2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.1%
A vulnerability has been discovered and corrected in rsyslog :
An integer signedness error, leading to heap based buffer overflow was found in the way the imfile module of rsyslog, an enhanced system logging and kernel message trapping daemon, processed text files larger than 64 KB. When the imfile rsyslog module was enabled, a local attacker could use this flaw to cause denial of service (rsyslogd daemon hang) via specially crafted message, to be logged (CVE-2011-4623).
The updated packages have been patched to correct this issue.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandriva Linux Security Advisory MDVSA-2012:100.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(59710);
script_version("1.11");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2011-4623");
script_bugtraq_id(51171);
script_xref(name:"MDVSA", value:"2012:100");
script_name(english:"Mandriva Linux Security Advisory : rsyslog (MDVSA-2012:100)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandriva Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"A vulnerability has been discovered and corrected in rsyslog :
An integer signedness error, leading to heap based buffer overflow was
found in the way the imfile module of rsyslog, an enhanced system
logging and kernel message trapping daemon, processed text files
larger than 64 KB. When the imfile rsyslog module was enabled, a local
attacker could use this flaw to cause denial of service (rsyslogd
daemon hang) via specially crafted message, to be logged
(CVE-2011-4623).
The updated packages have been patched to correct this issue."
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rsyslog");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rsyslog-dbi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rsyslog-docs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rsyslog-gssapi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rsyslog-mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rsyslog-pgsql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rsyslog-relp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rsyslog-snmp");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.1");
script_set_attribute(attribute:"patch_publication_date", value:"2012/06/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/06/26");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK2010.1", reference:"rsyslog-4.6.2-3.2mdv2010.2", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.1", reference:"rsyslog-dbi-4.6.2-3.2mdv2010.2", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.1", reference:"rsyslog-docs-4.6.2-3.2mdv2010.2", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.1", reference:"rsyslog-gssapi-4.6.2-3.2mdv2010.2", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.1", reference:"rsyslog-mysql-4.6.2-3.2mdv2010.2", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.1", reference:"rsyslog-pgsql-4.6.2-3.2mdv2010.2", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.1", reference:"rsyslog-relp-4.6.2-3.2mdv2010.2", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.1", reference:"rsyslog-snmp-4.6.2-3.2mdv2010.2", yank:"mdv")) flag++;
if (flag)
{
if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
else security_note(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
mandriva | linux | rsyslog | p-cpe:/a:mandriva:linux:rsyslog |
mandriva | linux | rsyslog-dbi | p-cpe:/a:mandriva:linux:rsyslog-dbi |
mandriva | linux | rsyslog-docs | p-cpe:/a:mandriva:linux:rsyslog-docs |
mandriva | linux | rsyslog-gssapi | p-cpe:/a:mandriva:linux:rsyslog-gssapi |
mandriva | linux | rsyslog-mysql | p-cpe:/a:mandriva:linux:rsyslog-mysql |
mandriva | linux | rsyslog-pgsql | p-cpe:/a:mandriva:linux:rsyslog-pgsql |
mandriva | linux | rsyslog-relp | p-cpe:/a:mandriva:linux:rsyslog-relp |
mandriva | linux | rsyslog-snmp | p-cpe:/a:mandriva:linux:rsyslog-snmp |
mandriva | linux | 2010.1 | cpe:/o:mandriva:linux:2010.1 |