SuSE9 Security Update : nmap (YOU Patch Number 12009)
2010-02-18T00:00:00
ID SUSE9_12009.NASL Type nessus Reporter This script is Copyright (C) 2010-2021 Tenable Network Security, Inc. Modified 2021-01-14T00:00:00
Description
nmap contains a copy of the pcre library. Specially crafted regular expressions could lead to a buffer overflow in the pcre library.
Applications using pcre to process regular expressions from untrusted sources could therefore potentially be exploited by attackers to execute arbitrary code.
This update makes nmap use the system's pcre library which was already updated to fix the above mentioned problems. Make sure to also install the pcre update.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(44653);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_name(english:"SuSE9 Security Update : nmap (YOU Patch Number 12009)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote SuSE 9 host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"nmap contains a copy of the pcre library. Specially crafted regular
expressions could lead to a buffer overflow in the pcre library.
Applications using pcre to process regular expressions from untrusted
sources could therefore potentially be exploited by attackers to
execute arbitrary code.
This update makes nmap use the system's pcre library which was already
updated to fix the above mentioned problems. Make sure to also install
the pcre update."
);
script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12009.");
script_set_attribute(attribute:"risk_factor", value:"High");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
script_set_attribute(attribute:"patch_publication_date", value:"2007/12/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/18");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");
flag = 0;
if (rpm_check(release:"SUSE9", reference:"nmap-3.50-73.4")) flag++;
if (rpm_check(release:"SUSE9", reference:"nmap-gtk-3.50-73.4")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else exit(0, "The host is not affected.");
{"id": "SUSE9_12009.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "SuSE9 Security Update : nmap (YOU Patch Number 12009)", "description": "nmap contains a copy of the pcre library. Specially crafted regular expressions could lead to a buffer overflow in the pcre library.\nApplications using pcre to process regular expressions from untrusted sources could therefore potentially be exploited by attackers to execute arbitrary code.\n\nThis update makes nmap use the system's pcre library which was already updated to fix the above mentioned problems. Make sure to also install the pcre update.", "published": "2010-02-18T00:00:00", "modified": "2021-01-14T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/44653", "reporter": "This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2021-08-19T13:05:17", "viewCount": 3, "enchantments": {"dependencies": {}, "score": {"value": 0.3, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.3}, "pluginID": "44653", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44653);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_name(english:\"SuSE9 Security Update : nmap (YOU Patch Number 12009)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"nmap contains a copy of the pcre library. Specially crafted regular\nexpressions could lead to a buffer overflow in the pcre library.\nApplications using pcre to process regular expressions from untrusted\nsources could therefore potentially be exploited by attackers to\nexecute arbitrary code.\n\nThis update makes nmap use the system's pcre library which was already\nupdated to fix the above mentioned problems. Make sure to also install\nthe pcre update.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12009.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"nmap-3.50-73.4\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"nmap-gtk-3.50-73.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["cpe:/o:suse:suse_linux"], "solution": "Apply YOU patch number 12009.", "nessusSeverity": "High", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2007-12-11T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": [], "_state": {"dependencies": 1646954118}}
