Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 Tenable Network Security, Inc.MANDRIVA_MDVSA-2013-065.NASL
HistoryApr 20, 2013 - 12:00 a.m.

Mandriva Linux Security Advisory : boost (MDVSA-2013:065)

2013-04-2000:00:00
This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.
www.tenable.com
8

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.014

Percentile

86.7%

JSON

Updated boost packages fix security vulnerability :

A security flaw was found in the way ordered_malloc() routine implementation in Boost, the free peer-reviewed portable C++ source libraries, performed ‘next-size’ and ‘max_size’ parameters sanitization, when allocating memory. If an application, using the Boost C++ source libraries for memory allocation, was missing application-level checks for safety of ‘next_size’ and ‘max_size’ values, a remote attacker could provide a specially crafted application-specific file (requiring runtime memory allocation it to be processed correctly) that, when opened would lead to that application crash, or, potentially arbitrary code execution with the privileges of the user running the application (CVE-2012-2677).

Boost.Locale library in Boost 1.48 to 1.52 including has a security flaw (CVE-2013-0252): boost::locale::utf::utf_traits accepted some invalid UTF-8 sequences. Applications that used these functions for UTF-8 input validation could expose themselves to security threats as invalid UTF-8 sequece would be considered as valid.

The package has been patched to fix above security flaw.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2013:065. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(66079);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2012-2677", "CVE-2013-0252");
  script_bugtraq_id(54233, 57675);
  script_xref(name:"MDVSA", value:"2013:065");
  script_xref(name:"MGASA", value:"2012-0151");
  script_xref(name:"MGASA", value:"2013-0061");

  script_name(english:"Mandriva Linux Security Advisory : boost (MDVSA-2013:065)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated boost packages fix security vulnerability :

A security flaw was found in the way ordered_malloc() routine
implementation in Boost, the free peer-reviewed portable C++ source
libraries, performed 'next-size' and 'max_size' parameters
sanitization, when allocating memory. If an application, using the
Boost C++ source libraries for memory allocation, was missing
application-level checks for safety of 'next_size' and 'max_size'
values, a remote attacker could provide a specially crafted
application-specific file (requiring runtime memory allocation it to
be processed correctly) that, when opened would lead to that
application crash, or, potentially arbitrary code execution with the
privileges of the user running the application (CVE-2012-2677).

Boost.Locale library in Boost 1.48 to 1.52 including has a security
flaw (CVE-2013-0252): boost::locale::utf::utf_traits accepted some
invalid UTF-8 sequences. Applications that used these functions for
UTF-8 input validation could expose themselves to security threats as
invalid UTF-8 sequece would be considered as valid.

The package has been patched to fix above security flaw."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:boost-devel-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:boost-examples");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost-static-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_chrono1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_date_time1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_filesystem1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_graph1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_iostreams1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_locale1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_math1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_prg_exec_monitor1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_program_options1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_python1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_random1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_regex1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_serialization1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_signals1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_system1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_thread1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_timer1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_unit_test_framework1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_wave1.48.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64boost_wserialization1.48.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/04/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/04/20");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK-MBS1", reference:"boost-devel-doc-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", reference:"boost-examples-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost-devel-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost-static-devel-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_chrono1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_date_time1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_filesystem1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_graph1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_iostreams1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_locale1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_math1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_prg_exec_monitor1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_program_options1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_python1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_random1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_regex1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_serialization1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_signals1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_system1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_thread1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_timer1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_unit_test_framework1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_wave1.48.0-1.48.0-10.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64boost_wserialization1.48.0-1.48.0-10.2.mbs1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

Related

nessus 14
openvas 18
nvd 2
f5 2
prion 2
cvelist 2
cve 2
fedora 2
ubuntu 1
ibm 8
gentoo 1
oraclelinux 1
securityvulns 2
redhat 1
ubuntucve 2
centos 1
veracode 2
nessus
nessus
SuSE 10 Security Update : boost (ZYPP Patch Number 8210)
2012-07-17 00:00:00
F5 Networks BIG-IP : Boost memory allocator vulnerability (K16946)
2015-09-16 00:00:00
Fedora 18 : boost-1.50.0-5.fc18 (2013-2448)
2013-02-24 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2013-0668)
2015-10-06 00:00:00
CentOS Update for boost CESA-2013:0668 centos5
2013-03-22 00:00:00
Fedora Update for boost FEDORA-2013-2420
2013-03-01 00:00:00
nvd
nvd
CVE-2012-2677
2012-07-25 19:55:03
CVE-2013-0252
2013-03-12 22:55:01
f5
f5
SOL16946 - Boost memory allocator vulnerability CVE-2012-2677
2015-07-10 00:00:00
K16946 : Boost memory allocator vulnerability CVE-2012-2677
2015-09-15 00:00:00
prion
prion
Input validation
2013-03-12 22:55:00
Integer overflow
2012-07-25 19:55:00
cvelist
cvelist
CVE-2012-2677
2012-07-25 19:00:00
CVE-2013-0252
2013-03-12 21:00:00
cve
cve
CVE-2012-2677
2012-07-25 19:55:03
CVE-2013-0252
2013-03-12 22:55:01
fedora
fedora
[SECURITY] Fedora 17 Update: boost-1.48.0-14.fc17
2013-02-23 00:53:33
[SECURITY] Fedora 18 Update: boost-1.50.0-5.fc18
2013-02-23 00:58:29
ubuntu
ubuntu
Boost vulnerability
2013-02-18 00:00:00
ibm
ibm
Security Bulletin: IBM® Db2® is affected by a vulnerability in an open source library boost (CVE-2012-2677)
2024-04-10 17:27:09
Security Bulletin: Multiple security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager (April 2024)
2024-05-17 12:03:54
Security Bulletin: Multiple vulnerabilities in IBM Db2 may affect IBM Storage Protect Server ( CVE-2023-38729, CVE-2012-2677, CVE-2024-25030, CVE-2024-25046, CVE-2024-27254, CVE-2023-52296)
2024-07-01 05:50:14
gentoo
gentoo
Boost: Buffer overflow
2021-05-26 00:00:00
oraclelinux
oraclelinux
boost security update
2013-03-21 00:00:00
securityvulns
securityvulns
[USN-1727-1] Boost vulnerability
2013-02-24 00:00:00
Boost library protection bypass
2013-02-24 00:00:00
redhat
redhat
(RHSA-2013:0668) Moderate: boost security update
2013-03-21 00:00:00
ubuntucve
ubuntucve
CVE-2012-2677
2012-07-25 00:00:00
CVE-2013-0252
2013-02-05 00:00:00
centos
centos
boost security update
2013-03-21 19:01:31
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:00:37
Bypassing Input Validation Protection Mechanisms
2017-02-01 09:20:15

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.014

Percentile

86.7%

JSON
Related for MANDRIVA_MDVSA-2013-065.NASL
nessus14openvas18nvd2f52prion2cvelist2cve2fedora2ubuntu1ibm8gentoo1oraclelinux1securityvulns2redhat1ubuntucve2centos1veracode2