CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
Percentile
86.7%
Updated boost packages fix security vulnerability :
A security flaw was found in the way ordered_malloc() routine implementation in Boost, the free peer-reviewed portable C++ source libraries, performed ‘next-size’ and ‘max_size’ parameters sanitization, when allocating memory. If an application, using the Boost C++ source libraries for memory allocation, was missing application-level checks for safety of ‘next_size’ and ‘max_size’ values, a remote attacker could provide a specially crafted application-specific file (requiring runtime memory allocation it to be processed correctly) that, when opened would lead to that application crash, or, potentially arbitrary code execution with the privileges of the user running the application (CVE-2012-2677).
Boost.Locale library in Boost 1.48 to 1.52 including has a security flaw (CVE-2013-0252): boost::locale::utf::utf_traits accepted some invalid UTF-8 sequences. Applications that used these functions for UTF-8 input validation could expose themselves to security threats as invalid UTF-8 sequece would be considered as valid.
The package has been patched to fix above security flaw.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandriva Linux Security Advisory MDVSA-2013:065.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(66079);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2012-2677", "CVE-2013-0252");
script_bugtraq_id(54233, 57675);
script_xref(name:"MDVSA", value:"2013:065");
script_xref(name:"MGASA", value:"2012-0151");
script_xref(name:"MGASA", value:"2013-0061");
script_name(english:"Mandriva Linux Security Advisory : boost (MDVSA-2013:065)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandriva Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Updated boost packages fix security vulnerability :
A security flaw was found in the way ordered_malloc() routine
implementation in Boost, the free peer-reviewed portable C++ source
libraries, performed 'next-size' and 'max_size' parameters
sanitization, when allocating memory. If an application, using the
Boost C++ source libraries for memory allocation, was missing
application-level checks for safety of 'next_size' and 'max_size'
values, a remote attacker could provide a specially crafted
application-specific file (requiring runtime memory allocation it to
be processed correctly) that, when opened would lead to that
application crash, or, potentially arbitrary code execution with the
privileges of the user running the application (CVE-2012-2677).
Boost.Locale library in Boost 1.48 to 1.52 including has a security
flaw (CVE-2013-0252): boost::locale::utf::utf_traits accepted some
invalid UTF-8 sequences. Applications that used these functions for
UTF-8 input validation could expose themselves to security threats as
invalid UTF-8 sequece would be considered as valid.
The package has been patched to fix above security flaw."
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:boost-devel-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:boost-examples");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost-static-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_chrono1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_date_time1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_filesystem1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_graph1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_iostreams1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_locale1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_math1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_prg_exec_monitor1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_program_options1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_python1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_random1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_regex1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_serialization1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_signals1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_system1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_thread1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_timer1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_unit_test_framework1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_wave1.48.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_wserialization1.48.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");
script_set_attribute(attribute:"patch_publication_date", value:"2013/04/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/04/20");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK-MBS1", reference:"boost-devel-doc-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", reference:"boost-examples-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost-devel-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost-static-devel-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_chrono1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_date_time1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_filesystem1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_graph1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_iostreams1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_locale1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_math1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_prg_exec_monitor1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_program_options1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_python1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_random1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_regex1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_serialization1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_signals1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_system1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_thread1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_timer1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_unit_test_framework1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_wave1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_wserialization1.48.0-1.48.0-10.2.mbs1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");