Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2005-009.NASL
HistoryFeb 10, 2005 - 12:00 a.m.

RHEL 2.1 / 3 : kdelibs, kdebase (RHSA-2005:009)

2005-02-1000:00:00
This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
JSON

Updated kdelib and kdebase packages that resolve several security issues are now available.

The kdelibs packages include libraries for the K Desktop Environment.
The kdebase packages include core applications for the K Desktop Environment.

Secunia Research discovered a window injection spoofing vulnerability affecting the Konqueror web browser. This issue could allow a malicious website to show arbitrary content in a different browser window. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-1158 to this issue.

A bug was discovered in the way kioslave handles URL-encoded newline (%0a) characters before the FTP command. It is possible that a specially crafted URL could be used to execute any ftp command on a remote server, or potentially send unsolicited email. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-1165 to this issue.

A bug was discovered that can crash KDE screensaver under certain local circumstances. This could allow an attacker with physical access to the workstation to take over a locked desktop session. Please note that this issue only affects Red Hat Enterprise Linux 2.1. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-0078 to this issue.

All users of KDE are advised to upgrade to this updated packages, which contain backported patches to correct these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2005:009. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(16366);
  script_version("1.28");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2004-1158", "CVE-2004-1165", "CVE-2005-0078");
  script_xref(name:"RHSA", value:"2005:009");

  script_name(english:"RHEL 2.1 / 3 : kdelibs, kdebase (RHSA-2005:009)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated kdelib and kdebase packages that resolve several security
issues are now available.

The kdelibs packages include libraries for the K Desktop Environment.
The kdebase packages include core applications for the K Desktop
Environment.

Secunia Research discovered a window injection spoofing vulnerability
affecting the Konqueror web browser. This issue could allow a
malicious website to show arbitrary content in a different browser
window. The Common Vulnerabilities and Exposures project has assigned
the name CVE-2004-1158 to this issue.

A bug was discovered in the way kioslave handles URL-encoded newline
(%0a) characters before the FTP command. It is possible that a
specially crafted URL could be used to execute any ftp command on a
remote server, or potentially send unsolicited email. The Common
Vulnerabilities and Exposures project has assigned the name
CVE-2004-1165 to this issue.

A bug was discovered that can crash KDE screensaver under certain
local circumstances. This could allow an attacker with physical access
to the workstation to take over a locked desktop session. Please note
that this issue only affects Red Hat Enterprise Linux 2.1. The Common
Vulnerabilities and Exposures project has assigned the name
CVE-2005-0078 to this issue.

All users of KDE are advised to upgrade to this updated packages,
which contain backported patches to correct these issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2004-1158"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2004-1165"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2005-0078"
  );
  # http://www.kde.org/info/security/advisory-20041213-1.txt
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.kde.org/info/security/advisory-20041213-1.txt"
  );
  # http://www.kde.org/info/security/advisory-20050101-1.txt
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.kde.org/info/security/advisory-20050101-1.txt"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2005:009"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:arts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kdebase");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kdebase-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kdelibs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kdelibs-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kdelibs-sound");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kdelibs-sound-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2005/01/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2005/02/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/10");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(2\.1|3)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1 / 3.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2005:009";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"arts-2.2.2-15")) flag++;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"kdebase-2.2.2-15")) flag++;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"kdebase-devel-2.2.2-15")) flag++;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"kdelibs-2.2.2-15")) flag++;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"kdelibs-devel-2.2.2-15")) flag++;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"kdelibs-sound-2.2.2-15")) flag++;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"kdelibs-sound-devel-2.2.2-15")) flag++;

  if (rpm_check(release:"RHEL3", reference:"kdebase-3.1.3-5.8")) flag++;
  if (rpm_check(release:"RHEL3", reference:"kdebase-devel-3.1.3-5.8")) flag++;
  if (rpm_check(release:"RHEL3", reference:"kdelibs-3.1.3-6.9")) flag++;
  if (rpm_check(release:"RHEL3", reference:"kdelibs-devel-3.1.3-6.9")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "arts / kdebase / kdebase-devel / kdelibs / kdelibs-devel / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxartsp-cpe:/a:redhat:enterprise_linux:arts
redhatenterprise_linuxkdebasep-cpe:/a:redhat:enterprise_linux:kdebase
redhatenterprise_linuxkdebase-develp-cpe:/a:redhat:enterprise_linux:kdebase-devel
redhatenterprise_linuxkdelibsp-cpe:/a:redhat:enterprise_linux:kdelibs
redhatenterprise_linuxkdelibs-develp-cpe:/a:redhat:enterprise_linux:kdelibs-devel
redhatenterprise_linuxkdelibs-soundp-cpe:/a:redhat:enterprise_linux:kdelibs-sound
redhatenterprise_linuxkdelibs-sound-develp-cpe:/a:redhat:enterprise_linux:kdelibs-sound-devel
redhatenterprise_linux2.1cpe:/o:redhat:enterprise_linux:2.1
redhatenterprise_linux3cpe:/o:redhat:enterprise_linux:3

Related

redhat 2
osv 1
openvas 14
ubuntucve 2
nessus 14
cvelist 3
cve 3
freebsd 2
debian 4
gentoo 2
redhat
redhat
(RHSA-2005:009) kdelibs, kdebase security update
2005-02-10 00:00:00
(RHSA-2005:065) kdelibs security update
2005-02-15 00:00:00
osv
osv
kdelibs - unsanitised input
2005-01-10 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200501-18 (konqueror)
2008-09-24 00:00:00
FreeBSD Ports: ja-kdelibs, kdelibs
2008-09-04 00:00:00
Debian: Security Advisory (DSA-631-1)
2008-01-17 00:00:00
ubuntucve
ubuntucve
CVE-2004-1165
2005-01-10 00:00:00
CVE-2004-1158
2005-01-10 00:00:00
nessus
nessus
GLSA-200501-18 : KDE FTP KIOslave: Command injection
2005-02-14 00:00:00
Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:160)
2005-01-02 00:00:00
FreeBSD : kdelibs3 -- konqueror FTP command injection vulnerability (832e9d75-5bfc-11d9-a9e7-0001020eed82)
2005-07-13 00:00:00
cvelist
cvelist
CVE-2004-1165
2004-12-10 05:00:00
CVE-2004-1158
2004-12-10 05:00:00
CVE-2005-0078
2005-01-29 05:00:00
cve
cve
CVE-2004-1165
2005-01-10 05:00:00
CVE-2005-0078
2005-05-02 04:00:00
CVE-2004-1158
2005-01-10 05:00:00
freebsd
freebsd
kdelibs3 -- konqueror FTP command injection vulnerability
2004-12-01 00:00:00
web browsers -- window injection vulnerabilities
2004-12-08 00:00:00
debian
debian
[SECURITY] [DSA 631-1] New kdlibs packages fix arbitrary FTP command execution
2005-01-10 11:07:44
[SECURITY] [DSA 631-1] New kdlibs packages fix arbitrary FTP command execution
2005-01-10 00:00:00
[SECURITY] [DSA 660-1] New kdebase packages fix authentication bypass
2005-01-26 16:27:43
gentoo
gentoo
KDE FTP KIOslave: Command injection
2005-01-11 00:00:00
kdelibs, kdebase: Multiple vulnerabilities
2004-12-19 00:00:00
JSON
Related for REDHAT-RHSA-2005-009.NASL
redhat2osv1openvas14ubuntucve2nessus14cvelist3cve3freebsd2debian4gentoo2