SuSE9 Security Update : perl (YOU Patch Number 11964)

2009-09-24T00:00:00
ID SUSE9_11964.NASL
Type nessus
Reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
Modified 2020-10-02T00:00:00

Description

Specially crafted regular expressions could lead to a buffer overflow in perl's regular expressions engine. Scripts processing data from untrusted sources could therefore potentially be exploited by attackers to execute arbitrary code.

Depending on the purpose of the scripts, the vulnerability can be exploited remotely or locally.

The vulnerability has been tracked by CVE-2007-5116.

                                        
                                            #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

include("compat.inc");

if (description)
{
  script_id(41165);
  script_version("1.7");
  script_cvs_date("Date: 2019/10/25 13:36:29");

  script_cve_id("CVE-2007-5116");

  script_name(english:"SuSE9 Security Update : perl (YOU Patch Number 11964)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 9 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Specially crafted regular expressions could lead to a buffer overflow
in perl's regular expressions engine. Scripts processing data from
untrusted sources could therefore potentially be exploited by
attackers to execute arbitrary code.

Depending on the purpose of the scripts, the vulnerability can be
exploited remotely or locally.

The vulnerability has been tracked by CVE-2007-5116."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2007-5116.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply YOU patch number 11964.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/11/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SUSE9", reference:"perl-5.8.3-32.12")) flag++;
if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"perl-32bit-9-200711080056")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else exit(0, "The host is not affected.");