Several security issues were fixed :
Integer overflow causing arbitrary code execution in ld.so --verify mode could be induced by a specially crafted binary. (CVE-2010-0830)
The addmntent() function would not escape the newline character properly, allowing the user to insert arbitrary newlines to the /etc/mtab; if the addmntent() is run by a setuid mount binary that does not do extra input checking, this would allow custom entries to be inserted in /etc/mtab. (CVE-2010-0296)
The strfmon() function contains an integer overflow vulnerability in width specifiers handling that could be triggered by an attacker that can control the format string passed to strfmon(). (CVE-2008-1391)
Also one non-security issue was fixed: - nscd in the paranoia mode would crash on the periodic restart in case one of the databases was disabled in the nscd configuration.
In addition, the timezone information was updated to the level of 2010l, including the following changes :
Africa/Cairo (Egypt) and Asia/Gaza (Palestine) do not use daylight saving during the month of Ramadan in order to prevent Muslims from fasting one hour longer.
http://www.timeanddate.com/news/time/egypt-ends-dst-2010 .html http://www.timeanddate.com/news/time/westbank-gaza-end-d st-2010.html
Africa/Casablanca (Marocco) has spent the period from May 2 to Aug 8 using daylight saving. Marocco adopted regular daylight saving, but the start and end dates vary every year.
http://www.timeanddate.com/news/time/morocco-starts-dst- 2010.html
America/Argentina/San_Luis (Argentina region) local government did not terminate its DST period as planned and instead decided to extend its use of the UTC-3 time indefinitely.
http://www.worldtimezone.com/dst_news/dst_news_argentina 08.html
New zones :
Historical changes :
Asia/Taipei information on DST usage listed 1980 as one year using DST, which should read 1979 instead according to government resources.
Europe/Helsinki, before switching to Central European standard DST in 1983, trialled DST for two years.
However, the database omitted to specify that in these trials of 1981 and 1982, switches have been made one hour earlier than in 1983.
Spelling changes in Micronesia: - Pacific/Truk has been renamed to Pacific/Chuuk in 1989. - Pacific/Ponape has been renamed to Pacific/Pohnpei in 1984.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#
if (NASL_LEVEL < 3000) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(49758);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2008-1391", "CVE-2010-0296", "CVE-2010-0830");
script_name(english:"SuSE9 Security Update : glibc (YOU Patch Number 12641)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote SuSE 9 host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"Several security issues were fixed :
- Integer overflow causing arbitrary code execution in
ld.so --verify mode could be induced by a specially
crafted binary. (CVE-2010-0830)
- The addmntent() function would not escape the newline
character properly, allowing the user to insert
arbitrary newlines to the /etc/mtab; if the addmntent()
is run by a setuid mount binary that does not do extra
input checking, this would allow custom entries to be
inserted in /etc/mtab. (CVE-2010-0296)
- The strfmon() function contains an integer overflow
vulnerability in width specifiers handling that could be
triggered by an attacker that can control the format
string passed to strfmon(). (CVE-2008-1391)
Also one non-security issue was fixed: - nscd in the paranoia mode
would crash on the periodic restart in case one of the databases was
disabled in the nscd configuration.
In addition, the timezone information was updated to the level of
2010l, including the following changes :
- Africa/Cairo (Egypt) and Asia/Gaza (Palestine) do not
use daylight saving during the month of Ramadan in order
to prevent Muslims from fasting one hour longer.
http://www.timeanddate.com/news/time/egypt-ends-dst-2010
.html
http://www.timeanddate.com/news/time/westbank-gaza-end-d
st-2010.html
- Africa/Casablanca (Marocco) has spent the period from
May 2 to Aug 8 using daylight saving. Marocco adopted
regular daylight saving, but the start and end dates
vary every year.
http://www.timeanddate.com/news/time/morocco-starts-dst-
2010.html
- America/Argentina/San_Luis (Argentina region) local
government did not terminate its DST period as planned
and instead decided to extend its use of the UTC-3 time
indefinitely.
http://www.worldtimezone.com/dst_news/dst_news_argentina
08.html
New zones :
- America/Bahia_Banderas (Mexican state of Nayarit) has
declared that it is to follow the UCT-6 time instead of
UCT-7, with the aim to have the same time as the nearby
city of Puerto Vallarta.
http://www.worldtimezone.com/dst_news/dst_news_mexico08.
html
Historical changes :
- Asia/Taipei information on DST usage listed 1980 as one
year using DST, which should read 1979 instead according
to government resources.
- Europe/Helsinki, before switching to Central European
standard DST in 1983, trialled DST for two years.
However, the database omitted to specify that in these
trials of 1981 and 1982, switches have been made one
hour earlier than in 1983.
Spelling changes in Micronesia: - Pacific/Truk has been renamed to
Pacific/Chuuk in 1989. - Pacific/Ponape has been renamed to
Pacific/Pohnpei in 1984."
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2008-1391.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2010-0296.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2010-0830.html"
);
script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12641.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_cwe_id(189);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
script_set_attribute(attribute:"patch_publication_date", value:"2010/08/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/10/06");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");
flag = 0;
if (rpm_check(release:"SUSE9", reference:"glibc-2.3.3-98.114")) flag++;
if (rpm_check(release:"SUSE9", reference:"glibc-devel-2.3.3-98.114")) flag++;
if (rpm_check(release:"SUSE9", reference:"glibc-html-2.3.3-98.114")) flag++;
if (rpm_check(release:"SUSE9", reference:"glibc-i18ndata-2.3.3-98.114")) flag++;
if (rpm_check(release:"SUSE9", reference:"glibc-info-2.3.3-98.114")) flag++;
if (rpm_check(release:"SUSE9", reference:"glibc-locale-2.3.3-98.114")) flag++;
if (rpm_check(release:"SUSE9", reference:"glibc-profile-2.3.3-98.114")) flag++;
if (rpm_check(release:"SUSE9", reference:"nscd-2.3.3-98.114")) flag++;
if (rpm_check(release:"SUSE9", reference:"timezone-2.3.3-98.114")) flag++;
if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"glibc-32bit-9-201008251911")) flag++;
if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"glibc-devel-32bit-9-201008251304")) flag++;
if (rpm_check(release:"SUSE9", cpu:"x86_64", reference:"glibc-locale-32bit-9-201008251304")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else exit(0, "The host is not affected.");
Vendor | Product | Version | CPE |
---|---|---|---|
suse | suse_linux | cpe:/o:suse:suse_linux |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1391
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0296
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0830
support.novell.com/security/cve/CVE-2008-1391.html
support.novell.com/security/cve/CVE-2010-0296.html
support.novell.com/security/cve/CVE-2010-0830.html