Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2014-1391.NASL
HistoryOct 14, 2014 - 12:00 a.m.

RHEL 6 : glibc (RHSA-2014:1391)

2014-10-1400:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24
JSON

Updated glibc packages that fix two security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

An out-of-bounds write flaw was found in the way the glibc’s readdir_r() function handled file system entries longer than the NAME_MAX character constant. A remote attacker could provide a specially crafted NTFS or CIFS file system that, when processed by an application using readdir_r(), would cause that application to crash or, potentially, allow the attacker to execute arbitrary code with the privileges of the user running the application. (CVE-2013-4237)

It was found that getaddrinfo() did not limit the amount of stack memory used during name resolution. An attacker able to make an application resolve an attacker-controlled hostname or IP address could possibly cause the application to exhaust all stack memory and crash. (CVE-2013-4458)

These updated glibc packages also include several bug fixes and two enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes.

All glibc users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2014:1391. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(78408);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2013-4237", "CVE-2013-4458");
  script_bugtraq_id(61729, 63299);
  script_xref(name:"RHSA", value:"2014:1391");

  script_name(english:"RHEL 6 : glibc (RHSA-2014:1391)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated glibc packages that fix two security issues, several bugs, and
add two enhancements are now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having Moderate
security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

The glibc packages provide the standard C libraries (libc), POSIX
thread libraries (libpthread), standard math libraries (libm), and the
Name Server Caching Daemon (nscd) used by multiple programs on the
system. Without these libraries, the Linux system cannot function
correctly.

An out-of-bounds write flaw was found in the way the glibc's
readdir_r() function handled file system entries longer than the
NAME_MAX character constant. A remote attacker could provide a
specially crafted NTFS or CIFS file system that, when processed by an
application using readdir_r(), would cause that application to crash
or, potentially, allow the attacker to execute arbitrary code with the
privileges of the user running the application. (CVE-2013-4237)

It was found that getaddrinfo() did not limit the amount of stack
memory used during name resolution. An attacker able to make an
application resolve an attacker-controlled hostname or IP address
could possibly cause the application to exhaust all stack memory and
crash. (CVE-2013-4458)

These updated glibc packages also include several bug fixes and two
enhancements. Space precludes documenting all of these changes in this
advisory. Users are directed to the Red Hat Enterprise Linux 6.6
Technical Notes, linked to in the References section, for information
on the most significant of these changes.

All glibc users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues and add these
enhancements."
  );
  # https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?b5caa05f"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2014:1391"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2013-4237"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2013-4458"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-static");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-utils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nscd");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/10/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/10/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/14");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2014:1391";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL6", reference:"glibc-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"i686", reference:"glibc-common-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"glibc-common-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glibc-common-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", reference:"glibc-debuginfo-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", reference:"glibc-debuginfo-common-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", reference:"glibc-devel-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"i686", reference:"glibc-headers-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"glibc-headers-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glibc-headers-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", reference:"glibc-static-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"i686", reference:"glibc-utils-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"glibc-utils-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glibc-utils-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"i686", reference:"nscd-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"nscd-2.12-1.149.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"nscd-2.12-1.149.el6")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxglibcp-cpe:/a:redhat:enterprise_linux:glibc
redhatenterprise_linuxglibc-commonp-cpe:/a:redhat:enterprise_linux:glibc-common
redhatenterprise_linuxglibc-debuginfop-cpe:/a:redhat:enterprise_linux:glibc-debuginfo
redhatenterprise_linuxglibc-debuginfo-commonp-cpe:/a:redhat:enterprise_linux:glibc-debuginfo-common
redhatenterprise_linuxglibc-develp-cpe:/a:redhat:enterprise_linux:glibc-devel
redhatenterprise_linuxglibc-headersp-cpe:/a:redhat:enterprise_linux:glibc-headers
redhatenterprise_linuxglibc-staticp-cpe:/a:redhat:enterprise_linux:glibc-static
redhatenterprise_linuxglibc-utilsp-cpe:/a:redhat:enterprise_linux:glibc-utils
redhatenterprise_linuxnscdp-cpe:/a:redhat:enterprise_linux:nscd
redhatenterprise_linux6cpe:/o:redhat:enterprise_linux:6

