Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2021 Tenable Network Security, Inc.OPENSUSE-2015-531.NASL
HistoryAug 05, 2015 - 12:00 a.m.

openSUSE Security Update : gpsm (openSUSE-2015-531)

2015-08-0500:00:00
This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.
www.tenable.com
9
JSON

gpsm was updated to fix one security issue.

The following vulnerability was fixed :

  • CVE-2013-2038: Denial of service by a remote attacker via specially crafted packages (boo#818136)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2015-531.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(85235);
  script_version("2.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2013-2038");

  script_name(english:"openSUSE Security Update : gpsm (openSUSE-2015-531)");
  script_summary(english:"Check for the openSUSE-2015-531 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"gpsm was updated to fix one security issue.

The following vulnerability was fixed :

  - CVE-2013-2038: Denial of service by a remote attacker
    via specially crafted packages (boo#818136)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=818136"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected gpsm packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gpsd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gpsd-clients");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gpsd-clients-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gpsd-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gpsd-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gpsd-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gpsd-devel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libQgpsmm20");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libQgpsmm20-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgps20");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgps20-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-gpsd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-gpsd-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2015/07/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/08/05");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE13.1", reference:"gpsd-3.5-7.8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"gpsd-clients-3.5-7.8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"gpsd-clients-debuginfo-3.5-7.8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"gpsd-debuginfo-3.5-7.8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"gpsd-debugsource-3.5-7.8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"gpsd-devel-3.5-7.8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"gpsd-devel-debuginfo-3.5-7.8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libQgpsmm20-3.5-7.8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libQgpsmm20-debuginfo-3.5-7.8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgps20-3.5-7.8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgps20-debuginfo-3.5-7.8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"python-gpsd-3.5-7.8.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"python-gpsd-debuginfo-3.5-7.8.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gpsd / gpsd-clients / gpsd-clients-debuginfo / gpsd-debuginfo / etc");
}
VendorProductVersionCPE
novellopensusegpsdp-cpe:/a:novell:opensuse:gpsd
novellopensusegpsd-clientsp-cpe:/a:novell:opensuse:gpsd-clients
novellopensusegpsd-clients-debuginfop-cpe:/a:novell:opensuse:gpsd-clients-debuginfo
novellopensusegpsd-debuginfop-cpe:/a:novell:opensuse:gpsd-debuginfo
novellopensusegpsd-debugsourcep-cpe:/a:novell:opensuse:gpsd-debugsource
novellopensusegpsd-develp-cpe:/a:novell:opensuse:gpsd-devel
novellopensusegpsd-devel-debuginfop-cpe:/a:novell:opensuse:gpsd-devel-debuginfo
novellopensuselibqgpsmm20p-cpe:/a:novell:opensuse:libqgpsmm20
novellopensuselibqgpsmm20-debuginfop-cpe:/a:novell:opensuse:libqgpsmm20-debuginfo
novellopensuselibgps20p-cpe:/a:novell:opensuse:libgps20
Rows per page:
1-10 of 141

Related

nessus 1
prion 1
securityvulns 2
ubuntucve 1
cve 1
openvas 2
ubuntu 1
debiancve 1
cvelist 1
nessus
nessus
Ubuntu 12.04 LTS : gpsd vulnerability (USN-1820-1)
2013-05-09 00:00:00
prion
prion
Security feature bypass
2014-02-06 17:00:00
securityvulns
securityvulns
gpsd memory corruption
2013-05-09 00:00:00
[USN-1820-1] gpsd vulnerability
2013-05-09 00:00:00
ubuntucve
ubuntucve
CVE-2013-2038
2013-05-02 00:00:00
cve
cve
CVE-2013-2038
2014-02-06 17:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1820-1)
2013-05-09 00:00:00
Ubuntu Update for gpsd USN-1820-1
2013-05-09 00:00:00
ubuntu
ubuntu
gpsd vulnerability
2013-05-08 00:00:00
debiancve
debiancve
CVE-2013-2038
2014-02-06 17:00:00
cvelist
cvelist
CVE-2013-2038
2014-02-06 16:00:00
JSON
Related for OPENSUSE-2015-531.NASL
nessus1prion1securityvulns2ubuntucve1cve1openvas2ubuntu1debiancve1cvelist1