Lucene search
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20151119_FILE_ON_SL7_X.NASLHistoryDec 22, 2015 - 12:00 a.m.
Scientific Linux Security Update : file on SL7.x x86_64 (20151119)
2015-12-2200:00:00
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
Multiple denial of service flaws were found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. (CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3587)
Two flaws were found in the way file processed certain Pascal strings.
A remote attacker could cause file to crash if it was used to identify the type of the attacker-supplied file. (CVE-2014-3478, CVE-2014-9652)
Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538)
Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9653)
The file packages have been updated to ensure correct operation on Power little endian and ARM 64-bit hardware architectures.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(87555);
script_version("2.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2014-0207", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3538", "CVE-2014-3587", "CVE-2014-3710", "CVE-2014-8116", "CVE-2014-8117", "CVE-2014-9652", "CVE-2014-9653");
script_name(english:"Scientific Linux Security Update : file on SL7.x x86_64 (20151119)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Scientific Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Multiple denial of service flaws were found in the way file parsed
certain Composite Document Format (CDF) files. A remote attacker could
use either of these flaws to crash file, or an application using file,
via a specially crafted CDF file. (CVE-2014-0207, CVE-2014-0237,
CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487,
CVE-2014-3587)
Two flaws were found in the way file processed certain Pascal strings.
A remote attacker could cause file to crash if it was used to identify
the type of the attacker-supplied file. (CVE-2014-3478, CVE-2014-9652)
Multiple flaws were found in the file regular expression rules for
detecting various files. A remote attacker could use these flaws to
cause file to consume an excessive amount of CPU. (CVE-2014-3538)
Multiple flaws were found in the way file parsed Executable and
Linkable Format (ELF) files. A remote attacker could use these flaws
to cause file to crash, disclose portions of its memory, or consume an
excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116,
CVE-2014-8117, CVE-2014-9653)
The file packages have been updated to ensure correct operation on
Power little endian and ARM 64-bit hardware architectures."
);
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind1512&L=scientific-linux-errata&F=&S=&P=11400
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?682bffd8"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:file");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:file-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:file-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:file-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:file-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:python-magic");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/06/01");
script_set_attribute(attribute:"patch_publication_date", value:"2015/11/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/22");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Scientific Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
flag = 0;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"file-5.11-31.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"file-debuginfo-5.11-31.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"file-devel-5.11-31.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"file-libs-5.11-31.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"file-static-5.11-31.el7")) flag++;
if (rpm_check(release:"SL7", reference:"python-magic-5.11-31.el7")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "file / file-debuginfo / file-devel / file-libs / file-static / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fermilab | scientific_linux | file | p-cpe:/a:fermilab:scientific_linux:file |
| fermilab | scientific_linux | file-debuginfo | p-cpe:/a:fermilab:scientific_linux:file-debuginfo |
| fermilab | scientific_linux | file-devel | p-cpe:/a:fermilab:scientific_linux:file-devel |
| fermilab | scientific_linux | file-libs | p-cpe:/a:fermilab:scientific_linux:file-libs |
| fermilab | scientific_linux | file-static | p-cpe:/a:fermilab:scientific_linux:file-static |
| fermilab | scientific_linux | python-magic | p-cpe:/a:fermilab:scientific_linux:python-magic |
| fermilab | scientific_linux | x-cpe:/o:fermilab:scientific_linux |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653
www.nessus.org/u?682bffd8
Related
nessus
nessus
Oracle Linux 7 : file (ELSA-2015-2155)
2015-11-24 00:00:00
CentOS 7 : file (CESA-2015:2155)
2015-12-02 00:00:00
RHEL 7 : file (RHSA-2015:2155)
2015-11-20 00:00:00
oraclelinux
oraclelinux
file security and bug fix update
2015-11-23 00:00:00
file security, bug fix, and enhancement update
2016-05-12 00:00:00
php security update
2014-08-06 00:00:00
centos
centos
file, python security update
2015-11-30 19:28:42
file, python security update
2016-05-16 10:13:44
php security update
2014-08-06 14:38:20
ibm
ibm
Security Bulletin: Multiple vulnerabilities in file affect PowerKVM
2018-06-18 01:30:43
Security Bulletin: Multiple vulnerabilities in file affect IBM Security Network Protection
2018-06-16 21:43:49
Security Bulletin: File vulnerabilities affect IBM SmartClound Entry
2020-07-19 00:49:12
redhat
redhat
(RHSA-2015:2155) Moderate: file security and bug fix update
2015-11-19 14:41:30
(RHSA-2016:0760) Moderate: file security, bug fix, and enhancement update
2016-05-10 06:42:18
(RHSA-2014:1013) Moderate: php security update
2014-08-06 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2015-2155)
2015-11-24 00:00:00
RedHat Update for file RHSA-2015:2155-07
2015-11-20 00:00:00
Debian Security Advisory DSA 3021-1 (file - security update)
2014-09-09 00:00:00
osv
osv
file - security update
2014-09-09 00:00:00
file - security update
2014-07-31 00:00:00
php5 - security update
2015-01-31 00:00:00
debian
debian
[SECURITY] [DSA 3021-2] file regression update
2014-09-10 21:28:57
[SECURITY] [DSA 3021-1] file security update
2014-09-09 13:10:59
[DLA 27-1] file security update
2014-07-31 14:47:17
amazon
amazon
mageia
mageia
Updated file packages fix security vulnerabilities
2014-07-04 22:26:27
Updated php packages fix multiple vulnerabilities
2014-07-09 02:30:04
Updated file packages fix security vulnerabilities
2014-12-19 18:06:35
ubuntu
ubuntu
file vulnerabilities
2014-07-15 00:00:00
file vulnerabilities
2015-02-04 00:00:00
PHP vulnerabilities
2014-07-09 00:00:00
securityvulns
securityvulns
libmagic / file / fileinfo / PHP security vulnerabilities
2015-03-18 00:00:00
FreeBSD Security Advisory FreeBSD-SA-14:28.file
2014-12-10 00:00:00
PHP/fileinfo/file DoS
2014-06-14 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:28.file
2014-12-10 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: file-5.19-1.fc20
2014-07-05 14:54:09
[SECURITY] Fedora 20 Update: php-5.5.14-1.fc20
2014-06-30 10:25:38
[SECURITY] Fedora 21 Update: file-5.22-2.fc21
2015-02-18 05:55:37
freebsd
freebsd
file -- multiple vulnerabilities
2014-12-16 00:00:00
f5
f5
K15498 : Multiple PHP vulnerabilities
2014-08-12 00:00:00
SOL15498 - Multiple PHP vulnerabilities
2014-08-12 00:00:00
K16347 : Linux file utility vulnerabilities CVE-2014-8116 and CVE-2014-8117
2015-07-22 00:00:00
slackware
slackware
[slackware-security] php
2014-07-12 03:48:04
[slackware-security] php
2014-06-09 21:04:52
gentoo
gentoo
file: Multiple vulnerabilities
2017-01-17 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:16
Related for SL_20151119_FILE_ON_SL7_X.NASL