Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 Tenable Network Security, Inc.MANDRIVA_MDVSA-2009-316.NASL
HistoryDec 07, 2009 - 12:00 a.m.

Mandriva Linux Security Advisory : expat (MDVSA-2009:316-3)

2009-12-0700:00:00
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
www.tenable.com
9
JSON

A vulnerability has been found and corrected in expat :

The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720 (CVE-2009-3560).

Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers

This update provides a solution to these vulnerabilities.

Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.

Update :

The previous (MDVSA-2009:316-2) updates provided packages for 2008.0/2009.0/2009.1/2010.0/mes5 that did not have an increased release number which prevented the packages from hitting the mirrors.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2009:316. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(43019);
  script_version("1.19");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2009-3560");
  script_bugtraq_id(37203);
  script_xref(name:"MDVSA", value:"2009:316-3");

  script_name(english:"Mandriva Linux Security Advisory : expat (MDVSA-2009:316-3)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A vulnerability has been found and corrected in expat :

The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1,
as used in the XML-Twig module for Perl, allows context-dependent
attackers to cause a denial of service (application crash) via an XML
document with malformed UTF-8 sequences that trigger a buffer
over-read, related to the doProlog function in lib/xmlparse.c, a
different vulnerability than CVE-2009-2625 and CVE-2009-3720
(CVE-2009-3560).

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers

This update provides a solution to these vulnerabilities.

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.

Update :

The previous (MDVSA-2009:316-2) updates provided packages for
2008.0/2009.0/2009.1/2010.0/mes5 that did not have an increased
release number which prevented the packages from hitting the mirrors."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=566434"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:expat");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64expat1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64expat1-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libexpat1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libexpat1-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/01/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/07");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2008.0", reference:"expat-2.0.1-4.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64expat1-2.0.1-4.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64expat1-devel-2.0.1-4.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libexpat1-2.0.1-4.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libexpat1-devel-2.0.1-4.3mdv2008.0", yank:"mdv")) flag++;

if (rpm_check(release:"MDK2009.0", reference:"expat-2.0.1-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64expat1-2.0.1-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64expat1-devel-2.0.1-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libexpat1-2.0.1-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libexpat1-devel-2.0.1-7.3mdv2009.0", yank:"mdv")) flag++;

if (rpm_check(release:"MDK2009.1", reference:"expat-2.0.1-8.3mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"lib64expat1-2.0.1-8.3mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"lib64expat1-devel-2.0.1-8.3mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"libexpat1-2.0.1-8.3mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"libexpat1-devel-2.0.1-8.3mdv2009.1", yank:"mdv")) flag++;

if (rpm_check(release:"MDK2010.0", reference:"expat-2.0.1-10.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64expat1-2.0.1-10.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64expat1-devel-2.0.1-10.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libexpat1-2.0.1-10.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libexpat1-devel-2.0.1-10.2mdv2010.0", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxexpatp-cpe:/a:mandriva:linux:expat
mandrivalinuxlib64expat1p-cpe:/a:mandriva:linux:lib64expat1
mandrivalinuxlib64expat1-develp-cpe:/a:mandriva:linux:lib64expat1-devel
mandrivalinuxlibexpat1p-cpe:/a:mandriva:linux:libexpat1
mandrivalinuxlibexpat1-develp-cpe:/a:mandriva:linux:libexpat1-devel
mandrivalinux2008.0cpe:/o:mandriva:linux:2008.0
mandrivalinux2009.0cpe:/o:mandriva:linux:2009.0
mandrivalinux2009.1cpe:/o:mandriva:linux:2009.1
mandrivalinux2010.0cpe:/o:mandriva:linux:2010.0

Related

nessus 67
openvas 84
f5 2
ubuntu 6
prion 2
debiancve 2
cve 2
slackware 2
ubuntucve 3
freebsd 2
redhat 3
fedora 13
oraclelinux 3
centos 2
debian 1
osv 1
gentoo 1
altlinux 2
httpd 1
nessus
nessus
openSUSE Security Update : libpython2_6-1_0 (openSUSE-SU-2010:0247-1)
2010-05-15 00:00:00
openSUSE Security Update : libpython2_6-1_0 (openSUSE-SU-2010:0247-1)
2010-05-15 00:00:00
SuSE 11 Security Update : Python (SAT Patch Number 2175)
2010-12-02 00:00:00
openvas
openvas
Mandriva Update for expat MDVSA-2009:316-2 (expat)
2010-01-15 00:00:00
Ubuntu Update for python2.4 vulnerabilities USN-890-3
2010-01-25 00:00:00
Mandriva Update for expat MDVSA-2009:316-3 (expat)
2010-01-15 00:00:00
f5
f5
SOL15905 - Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2014-12-11 00:00:00
K15905 : Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2015-03-16 00:00:00
ubuntu
ubuntu
Python 2.4 vulnerabilities
2010-01-22 00:00:00
Python 2.5 vulnerabilities
2010-01-21 00:00:00
CMake vulnerabilities
2010-04-15 00:00:00
prion
prion
Buffer overflow
2009-12-04 21:30:00
Buffer overflow
2009-11-03 16:30:00
debiancve
debiancve
CVE-2009-3560
2009-12-04 21:30:00
CVE-2009-3720
2009-11-03 16:30:00
cve
cve
CVE-2009-3560
2009-12-04 21:30:00
CVE-2009-3720
2009-11-03 16:30:00
slackware
slackware
[slackware-security] expat
2011-02-11 01:17:08
[slackware-security] httpd
2011-02-11 01:17:26
ubuntucve
ubuntucve
CVE-2009-3560
2009-12-04 00:00:00
CVE-2009-3720
2009-11-03 00:00:00
CVE-2009-2625
2009-08-06 00:00:00
freebsd
freebsd
libwww -- multiple vulnerabilities
2005-10-12 00:00:00
apr -- multiple vunerabilities
2010-10-02 00:00:00
redhat
redhat
(RHSA-2009:1625) Moderate: expat security update
2009-12-07 00:00:00
(RHSA-2010:0002) Moderate: PyXML security update
2010-01-04 00:00:00
(RHSA-2009:1572) Moderate: 4Suite security update
2009-11-10 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: expat-2.0.1-8.fc10
2009-12-04 23:57:13
[SECURITY] Fedora 12 Update: expat-2.0.1-8.fc12
2009-12-05 00:06:09
[SECURITY] Fedora 11 Update: expat-2.0.1-8.fc11
2009-12-05 00:02:48
oraclelinux
oraclelinux
expat security update
2009-12-07 00:00:00
PyXML security update
2010-01-04 00:00:00
4Suite security update
2009-11-10 00:00:00
centos
centos
expat security update
2009-12-07 23:34:29
PyXML security update
2010-01-04 23:32:13
debian
debian
[SECURITY] [DSA-1977-1] New python packages fix several vulnerabilities
2010-01-25 22:01:20
osv
osv
python - several vulnerabilities
2010-01-25 00:00:00
gentoo
gentoo
Expat: Multiple vulnerabilities
2012-09-24 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package centerim version 4.22.10-alt0.M50P.1
2011-01-13 00:00:00
Security fix for the ALT Linux 5 package centerim version 4.22.10-alt1
2010-11-24 00:00:00
httpd
httpd
Apache Httpd < 2.0.64 : expat DoS
2009-08-21 00:00:00
JSON
Related for MANDRIVA_MDVSA-2009-316.NASL
nessus67openvas84f52ubuntu6prion2debiancve2cve2slackware2ubuntucve3freebsd2redhat3fedora13oraclelinux3centos2debian1osv1gentoo1altlinux2httpd1