Mandrake Linux Security Advisory : xfsdump (MDKSA-2003:047)

2004-07-31T00:00:00
ID MANDRAKE_MDKSA-2003-047.NASL
Type nessus
Reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
Modified 2020-09-02T00:00:00

Description

A vulnerability was discovered in xfsdump by Ethan Benson related to filesystem quotas on the XFS filesystem. When xfsdump runs xfsdq to save the quota information into a file at the root of the filesystem being dumped, the file is created in an unsafe manner.

A new option to xfsdq was added when fixing this vulnerability: '-f path'. This specifies an output file to use instead of the default output stream. If the file exists already, xfsdq will abort and if the file doesn't already exist, it will be created with more appropriate access permissions.

                                        
                                            #%NASL_MIN_LEVEL 80502

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2003:047. 
# The text itself is copyright (C) Mandriva S.A.
#

include("compat.inc");

if (description)
{
  script_id(14031);
  script_version ("1.17");
  script_cvs_date("Date: 2019/08/02 13:32:46");

  script_cve_id("CVE-2003-0173");
  script_xref(name:"MDKSA", value:"2003:047");

  script_name(english:"Mandrake Linux Security Advisory : xfsdump (MDKSA-2003:047)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandrake Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A vulnerability was discovered in xfsdump by Ethan Benson related to
filesystem quotas on the XFS filesystem. When xfsdump runs xfsdq to
save the quota information into a file at the root of the filesystem
being dumped, the file is created in an unsafe manner.

A new option to xfsdq was added when fixing this vulnerability: '-f
path'. This specifies an output file to use instead of the default
output stream. If the file exists already, xfsdq will abort and if the
file doesn't already exist, it will be created with more appropriate
access permissions."
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected libdm0, libdm0-devel and / or xfsdump packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libdm0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libdm0-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:xfsdump");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2003/04/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"xfsdump-2.0.0-2.1mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"xfsdump-2.0.3-1.1mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"libdm0-2.0.5-1.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"libdm0-devel-2.0.5-1.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"xfsdump-2.0.3-1.1mdk", yank:"mdk")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");