Slackware 8.1 / 9.0 / current : New OpenSSH packages (SSA:2003-266-01)

2005-07-1300:00:00

www.tenable.com

Upgraded OpenSSH 3.7.1p2 packages are available for Slackware 8.1, 9.0 and -current. This fixes security problems with PAM authentication. It also includes several code cleanups from Solar Designer. Slackware is not vulnerable to the PAM problem, and it is not believed that any of the other code cleanups fix exploitable security problems, not nevertheless sites may wish to upgrade. These are some of the more interesting entries from OpenSSH’s ChangeLog so you can be the judge: [buffer.c] protect against double free; #660;
zardoz at users.sf.net - [email protected] 2003/09/18 08:49:45 [deattack.c misc.c session.c ssh-agent.c] more buffer allocation fixes; from Solar Designer; CAN-2003-0682; ok millert@ - (djm) Bug #676: Fix PAM stack corruption - (djm) Fix bad free() in PAM code

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Slackware Security Advisory 2003-266-01. The text 
# itself is copyright (C) Slackware Linux, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(18728);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_xref(name:"SSA", value:"2003-266-01");

  script_name(english:"Slackware 8.1 / 9.0 / current : New OpenSSH packages (SSA:2003-266-01)");
  script_summary(english:"Checks for updated package in /var/log/packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Slackware host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Upgraded OpenSSH 3.7.1p2 packages are available for Slackware 8.1,
9.0 and -current. This fixes security problems with PAM
authentication. It also includes several code cleanups from Solar
Designer. Slackware is not vulnerable to the PAM problem, and it is
not believed that any of the other code cleanups fix exploitable
security problems, not nevertheless sites may wish to upgrade. These
are some of the more interesting entries from OpenSSH's ChangeLog so
you can be the judge: [buffer.c] protect against double free; #660;
zardoz at users.sf.net - [email protected] 2003/09/18 08:49:45
[deattack.c misc.c session.c ssh-agent.c] more buffer allocation
fixes; from Solar Designer; CAN-2003-0682; ok millert@ - (djm) Bug
#676: Fix PAM stack corruption - (djm) Fix bad free() in PAM code"
  );
  # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.373294
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?d0bae0a9"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected openssh package."
  );
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:openssh");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:8.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:9.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2003/09/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2005/07/13");
  script_set_attribute(attribute:"vuln_publication_date", value:"2003/09/16");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.");
  script_family(english:"Slackware Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("slackware.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);


flag = 0;
if (slackware_check(osver:"8.1", pkgname:"openssh", pkgver:"3.7.1p2", pkgarch:"i386", pkgnum:"1")) flag++;

if (slackware_check(osver:"9.0", pkgname:"openssh", pkgver:"3.7.1p2", pkgarch:"i386", pkgnum:"1")) flag++;

if (slackware_check(osver:"current", pkgname:"openssh", pkgver:"3.7.1p2", pkgarch:"i486", pkgnum:"1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

VendorProductVersionCPE
slackwareslackware_linuxopensshp-cpe:/a:slackware:slackware_linux:openssh
slackwareslackware_linuxcpe:/o:slackware:slackware_linux
slackwareslackware_linux8.1cpe:/o:slackware:slackware_linux:8.1
slackwareslackware_linux9.0cpe:/o:slackware:slackware_linux:9.0

Vendor	Product	Version	CPE
slackware	slackware_linux	openssh	p-cpe:/a:slackware:slackware_linux:openssh
slackware	slackware_linux		cpe:/o:slackware:slackware_linux
slackware	slackware_linux	8.1	cpe:/o:slackware:slackware_linux:8.1
slackware	slackware_linux	9.0	cpe:/o:slackware:slackware_linux:9.0

References

www.nessus.org/u?d0bae0a9

JSON

Related for SLACKWARE_SSA_2003-266-01.NASL