ID OPENSUSE-2013-998.NASL Type nessus Reporter This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2014-06-13T00:00:00
Description
Add fix-CVE-2013-6404.diff: Fix a vulnerability by which
an authenticated malicious user using a custom client,
could access the backlog of all users of a quassel core.
This fixes CVE-2013-6404 (bnc#852847).
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2013-998.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(75243);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2013-6404");
script_name(english:"openSUSE Security Update : quassel (openSUSE-SU-2013:1929-1)");
script_summary(english:"Check for the openSUSE-2013-998 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
" - Add fix-CVE-2013-6404.diff: Fix a vulnerability by which
an authenticated malicious user using a custom client,
could access the backlog of all users of a quassel core.
This fixes CVE-2013-6404 (bnc#852847)."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=852847"
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.opensuse.org/opensuse-updates/2013-12/msg00092.html"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected quassel packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-client-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-core-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-mono");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:quassel-mono-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");
script_set_attribute(attribute:"patch_publication_date", value:"2013/12/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE13.1", reference:"quassel-base-0.9.1-8.2") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"quassel-client-0.9.1-8.2") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"quassel-client-debuginfo-0.9.1-8.2") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"quassel-core-0.9.1-8.2") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"quassel-core-debuginfo-0.9.1-8.2") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"quassel-debugsource-0.9.1-8.2") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"quassel-mono-0.9.1-8.2") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"quassel-mono-debuginfo-0.9.1-8.2") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "quassel-base / quassel-client / quassel-client-debuginfo / etc");
}
{"id": "OPENSUSE-2013-998.NASL", "bulletinFamily": "scanner", "title": "openSUSE Security Update : quassel (openSUSE-SU-2013:1929-1)", "description": " - Add fix-CVE-2013-6404.diff: Fix a vulnerability by which\n an authenticated malicious user using a custom client,\n could access the backlog of all users of a quassel core.\n This fixes CVE-2013-6404 (bnc#852847).", "published": "2014-06-13T00:00:00", "modified": "2014-06-13T00:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/75243", "reporter": "This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://lists.opensuse.org/opensuse-updates/2013-12/msg00092.html", "https://bugzilla.novell.com/show_bug.cgi?id=852847"], "cvelist": ["CVE-2013-6404"], "type": "nessus", "lastseen": "2021-01-20T12:27:14", "edition": 18, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-6404"]}, {"type": "nessus", "idList": ["OPENSUSE-2014-71.NASL"]}], "modified": "2021-01-20T12:27:14", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2021-01-20T12:27:14", "rev": 2}, "vulnersScore": 4.5}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-998.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75243);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-6404\");\n\n script_name(english:\"openSUSE Security Update : quassel (openSUSE-SU-2013:1929-1)\");\n script_summary(english:\"Check for the openSUSE-2013-998 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Add fix-CVE-2013-6404.diff: Fix a vulnerability by which\n an authenticated malicious user using a custom client,\n could access the backlog of all users of a quassel core.\n This fixes CVE-2013-6404 (bnc#852847).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=852847\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-12/msg00092.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quassel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-mono\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-mono-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-base-0.9.1-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-client-0.9.1-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-client-debuginfo-0.9.1-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-core-0.9.1-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-core-debuginfo-0.9.1-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-debugsource-0.9.1-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-mono-0.9.1-8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-mono-debuginfo-0.9.1-8.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quassel-base / quassel-client / quassel-client-debuginfo / etc\");\n}\n", "naslFamily": "SuSE Local Security Checks", "pluginID": "75243", "cpe": ["p-cpe:/a:novell:opensuse:quassel-core-debuginfo", "p-cpe:/a:novell:opensuse:quassel-mono", "p-cpe:/a:novell:opensuse:quassel-core", "p-cpe:/a:novell:opensuse:quassel-mono-debuginfo", "p-cpe:/a:novell:opensuse:quassel-base", "p-cpe:/a:novell:opensuse:quassel-client-debuginfo", "p-cpe:/a:novell:opensuse:quassel-client", "p-cpe:/a:novell:opensuse:quassel-debugsource", "cpe:/o:novell:opensuse:13.1"], "scheme": null}
{"cve": [{"lastseen": "2021-02-02T06:06:59", "description": "Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id.sql, and (3) 16/select_buffer_by_id.sql in core/SQL/PostgreSQL/.", "edition": 6, "cvss3": {}, "published": "2013-12-09T16:36:00", "title": "CVE-2013-6404", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6404"], "modified": "2017-08-29T01:33:00", "cpe": ["cpe:/a:quassel-irc:quassel_irc:0.9.1", "cpe:/a:quassel-irc:quassel_irc:0.9.0"], "id": "CVE-2013-6404", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6404", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:quassel-irc:quassel_irc:0.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:quassel-irc:quassel_irc:0.9.1:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-01-20T12:28:03", "description": " - Add back /etc/sysconfig/quasselcore (bnc#849850)\n\n - Drop fix-CVE-2013-6404.diff: Merged upstream\n\n - Update to 0.9.2\n\n - Don't crash if /topic contains newlines.\n\n - Fix SSL-related issues.\n\n - Fix Phonon notifications not playing sound.\n\n - Pingout if connection drops during SASL auth phase.\n\n - Prevent messages from being sent to status buffers.\n\n - Make sure manipulated/buggy clients cannot access\n backlog of other core users.\n\n - Fix context menu issues.", "edition": 19, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : quassel (openSUSE-SU-2014:0114-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-6404"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:quassel-core-debuginfo", "p-cpe:/a:novell:opensuse:quassel-mono", "p-cpe:/a:novell:opensuse:quassel-core", "p-cpe:/a:novell:opensuse:quassel-mono-debuginfo", "p-cpe:/a:novell:opensuse:quassel-base", "p-cpe:/a:novell:opensuse:quassel-client-debuginfo", "p-cpe:/a:novell:opensuse:quassel-client", "p-cpe:/a:novell:opensuse:quassel-debugsource", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-71.NASL", "href": "https://www.tenable.com/plugins/nessus/75401", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-71.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75401);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-6404\");\n\n script_name(english:\"openSUSE Security Update : quassel (openSUSE-SU-2014:0114-1)\");\n script_summary(english:\"Check for the openSUSE-2014-71 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Add back /etc/sysconfig/quasselcore (bnc#849850)\n\n - Drop fix-CVE-2013-6404.diff: Merged upstream\n\n - Update to 0.9.2\n\n - Don't crash if /topic contains newlines.\n\n - Fix SSL-related issues.\n\n - Fix Phonon notifications not playing sound.\n\n - Pingout if connection drops during SASL auth phase.\n\n - Prevent messages from being sent to status buffers.\n\n - Make sure manipulated/buggy clients cannot access\n backlog of other core users.\n\n - Fix context menu issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=849850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-01/msg00078.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected quassel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-mono\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:quassel-mono-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-base-0.9.2-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-client-0.9.2-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-client-debuginfo-0.9.2-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-core-0.9.2-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-core-debuginfo-0.9.2-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-debugsource-0.9.2-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-mono-0.9.2-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"quassel-mono-debuginfo-0.9.2-12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"quassel-base / quassel-client / quassel-client-debuginfo / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}]}