Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.MANDRAKE_MDKSA-2006-077.NASL
HistoryApr 26, 2006 - 12:00 a.m.

Mandrake Linux Security Advisory : ethereal (MDKSA-2006:077)

2006-04-2600:00:00
This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
JSON

A number of vulnerabilities have been discovered in the Ethereal network analyzer. These issues have been corrected in Ethereal version 0.99.0 which is provided with this update.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2006:077. 
# The text itself is copyright (C) Mandriva S.A.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(21283);
  script_version("1.19");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2006-1932", "CVE-2006-1933", "CVE-2006-1934", "CVE-2006-1935", "CVE-2006-1936", "CVE-2006-1937", "CVE-2006-1938", "CVE-2006-1939", "CVE-2006-1940");
  script_bugtraq_id(17682);
  script_xref(name:"MDKSA", value:"2006:077");

  script_name(english:"Mandrake Linux Security Advisory : ethereal (MDKSA-2006:077)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandrake Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A number of vulnerabilities have been discovered in the Ethereal
network analyzer. These issues have been corrected in Ethereal version
0.99.0 which is provided with this update."
  );
  # http://www.ethereal.com/appnotes/enpa-sa-00023.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://ethereal.archive.sunet.se/appnotes/enpa-sa-00023.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ethereal");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ethereal-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ethereal0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libethereal0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tethereal");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006");

  script_set_attribute(attribute:"patch_publication_date", value:"2006/04/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/04/26");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2006.0", reference:"ethereal-0.99.0-0.2.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", reference:"ethereal-tools-0.99.0-0.2.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", cpu:"x86_64", reference:"lib64ethereal0-0.99.0-0.2.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", cpu:"i386", reference:"libethereal0-0.99.0-0.2.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", reference:"tethereal-0.99.0-0.2.20060mdk", yank:"mdk")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxetherealp-cpe:/a:mandriva:linux:ethereal
mandrivalinuxethereal-toolsp-cpe:/a:mandriva:linux:ethereal-tools
mandrivalinuxlib64ethereal0p-cpe:/a:mandriva:linux:lib64ethereal0
mandrivalinuxlibethereal0p-cpe:/a:mandriva:linux:libethereal0
mandrivalinuxtetherealp-cpe:/a:mandriva:linux:tethereal
mandrivalinux2006cpe:/o:mandriva:linux:2006

Related

redhat 1
nessus 7
freebsd 1
centos 2
debian 2
osv 1
openvas 6
securityvulns 1
gentoo 1
prion 9
ubuntucve 9
cve 9
redhat
redhat
(RHSA-2006:0420) ethereal security update
2006-05-03 00:00:00
nessus
nessus
FreeBSD : ethereal -- Multiple Protocol Dissector Vulnerabilities (21c223f2-d596-11da-8098-00123ffe8333)
2006-05-13 00:00:00
Fedora Core 5 : ethereal-0.99.0-fc5.1 (2006-456)
2006-04-26 00:00:00
Debian DSA-1049-1 : ethereal - several vulnerabilities
2006-10-14 00:00:00
freebsd
freebsd
ethereal -- Multiple Protocol Dissector Vulnerabilities
2006-04-25 00:00:00
centos
centos
ethereal security update
2006-05-04 01:36:23
ethereal security update
2006-05-03 17:41:25
debian
debian
[SECURITY] [DSA 1049-1] New Ethereal packages fix several vulnerabilities
2006-05-02 08:03:29
[SECURITY] [DSA 1049-1] New Ethereal packages fix several vulnerabilities
2006-05-02 08:03:29
osv
osv
ethereal - several vulnerabilities
2006-05-02 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1049-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200604-17 (Ethereal)
2008-09-24 00:00:00
Debian Security Advisory DSA 1049-1 (ethereal)
2008-01-17 00:00:00
securityvulns
securityvulns
Ethereal 0.99.0 Release Notes
2006-04-25 00:00:00
gentoo
gentoo
Ethereal: Multiple vulnerabilities in protocol dissectors
2006-04-27 00:00:00
prion
prion
Design/Logic Flaw
2006-04-25 12:50:00
Buffer overflow
2006-04-25 12:50:00
Design/Logic Flaw
2006-04-25 12:50:00
ubuntucve
ubuntucve
CVE-2006-1933
2006-04-25 00:00:00
CVE-2006-1932
2006-04-25 00:00:00
CVE-2006-1940
2006-04-25 00:00:00
cve
cve
CVE-2006-1933
2006-04-25 12:50:00
CVE-2006-1936
2006-04-25 12:50:00
CVE-2006-1932
2006-04-25 12:50:00
JSON
Related for MANDRAKE_MDKSA-2006-077.NASL
redhat1nessus7freebsd1centos2debian2osv1openvas6securityvulns1gentoo1prion9ubuntucve9cve9