2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
10.2%
Javier Fernandez-Sanguino Pena discovered that the pwmconfig script in the lm_sensors package created temporary files in an insecure manner.
This could allow a symlink attack to create or overwrite arbitrary files with full root privileges because pwmconfig is typically executed by root.
The updated packages have been patched to correct this problem by using mktemp to create the temporary files.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandrake Linux Security Advisory MDKSA-2005:149.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(19905);
script_version("1.18");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2005-2672");
script_xref(name:"MDKSA", value:"2005:149");
script_name(english:"Mandrake Linux Security Advisory : lm_sensors (MDKSA-2005:149)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandrake Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Javier Fernandez-Sanguino Pena discovered that the pwmconfig script in
the lm_sensors package created temporary files in an insecure manner.
This could allow a symlink attack to create or overwrite arbitrary
files with full root privileges because pwmconfig is typically
executed by root.
The updated packages have been patched to correct this problem by
using mktemp to create the temporary files."
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64lm_sensors3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64lm_sensors3-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64lm_sensors3-static-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:liblm_sensors3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:liblm_sensors3-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:liblm_sensors3-static-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lm_sensors");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.1");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:mandrakesoft:mandrake_linux:le2005");
script_set_attribute(attribute:"patch_publication_date", value:"2005/08/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2005/10/05");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64lm_sensors3-2.8.4-2.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64lm_sensors3-devel-2.8.4-2.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64lm_sensors3-static-devel-2.8.4-2.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"liblm_sensors3-2.8.4-2.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"liblm_sensors3-devel-2.8.4-2.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"liblm_sensors3-static-devel-2.8.4-2.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"lm_sensors-2.8.4-2.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64lm_sensors3-2.8.7-7.1.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64lm_sensors3-devel-2.8.7-7.1.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64lm_sensors3-static-devel-2.8.7-7.1.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"liblm_sensors3-2.8.7-7.1.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"liblm_sensors3-devel-2.8.7-7.1.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"liblm_sensors3-static-devel-2.8.7-7.1.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"lm_sensors-2.8.7-7.1.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", cpu:"x86_64", reference:"lib64lm_sensors3-2.9.0-4.1.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", cpu:"x86_64", reference:"lib64lm_sensors3-devel-2.9.0-4.1.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", cpu:"x86_64", reference:"lib64lm_sensors3-static-devel-2.9.0-4.1.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", cpu:"i386", reference:"liblm_sensors3-2.9.0-4.1.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", cpu:"i386", reference:"liblm_sensors3-devel-2.9.0-4.1.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", cpu:"i386", reference:"liblm_sensors3-static-devel-2.9.0-4.1.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"lm_sensors-2.9.0-4.1.102mdk", yank:"mdk")) flag++;
if (flag)
{
if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
else security_note(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
mandriva | linux | lib64lm_sensors3 | p-cpe:/a:mandriva:linux:lib64lm_sensors3 |
mandriva | linux | lib64lm_sensors3-devel | p-cpe:/a:mandriva:linux:lib64lm_sensors3-devel |
mandriva | linux | lib64lm_sensors3-static-devel | p-cpe:/a:mandriva:linux:lib64lm_sensors3-static-devel |
mandriva | linux | liblm_sensors3 | p-cpe:/a:mandriva:linux:liblm_sensors3 |
mandriva | linux | liblm_sensors3-devel | p-cpe:/a:mandriva:linux:liblm_sensors3-devel |
mandriva | linux | liblm_sensors3-static-devel | p-cpe:/a:mandriva:linux:liblm_sensors3-static-devel |
mandriva | linux | lm_sensors | p-cpe:/a:mandriva:linux:lm_sensors |
mandrakesoft | mandrake_linux | 10.0 | cpe:/o:mandrakesoft:mandrake_linux:10.0 |
mandrakesoft | mandrake_linux | 10.1 | cpe:/o:mandrakesoft:mandrake_linux:10.1 |
mandrakesoft | mandrake_linux | le2005 | x-cpe:/o:mandrakesoft:mandrake_linux:le2005 |