Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2007-0539.NASL
HistoryJul 12, 2013 - 12:00 a.m.

Oracle Linux 5 : aide (ELSA-2007-0539)

2013-07-1200:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

24.9%

JSON

From Red Hat Security Advisory 2007:0539 :

An updated aide package that fixes various bugs is now available for Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Advanced Intrusion Detection Environment (AIDE) is a file integrity checker and intrusion detection program.

A flaw was discovered in the way file checksums were stored in the AIDE database. A packaging flaw in the Red Hat AIDE rpm resulted in the file database not containing any file checksum information. This could prevent AIDE from detecting certain file modifications.
(CVE-2007-3849)

This update also fixes the following bugs :

  • certain configurations could result in a segmentation fault upon initialization.

  • AIDE was unable to open its log file in the LSPP evaluated configuration.

  • if AIDE found SELinux context differences, the changed files report it generated only included the first 32 characters of the context.

All users of AIDE are advised to upgrade to this updated package containing AIDE version 0.13.1 which is not vulnerable to these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2007:0539 and 
# Oracle Linux Security Advisory ELSA-2007-0539 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(67532);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2007-3849");
  script_xref(name:"RHSA", value:"2007:0539");

  script_name(english:"Oracle Linux 5 : aide (ELSA-2007-0539)");
  script_summary(english:"Checks rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Oracle Linux host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"From Red Hat Security Advisory 2007:0539 :

An updated aide package that fixes various bugs is now available for
Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

Advanced Intrusion Detection Environment (AIDE) is a file integrity
checker and intrusion detection program.

A flaw was discovered in the way file checksums were stored in the
AIDE database. A packaging flaw in the Red Hat AIDE rpm resulted in
the file database not containing any file checksum information. This
could prevent AIDE from detecting certain file modifications.
(CVE-2007-3849)

This update also fixes the following bugs :

* certain configurations could result in a segmentation fault upon
initialization.

* AIDE was unable to open its log file in the LSPP evaluated
configuration.

* if AIDE found SELinux context differences, the changed files report
it generated only included the first 32 characters of the context.

All users of AIDE are advised to upgrade to this updated package
containing AIDE version 0.13.1 which is not vulnerable to these
issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/el-errata/2007-September/000316.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected aide package.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:N");
  script_cwe_id(264);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:aide");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5");

  script_set_attribute(attribute:"vuln_publication_date", value:"2007/09/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2007/09/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Oracle Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5", "Oracle Linux " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);

flag = 0;
if (rpm_check(release:"EL5", reference:"aide-0.13.1-2.0.4.el5")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
  else security_note(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "aide");
}
VendorProductVersionCPE
oraclelinuxaidep-cpe:/a:oracle:linux:aide
oraclelinux5cpe:/o:oracle:linux:5

Related

redhat 1
nessus 3
nvd 1
cvelist 1
openvas 1
centos 1
veracode 1
prion 1
cve 1
oraclelinux 1
redhat
redhat
(RHSA-2007:0539) Moderate: aide security update
2007-09-04 00:00:00
nessus
nessus
CentOS 5 : aide (CESA-2007:0539)
2010-01-06 00:00:00
Scientific Linux Security Update : aide on SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 5 : aide (RHSA-2007:0539)
2007-09-05 00:00:00
nvd
nvd
CVE-2007-3849
2007-09-05 01:17:00
cvelist
cvelist
CVE-2007-3849
2007-09-05 01:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2007-0539)
2015-10-08 00:00:00
centos
centos
aide security update
2007-09-04 23:28:06
veracode
veracode
Authorization Bypass
2020-04-10 00:16:33
prion
prion
Design/Logic Flaw
2007-09-05 01:17:00
cve
cve
CVE-2007-3849
2007-09-05 01:17:00
oraclelinux
oraclelinux
Moderate: aide security update
2007-09-04 00:00:00

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

24.9%

JSON
Related for ORACLELINUX_ELSA-2007-0539.NASL
redhat1nessus3nvd1cvelist1openvas1centos1veracode1prion1cve1oraclelinux1