12.2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"dhcp-server-3.0-0.rc12.2.2mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"dhcp-client-3.0-1rc8.2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"dhcp-common-3.0-1rc8.2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"dhcp-devel-3.0-1rc8.2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"dhcp-relay-3.0-1rc8.2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"dhcp-server-3.0-1rc8.2.2mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"dhcp-client-3.0-1rc9.3mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"dhcp-common-3.0-1rc9.3mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"dhcp-devel-3.0-1rc9.3mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"dhcp-relay-3.0-1rc9.3mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"dhcp-server-3.0-1rc9.3mdk", yank:"mdk")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

VendorProductVersionCPE
mandrivalinuxdhcpp-cpe:/a:mandriva:linux:dhcp
mandrivalinuxdhcp-clientp-cpe:/a:mandriva:linux:dhcp-client
mandrivalinuxdhcp-commonp-cpe:/a:mandriva:linux:dhcp-common
mandrivalinuxdhcp-develp-cpe:/a:mandriva:linux:dhcp-devel
mandrivalinuxdhcp-relayp-cpe:/a:mandriva:linux:dhcp-relay
mandrivalinuxdhcp-serverp-cpe:/a:mandriva:linux:dhcp-server
mandrakesoftmandrake_linux7.2cpe:/o:mandrakesoft:mandrake_linux:7.2
mandrakesoftmandrake_linux8.1cpe:/o:mandrakesoft:mandrake_linux:8.1
mandrakesoftmandrake_linux8.2cpe:/o:mandrakesoft:mandrake_linux:8.2
mandrakesoftmandrake_linux9.0cpe:/o:mandrakesoft:mandrake_linux:9.0

Vendor	Product	Version	CPE
mandriva	linux	dhcp	p-cpe:/a:mandriva:linux:dhcp
mandriva	linux	dhcp-client	p-cpe:/a:mandriva:linux:dhcp-client
mandriva	linux	dhcp-common	p-cpe:/a:mandriva:linux:dhcp-common
mandriva	linux	dhcp-devel	p-cpe:/a:mandriva:linux:dhcp-devel
mandriva	linux	dhcp-relay	p-cpe:/a:mandriva:linux:dhcp-relay
mandriva	linux	dhcp-server	p-cpe:/a:mandriva:linux:dhcp-server
mandrakesoft	mandrake_linux	7.2	cpe:/o:mandrakesoft:mandrake_linux:7.2
mandrakesoft	mandrake_linux	8.1	cpe:/o:mandrakesoft:mandrake_linux:8.1
mandrakesoft	mandrake_linux	8.2	cpe:/o:mandrakesoft:mandrake_linux:8.2
mandrakesoft	mandrake_linux	9.0	cpe:/o:mandrakesoft:mandrake_linux:9.0