Related

nessus 29
redhat 1
openvas 34
centos 1
oraclelinux 1
ubuntucve 3
debiancve 3
prion 3
cve 3
altlinux 3
android 1
f5 4
mageia 2
slackware 1
suse 4
ubuntu 4
osv 2
debian 2
fedora 4
securityvulns 2
gentoo 1
nessus
nessus
Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20141014)
2014-11-04 00:00:00
CentOS 6 : glibc (CESA-2014:1391)
2014-11-12 00:00:00
Oracle Linux 6 : glibc (ELSA-2014-1391)
2014-10-17 00:00:00
redhat
redhat
(RHSA-2014:1391) Moderate: glibc security, bug fix, and enhancement update
2014-10-14 00:00:00
openvas
openvas
RedHat Update for glibc RHSA-2014:1391-02
2014-10-15 00:00:00
Oracle: Security Advisory (ELSA-2014-1391)
2015-10-06 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0760-1)
2021-06-09 00:00:00
centos
centos
glibc, nscd security update
2014-10-20 18:08:56
oraclelinux
oraclelinux
glibc security, bug fix, and enhancement update
2014-10-15 00:00:00
ubuntucve
ubuntucve
CVE-2013-4237
2013-10-09 00:00:00
CVE-2016-3706
2016-06-10 00:00:00
CVE-2013-4458
2013-12-12 00:00:00
debiancve
debiancve
CVE-2013-4237
2013-10-09 22:55:00
CVE-2013-4458
2013-12-12 18:55:00
CVE-2016-3706
2016-06-10 15:59:00
prion
prion
Out-of-bounds
2013-10-09 22:55:00
Stack overflow
2013-12-12 18:55:00
Stack overflow
2016-06-10 15:59:00
cve
cve
CVE-2013-4237
2013-10-09 22:55:00
CVE-2013-4458
2013-12-12 18:55:00
CVE-2016-3706
2016-06-10 15:59:00
altlinux
altlinux
Security fix for the ALT Linux 9 package glibc version 6:2.17-alt6
2014-01-11 00:00:00
Security fix for the ALT Linux 7 package glibc version 6:2.17-alt6
2014-01-11 00:00:00
Security fix for the ALT Linux 6 package glibc version 6:2.11.3-alt8.M60P.3
2015-12-23 00:00:00
android
android
CVE-2016-3706
2017-12-01 00:00:00
f5
f5
K06493172 : glibc vulnerability CVE-2016-3706
2016-08-05 00:00:00
SOL06493172 - glibc vulnerability CVE-2016-3706
2016-08-05 00:00:00
SOL15640 - GNU C Library (glibc) vulnerabilities CVE-2014-0475, CVE-2014-5119, CVE-2013-4458
2014-10-02 00:00:00
mageia
mageia
Updated glibc package fixes security vulnerabilities
2013-11-22 22:44:49
Updated glibc packages fix security vulnerabilities
2016-05-24 01:00:58
slackware
slackware
[slackware-security] glibc
2014-10-24 05:36:04
suse
suse
Security update for glibc (important)
2014-09-12 02:04:23
Security update for glibc (important)
2014-09-12 06:04:16
Security update for glibc (important)
2014-09-15 19:04:18
ubuntu
ubuntu
GNU C Library vulnerabilities
2014-08-04 00:00:00
GNU C Library regression
2014-09-08 00:00:00
GNU C Library regression
2014-08-05 00:00:00
osv
osv
eglibc - security update
2016-05-30 00:00:00
eglibc - security update
2015-03-06 00:00:00
debian
debian
[SECURITY] [DLA 494-1] eglibc security update
2016-05-30 04:25:11
[SECURITY] [DLA 165-1] eglibc security update
2015-03-06 15:40:37
fedora
fedora
[SECURITY] Fedora 19 Update: glibc-2.17-14.fc19
2013-08-27 23:29:45
[SECURITY] Fedora 19 Update: glibc-2.17-13.fc19
2013-08-22 00:50:09
[SECURITY] Fedora 19 Update: glibc-2.17-18.fc19
2013-09-28 00:07:09
securityvulns
securityvulns
glibc security vulnerabilities
2013-12-01 00:00:00
[ MDVSA-2013:284 ] glibc
2013-12-01 00:00:00
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2015-03-08 00:00:00
JSON
Related for REDHAT-RHSA-2014-1391.NASL
nessus29redhat1openvas34centos1oraclelinux1ubuntucve3debiancve3prion3cve3altlinux3android1f54mageia2slackware1suse4ubuntu4osv2debian2fedora4securityvulns2gentoo1