Mandrake Linux Security Advisory : gkrellm (MDKSA-2003:087)

2004-07-31T00:00:00
ID MANDRAKE_MDKSA-2003-087.NASL
Type nessus
Reporter Tenable
Modified 2018-07-19T00:00:00

Description

A buffer overflow was discovered in gkrellmd, the server component of the gkrellm monitor package, in versions of gkrellm 2.1.x prior to 2.1.14. This buffer overflow occurs while reading data from connected gkrellm clients and can lead to possible arbitrary code execution as the user running the gkrellmd server.

Updated packages are available for Mandrake Linux 9.1 which correct the problem.

                                        
                                            #%NASL_MIN_LEVEL 70103

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2003:087. 
# The text itself is copyright (C) Mandriva S.A.
#

include("compat.inc");

if (description)
{
  script_id(14069);
  script_version ("1.17");
  script_cvs_date("Date: 2018/07/19 20:59:13");

  script_cve_id("CVE-2003-0723");
  script_xref(name:"MDKSA", value:"2003:087");

  script_name(english:"Mandrake Linux Security Advisory : gkrellm (MDKSA-2003:087)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandrake Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A buffer overflow was discovered in gkrellmd, the server component of
the gkrellm monitor package, in versions of gkrellm 2.1.x prior to
2.1.14. This buffer overflow occurs while reading data from connected
gkrellm clients and can lead to possible arbitrary code execution as
the user running the gkrellmd server.

Updated packages are available for Mandrake Linux 9.1 which correct
the problem."
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Update the affected gkrellm, gkrellm-devel and / or gkrellm-server
packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gkrellm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gkrellm-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gkrellm-server");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2003/08/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"gkrellm-2.1.7a-2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"gkrellm-devel-2.1.7a-2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"gkrellm-server-2.1.7a-2.2mdk", yank:"mdk")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");