Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20070904_AIDE_ON_SL5_X.NASL
HistoryAug 01, 2012 - 12:00 a.m.

Scientific Linux Security Update : aide on SL5.x i386/x86_64

2012-08-0100:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

24.9%

JSON

A flaw was discovered in the way file checksums were stored in the AIDE database. A packaging flaw in the Red Hat AIDE rpm resulted in the file database not containing any file checksum information. This could prevent AIDE from detecting certain file modifications.
(CVE-2007-3849)

This update also fixes the following bugs :

  • certain configurations could result in a segmentation fault upon initialization.

  • AIDE was unable to open its log file in the LSPP evaluated configuration.

  • if AIDE found SELinux context differences, the changed files report it generated only included the first 32 characters of the context.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(60244);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2007-3849");

  script_name(english:"Scientific Linux Security Update : aide on SL5.x i386/x86_64");
  script_summary(english:"Checks rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Scientific Linux host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A flaw was discovered in the way file checksums were stored in the
AIDE database. A packaging flaw in the Red Hat AIDE rpm resulted in
the file database not containing any file checksum information. This
could prevent AIDE from detecting certain file modifications.
(CVE-2007-3849)

This update also fixes the following bugs :

  - certain configurations could result in a segmentation
    fault upon initialization.

  - AIDE was unable to open its log file in the LSPP
    evaluated configuration.

  - if AIDE found SELinux context differences, the changed
    files report it generated only included the first 32
    characters of the context."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0709&L=scientific-linux-errata&T=0&P=80
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?dc939ce9"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected aide package.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:N");
  script_cwe_id(264);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/09/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL5", reference:"aide-0.13.1-2.0.4.el5")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
  else security_note(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
fermilabscientific_linuxx-cpe:/o:fermilab:scientific_linux

Related

openvas 1
cvelist 1
redhat 1
nessus 3
nvd 1
centos 1
veracode 1
prion 1
cve 1
oraclelinux 1
openvas
openvas
Oracle: Security Advisory (ELSA-2007-0539)
2015-10-08 00:00:00
cvelist
cvelist
CVE-2007-3849
2007-09-05 01:00:00
redhat
redhat
(RHSA-2007:0539) Moderate: aide security update
2007-09-04 00:00:00
nessus
nessus
CentOS 5 : aide (CESA-2007:0539)
2010-01-06 00:00:00
RHEL 5 : aide (RHSA-2007:0539)
2007-09-05 00:00:00
Oracle Linux 5 : aide (ELSA-2007-0539)
2013-07-12 00:00:00
nvd
nvd
CVE-2007-3849
2007-09-05 01:17:00
centos
centos
aide security update
2007-09-04 23:28:06
veracode
veracode
Authorization Bypass
2020-04-10 00:16:33
prion
prion
Design/Logic Flaw
2007-09-05 01:17:00
cve
cve
CVE-2007-3849
2007-09-05 01:17:00
oraclelinux
oraclelinux
Moderate: aide security update
2007-09-04 00:00:00

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

24.9%

JSON
Related for SL_20070904_AIDE_ON_SL5_X.NASL
openvas1cvelist1redhat1nessus3nvd1centos1veracode1prion1cve1oraclelinux1