Scientific Linux Security Update : coreutils on SL6.x i386/x86_64 (20131121)

2013-12-1000:00:00

www.tenable.com

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.026 Low

EPSS

Percentile

90.3%

JSON

It was discovered that the sort, uniq, and join utilities did not properly restrict the use of the alloca() function. An attacker could use this flaw to crash those utilities by providing long input strings. (CVE-2013-0221, CVE-2013-0222, CVE-2013-0223)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(71296);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2013-0221", "CVE-2013-0222", "CVE-2013-0223");

  script_name(english:"Scientific Linux Security Update : coreutils on SL6.x i386/x86_64 (20131121)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"It was discovered that the sort, uniq, and join utilities did not
properly restrict the use of the alloca() function. An attacker could
use this flaw to crash those utilities by providing long input
strings. (CVE-2013-0221, CVE-2013-0222, CVE-2013-0223)"
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1312&L=scientific-linux-errata&T=0&P=2698
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?e76295f7"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Update the affected coreutils, coreutils-debuginfo and / or
coreutils-libs packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:coreutils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:coreutils-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:coreutils-libs");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/11/23");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/11/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/10");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL6", reference:"coreutils-8.4-31.el6")) flag++;
if (rpm_check(release:"SL6", reference:"coreutils-debuginfo-8.4-31.el6")) flag++;
if (rpm_check(release:"SL6", reference:"coreutils-libs-8.4-31.el6")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "coreutils / coreutils-debuginfo / coreutils-libs");
}

VendorProductVersionCPE
fermilabscientific_linuxcoreutilsp-cpe:/a:fermilab:scientific_linux:coreutils
fermilabscientific_linuxcoreutils-debuginfop-cpe:/a:fermilab:scientific_linux:coreutils-debuginfo
fermilabscientific_linuxcoreutils-libsp-cpe:/a:fermilab:scientific_linux:coreutils-libs
fermilabscientific_linuxx-cpe:/o:fermilab:scientific_linux

Vendor	Product	Version	CPE
fermilab	scientific_linux	coreutils	p-cpe:/a:fermilab:scientific_linux:coreutils
fermilab	scientific_linux	coreutils-debuginfo	p-cpe:/a:fermilab:scientific_linux:coreutils-debuginfo
fermilab	scientific_linux	coreutils-libs	p-cpe:/a:fermilab:scientific_linux:coreutils-libs
fermilab	scientific_linux		x-cpe:/o:fermilab:scientific_linux