Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2007-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2006-204.NASL
HistoryFeb 18, 2007 - 12:00 a.m.

Mandrake Linux Security Advisory : openssh (MDKSA-2006:204)

2007-02-1800:00:00
This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.
www.tenable.com
9
JSON

A vulnerability in the privilege separation functionality in OpenSSH was discovered, caused by an incorrect checking for bad signatures in sshd’s privsep monitor. As a result, the monitor and the unprivileged process can get out sync. The OpenSSH team indicated that this bug is not known to be exploitable in the abence of additional vulnerabilities.

Updated packages have been patched to correct this issue, and Mandriva Linux 2007 has received the latest version of OpenSSH.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2006:204. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(24589);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2006-5794");
  script_bugtraq_id(20956);
  script_xref(name:"MDKSA", value:"2006:204");

  script_name(english:"Mandrake Linux Security Advisory : openssh (MDKSA-2006:204)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandrake Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A vulnerability in the privilege separation functionality in OpenSSH
was discovered, caused by an incorrect checking for bad signatures in
sshd's privsep monitor. As a result, the monitor and the unprivileged
process can get out sync. The OpenSSH team indicated that this bug is
not known to be exploitable in the abence of additional
vulnerabilities.

Updated packages have been patched to correct this issue, and Mandriva
Linux 2007 has received the latest version of OpenSSH."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.openssh.com/txt/release-4.5"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openssh");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openssh-askpass");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openssh-askpass-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openssh-askpass-gnome");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openssh-clients");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openssh-server");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007");

  script_set_attribute(attribute:"patch_publication_date", value:"2006/11/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/02/18");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2006.0", reference:"openssh-4.3p1-0.4.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", reference:"openssh-askpass-4.3p1-0.4.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", reference:"openssh-askpass-gnome-4.3p1-0.4.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", reference:"openssh-clients-4.3p1-0.4.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", reference:"openssh-server-4.3p1-0.4.20060mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK2007.0", reference:"openssh-4.5p1-0.1mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"openssh-askpass-4.5p1-0.1mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"openssh-askpass-common-4.5p1-0.1mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"openssh-askpass-gnome-4.5p1-0.1mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"openssh-clients-4.5p1-0.1mdv2007.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2007.0", reference:"openssh-server-4.5p1-0.1mdv2007.0", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxopensshp-cpe:/a:mandriva:linux:openssh
mandrivalinuxopenssh-askpassp-cpe:/a:mandriva:linux:openssh-askpass
mandrivalinuxopenssh-askpass-commonp-cpe:/a:mandriva:linux:openssh-askpass-common
mandrivalinuxopenssh-askpass-gnomep-cpe:/a:mandriva:linux:openssh-askpass-gnome
mandrivalinuxopenssh-clientsp-cpe:/a:mandriva:linux:openssh-clients
mandrivalinuxopenssh-serverp-cpe:/a:mandriva:linux:openssh-server
mandrivalinux2006cpe:/o:mandriva:linux:2006
mandrivalinux2007cpe:/o:mandriva:linux:2007

Related

attackerkb 1
nessus 11
ubuntucve 1
centos 1
openvas 4
f5 2
redhat 1
oraclelinux 2
cve 1
debiancve 1
fedora 1
attackerkb
attackerkb
CVE-2006-5794
2006-11-08 00:00:00
nessus
nessus
Oracle Linux 3 / 4 : openssh (ELSA-2006-0738)
2013-07-12 00:00:00
RHEL 3 / 4 : openssh (RHSA-2006:0738)
2006-11-20 00:00:00
CentOS 3 / 4 : openssh (CESA-2006:0738)
2009-04-23 00:00:00
ubuntucve
ubuntucve
CVE-2006-5794
2006-11-08 00:00:00
centos
centos
openssh security update
2006-11-15 15:30:18
openvas
openvas
SLES9: Security update for OpenSSH
2009-10-10 00:00:00
SLES9: Security update for OpenSSH
2009-10-10 00:00:00
Fedora Update for openssh FEDORA-2007-395
2009-02-27 00:00:00
f5
f5
K14434 : OpenSSH vulnerability CVE-2006-5794
2014-07-25 00:00:00
SOL14434 - OpenSSH vulnerability CVE-2006-5794
2013-05-30 00:00:00
redhat
redhat
(RHSA-2006:0738) Low: openssh security update
2006-11-15 00:00:00
oraclelinux
oraclelinux
Low openssh security update
2006-11-30 00:00:00
Low: openssh security and bug fix update
2007-05-17 00:00:00
cve
cve
CVE-2006-5794
2006-11-08 20:07:00
debiancve
debiancve
CVE-2006-5794
2006-11-08 20:07:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: openssh-4.3p2-4.12.fc5
2007-04-03 21:39:33
JSON
Related for MANDRAKE_MDKSA-2006-204.NASL
attackerkb1nessus11ubuntucve1centos1openvas4f52redhat1oraclelinux2cve1debiancve1fedora1