Lucene search
This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.OPENSUSE-2016-852.NASLHistoryJul 11, 2016 - 12:00 a.m.
openSUSE Security Update : glibc (openSUSE-2016-852)
2016-07-1100:00:00
This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.
www.tenable.com
18
This update for glibc provides the following fixes :
-
Increase DTV_SURPLUS limit. (bsc#968787)
-
Do not copy d_name field of struct dirent.
(CVE-2016-1234, bsc#969727) -
Fix memory leak in _nss_dns_gethostbyname4_r.
(bsc#973010) -
Fix stack overflow in _nss_dns_getnetbyname_r.
(CVE-2016-3075, bsc#973164) -
Fix malloc performance regression from SLE 11.
(bsc#975930) -
Fix getaddrinfo stack overflow in hostent conversion.
(CVE-2016-3706, bsc#980483) -
Do not use alloca in clntudp_call. (CVE-2016-4429, bsc#980854)
-
Remove mtrace.1, now included in the man-pages package.
(bsc#967190)
This update was imported from the SUSE:SLE-12-SP1:Update update project.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2016-852.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(91987);
script_version("2.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2016-1234", "CVE-2016-3075", "CVE-2016-3706", "CVE-2016-4429");
script_name(english:"openSUSE Security Update : glibc (openSUSE-2016-852)");
script_summary(english:"Check for the openSUSE-2016-852 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"This update for glibc provides the following fixes :
- Increase DTV_SURPLUS limit. (bsc#968787)
- Do not copy d_name field of struct dirent.
(CVE-2016-1234, bsc#969727)
- Fix memory leak in _nss_dns_gethostbyname4_r.
(bsc#973010)
- Fix stack overflow in _nss_dns_getnetbyname_r.
(CVE-2016-3075, bsc#973164)
- Fix malloc performance regression from SLE 11.
(bsc#975930)
- Fix getaddrinfo stack overflow in hostent conversion.
(CVE-2016-3706, bsc#980483)
- Do not use alloca in clntudp_call. (CVE-2016-4429,
bsc#980854)
- Remove mtrace.1, now included in the man-pages package.
(bsc#967190)
This update was imported from the SUSE:SLE-12-SP1:Update update
project."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=967190"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=968787"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=969727"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=973010"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=973164"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=975930"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=980483"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=980854"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected glibc packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-static-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-extra-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-html");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-i18ndata");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-info");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-obsolete");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-obsolete-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-profile");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-profile-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nscd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nscd-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");
script_set_attribute(attribute:"patch_publication_date", value:"2016/07/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/07/11");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-debuginfo-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-debugsource-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-devel-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-devel-debuginfo-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-devel-static-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-extra-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-extra-debuginfo-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-html-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-i18ndata-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-info-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-locale-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-locale-debuginfo-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-obsolete-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-obsolete-debuginfo-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-profile-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-utils-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-utils-debuginfo-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"glibc-utils-debugsource-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"nscd-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"nscd-debuginfo-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"glibc-32bit-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"glibc-debuginfo-32bit-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"glibc-devel-32bit-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"glibc-devel-debuginfo-32bit-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"glibc-devel-static-32bit-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"glibc-locale-32bit-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"glibc-locale-debuginfo-32bit-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"glibc-profile-32bit-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"glibc-utils-32bit-2.19-22.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"glibc-utils-debuginfo-32bit-2.19-22.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc-utils / glibc-utils-32bit / glibc-utils-debuginfo / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | glibc | p-cpe:/a:novell:opensuse:glibc |
