Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2008-0581.NASL
HistoryJul 15, 2008 - 12:00 a.m.

RHEL 4 / 5 : bluez-libs and bluez-utils (RHSA-2008:0581)

2008-07-1500:00:00
This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.5%

JSON

Updated bluez-libs and bluez-utils packages that fix a security flaw are now available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

The bluez-libs package contains libraries for use in Bluetooth applications. The bluez-utils package contains Bluetooth daemons and utilities.

An input validation flaw was found in the Bluetooth Session Description Protocol (SDP) packet parser used by the Bluez Bluetooth utilities. A Bluetooth device with an already-established trust relationship, or a local user registering a service record via a UNIX® socket or D-Bus interface, could cause a crash, or possibly execute arbitrary code with privileges of the hcid daemon.
(CVE-2008-2374)

Users of bluez-libs and bluez-utils are advised to upgrade to these updated packages, which contains a backported patch to correct this issue.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2008:0581. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(33497);
  script_version("1.27");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2008-2374");
  script_bugtraq_id(30105);
  script_xref(name:"RHSA", value:"2008:0581");

  script_name(english:"RHEL 4 / 5 : bluez-libs and bluez-utils (RHSA-2008:0581)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated bluez-libs and bluez-utils packages that fix a security flaw
are now available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

The bluez-libs package contains libraries for use in Bluetooth
applications. The bluez-utils package contains Bluetooth daemons and
utilities.

An input validation flaw was found in the Bluetooth Session
Description Protocol (SDP) packet parser used by the Bluez Bluetooth
utilities. A Bluetooth device with an already-established trust
relationship, or a local user registering a service record via a
UNIX(r) socket or D-Bus interface, could cause a crash, or possibly
execute arbitrary code with privileges of the hcid daemon.
(CVE-2008-2374)

Users of bluez-libs and bluez-utils are advised to upgrade to these
updated packages, which contains a backported patch to correct this
issue."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2008-2374"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2008:0581"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(20);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bluez-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bluez-libs-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bluez-utils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bluez-utils-cups");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.2");

  script_set_attribute(attribute:"vuln_publication_date", value:"2008/07/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2008/07/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2008/07/15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x / 5.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2008:0581";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL4", cpu:"i386", reference:"bluez-libs-2.10-3")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"bluez-libs-2.10-3")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"i386", reference:"bluez-libs-devel-2.10-3")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"bluez-libs-devel-2.10-3")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"i386", reference:"bluez-utils-2.10-2.4")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"bluez-utils-2.10-2.4")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"i386", reference:"bluez-utils-cups-2.10-2.4")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"bluez-utils-cups-2.10-2.4")) flag++;


  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"bluez-libs-3.7-1.1")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"bluez-libs-3.7-1.1")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"bluez-libs-devel-3.7-1.1")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"bluez-libs-devel-3.7-1.1")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"bluez-utils-3.7-2.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"bluez-utils-3.7-2.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"bluez-utils-cups-3.7-2.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"bluez-utils-cups-3.7-2.2")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bluez-libs / bluez-libs-devel / bluez-utils / bluez-utils-cups");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxbluez-libsp-cpe:/a:redhat:enterprise_linux:bluez-libs
redhatenterprise_linuxbluez-libs-develp-cpe:/a:redhat:enterprise_linux:bluez-libs-devel
redhatenterprise_linuxbluez-utilsp-cpe:/a:redhat:enterprise_linux:bluez-utils
redhatenterprise_linuxbluez-utils-cupsp-cpe:/a:redhat:enterprise_linux:bluez-utils-cups
redhatenterprise_linux4cpe:/o:redhat:enterprise_linux:4
redhatenterprise_linux4.6cpe:/o:redhat:enterprise_linux:4.6
redhatenterprise_linux5cpe:/o:redhat:enterprise_linux:5
redhatenterprise_linux5.2cpe:/o:redhat:enterprise_linux:5.2

Related

openvas 14
ubuntucve 1
securityvulns 2
cvelist 1
nessus 10
gentoo 1
seebug 1
centos 1
fedora 4
prion 1
redhat 1
nvd 1
cve 1
oraclelinux 1
openvas
openvas
Fedora Update for bluez-libs FEDORA-2008-6140
2009-02-17 00:00:00
Fedora Update for bluez-utils FEDORA-2008-6140
2009-02-17 00:00:00
Fedora Update for bluez-libs FEDORA-2008-6133
2009-02-17 00:00:00
ubuntucve
ubuntucve
CVE-2008-2374
2008-07-07 00:00:00
securityvulns
securityvulns
[ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability
2008-07-18 00:00:00
bluez bluetooth stack memory corruption
2008-07-18 00:00:00
cvelist
cvelist
CVE-2008-2374
2008-07-07 23:00:00
nessus
nessus
openSUSE Security Update : bluez-audio (bluez-audio-100)
2009-07-21 00:00:00
Oracle Linux 4 / 5 : bluez-libs / bluez-utils (ELSA-2008-0581)
2013-07-12 00:00:00
Scientific Linux Security Update : bluez-libs and bluez-utils on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
gentoo
gentoo
BlueZ: Arbitrary code execution
2009-03-16 00:00:00
seebug
seebug
BlueZ SDP负载处理多个缓冲区溢出漏洞
2008-07-09 00:00:00
centos
centos
bluez security update
2008-07-14 16:47:36
fedora
fedora
[SECURITY] Fedora 9 Update: bluez-utils-3.35-3.fc9
2008-09-10 06:51:58
[SECURITY] Fedora 8 Update: bluez-libs-3.35-1.fc8
2008-10-16 02:10:09
[SECURITY] Fedora 9 Update: bluez-libs-3.35-1.fc9
2008-09-10 06:51:58
prion
prion
Memory corruption
2008-07-07 23:41:00
redhat
redhat
(RHSA-2008:0581) Moderate: bluez-libs and bluez-utils security update
2008-07-14 00:00:00
nvd
nvd
CVE-2008-2374
2008-07-07 23:41:00
cve
cve
CVE-2008-2374
2008-07-07 23:41:00
oraclelinux
oraclelinux
bluez-libs and bluez-utils security update
2008-07-14 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.5%

JSON
Related for REDHAT-RHSA-2008-0581.NASL
openvas14ubuntucve1securityvulns2cvelist1nessus10gentoo1seebug1centos1fedora4prion1redhat1nvd1cve1oraclelinux1