Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2014-442.NASL
HistoryJun 26, 2014 - 12:00 a.m.

openSUSE Security Update : ctdb (openSUSE-SU-2014:0842-1)

2014-06-2600:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
JSON

ctdb was updated to version 2.3 to fix several temp file vulnerabilities (CVE-2013-4159). Various other bugs were fixed by this upgrade, most notably bnc#867815: Avoid lockwait congestion by using an overflow queue.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2014-442.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(76229);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2013-4159");

  script_name(english:"openSUSE Security Update : ctdb (openSUSE-SU-2014:0842-1)");
  script_summary(english:"Check for the openSUSE-2014-442 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"ctdb was updated to version 2.3 to fix several temp file
vulnerabilities (CVE-2013-4159). Various other bugs were fixed by this
upgrade, most notably bnc#867815: Avoid lockwait congestion by using
an overflow queue."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=836064"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=867815"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2014-06/msg00052.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected ctdb packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/06/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/26");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.3|SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.3 / 13.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE12.3", reference:"ctdb-2.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"ctdb-debuginfo-2.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"ctdb-debugsource-2.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"ctdb-devel-2.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"ctdb-pcp-pmda-2.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"ctdb-pcp-pmda-debuginfo-2.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"ctdb-2.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"ctdb-debuginfo-2.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"ctdb-debugsource-2.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"ctdb-devel-2.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"ctdb-pcp-pmda-2.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"ctdb-pcp-pmda-debuginfo-2.3-2.4.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ctdb");
}
VendorProductVersionCPE
novellopensusectdbp-cpe:/a:novell:opensuse:ctdb
novellopensusectdb-debuginfop-cpe:/a:novell:opensuse:ctdb-debuginfo
novellopensusectdb-debugsourcep-cpe:/a:novell:opensuse:ctdb-debugsource
novellopensusectdb-develp-cpe:/a:novell:opensuse:ctdb-devel
novellopensusectdb-pcp-pmdap-cpe:/a:novell:opensuse:ctdb-pcp-pmda
novellopensusectdb-pcp-pmda-debuginfop-cpe:/a:novell:opensuse:ctdb-pcp-pmda-debuginfo
novellopensuse12.3cpe:/o:novell:opensuse:12.3
novellopensuse13.1cpe:/o:novell:opensuse:13.1

Related

securityvulns 2
fedora 1
mageia 1
openvas 2
nessus 2
prion 1
ubuntucve 1
cve 1
securityvulns
securityvulns
ctdb symbolic links vulnerabilities
2015-04-13 00:00:00
[ MDVSA-2015:177 ] ctdb
2015-04-13 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: ctdb-2.5.4-2.fc20
2014-12-20 08:36:18
mageia
mageia
Updated ctdb package fixes CVE-2013-4159
2014-06-27 18:57:58
openvas
openvas
Fedora Update for ctdb FEDORA-2014-16742
2014-12-21 00:00:00
Mageia: Security Advisory (MGASA-2014-0274)
2022-01-28 00:00:00
nessus
nessus
Fedora 20 : ctdb-2.5.4-2.fc20 (2014-16742)
2014-12-22 00:00:00
Mandriva Linux Security Advisory : ctdb (MDVSA-2015:177)
2015-03-31 00:00:00
prion
prion
Code injection
2014-08-06 18:55:00
ubuntucve
ubuntucve
CVE-2013-4159
2014-08-06 00:00:00
cve
cve
CVE-2013-4159
2014-08-06 18:55:00
JSON
Related for OPENSUSE-2014-442.NASL
securityvulns2fedora1mageia1openvas2nessus2prion1ubuntucve1cve1