Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.MANDRIVA_MDVSA-2014-023.NASL
HistoryJan 27, 2014 - 12:00 a.m.

Mandriva Linux Security Advisory : hplip (MDVSA-2014:023)

2014-01-2700:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
JSON

Updated hplip packages fix security vulnerabilities :

It was discovered that the HPLIP Polkit daemon incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files (CVE-2013-6402).

It was discovered that HPLIP contained an upgrade tool that would download code in an unsafe fashion. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to execute arbitrary code (CVE-2013-6427).

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2014:023. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(72135);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2013-6402", "CVE-2013-6427");
  script_bugtraq_id(63959, 64131);
  script_xref(name:"MDVSA", value:"2014:023");

  script_name(english:"Mandriva Linux Security Advisory : hplip (MDVSA-2014:023)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated hplip packages fix security vulnerabilities :

It was discovered that the HPLIP Polkit daemon incorrectly handled
temporary files. A local attacker could possibly use this issue to
overwrite arbitrary files (CVE-2013-6402).

It was discovered that HPLIP contained an upgrade tool that would
download code in an unsafe fashion. If a remote attacker were able to
perform a man-in-the-middle attack, this flaw could be exploited to
execute arbitrary code (CVE-2013-6427)."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725876"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hplip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hplip-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hplip-hpijs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hplip-hpijs-ppds");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hplip-model-data");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64hpip0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64hpip0-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64sane-hpaio1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/01/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/27");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"hplip-3.12.4-1.3.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"hplip-doc-3.12.4-1.3.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"hplip-hpijs-3.12.4-1.3.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"hplip-hpijs-ppds-3.12.4-1.3.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"hplip-model-data-3.12.4-1.3.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64hpip0-3.12.4-1.3.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64hpip0-devel-3.12.4-1.3.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64sane-hpaio1-3.12.4-1.3.mbs1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxhplipp-cpe:/a:mandriva:linux:hplip
mandrivalinuxhplip-docp-cpe:/a:mandriva:linux:hplip-doc
mandrivalinuxhplip-hpijsp-cpe:/a:mandriva:linux:hplip-hpijs
mandrivalinuxhplip-hpijs-ppdsp-cpe:/a:mandriva:linux:hplip-hpijs-ppds
mandrivalinuxhplip-model-datap-cpe:/a:mandriva:linux:hplip-model-data
mandrivalinuxlib64hpip0p-cpe:/a:mandriva:linux:lib64hpip0
mandrivalinuxlib64hpip0-develp-cpe:/a:mandriva:linux:lib64hpip0-devel
mandrivalinuxlib64sane-hpaio1p-cpe:/a:mandriva:linux:lib64sane-hpaio1
mandrivabusiness_server1cpe:/o:mandriva:business_server:1

Related

ubuntu 1
openvas 8
nessus 5
mageia 1
securityvulns 2
debian 1
debiancve 2
ubuntucve 2
cvelist 2
prion 2
cve 2
slackware 1
ubuntu
ubuntu
HPLIP vulnerabilities
2014-01-21 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2085-1)
2014-01-27 00:00:00
Mageia: Security Advisory (MGASA-2014-0033)
2022-01-28 00:00:00
Ubuntu Update for hplip USN-2085-1
2014-01-27 00:00:00
nessus
nessus
Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : hplip vulnerabilities (USN-2085-1)
2014-01-22 00:00:00
openSUSE Security Update : hplip (openSUSE-SU-2014:0127-1)
2014-06-13 00:00:00
Debian DSA-2829-1 : hplip - several vulnerabilities
2013-12-31 00:00:00
mageia
mageia
Updated hplip package fixes security vulnerabilities
2014-02-05 19:27:44
securityvulns
securityvulns
hplip multiple security vulnerabilities
2014-01-09 00:00:00
[SECURITY] [DSA 2829-1] hplip security update
2014-01-09 00:00:00
debian
debian
[SECURITY] [DSA 2829-1] hplip security update
2013-12-28 17:57:19
debiancve
debiancve
CVE-2013-6402
2014-01-05 20:55:00
CVE-2013-6427
2013-12-09 18:55:00
ubuntucve
ubuntucve
CVE-2013-6402
2014-01-05 00:00:00
CVE-2013-6427
2013-12-09 00:00:00
cvelist
cvelist
CVE-2013-6402
2014-01-05 20:00:00
CVE-2013-6427
2013-12-09 18:00:00
prion
prion
Arbitrary file deletion
2014-01-05 20:55:00
Spoofing
2013-12-09 18:55:00
cve
cve
CVE-2013-6402
2014-01-05 20:55:00
CVE-2013-6427
2013-12-09 18:55:00
slackware
slackware
[slackware-security] hplip
2013-12-06 04:51:59
JSON
Related for MANDRIVA_MDVSA-2014-023.NASL
ubuntu1openvas8nessus5mageia1securityvulns2debian1debiancve2ubuntucve2cvelist2prion2cve2slackware1