Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2019-2178.NASL
HistorySep 25, 2019 - 12:00 a.m.

openSUSE Security Update : bird (openSUSE-2019-2178)

2019-09-2500:00:00
This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
JSON

This update for bird fixes the following issues :

  • CVE-2019-16159: Fixed a stack-based buffer overflow via administrative shutdown communication messages.
    (bnc#1150108)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2019-2178.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(129344);
  script_version("1.3");
  script_cvs_date("Date: 2019/12/23");

  script_cve_id("CVE-2019-16159");

  script_name(english:"openSUSE Security Update : bird (openSUSE-2019-2178)");
  script_summary(english:"Check for the openSUSE-2019-2178 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for bird fixes the following issues :

  - CVE-2019-16159: Fixed a stack-based buffer overflow via
    administrative shutdown communication messages.
    (bnc#1150108)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1150108"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected bird packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bird");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bird-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bird-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bird-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bird6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bird6-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/09/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/25");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE15.1", reference:"bird-1.6.8-lp151.2.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"bird-common-1.6.8-lp151.2.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"bird-debuginfo-1.6.8-lp151.2.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"bird-debugsource-1.6.8-lp151.2.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"bird6-1.6.8-lp151.2.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"bird6-debuginfo-1.6.8-lp151.2.3.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bird / bird-common / bird-debuginfo / bird-debugsource / bird6 / etc");
}
VendorProductVersionCPE
novellopensusebirdp-cpe:/a:novell:opensuse:bird
novellopensusebird-commonp-cpe:/a:novell:opensuse:bird-common
novellopensusebird-debuginfop-cpe:/a:novell:opensuse:bird-debuginfo
novellopensusebird-debugsourcep-cpe:/a:novell:opensuse:bird-debugsource
novellopensusebird6p-cpe:/a:novell:opensuse:bird6
novellopensusebird6-debuginfop-cpe:/a:novell:opensuse:bird6-debuginfo
novellopensuse15.1cpe:/o:novell:opensuse:15.1

Related

fedora 3
debian 1
nessus 4
openvas 5
prion 1
suse 2
osv 1
ubuntucve 1
cve 1
debiancve 1
fedora
fedora
[SECURITY] Fedora 31 Update: bird-2.0.6-1.fc31
2019-09-16 00:03:27
[SECURITY] Fedora 30 Update: bird-2.0.6-1.fc30
2019-09-20 01:22:26
[SECURITY] Fedora 29 Update: bird-1.6.8-1.fc29
2019-09-20 01:34:08
debian
debian
[SECURITY] [DSA 4528-1] bird security update
2019-09-19 20:53:24
nessus
nessus
Debian DSA-4528-1 : bird - security update
2019-09-20 00:00:00
Fedora 31 : bird (2019-ff0f9ce167)
2019-10-07 00:00:00
Fedora 29 : bird (2019-b629e3b97f)
2019-09-20 00:00:00
openvas
openvas
openSUSE: Security Advisory for bird (openSUSE-SU-2019:2178-1)
2020-01-09 00:00:00
Fedora Update for bird FEDORA-2019-b629e3b97f
2019-09-20 00:00:00
Debian: Security Advisory (DSA-4528-1)
2019-09-21 00:00:00
prion
prion
Stack overflow
2019-09-09 15:15:00
suse
suse
Security update for bird (moderate)
2019-09-24 00:00:00
Security update for bird (moderate)
2019-09-24 00:00:00
osv
osv
CVE-2019-16159
2019-09-09 15:15:12
ubuntucve
ubuntucve
CVE-2019-16159
2019-09-09 00:00:00
cve
cve
CVE-2019-16159
2019-09-09 15:15:00
debiancve
debiancve
CVE-2019-16159
2019-09-09 15:15:00
JSON
Related for OPENSUSE-2019-2178.NASL
fedora3debian1nessus4openvas5prion1suse2osv1ubuntucve1cve1debiancve1