| novell | opensuse | glibc-32bit | p-cpe:/a:novell:opensuse:glibc-32bit |
| novell | opensuse | glibc-debuginfo | p-cpe:/a:novell:opensuse:glibc-debuginfo |
| novell | opensuse | glibc-debuginfo-32bit | p-cpe:/a:novell:opensuse:glibc-debuginfo-32bit |
| novell | opensuse | glibc-debugsource | p-cpe:/a:novell:opensuse:glibc-debugsource |
| novell | opensuse | glibc-devel | p-cpe:/a:novell:opensuse:glibc-devel |
| novell | opensuse | glibc-devel-32bit | p-cpe:/a:novell:opensuse:glibc-devel-32bit |
| novell | opensuse | glibc-devel-debuginfo | p-cpe:/a:novell:opensuse:glibc-devel-debuginfo |
| novell | opensuse | glibc-devel-debuginfo-32bit | p-cpe:/a:novell:opensuse:glibc-devel-debuginfo-32bit |
| novell | opensuse | glibc-devel-static | p-cpe:/a:novell:opensuse:glibc-devel-static |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1234
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3075
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3706
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4429
bugzilla.opensuse.org/show_bug.cgi?id=967190
bugzilla.opensuse.org/show_bug.cgi?id=968787
bugzilla.opensuse.org/show_bug.cgi?id=969727
bugzilla.opensuse.org/show_bug.cgi?id=973010
bugzilla.opensuse.org/show_bug.cgi?id=973164
bugzilla.opensuse.org/show_bug.cgi?id=975930
bugzilla.opensuse.org/show_bug.cgi?id=980483
bugzilla.opensuse.org/show_bug.cgi?id=980854
Related
nessus
nessus
openSUSE Security Update : glibc (openSUSE-2016-699)
2016-06-09 00:00:00
SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2016:1721-1)
2016-08-29 00:00:00
Photon OS 1.0: Glibc PHSA-2017-0013
2019-02-07 00:00:00
ibm
ibm
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple glibc vulnerabilities (CVE-2016-1234, CVE-2016-3706, CVE-2016-4429)
2018-06-18 01:34:54
altlinux
altlinux
Security fix for the ALT Linux 9 package glibc version 6:2.23-alt2
2016-05-10 00:00:00
Security fix for the ALT Linux 9 package glibc version 6:2.23-alt3
2016-06-09 00:00:00
photon
photon
fedora
fedora
[SECURITY] Fedora 24 Update: glibc-2.23.1-7.fc24
2016-05-14 23:42:24
[SECURITY] Fedora 23 Update: glibc-2.22-16.fc23
2016-05-12 20:56:11
[SECURITY] Fedora 24 Update: glibc-2.23.1-8.fc24
2016-06-18 19:41:34
osv
osv
eglibc - security update
2016-05-30 00:00:00
libtirpc - security update
2020-06-28 00:00:00
openvas
openvas
Fedora Update for glibc FEDORA-2016-b321728d74
2016-06-08 00:00:00
Ubuntu Update for eglibc USN-3239-3
2017-03-25 00:00:00
Fedora Update for glibc FEDORA-2016-b2dfb591cd
2016-06-08 00:00:00
debian
debian
[SECURITY] [DLA 494-1] eglibc security update
2016-05-30 04:24:49
[SECURITY] [DLA 2256-1] libtirpc security update
2020-06-28 12:20:53
mageia
mageia
Updated glibc packages fix security vulnerabilities
2016-05-24 01:00:58
Updated glibc and libtirpc packages fixes security vulnerability
2016-07-31 23:39:13
archlinux
archlinux
lib32-glibc: multiple issues
2016-05-13 00:00:00
glibc: multiple issues
2016-05-13 00:00:00
lib32-glibc: denial of service
2016-06-19 00:00:00
ubuntu
ubuntu
GNU C Library regression
2017-03-24 00:00:00
GNU C Library Regression
2017-03-21 00:00:00
GNU C Library vulnerabilities
2017-03-21 00:00:00
cloudfoundry
cloudfoundry
USN-3239-2: GNU C Library Regression | Cloud Foundry
2017-03-31 00:00:00
USN-3759-1: libtirpc vulnerabilities | Cloud Foundry
2018-09-27 00:00:00
USN-2985-2 GNU C Library regression | Cloud Foundry
2016-06-13 00:00:00
redhatcve
redhatcve
CVE-2016-4429
2016-05-18 11:48:33
CVE-2017-12133
2017-08-04 08:48:34
f5
f5
SOL17075474 - glibc vulnerability CVE-2016-4429
2016-07-27 00:00:00
K17075474 : glibc vulnerability CVE-2016-4429
2016-07-27 00:00:00
K05125306 : glibc vulnerability CVE-2016-1234
2016-07-14 00:00:00
android
android
CVE-2016-4429
2017-12-01 00:00:00
CVE-2016-3706
2017-12-01 00:00:00
debiancve
debiancve
cve
cve
ubuntucve
ubuntucve
prion
prion
redhat
redhat
(RHSA-2016:2573) Low: glibc security, bug fix, and enhancement update
2016-11-03 06:07:14
centos
centos
glibc, nscd security update
2016-11-25 15:25:38
amazon
amazon
Low: glibc
2017-02-06 18:00:00
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2017-02-19 00:00:00
oraclelinux
oraclelinux
glibc security update
2016-11-09 00:00:00
glibc security, bug fix, and enhancement update
2016-11-09 00:00:00
glibc security update
2018-04-18 00:00:00
packetstorm
packetstorm
Moxa Command Injection / Cross Site Scripting / Vulnerable Software
2021-09-01 00:00:00
zdt
zdt
Moxa Command Injection / Cross Site Scripting Vulnerabilities
2021-09-01 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1844
2021-07-02 16:56:21
androidsecurity
androidsecurity
Android Security BulletinโDecember 2017
2017-12-04 00:00:00
suse
suse
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Related for OPENSUSE-2016-852.NASL