Lucene search
This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.SOLARIS11_ICU_20140819.NASLHistoryJan 19, 2015 - 12:00 a.m.
Oracle Solaris Third-Party Patch Update : icu (cve_2013_0900_race_conditions)
2015-01-1900:00:00
This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.
www.tenable.com
14
The remote Solaris system is missing necessary patches to address security updates :
- Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. (CVE-2013-0900)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Oracle Third Party software advisories.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(80642);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2013-0900");
script_name(english:"Oracle Solaris Third-Party Patch Update : icu (cve_2013_0900_race_conditions)");
script_summary(english:"Check for the 'entire' version.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Solaris system is missing a security patch for third-party
software."
);
script_set_attribute(
attribute:"description",
value:
"The remote Solaris system is missing necessary patches to address
security updates :
- Race condition in the International Components for
Unicode (ICU) functionality in Google Chrome before
25.0.1364.97 on Windows and Linux, and before
25.0.1364.99 on Mac OS X, allows remote attackers to
cause a denial of service or possibly have unspecified
other impact via unknown vectors. (CVE-2013-0900)"
);
# https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?4a913f44"
);
# https://blogs.oracle.com/sunsecurity/cve-2013-0900-race-conditions-vulnerability-in-icu
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?794a39d3"
);
script_set_attribute(attribute:"solution", value:"Upgrade to Solaris 11.1.16.5.0.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:11.1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:icu");
script_set_attribute(attribute:"patch_publication_date", value:"2014/08/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/19");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_family(english:"Solaris Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release", "Host/Solaris11/pkg-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("solaris.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Solaris11/release");
if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11");
pkg_list = solaris_pkg_list_leaves();
if (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, "Solaris pkg-list packages");
if (empty_or_null(egrep(string:pkg_list, pattern:"^icu$"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "icu");
flag = 0;
if (solaris_check_release(release:"0.5.11-0.175.1.16.0.5.0", sru:"SRU 11.1.16.5.0") > 0) flag++;
if (flag)
{
error_extra = 'Affected package : icu\n' + solaris_get_report2();
error_extra = ereg_replace(pattern:"version", replace:"OS version", string:error_extra);
if (report_verbosity > 0) security_warning(port:0, extra:error_extra);
else security_warning(0);
exit(0);
}
else audit(AUDIT_PACKAGE_NOT_AFFECTED, "icu");
Related
fedora
fedora
[SECURITY] Fedora 17 Update: icu-4.8.1.1-5.fc17
2013-03-16 01:34:34
[SECURITY] Fedora 18 Update: icu-49.1.1-8.fc18
2013-03-17 01:01:49
[SECURITY] Fedora 18 Update: icu-49.1.1-12.fc18
2013-10-26 00:57:03
openvas
openvas
Fedora Update for icu FEDORA-2013-3538
2013-03-19 00:00:00
Fedora Update for icu FEDORA-2013-3538
2013-03-19 00:00:00
Fedora Update for icu FEDORA-2013-3546
2013-03-19 00:00:00
cvelist
cvelist
CVE-2013-0900
2013-02-23 21:00:00
prion
prion
Race condition
2013-02-23 21:55:00
nessus
nessus
Fedora 18 : icu-49.1.1-8.fc18 (2013-3546)
2013-03-17 00:00:00
Fedora 17 : icu-4.8.1.1-5.fc17 (2013-3538)
2013-03-17 00:00:00
GLSA-201402-14 : International Components for Unicode: Denial of Service
2014-02-11 00:00:00
jvn
jvn
ubuntucve
ubuntucve
CVE-2013-0900
2013-02-23 00:00:00
cve
cve
CVE-2013-0900
2013-02-23 21:55:00
debiancve
debiancve
CVE-2013-0900
2013-02-23 21:55:00
debian
debian
[SECURITY] [DSA 2786-1] icu security update
2013-10-27 21:12:42
[SECURITY] [DSA 2786-1] icu security update
2013-10-27 21:13:17
securityvulns
securityvulns
[ MDVSA-2013:258 ] icu
2013-11-05 00:00:00
Google ICU security vulnerabilities
2013-11-05 00:00:00
ubuntu
ubuntu
ICU vulnerabilities
2013-10-15 00:00:00
gentoo
gentoo
International Components for Unicode: Denial of service
2014-02-10 00:00:00
Chromium, V8: Multiple vulnerabilities
2013-09-24 00:00:00
mageia
mageia
Updated icu packages fix multiple security vulnerbilities
2013-10-26 00:57:48
osv
osv
icu - several
2013-10-27 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2013-02-21 00:00:00
threatpost
threatpost
Chrome 25 Fixes Nine High-Risk Vulnerabilities
2013-02-22 15:20:19
chrome
chrome
Stable Channel Update
2013-02-21 00:00:00
Related for SOLARIS11_ICU_20140819.NASL