Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2007-0431.NASL
HistoryJul 12, 2013 - 12:00 a.m.

Oracle Linux 3 : shadow-utils (ELSA-2007-0431)

2013-07-1200:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
JSON

From Red Hat Security Advisory 2007:0431 :

An updated shadow-utils package that fixes a security issue and several bugs is now available.

This update has been rated as having low security impact by the Red Hat Security Response Team.

The shadow-utils package includes the necessary programs for converting UNIX password files to the shadow password format, as well as programs for managing user and group accounts.

A flaw was found in the useradd tool in shadow-utils. A new user’s mailbox, when created, could have random permissions for a short period. This could allow a local attacker to read or modify the mailbox. (CVE-2006-1174)

This update also fixes the following bugs :

  • shadow-utils debuginfo package was empty.

  • chage.1 and chage -l gave incorrect information about sp_inact.

All users of shadow-utils are advised to upgrade to this updated package, which contains backported patches to resolve these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2007:0431 and 
# Oracle Linux Security Advisory ELSA-2007-0431 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(67515);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2006-1174");
  script_xref(name:"RHSA", value:"2007:0431");

  script_name(english:"Oracle Linux 3 : shadow-utils (ELSA-2007-0431)");
  script_summary(english:"Checks rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Oracle Linux host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"From Red Hat Security Advisory 2007:0431 :

An updated shadow-utils package that fixes a security issue and
several bugs is now available.

This update has been rated as having low security impact by the Red
Hat Security Response Team.

The shadow-utils package includes the necessary programs for
converting UNIX password files to the shadow password format, as well
as programs for managing user and group accounts.

A flaw was found in the useradd tool in shadow-utils. A new user's
mailbox, when created, could have random permissions for a short
period. This could allow a local attacker to read or modify the
mailbox. (CVE-2006-1174)

This update also fixes the following bugs :

* shadow-utils debuginfo package was empty.

* chage.1 and chage -l gave incorrect information about sp_inact.

All users of shadow-utils are advised to upgrade to this updated
package, which contains backported patches to resolve these issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/el-errata/2007-June/000180.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected shadow-utils package."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:shadow-utils");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2006/05/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2007/06/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Oracle Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 3", "Oracle Linux " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);

flag = 0;
if (rpm_check(release:"EL3", cpu:"i386", reference:"shadow-utils-4.0.3-29.RHEL3")) flag++;
if (rpm_check(release:"EL3", cpu:"x86_64", reference:"shadow-utils-4.0.3-29.RHEL3")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
  else security_note(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "shadow-utils");
}
VendorProductVersionCPE
oraclelinuxshadow-utilsp-cpe:/a:oracle:linux:shadow-utils
oraclelinux3cpe:/o:oracle:linux:3

Related

oraclelinux 1
nessus 10
cert 1
centos 2
debiancve 1
prion 1
cve 1
openvas 2
redhat 2
gentoo 1
ubuntucve 1
securityvulns 1
vmware 1
oraclelinux
oraclelinux
Low: shadow-utils security and bug fix update
2007-05-17 00:00:00
nessus
nessus
CentOS 3 : shadow-utils (CESA-2007:0431)
2007-06-14 00:00:00
GLSA-200606-02 : shadow: Privilege escalation
2006-06-08 00:00:00
RHEL 3 : shadow-utils (RHSA-2007:0431)
2007-06-12 00:00:00
cert
cert
Shadow Utils useradd utility sets incorrect file permissions
2007-12-14 00:00:00
centos
centos
shadow security update
2007-05-02 08:58:02
shadow security update
2007-06-11 21:08:22
debiancve
debiancve
CVE-2006-1174
2006-05-28 23:02:00
prion
prion
Open redirect
2006-05-28 23:02:00
cve
cve
CVE-2006-1174
2006-05-28 23:02:00
openvas
openvas
Gentoo Security Advisory GLSA 200606-02 (shadow)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200606-02 (shadow)
2008-09-24 00:00:00
redhat
redhat
(RHSA-2007:0276) Low: shadow-utils security and bug fix update
2007-05-01 00:00:00
(RHSA-2007:0431) Low: shadow-utils security and bug fix update
2007-06-11 13:45:45
gentoo
gentoo
shadow: Privilege escalation
2006-06-07 00:00:00
ubuntucve
ubuntucve
CVE-2006-1174
2006-05-28 00:00:00
securityvulns
securityvulns
VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player
2007-09-21 00:00:00
vmware
vmware
Updated versions of all supported hosted products and all ESX 2x products and patches for ESX 30x address critical security updates. Service Console security updates for samba, bind, krb5, vixie-cron, shadow-utils, openldap, pam, gcc, and gdb packages.
2007-09-18 00:00:00
JSON
Related for ORACLELINUX_ELSA-2007-0431.NASL
oraclelinux1nessus10cert1centos2debiancve1prion1cve1openvas2redhat2gentoo1ubuntucve1securityvulns1vmware1