Lucene search
K

openSUSE Security Update : bogofilter (openSUSE-SU-2010:0439-1)

🗓️ 27 Jul 2010 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 20 Views

openSUSE Security Update: bogofilter (openSUSE-SU-2010:0439-1) fixes a heap based buffer underflow vulnerabilit

Related
Refs
Code
ReporterTitlePublishedViews
Family
FreeBSD
bogofilter -- heap underrun on malformed base64 input
28 Jun 201000:00
freebsd
CVE
CVE-2010-2494
8 Jul 201018:00
cve
Cvelist
CVE-2010-2494
8 Jul 201018:00
cvelist
Debian CVE
CVE-2010-2494
8 Jul 201018:00
debiancve
EUVD
EUVD-2010-2498
7 Oct 202500:30
euvd
Fedora
[SECURITY] Fedora 14 Update: bogofilter-1.2.2-1.fc14
26 Aug 201003:26
fedora
Fedora
[SECURITY] Fedora 13 Update: bogofilter-1.2.2-1.fc13
30 Aug 201018:21
fedora
Fedora
[SECURITY] Fedora 12 Update: bogofilter-1.2.2-1.fc12
30 Aug 201018:29
fedora
Tenable Nessus
Fedora 14 : bogofilter-1.2.2-1.fc14 (2010-12959)
26 Aug 201000:00
nessus
Tenable Nessus
Fedora 13 : bogofilter-1.2.2-1.fc13 (2010-13139)
31 Aug 201000:00
nessus
Rows per page
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update bogofilter-2668.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(47852);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2010-2494");

  script_name(english:"openSUSE Security Update : bogofilter (openSUSE-SU-2010:0439-1)");
  script_summary(english:"Check for the bogofilter-2668 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update of bogofilter/bogolexer fixes a heap based buffer
underflow vulnerability which could be exploited to cause a denial of
service or potentially execute arbitrary code (CVE-2010-2494)."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=619847"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2010-07/msg00048.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected bogofilter package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bogofilter");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/07/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/27");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE11.1", reference:"bogofilter-1.1.1-174.18.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bogofilter");
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

14 Jan 2021 00:00Current
5.9Medium risk
Vulners AI Score5.9
CVSS 25
EPSS0.03441
20