Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 Tenable Network Security, Inc.MANDRIVA_MDVSA-2009-112.NASL
HistoryMay 14, 2009 - 12:00 a.m.

Mandriva Linux Security Advisory : ipsec-tools (MDVSA-2009:112-1)

2009-05-1400:00:00
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
www.tenable.com
13
JSON

racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference (CVE-2009-1574).

Updated packages are available that brings ipsec-tools to version 0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous bugfixes over the previous 0.7.1 version, and also corrects this issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been patched to address this issue.

Additionally the flex package required for building ipsec-tools has been fixed due to ipsec-tools build problems and is also available with this update.

Update :

Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2009:112. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(38767);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2009-1574");
  script_bugtraq_id(34765);
  script_xref(name:"MDVSA", value:"2009:112-1");

  script_name(english:"Mandriva Linux Security Advisory : ipsec-tools (MDVSA-2009:112-1)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote
attackers to cause a denial of service (crash) via crafted fragmented
packets without a payload, which triggers a NULL pointer dereference
(CVE-2009-1574).

Updated packages are available that brings ipsec-tools to version
0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous
bugfixes over the previous 0.7.1 version, and also corrects this
issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been
patched to address this issue.

Additionally the flex package required for building ipsec-tools has
been fixed due to ipsec-tools build problems and is also available
with this update.

Update :

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:flex");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ipsec-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ipsec-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ipsec0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libipsec-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libipsec0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/12/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/14");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2008.0", reference:"flex-2.5.33-2.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"ipsec-tools-0.7.2-0.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64ipsec-devel-0.7.2-0.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64ipsec0-0.7.2-0.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libipsec-devel-0.7.2-0.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libipsec0-0.7.2-0.1mdv2008.0", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxflexp-cpe:/a:mandriva:linux:flex
mandrivalinuxipsec-toolsp-cpe:/a:mandriva:linux:ipsec-tools
mandrivalinuxlib64ipsec-develp-cpe:/a:mandriva:linux:lib64ipsec-devel
mandrivalinuxlib64ipsec0p-cpe:/a:mandriva:linux:lib64ipsec0
mandrivalinuxlibipsec-develp-cpe:/a:mandriva:linux:libipsec-devel
mandrivalinuxlibipsec0p-cpe:/a:mandriva:linux:libipsec0
mandrivalinux2008.0cpe:/o:mandriva:linux:2008.0

Related

openvas 32
securityvulns 2
nessus 24
veracode 1
prion 1
ubuntucve 1
cve 1
debiancve 1
debian 1
gentoo 1
centos 1
osv 1
redhat 1
oraclelinux 1
ubuntu 1
openvas
openvas
IPSec Tools Denial of Service Vulnerability
2009-05-13 00:00:00
Mandriva Security Advisory MDVSA-2009:112-1 (ipsec-tools)
2009-12-10 00:00:00
Fedora Core 10 FEDORA-2009-4298 (ipsec-tools)
2009-05-20 00:00:00
securityvulns
securityvulns
[ MDVSA-2009:112 ] ipsec-tools
2009-05-14 00:00:00
ipsec-tools DoS
2009-05-19 00:00:00
nessus
nessus
Fedora 10 : ipsec-tools-0.7.2-1.fc10 (2009-4298)
2009-05-19 00:00:00
Fedora 9 : ipsec-tools-0.7.2-1.fc9 (2009-4291)
2009-05-19 00:00:00
Fedora 11 : ipsec-tools-0.7.2-1.fc11 (2009-4394)
2009-05-19 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:38:13
prion
prion
Null pointer dereference
2009-05-06 17:30:00
ubuntucve
ubuntucve
CVE-2009-1574
2009-05-06 00:00:00
cve
cve
CVE-2009-1574
2009-05-06 17:30:00
debiancve
debiancve
CVE-2009-1574
2009-05-06 17:30:00
debian
debian
[SECURITY] [DSA 1804-1] New ipsec-tools packages fix denial of service
2009-05-20 14:08:37
gentoo
gentoo
IPSec Tools: Denial of service
2009-05-24 00:00:00
centos
centos
ipsec security update
2009-05-19 15:04:50
osv
osv
ipsec-tools - denial of service
2009-05-20 00:00:00
redhat
redhat
(RHSA-2009:1036) Important: ipsec-tools security update
2009-05-18 00:00:00
oraclelinux
oraclelinux
ipsec-tools security update
2009-05-18 00:00:00
ubuntu
ubuntu
ipsec-tools vulnerabilities
2009-06-09 00:00:00
JSON
Related for MANDRIVA_MDVSA-2009-112.NASL
openvas32securityvulns2nessus24veracode1prion1ubuntucve1cve1debiancve1debian1gentoo1centos1osv1redhat1oraclelinux1ubuntu1