Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20130221_389_DS_BASE_ON_SL6_X.NASL
HistoryMar 01, 2013 - 12:00 a.m.

Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20130221)

2013-03-0100:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.7%

JSON

A flaw was found in the way 389 Directory Server enforced ACLs after performing an LDAP modify relative distinguished name (modrdn) operation. After modrdn was used to move part of a tree, the ACLs defined on the moved (Distinguished Name) were not properly enforced until the server was restarted. This could allow LDAP users to access information that should be restricted by the defined ACLs.
(CVE-2012-4450)

After installing this update, the 389 server service will be restarted automatically.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(64946);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2012-4450");

  script_name(english:"Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20130221)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A flaw was found in the way 389 Directory Server enforced ACLs after
performing an LDAP modify relative distinguished name (modrdn)
operation. After modrdn was used to move part of a tree, the ACLs
defined on the moved (Distinguished Name) were not properly enforced
until the server was restarted. This could allow LDAP users to access
information that should be restricted by the defined ACLs.
(CVE-2012-4450)

After installing this update, the 389 server service will be restarted
automatically."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1302&L=scientific-linux-errata&T=0&P=4911
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?52f2ecae"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:389-ds-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:389-ds-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:389-ds-base-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:389-ds-base-libs");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/02/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/01");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL6", reference:"389-ds-base-1.2.11.15-11.el6")) flag++;
if (rpm_check(release:"SL6", reference:"389-ds-base-debuginfo-1.2.11.15-11.el6")) flag++;
if (rpm_check(release:"SL6", reference:"389-ds-base-devel-1.2.11.15-11.el6")) flag++;
if (rpm_check(release:"SL6", reference:"389-ds-base-libs-1.2.11.15-11.el6")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "389-ds-base / 389-ds-base-debuginfo / 389-ds-base-devel / etc");
}
VendorProductVersionCPE
fermilabscientific_linux389-ds-basep-cpe:/a:fermilab:scientific_linux:389-ds-base
fermilabscientific_linux389-ds-base-debuginfop-cpe:/a:fermilab:scientific_linux:389-ds-base-debuginfo
fermilabscientific_linux389-ds-base-develp-cpe:/a:fermilab:scientific_linux:389-ds-base-devel
fermilabscientific_linux389-ds-base-libsp-cpe:/a:fermilab:scientific_linux:389-ds-base-libs
fermilabscientific_linuxx-cpe:/o:fermilab:scientific_linux

Related

veracode 1
redhat 1
openvas 7
nessus 4
debiancve 1
prion 1
cvelist 1
oraclelinux 1
centos 1
cve 1
fedora 1
nvd 1
ubuntucve 1
veracode
veracode
Authorization Bypass
2019-01-15 08:57:08
redhat
redhat
(RHSA-2013:0503) Moderate: 389-ds-base security, bug fix, and enhancement update
2013-02-21 00:00:00
openvas
openvas
CentOS Update for 389-ds-base CESA-2013:0503 centos6
2013-03-12 00:00:00
RedHat Update for 389-ds-base RHSA-2013:0503-03
2013-02-22 00:00:00
Oracle: Security Advisory (ELSA-2013-0503)
2015-10-06 00:00:00
nessus
nessus
Fedora 16 : 389-ds-base-1.2.10.24-1.fc16 (2012-20156)
2013-01-15 00:00:00
CentOS 6 : 389-ds-base (CESA-2013:0503)
2013-03-10 00:00:00
RHEL 6 : 389-ds-base (RHSA-2013:0503)
2013-02-21 00:00:00
debiancve
debiancve
CVE-2012-4450
2012-10-01 03:26:16
prion
prion
Code injection
2012-10-01 03:26:00
cvelist
cvelist
CVE-2012-4450
2012-10-01 01:00:00
oraclelinux
oraclelinux
389-ds-base security, bug fix, and enhancement update
2013-02-22 00:00:00
centos
centos
389 security update
2013-02-27 19:33:51
cve
cve
CVE-2012-4450
2012-10-01 03:26:16
fedora
fedora
[SECURITY] Fedora 16 Update: 389-ds-base-1.2.10.24-1.fc16
2013-01-15 02:26:45
nvd
nvd
CVE-2012-4450
2012-10-01 03:26:16
ubuntucve
ubuntucve
CVE-2012-4450
2012-10-01 00:00:00

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.7%

JSON
Related for SL_20130221_389_DS_BASE_ON_SL6_X.NASL
veracode1redhat1openvas7nessus4debiancve1prion1cvelist1oraclelinux1centos1cve1fedora1nvd1ubuntucve1