Mandriva Linux Security Advisory : libgdata (MDVSA-2012:111)

2012-09-0600:00:00

www.tenable.com

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.5%

JSON

A vulnerability has been discovered and corrected in libgdata :

It was found that previously libgdata, a GLib-based library for accessing online service APIs using the GData protocol, did not perform SSL certificates validation even for secured connections. An application, linked against the libgdata library and holding the trust about the other side of the connection being the valid owner of the certificate, could be tricked into accepting of a spoofed SSL certificate by mistake (MITM attack) (CVE-2012-1177).

The updated packages have been patched to correct this issue.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2012:111. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(61964);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2012-1177");
  script_bugtraq_id(52504, 54750);
  script_xref(name:"MDVSA", value:"2012:111");

  script_name(english:"Mandriva Linux Security Advisory : libgdata (MDVSA-2012:111)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A vulnerability has been discovered and corrected in libgdata :

It was found that previously libgdata, a GLib-based library for
accessing online service APIs using the GData protocol, did not
perform SSL certificates validation even for secured connections. An
application, linked against the libgdata library and holding the trust
about the other side of the connection being the valid owner of the
certificate, could be tricked into accepting of a spoofed SSL
certificate by mistake (MITM attack) (CVE-2012-1177).

The updated packages have been patched to correct this issue."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gdata-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gdata7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgdata-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgdata-i18n");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgdata7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2011");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/07/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/06");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64gdata-devel-0.6.6-3.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64gdata7-0.6.6-3.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libgdata-devel-0.6.6-3.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", reference:"libgdata-i18n-0.6.6-3.1-mdv2011.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libgdata7-0.6.6-3.1-mdv2011.0", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

VendorProductVersionCPE
mandrivalinuxlibgdata-i18np-cpe:/a:mandriva:linux:libgdata-i18n
mandrivalinuxlib64gdata-develp-cpe:/a:mandriva:linux:lib64gdata-devel
mandrivalinuxlib64gdata7p-cpe:/a:mandriva:linux:lib64gdata7
mandrivalinux2011cpe:/o:mandriva:linux:2011
mandrivalinuxlibgdata-develp-cpe:/a:mandriva:linux:libgdata-devel
mandrivalinuxlibgdata7p-cpe:/a:mandriva:linux:libgdata7

Vendor	Product	Version	CPE
mandriva	linux	libgdata-i18n	p-cpe:/a:mandriva:linux:libgdata-i18n
mandriva	linux	lib64gdata-devel	p-cpe:/a:mandriva:linux:lib64gdata-devel
mandriva	linux	lib64gdata7	p-cpe:/a:mandriva:linux:lib64gdata7
mandriva	linux	2011	cpe:/o:mandriva:linux:2011
mandriva	linux	libgdata-devel	p-cpe:/a:mandriva:linux:libgdata-devel
mandriva	linux	libgdata7	p-cpe:/a:mandriva:linux:libgdata7