Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2003-334.NASL
HistoryJul 06, 2004 - 12:00 a.m.

RHEL 3 : glibc (RHSA-2003:334)

2004-07-0600:00:00
This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON

Updated glibc packages that resolve a vulnerability and address several bugs are now available.

The glibc packages contain GNU libc, which provides standard system libraries.

Herbert Xu reported that various applications can accept spoofed messages sent on the kernel netlink interface by other users on the local machine. This could lead to a local denial of service attack.
The glibc function getifaddrs uses netlink and could therefore be vulnerable to this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0859 to this issue.

In addition to the security issues, a number of other bugs were fixed.

Users are advised to upgrade to these erratum packages, which contain a patch that checks that netlink messages actually came from the kernel and patches for the various bug fixes.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2003:334. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(12434);
  script_version("1.27");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2003-0859");
  script_xref(name:"RHSA", value:"2003:334");

  script_name(english:"RHEL 3 : glibc (RHSA-2003:334)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated glibc packages that resolve a vulnerability and address
several bugs are now available.

The glibc packages contain GNU libc, which provides standard system
libraries.

Herbert Xu reported that various applications can accept spoofed
messages sent on the kernel netlink interface by other users on the
local machine. This could lead to a local denial of service attack.
The glibc function getifaddrs uses netlink and could therefore be
vulnerable to this issue. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CVE-2003-0859 to this
issue.

In addition to the security issues, a number of other bugs were fixed.

Users are advised to upgrade to these erratum packages, which contain
a patch that checks that netlink messages actually came from the
kernel and patches for the various bug fixes."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2003-0859"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2003:334"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-profile");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-utils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nptl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nscd");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2003/12/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2003/11/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/06");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2003:334";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL3", reference:"glibc-2.3.2-95.6")) flag++;
  if (rpm_check(release:"RHEL3", reference:"glibc-common-2.3.2-95.6")) flag++;
  if (rpm_check(release:"RHEL3", reference:"glibc-devel-2.3.2-95.6")) flag++;
  if (rpm_check(release:"RHEL3", reference:"glibc-headers-2.3.2-95.6")) flag++;
  if (rpm_check(release:"RHEL3", reference:"glibc-profile-2.3.2-95.6")) flag++;
  if (rpm_check(release:"RHEL3", reference:"glibc-utils-2.3.2-95.6")) flag++;
  if (rpm_check(release:"RHEL3", reference:"nptl-devel-2.3.2-95.6")) flag++;
  if (rpm_check(release:"RHEL3", reference:"nscd-2.3.2-95.6")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-devel / glibc-headers / glibc-profile / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxglibcp-cpe:/a:redhat:enterprise_linux:glibc
redhatenterprise_linuxglibc-commonp-cpe:/a:redhat:enterprise_linux:glibc-common
redhatenterprise_linuxglibc-develp-cpe:/a:redhat:enterprise_linux:glibc-devel
redhatenterprise_linuxglibc-headersp-cpe:/a:redhat:enterprise_linux:glibc-headers
redhatenterprise_linuxglibc-profilep-cpe:/a:redhat:enterprise_linux:glibc-profile
redhatenterprise_linuxglibc-utilsp-cpe:/a:redhat:enterprise_linux:glibc-utils
redhatenterprise_linuxnptl-develp-cpe:/a:redhat:enterprise_linux:nptl-devel
redhatenterprise_linuxnscdp-cpe:/a:redhat:enterprise_linux:nscd
redhatenterprise_linux3cpe:/o:redhat:enterprise_linux:3

Related

nessus 2
cvelist 1
cve 1
nvd 1
redhat 1
cert 1
nessus
nessus
Fedora Core 1 : glibc-2.3.2-101.1 (2003-002)
2004-07-23 00:00:00
Mandrake Linux Security Advisory : iproute2 (MDKSA-2004:148)
2004-12-14 00:00:00
cvelist
cvelist
CVE-2003-0859
2003-11-18 05:00:00
cve
cve
CVE-2003-0859
2003-12-15 05:00:00
nvd
nvd
CVE-2003-0859
2003-12-15 05:00:00
redhat
redhat
(RHSA-2003:334) glibc security update
2003-11-07 00:00:00
cert
cert
Integer overflow vulnerability in rsync
2003-12-09 00:00:00

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for REDHAT-RHSA-2003-334.NASL
nessus2cvelist1cve1nvd1redhat1cert1