Mandrake Linux Security Advisory : pwlib (MDKSA-2004:017)

2004-07-3100:00:00

www.tenable.com

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.225 Low

EPSS

Percentile

96.5%

JSON

The NISCC uncovered bugs in pwlib prior to version 1.6.0 via a test suite for the H.225 protocol. An attacker could trigger these bugs by sending carefully crafted messages to an application that uses pwlib, and the severity would vary based on the application, but likely would result in a Denial of Service (DoS).

The updated packages provide backported fixes from Craig Southeren of the OpenH323 project to protect against this issue.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2004:017. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(14117);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2004-0097");
  script_xref(name:"MDKSA", value:"2004:017");

  script_name(english:"Mandrake Linux Security Advisory : pwlib (MDKSA-2004:017)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandrake Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The NISCC uncovered bugs in pwlib prior to version 1.6.0 via a test
suite for the H.225 protocol. An attacker could trigger these bugs by
sending carefully crafted messages to an application that uses pwlib,
and the severity would vary based on the application, but likely would
result in a Denial of Service (DoS).

The updated packages provide backported fixes from Craig Southeren of
the OpenH323 project to protect against this issue."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64pwlib1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64pwlib1-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpwlib1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpwlib1-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:pwlib1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:pwlib1-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.2");

  script_set_attribute(attribute:"patch_publication_date", value:"2004/03/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"pwlib1-1.4.7-3.1.91mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"pwlib1-devel-1.4.7-3.1.91mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64pwlib1-1.5.0-15.1.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64pwlib1-devel-1.5.0-15.1.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libpwlib1-1.5.0-15.1.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libpwlib1-devel-1.5.0-15.1.92mdk", yank:"mdk")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

VendorProductVersionCPE
mandrivalinuxlib64pwlib1p-cpe:/a:mandriva:linux:lib64pwlib1
mandrivalinuxlib64pwlib1-develp-cpe:/a:mandriva:linux:lib64pwlib1-devel
mandrivalinuxlibpwlib1p-cpe:/a:mandriva:linux:libpwlib1
mandrivalinuxlibpwlib1-develp-cpe:/a:mandriva:linux:libpwlib1-devel
mandrivalinuxpwlib1p-cpe:/a:mandriva:linux:pwlib1
mandrivalinuxpwlib1-develp-cpe:/a:mandriva:linux:pwlib1-devel
mandrakesoftmandrake_linux9.1cpe:/o:mandrakesoft:mandrake_linux:9.1
mandrakesoftmandrake_linux9.2cpe:/o:mandrakesoft:mandrake_linux:9.2

Vendor	Product	Version	CPE
mandriva	linux	lib64pwlib1	p-cpe:/a:mandriva:linux:lib64pwlib1
mandriva	linux	lib64pwlib1-devel	p-cpe:/a:mandriva:linux:lib64pwlib1-devel
mandriva	linux	libpwlib1	p-cpe:/a:mandriva:linux:libpwlib1
mandriva	linux	libpwlib1-devel	p-cpe:/a:mandriva:linux:libpwlib1-devel
mandriva	linux	pwlib1	p-cpe:/a:mandriva:linux:pwlib1
mandriva	linux	pwlib1-devel	p-cpe:/a:mandriva:linux:pwlib1-devel
mandrakesoft	mandrake_linux	9.1	cpe:/o:mandrakesoft:mandrake_linux:9.1
mandrakesoft	mandrake_linux	9.2	cpe:/o:mandrakesoft:mandrake_linux:9.2