| Reporter | Title | Published | Views | Family All 56 |
|---|---|---|---|---|
| Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information | 28 Apr 201500:00 | – | bdu_fstec | |
| CVE-2010-2800 | 6 Aug 201019:31 | – | cve | |
| CVE-2010-2801 | 6 Aug 201019:31 | – | cve | |
| CVE-2010-2800 | 6 Aug 201019:31 | – | cvelist | |
| CVE-2010-2801 | 6 Aug 201019:31 | – | cvelist | |
| [SECURITY] [DSA 2087-1] New cabextract packages fix arbitrary code execution | 4 Aug 201004:00 | – | debian | |
| CVE-2010-2800 | 6 Aug 201019:31 | – | debiancve | |
| CVE-2010-2801 | 6 Aug 201019:31 | – | debiancve | |
| Debian DSA-2087-1 : cabextract - programming error | 5 Aug 201000:00 | – | nessus | |
| Fedora 14 : cabextract-1.3-1.fc14 / libmspack-0.2-0.1.20100723alpha.fc14 (2010-14135) | 6 Oct 201000:00 | – | nessus |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandriva Linux Security Advisory MDVSA-2010:154.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(48348);
script_version("1.12");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2010-2800", "CVE-2010-2801");
script_bugtraq_id(42173);
script_xref(name:"MDVSA", value:"2010:154");
script_name(english:"Mandriva Linux Security Advisory : cabextract (MDVSA-2010:154)");
script_summary(english:"Checks rpm output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Mandriva Linux host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Multiple vulnerabilities has been found and corrected in cabextract :
The MS-ZIP decompressor in cabextract before 1.3 allows remote
attackers to cause a denial of service (infinite loop) via a malformed
MSZIP archive in a .cab file during a test or extract action, related
to the libmspack library (CVE-2010-2800).
Integer signedness error in the Quantum decompressor in cabextract
before 1.3, when archive test mode is used, allows user-assisted
remote attackers to cause a denial of service (application crash) or
possibly execute arbitrary code via a crafted Quantum archive in a
.cab file, related to the libmspack library (CVE-2010-2801).
Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=4
90
The updated packages provides cabextract 1.3 which is not vulnerable
to these issues."
);
script_set_attribute(
attribute:"solution",
value:"Update the affected cabextract package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cabextract");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.1");
script_set_attribute(attribute:"patch_publication_date", value:"2010/08/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/08/17");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK2008.0", reference:"cabextract-1.3-0.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"cabextract-1.3-0.1mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", reference:"cabextract-1.3-0.1mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", reference:"cabextract-1.3-0.1mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.1", reference:"cabextract-1.3-0.1mdv2010.1", yank:"mdv")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation