SuSE 11.1 Security Update : libcgroup (SAT Patch Number 4081)
2011-04-11T00:00:00
ID SUSE_11_LIBCGROUP-DEVEL-110303.NASL Type nessus Reporter Tenable Modified 2013-10-25T00:00:00
Description
The following bugs have been fixed :
libcgroup suffered from a heap-based buffer overflow.
(CVE-2011-1006)
The cgrulesengd daemon did not verify the origin of
netlink messages, allowing local users to spoof events.
(CVE-2011-1022)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#
if (NASL_LEVEL < 3000) exit(0);
include("compat.inc");
if (description)
{
script_id(53358);
script_version("$Revision: 1.4 $");
script_cvs_date("$Date: 2013/10/25 23:46:56 $");
script_cve_id("CVE-2011-1006", "CVE-2011-1022");
script_name(english:"SuSE 11.1 Security Update : libcgroup (SAT Patch Number 4081)");
script_summary(english:"Checks rpm output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote SuSE 11 host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"The following bugs have been fixed :
- libcgroup suffered from a heap-based buffer overflow.
(CVE-2011-1006)
- The cgrulesengd daemon did not verify the origin of
netlink messages, allowing local users to spoof events.
(CVE-2011-1022)"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=658944"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=675048"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=675506"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2011-1006.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2011-1022.html"
);
script_set_attribute(attribute:"solution", value:"Apply SAT patch number 4081.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libcgroup1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_set_attribute(attribute:"patch_publication_date", value:"2011/03/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/04/11");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1");
flag = 0;
if (rpm_check(release:"SLES11", sp:1, reference:"libcgroup1-0.34-2.5.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "SUSE_11_LIBCGROUP-DEVEL-110303.NASL", "bulletinFamily": "scanner", "title": "SuSE 11.1 Security Update : libcgroup (SAT Patch Number 4081)", "description": "The following bugs have been fixed :\n\n - libcgroup suffered from a heap-based buffer overflow.\n (CVE-2011-1006)\n\n - The cgrulesengd daemon did not verify the origin of\n netlink messages, allowing local users to spoof events.\n (CVE-2011-1022)", "published": "2011-04-11T00:00:00", "modified": "2013-10-25T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=53358", "reporter": "Tenable", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=675506", "https://bugzilla.novell.com/show_bug.cgi?id=675048", "https://bugzilla.novell.com/show_bug.cgi?id=658944", "http://support.novell.com/security/cve/CVE-2011-1022.html", "http://support.novell.com/security/cve/CVE-2011-1006.html"], "cvelist": ["CVE-2011-1022", "CVE-2011-1006"], "type": "nessus", "lastseen": "2019-01-16T20:11:58", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2011-1022", "CVE-2011-1006"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The following bugs have been fixed :\n\n - libcgroup suffered from a heap-based buffer overflow.\n (CVE-2011-1006)\n\n - The cgrulesengd daemon did not verify the origin of netlink messages, allowing local users to spoof events.\n (CVE-2011-1022)", "edition": 1, "enchantments": {}, "hash": "d7283d139d865d3bc121d96df4a71586f0c5b9a80aaccf21df2ece15be0214b1", "hashmap": [{"hash": "b7f6f9b0eaf59426c9a10b230e3db471", "key": "cvelist"}, {"hash": "d297cb8ad59313985e5c05d9d1655c0c", "key": "title"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "13260b57ce5566ae80ca155ebdad5911", "key": "description"}, {"hash": "9aae757849cd8dd4be3a8bea4fb251cb", "key": "pluginID"}, {"hash": "f44ad869442f4042e3378ed3017e05c3", "key": "sourceData"}, {"hash": "7ffda9669264dbb8d98fe2f4177b79f6", "key": "modified"}, {"hash": "3640e6003efdb9b02d50961058002f82", "key": "published"}, {"hash": "6002a94b69ca34ac06561f5584b2fc87", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "25329a797ec8248d5e607673049bc2ca", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=53358", "id": "SUSE_11_LIBCGROUP-DEVEL-110303.NASL", "lastseen": "2016-09-26T17:24:34", "modified": "2013-10-25T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.2", "pluginID": "53358", "published": "2011-04-11T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=675506", "https://bugzilla.novell.com/show_bug.cgi?id=675048", "https://bugzilla.novell.com/show_bug.cgi?id=658944", "http://support.novell.com/security/cve/CVE-2011-1022.html", "http://support.novell.com/security/cve/CVE-2011-1006.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53358);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:46:56 $\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n\n script_name(english:\"SuSE 11.1 Security Update : libcgroup (SAT Patch Number 4081)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following bugs have been fixed :\n\n - libcgroup suffered from a heap-based buffer overflow.\n (CVE-2011-1006)\n\n - The cgrulesengd daemon did not verify the origin of\n netlink messages, allowing local users to spoof events.\n (CVE-2011-1022)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=658944\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1006.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1022.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4081.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libcgroup1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"libcgroup1-0.34-2.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "SuSE 11.1 Security Update : libcgroup (SAT Patch Number 4081)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:34"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:novell:suse_linux:11:libcgroup1", "cpe:/o:novell:suse_linux:11"], "cvelist": ["CVE-2011-1022", "CVE-2011-1006"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The following bugs have been fixed :\n\n - libcgroup suffered from a heap-based buffer overflow.\n (CVE-2011-1006)\n\n - The cgrulesengd daemon did not verify the origin of netlink messages, allowing local users to spoof events.\n (CVE-2011-1022)", "edition": 4, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "9a4f0d891a7f3d452396959adecae5dd8e1a95b404471291602f57338ba97faf", "hashmap": [{"hash": "b7f6f9b0eaf59426c9a10b230e3db471", "key": "cvelist"}, {"hash": "d297cb8ad59313985e5c05d9d1655c0c", "key": "title"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "13260b57ce5566ae80ca155ebdad5911", "key": "description"}, {"hash": "9aae757849cd8dd4be3a8bea4fb251cb", "key": "pluginID"}, {"hash": "f44ad869442f4042e3378ed3017e05c3", "key": "sourceData"}, {"hash": "7ffda9669264dbb8d98fe2f4177b79f6", "key": "modified"}, {"hash": "3640e6003efdb9b02d50961058002f82", "key": "published"}, {"hash": "6002a94b69ca34ac06561f5584b2fc87", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "eeb5fe5ccb0b8a422afa04245c8d7e5f", "key": "cpe"}, {"hash": "25329a797ec8248d5e607673049bc2ca", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=53358", "id": "SUSE_11_LIBCGROUP-DEVEL-110303.NASL", "lastseen": "2018-09-01T23:46:10", "modified": "2013-10-25T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "53358", "published": "2011-04-11T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=675506", "https://bugzilla.novell.com/show_bug.cgi?id=675048", "https://bugzilla.novell.com/show_bug.cgi?id=658944", "http://support.novell.com/security/cve/CVE-2011-1022.html", "http://support.novell.com/security/cve/CVE-2011-1006.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53358);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:46:56 $\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n\n script_name(english:\"SuSE 11.1 Security Update : libcgroup (SAT Patch Number 4081)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following bugs have been fixed :\n\n - libcgroup suffered from a heap-based buffer overflow.\n (CVE-2011-1006)\n\n - The cgrulesengd daemon did not verify the origin of\n netlink messages, allowing local users to spoof events.\n (CVE-2011-1022)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=658944\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1006.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1022.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4081.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libcgroup1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"libcgroup1-0.34-2.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "SuSE 11.1 Security Update : libcgroup (SAT Patch Number 4081)", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 4, "lastseen": "2018-09-01T23:46:10"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:novell:suse_linux:11:libcgroup1", "cpe:/o:novell:suse_linux:11"], "cvelist": ["CVE-2011-1022", "CVE-2011-1006"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The following bugs have been fixed :\n\n - libcgroup suffered from a heap-based buffer overflow.\n (CVE-2011-1006)\n\n - The cgrulesengd daemon did not verify the origin of netlink messages, allowing local users to spoof events.\n (CVE-2011-1022)", "edition": 2, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "9a4f0d891a7f3d452396959adecae5dd8e1a95b404471291602f57338ba97faf", "hashmap": [{"hash": "b7f6f9b0eaf59426c9a10b230e3db471", "key": "cvelist"}, {"hash": "d297cb8ad59313985e5c05d9d1655c0c", "key": "title"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "13260b57ce5566ae80ca155ebdad5911", "key": "description"}, {"hash": "9aae757849cd8dd4be3a8bea4fb251cb", "key": "pluginID"}, {"hash": "f44ad869442f4042e3378ed3017e05c3", "key": "sourceData"}, {"hash": "7ffda9669264dbb8d98fe2f4177b79f6", "key": "modified"}, {"hash": "3640e6003efdb9b02d50961058002f82", "key": "published"}, {"hash": "6002a94b69ca34ac06561f5584b2fc87", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "eeb5fe5ccb0b8a422afa04245c8d7e5f", "key": "cpe"}, {"hash": "25329a797ec8248d5e607673049bc2ca", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=53358", "id": "SUSE_11_LIBCGROUP-DEVEL-110303.NASL", "lastseen": "2017-10-29T13:38:00", "modified": "2013-10-25T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "53358", "published": "2011-04-11T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=675506", "https://bugzilla.novell.com/show_bug.cgi?id=675048", "https://bugzilla.novell.com/show_bug.cgi?id=658944", "http://support.novell.com/security/cve/CVE-2011-1022.html", "http://support.novell.com/security/cve/CVE-2011-1006.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53358);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:46:56 $\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n\n script_name(english:\"SuSE 11.1 Security Update : libcgroup (SAT Patch Number 4081)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following bugs have been fixed :\n\n - libcgroup suffered from a heap-based buffer overflow.\n (CVE-2011-1006)\n\n - The cgrulesengd daemon did not verify the origin of\n netlink messages, allowing local users to spoof events.\n (CVE-2011-1022)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=658944\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1006.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1022.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4081.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libcgroup1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"libcgroup1-0.34-2.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "SuSE 11.1 Security Update : libcgroup (SAT Patch Number 4081)", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-29T13:38:00"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:novell:suse_linux:11:libcgroup1", "cpe:/o:novell:suse_linux:11"], "cvelist": ["CVE-2011-1022", "CVE-2011-1006"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The following bugs have been fixed :\n\n - libcgroup suffered from a heap-based buffer overflow.\n (CVE-2011-1006)\n\n - The cgrulesengd daemon did not verify the origin of netlink messages, allowing local users to spoof events.\n (CVE-2011-1022)", "edition": 3, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "5487cc0875db21909393aea0bbc93d0d89e987f20efdbed85915cea76510a0f8", "hashmap": [{"hash": "b7f6f9b0eaf59426c9a10b230e3db471", "key": "cvelist"}, {"hash": "d297cb8ad59313985e5c05d9d1655c0c", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "13260b57ce5566ae80ca155ebdad5911", "key": "description"}, {"hash": "9aae757849cd8dd4be3a8bea4fb251cb", "key": "pluginID"}, {"hash": "f44ad869442f4042e3378ed3017e05c3", "key": "sourceData"}, {"hash": "7ffda9669264dbb8d98fe2f4177b79f6", "key": "modified"}, {"hash": "3640e6003efdb9b02d50961058002f82", "key": "published"}, {"hash": "6002a94b69ca34ac06561f5584b2fc87", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "eeb5fe5ccb0b8a422afa04245c8d7e5f", "key": "cpe"}, {"hash": "25329a797ec8248d5e607673049bc2ca", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=53358", "id": "SUSE_11_LIBCGROUP-DEVEL-110303.NASL", "lastseen": "2018-08-30T19:39:48", "modified": "2013-10-25T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "53358", "published": "2011-04-11T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=675506", "https://bugzilla.novell.com/show_bug.cgi?id=675048", "https://bugzilla.novell.com/show_bug.cgi?id=658944", "http://support.novell.com/security/cve/CVE-2011-1022.html", "http://support.novell.com/security/cve/CVE-2011-1006.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53358);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:46:56 $\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n\n script_name(english:\"SuSE 11.1 Security Update : libcgroup (SAT Patch Number 4081)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following bugs have been fixed :\n\n - libcgroup suffered from a heap-based buffer overflow.\n (CVE-2011-1006)\n\n - The cgrulesengd daemon did not verify the origin of\n netlink messages, allowing local users to spoof events.\n (CVE-2011-1022)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=658944\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1006.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1022.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4081.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libcgroup1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"libcgroup1-0.34-2.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "SuSE 11.1 Security Update : libcgroup (SAT Patch Number 4081)", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:39:48"}], "edition": 5, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "eeb5fe5ccb0b8a422afa04245c8d7e5f"}, {"key": "cvelist", "hash": "b7f6f9b0eaf59426c9a10b230e3db471"}, {"key": "cvss", "hash": "cfd16da9581e0c21db590e40dfd9e493"}, {"key": "description", "hash": "d94d0580a7372584aec8f5bd22027d8f"}, {"key": "href", "hash": "6002a94b69ca34ac06561f5584b2fc87"}, {"key": "modified", "hash": "7ffda9669264dbb8d98fe2f4177b79f6"}, {"key": "naslFamily", "hash": "71a40666da62ba38d22539c8277870c7"}, {"key": "pluginID", "hash": "9aae757849cd8dd4be3a8bea4fb251cb"}, {"key": "published", "hash": "3640e6003efdb9b02d50961058002f82"}, {"key": "references", "hash": "25329a797ec8248d5e607673049bc2ca"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "f44ad869442f4042e3378ed3017e05c3"}, {"key": "title", "hash": "d297cb8ad59313985e5c05d9d1655c0c"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "6c0ed4285bee04259fe51c86b2fef7f1d32f1844853a1035dbf0f14e792a50bb", "viewCount": 1, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-1006", "CVE-2011-1022"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25988", "SECURITYVULNS:VULN:11527"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310862954", "OPENVAS:1361412562310122230", "OPENVAS:862954", "OPENVAS:863104", "OPENVAS:69329", "OPENVAS:136141256231069329", "OPENVAS:870680", "OPENVAS:1361412562310863104", "OPENVAS:1361412562310870680"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2011-0320.NASL", "DEBIAN_DSA-2193.NASL", "SUSE_11_4_LIBCGROUP-DEVEL-110314.NASL", "FEDORA_2011-2638.NASL", "REDHAT-RHSA-2011-0320.NASL", "SL_20110303_LIBCGROUP_ON_SL6_X.NASL", "FEDORA_2011-2570.NASL", "FEDORA_2011-2631.NASL", "SUSE_11_2_LIBCGROUP-DEVEL-110304.NASL", "SUSE_11_3_LIBCGROUP-DEVEL-110304.NASL"]}, {"type": "redhat", "idList": ["RHSA-2011:0320"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0320"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2193-1:4D846"]}], "modified": "2019-01-16T20:11:58"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53358);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:46:56 $\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n\n script_name(english:\"SuSE 11.1 Security Update : libcgroup (SAT Patch Number 4081)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following bugs have been fixed :\n\n - libcgroup suffered from a heap-based buffer overflow.\n (CVE-2011-1006)\n\n - The cgrulesengd daemon did not verify the origin of\n netlink messages, allowing local users to spoof events.\n (CVE-2011-1022)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=658944\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1006.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1022.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4081.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libcgroup1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"libcgroup1-0.34-2.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "SuSE Local Security Checks", "pluginID": "53358", "cpe": ["p-cpe:/a:novell:suse_linux:11:libcgroup1", "cpe:/o:novell:suse_linux:11"]}
{"cve": [{"lastseen": "2016-09-03T15:06:27", "bulletinFamily": "NVD", "description": "Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear whether this issue crosses privilege boundaries.", "modified": "2011-04-20T22:33:16", "published": "2011-03-22T13:55:01", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1006", "id": "CVE-2011-1006", "title": "CVE-2011-1006", "type": "cve", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-03T15:06:43", "bulletinFamily": "NVD", "description": "The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.", "modified": "2011-09-06T23:15:15", "published": "2011-03-22T13:55:01", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1022", "id": "CVE-2011-1022", "title": "CVE-2011-1022", "type": "cve", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2019-01-16T20:12:06", "bulletinFamily": "scanner", "description": "libcgroup suffered from a heap based buffer overflow (CVE-2011-1006).\n\nThe cgrulesengd daemon did not verify the origin of netlink messages,\nallowing local users to spoof events (CVE-2011-1022).", "modified": "2018-11-10T00:00:00", "published": "2011-05-05T00:00:00", "id": "SUSE_11_2_LIBCGROUP-DEVEL-110304.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=53746", "title": "openSUSE Security Update : libcgroup-devel (openSUSE-SU-2011:0316-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libcgroup-devel-4087.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53746);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:59\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n\n script_name(english:\"openSUSE Security Update : libcgroup-devel (openSUSE-SU-2011:0316-1)\");\n script_summary(english:\"Check for the libcgroup-devel-4087 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libcgroup suffered from a heap based buffer overflow (CVE-2011-1006).\n\nThe cgrulesengd daemon did not verify the origin of netlink messages,\nallowing local users to spoof events (CVE-2011-1022).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-04/msg00027.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcgroup-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcgroup-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcgroup1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcgroup1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libcgroup-devel-0.34-3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libcgroup1-0.34-3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libcgroup1-32bit-0.34-3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcgroup-devel / libcgroup1 / libcgroup1-32bit\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:12:10", "bulletinFamily": "scanner", "description": "Two security bugs were fixed in this release :\n\n - CVE-2011-1006: Heap-based buffer overflow by converting\n list of controllers for given task into an array of\n strings\n\n - CVE-2011-1022: Unchecked origin of NETLINK messages\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2015-10-20T00:00:00", "published": "2011-05-27T00:00:00", "id": "FEDORA_2011-2570.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=54834", "title": "Fedora 13 : libcgroup-0.35.1-5.fc13 (2011-2570)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-2570.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(54834);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:05:53 $\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_bugtraq_id(46578, 46729);\n script_xref(name:\"FEDORA\", value:\"2011-2570\");\n\n script_name(english:\"Fedora 13 : libcgroup-0.35.1-5.fc13 (2011-2570)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two security bugs were fixed in this release :\n\n - CVE-2011-1006: Heap-based buffer overflow by converting\n list of controllers for given task into an array of\n strings\n\n - CVE-2011-1022: Unchecked origin of NETLINK messages\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=678107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=680409\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-May/060769.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a22ea1a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcgroup package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libcgroup\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"libcgroup-0.35.1-5.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcgroup\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:11:56", "bulletinFamily": "scanner", "description": "Two security bugs were fixed in this release :\n\n - CVE-2011-1006: Heap-based buffer overflow by converting\n list of controllers for given task into an array of\n strings\n\n - CVE-2011-1022: Unchecked origin of NETLINK messages\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2015-10-20T00:00:00", "published": "2011-03-27T00:00:00", "id": "FEDORA_2011-2631.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=52981", "title": "Fedora 14 : libcgroup-0.36.2-6.fc14 (2011-2631)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-2631.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52981);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:05:53 $\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_bugtraq_id(46578, 46729);\n script_xref(name:\"FEDORA\", value:\"2011-2631\");\n\n script_name(english:\"Fedora 14 : libcgroup-0.36.2-6.fc14 (2011-2631)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two security bugs were fixed in this release :\n\n - CVE-2011-1006: Heap-based buffer overflow by converting\n list of controllers for given task into an array of\n strings\n\n - CVE-2011-1022: Unchecked origin of NETLINK messages\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=678107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=680409\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-March/056683.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?04378f59\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcgroup package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libcgroup\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"libcgroup-0.36.2-6.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcgroup\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:19:00", "bulletinFamily": "scanner", "description": "libcgroup suffered from a heap based buffer overflow (CVE-2011-1006).\n\nThe cgrulesengd daemon did not verify the origin of netlink messages,\nallowing local users to spoof events (CVE-2011-1022).", "modified": "2018-11-10T00:00:00", "published": "2014-06-13T00:00:00", "id": "SUSE_11_3_LIBCGROUP-DEVEL-110304.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=75572", "title": "openSUSE Security Update : libcgroup-devel (openSUSE-SU-2011:0316-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libcgroup-devel-4087.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75572);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:49:59\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n\n script_name(english:\"openSUSE Security Update : libcgroup-devel (openSUSE-SU-2011:0316-1)\");\n script_summary(english:\"Check for the libcgroup-devel-4087 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libcgroup suffered from a heap based buffer overflow (CVE-2011-1006).\n\nThe cgrulesengd daemon did not verify the origin of netlink messages,\nallowing local users to spoof events (CVE-2011-1022).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-04/msg00027.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcgroup-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcgroup-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcgroup1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcgroup1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libcgroup-devel-0.36.2-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libcgroup1-0.36.2-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libcgroup1-32bit-0.36.2-2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcgroup-devel / libcgroup1 / libcgroup1-32bit\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:19:07", "bulletinFamily": "scanner", "description": "Two security bugfixes in libcgroup1 were done :\n\nlibcgroup suffered from a heap based buffer overflow (CVE-2011-1006).\n\nThe cgrulesengd daemon did not verify the origin of netlink messages,\nallowing local users to spoof events (CVE-2011-1022).", "modified": "2018-11-10T00:00:00", "published": "2014-06-13T00:00:00", "id": "SUSE_11_4_LIBCGROUP-DEVEL-110314.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=75893", "title": "openSUSE Security Update : libcgroup-devel (openSUSE-SU-2011:0316-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libcgroup-devel-4148.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75893);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:49:59\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n\n script_name(english:\"openSUSE Security Update : libcgroup-devel (openSUSE-SU-2011:0316-1)\");\n script_summary(english:\"Check for the libcgroup-devel-4148 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two security bugfixes in libcgroup1 were done :\n\nlibcgroup suffered from a heap based buffer overflow (CVE-2011-1006).\n\nThe cgrulesengd daemon did not verify the origin of netlink messages,\nallowing local users to spoof events (CVE-2011-1022).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-04/msg00027.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcgroup-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcgroup-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcgroup1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcgroup1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcgroup1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcgroup1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcgroup1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libcgroup-devel-0.36.2-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libcgroup1-0.36.2-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libcgroup1-debuginfo-0.36.2-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libcgroup1-debugsource-0.36.2-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libcgroup1-32bit-0.36.2-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libcgroup1-debuginfo-32bit-0.36.2-6.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcgroup1\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:11:50", "bulletinFamily": "scanner", "description": "Updated libcgroup packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe libcgroup packages provide tools and libraries to control and\nmonitor control groups.\n\nA heap-based buffer overflow flaw was found in the way libcgroup\nconverted a list of user-provided controllers for a particular task\ninto an array of strings. A local attacker could use this flaw to\nescalate their privileges via a specially crafted list of controllers.\n(CVE-2011-1006)\n\nIt was discovered that libcgroup did not properly check the origin of\nNetlink messages. A local attacker could use this flaw to send crafted\nNetlink messages to the cgrulesengd daemon, causing it to put\nprocesses into one or more existing control groups, based on the\nattacker's choosing, possibly allowing the particular tasks to run\nwith more resources (memory, CPU, etc.) than originally intended.\n(CVE-2011-1022)\n\nRed Hat would like to thank Nelson Elhage for reporting the\nCVE-2011-1006 issue.\n\nAll libcgroup users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.", "modified": "2018-11-26T00:00:00", "published": "2011-03-04T00:00:00", "id": "REDHAT-RHSA-2011-0320.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=52542", "title": "RHEL 6 : libcgroup (RHSA-2011:0320)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0320. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52542);\n script_version (\"1.18\");\n script_cvs_date(\"Date: 2018/11/26 11:02:14\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_bugtraq_id(46578, 46729);\n script_xref(name:\"RHSA\", value:\"2011:0320\");\n\n script_name(english:\"RHEL 6 : libcgroup (RHSA-2011:0320)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libcgroup packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe libcgroup packages provide tools and libraries to control and\nmonitor control groups.\n\nA heap-based buffer overflow flaw was found in the way libcgroup\nconverted a list of user-provided controllers for a particular task\ninto an array of strings. A local attacker could use this flaw to\nescalate their privileges via a specially crafted list of controllers.\n(CVE-2011-1006)\n\nIt was discovered that libcgroup did not properly check the origin of\nNetlink messages. A local attacker could use this flaw to send crafted\nNetlink messages to the cgrulesengd daemon, causing it to put\nprocesses into one or more existing control groups, based on the\nattacker's choosing, possibly allowing the particular tasks to run\nwith more resources (memory, CPU, etc.) than originally intended.\n(CVE-2011-1022)\n\nRed Hat would like to thank Nelson Elhage for reporting the\nCVE-2011-1006 issue.\n\nAll libcgroup users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0320\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libcgroup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libcgroup-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libcgroup-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libcgroup-pam\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0320\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"libcgroup-0.36.1-6.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libcgroup-debuginfo-0.36.1-6.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libcgroup-devel-0.36.1-6.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libcgroup-pam-0.36.1-6.el6_0.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcgroup / libcgroup-debuginfo / libcgroup-devel / libcgroup-pam\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:11:56", "bulletinFamily": "scanner", "description": "Two security bugs were fixed in this release :\n\n - CVE-2011-1006: Heap-based buffer overflow by converting\n list of controllers for given task into an array of\n strings\n\n - CVE-2011-1022: Unchecked origin of NETLINK messages\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2015-10-20T00:00:00", "published": "2011-03-27T00:00:00", "id": "FEDORA_2011-2638.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=52982", "title": "Fedora 15 : libcgroup-0.37.1-1.fc15 (2011-2638)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-2638.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52982);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:05:53 $\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_bugtraq_id(46578, 46729);\n script_xref(name:\"FEDORA\", value:\"2011-2638\");\n\n script_name(english:\"Fedora 15 : libcgroup-0.37.1-1.fc15 (2011-2638)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two security bugs were fixed in this release :\n\n - CVE-2011-1006: Heap-based buffer overflow by converting\n list of controllers for given task into an array of\n strings\n\n - CVE-2011-1022: Unchecked origin of NETLINK messages\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=678107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=680409\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-March/056734.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ca642e7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcgroup package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libcgroup\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"libcgroup-0.37.1-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcgroup\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:14:24", "bulletinFamily": "scanner", "description": "A heap-based buffer overflow flaw was found in the way libcgroup\nconverted a list of user-provided controllers for a particular task\ninto an array of strings. A local attacker could use this flaw to\nescalate their privileges via a specially crafted list of controllers.\n(CVE-2011-1006)\n\nIt was discovered that libcgroup did not properly check the origin of\nNetlink messages. A local attacker could use this flaw to send crafted\nNetlink messages to the cgrulesengd daemon, causing it to put\nprocesses into one or more existing control groups, based on the\nattacker's choosing, possibly allowing the particular tasks to run\nwith more resources (memory, CPU, etc.) than originally intended.\n(CVE-2011-1022)", "modified": "2018-12-31T00:00:00", "published": "2012-08-01T00:00:00", "id": "SL_20110303_LIBCGROUP_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60979", "title": "Scientific Linux Security Update : libcgroup on SL6.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60979);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/12/31 11:35:00\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n\n script_name(english:\"Scientific Linux Security Update : libcgroup on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the way libcgroup\nconverted a list of user-provided controllers for a particular task\ninto an array of strings. A local attacker could use this flaw to\nescalate their privileges via a specially crafted list of controllers.\n(CVE-2011-1006)\n\nIt was discovered that libcgroup did not properly check the origin of\nNetlink messages. A local attacker could use this flaw to send crafted\nNetlink messages to the cgrulesengd daemon, causing it to put\nprocesses into one or more existing control groups, based on the\nattacker's choosing, possibly allowing the particular tasks to run\nwith more resources (memory, CPU, etc.) than originally intended.\n(CVE-2011-1022)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1103&L=scientific-linux-errata&T=0&P=6903\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1b5605a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libcgroup, libcgroup-devel and / or libcgroup-pam\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"libcgroup-0.36.1-6.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libcgroup-devel-0.36.1-6.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libcgroup-pam-0.36.1-6.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:11:54", "bulletinFamily": "scanner", "description": "Several issues have been discovered in libcgroup, a library to control\nand monitor control groups :\n\n - CVE-2011-1006\n Heap-based buffer overflow by converting list of\n controllers for given task into an array of strings\n could lead to privilege escalation by a local attacker.\n\n - CVE-2011-1022\n libcgroup did not properly check the origin of Netlink\n messages, allowing a local attacker to send crafted\n Netlink messages which could lead to privilege\n escalation.\n\nThe oldstable distribution (lenny) does not contain libcgroup\npackages.", "modified": "2018-11-10T00:00:00", "published": "2011-03-17T00:00:00", "id": "DEBIAN_DSA-2193.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=52691", "title": "Debian DSA-2193-1 : libcgroup - several vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2193. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52691);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_bugtraq_id(46578, 46729);\n script_xref(name:\"DSA\", value:\"2193\");\n\n script_name(english:\"Debian DSA-2193-1 : libcgroup - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several issues have been discovered in libcgroup, a library to control\nand monitor control groups :\n\n - CVE-2011-1006\n Heap-based buffer overflow by converting list of\n controllers for given task into an array of strings\n could lead to privilege escalation by a local attacker.\n\n - CVE-2011-1022\n libcgroup did not properly check the origin of Netlink\n messages, allowing a local attacker to send crafted\n Netlink messages which could lead to privilege\n escalation.\n\nThe oldstable distribution (lenny) does not contain libcgroup\npackages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615987\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-1006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-1022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/libcgroup\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2193\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libcgroup packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.36.2-3+squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcgroup\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"cgroup-bin\", reference:\"0.36.2-3+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcgroup-dev\", reference:\"0.36.2-3+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcgroup1\", reference:\"0.36.2-3+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpam-cgroup\", reference:\"0.36.2-3+squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:16:41", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2011:0320 :\n\nUpdated libcgroup packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe libcgroup packages provide tools and libraries to control and\nmonitor control groups.\n\nA heap-based buffer overflow flaw was found in the way libcgroup\nconverted a list of user-provided controllers for a particular task\ninto an array of strings. A local attacker could use this flaw to\nescalate their privileges via a specially crafted list of controllers.\n(CVE-2011-1006)\n\nIt was discovered that libcgroup did not properly check the origin of\nNetlink messages. A local attacker could use this flaw to send crafted\nNetlink messages to the cgrulesengd daemon, causing it to put\nprocesses into one or more existing control groups, based on the\nattacker's choosing, possibly allowing the particular tasks to run\nwith more resources (memory, CPU, etc.) than originally intended.\n(CVE-2011-1022)\n\nRed Hat would like to thank Nelson Elhage for reporting the\nCVE-2011-1006 issue.\n\nAll libcgroup users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.", "modified": "2018-07-18T00:00:00", "published": "2013-07-12T00:00:00", "id": "ORACLELINUX_ELSA-2011-0320.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=68218", "title": "Oracle Linux 6 : libcgroup (ELSA-2011-0320)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0320 and \n# Oracle Linux Security Advisory ELSA-2011-0320 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68218);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/18 17:43:56\");\n\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_bugtraq_id(46578, 46729);\n script_xref(name:\"RHSA\", value:\"2011:0320\");\n\n script_name(english:\"Oracle Linux 6 : libcgroup (ELSA-2011-0320)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0320 :\n\nUpdated libcgroup packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe libcgroup packages provide tools and libraries to control and\nmonitor control groups.\n\nA heap-based buffer overflow flaw was found in the way libcgroup\nconverted a list of user-provided controllers for a particular task\ninto an array of strings. A local attacker could use this flaw to\nescalate their privileges via a specially crafted list of controllers.\n(CVE-2011-1006)\n\nIt was discovered that libcgroup did not properly check the origin of\nNetlink messages. A local attacker could use this flaw to send crafted\nNetlink messages to the cgrulesengd daemon, causing it to put\nprocesses into one or more existing control groups, based on the\nattacker's choosing, possibly allowing the particular tasks to run\nwith more resources (memory, CPU, etc.) than originally intended.\n(CVE-2011-1022)\n\nRed Hat would like to thank Nelson Elhage for reporting the\nCVE-2011-1006 issue.\n\nAll libcgroup users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-March/001975.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcgroup packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libcgroup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libcgroup-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libcgroup-pam\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"libcgroup-0.36.1-6.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libcgroup-devel-0.36.1-6.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libcgroup-pam-0.36.1-6.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcgroup / libcgroup-devel / libcgroup-pam\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:41", "bulletinFamily": "software", "description": "Buffer overflow, privilege escalation.", "modified": "2011-03-23T00:00:00", "published": "2011-03-23T00:00:00", "id": "SECURITYVULNS:VULN:11527", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11527", "title": "libcgroup security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:39", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2193-1 security@debian.org\r\nhttp://www.debian.org/security/ Thijs Kinkhorst\r\nMarch 16, 2011 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : libcgroup\r\nVulnerability : several\r\nProblem type : local\r\nDebian-specific: no\r\nCVE ID : CVE-2011-1006 CVE-2011-1022\r\nDebian Bug : 615987\r\n\r\nSeveral issues have been discovered in libcgroup, a library to control\r\nand monitor control groups:\r\n\r\nCVE-2011-1006\r\n\r\n Heap-based buffer overflow by converting list of controllers for\r\n given task into an array of strings could lead to privilege\r\n escalation by a local attacker.\r\n\r\nCVE-2011-1022\r\n\r\n libcgroup did not properly check the origin of Netlink messages,\r\n allowing a local attacker to send crafted Netlink messages which\r\n could lead to privilege escalation.\r\n\r\nThe oldstable distribution (lenny) does not contain libgroup packages.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in\r\nversion 0.36.2-3+squeeze1.\r\n\r\nFor the testing distribution (wheezy) and unstable distribution (sid),\r\nthis problem will be fixed soon.\r\n\r\nWe recommend that you upgrade your libcgroup packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJNgSa1AAoJEOxfUAG2iX577XUIAJP6D0PL63DYGPQCuOafRPF/\r\ndIrmXVLztDsor2GmhkgNl1O7bDjAZ1I/TN/pjSjqZaRWUYCyNeUmk62+t+6PlZCz\r\nKEZgz92s6k0EzjEYSZw84hyaxp15neqwlGYxpX1cfOcpZEV2bN6+b9HEYoxZI2h5\r\nfhBfFzVists0vquz15BoLMFEtjCPYODlPoc5zyZpmrAvLinl6xBzVJ6fHdDNB1yM\r\ntyBJCgWQ/Iu+XY2ntP/oJjFQ62Ztig/J94u6C2ixvyYUiOsUgLJspddjAQN5YFyW\r\ncgOEWnJhcqmWSPdyPuhblz/l4s2sR3ftPxnrxb0abtnPVJB41SO7h9PAc2UnRwU=\r\n=Is0K\r\n-----END PGP SIGNATURE-----", "modified": "2011-03-23T00:00:00", "published": "2011-03-23T00:00:00", "id": "SECURITYVULNS:DOC:25988", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25988", "title": "[SECURITY] [DSA 2193-1] libcgroup security update", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-11-23T15:15:51", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2012-07-09T00:00:00", "id": "OPENVAS:1361412562310870680", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870680", "title": "RedHat Update for libcgroup RHSA-2011:0320-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for libcgroup RHSA-2011:0320-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-March/msg00011.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870680\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:45:59 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0320-01\");\n script_name(\"RedHat Update for libcgroup RHSA-2011:0320-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libcgroup'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"libcgroup on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The libcgroup packages provide tools and libraries to control and monitor\n control groups.\n\n A heap-based buffer overflow flaw was found in the way libcgroup converted\n a list of user-provided controllers for a particular task into an array of\n strings. A local attacker could use this flaw to escalate their privileges\n via a specially-crafted list of controllers. (CVE-2011-1006)\n\n It was discovered that libcgroup did not properly check the origin of\n Netlink messages. A local attacker could use this flaw to send crafted\n Netlink messages to the cgrulesengd daemon, causing it to put processes\n into one or more existing control groups, based on the attacker's choosing,\n possibly allowing the particular tasks to run with more resources (memory,\n CPU, etc.) than originally intended. (CVE-2011-1022)\n\n Red Hat would like to thank Nelson Elhage for reporting the CVE-2011-1006\n issue.\n\n All libcgroup users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libcgroup\", rpm:\"libcgroup~0.36.1~6.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcgroup-debuginfo\", rpm:\"libcgroup-debuginfo~0.36.1~6.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcgroup-devel\", rpm:\"libcgroup-devel~0.36.1~6.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:04:18", "bulletinFamily": "scanner", "description": "Check for the Version of libcgroup", "modified": "2018-04-06T00:00:00", "published": "2011-06-03T00:00:00", "id": "OPENVAS:1361412562310863104", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863104", "title": "Fedora Update for libcgroup FEDORA-2011-2570", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libcgroup FEDORA-2011-2570\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libcgroup on Fedora 13\";\ntag_insight = \"Control groups infrastructure. The tools and library help manipulate, control,\n administrate and monitor control groups and the associated controllers.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060769.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863104\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-03 09:20:26 +0200 (Fri, 03 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-2570\");\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_name(\"Fedora Update for libcgroup FEDORA-2011-2570\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of libcgroup\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"libcgroup\", rpm:\"libcgroup~0.35.1~5.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:55:27", "bulletinFamily": "scanner", "description": "The remote host is missing an update to libcgroup\nannounced via advisory DSA 2193-1.", "modified": "2017-07-07T00:00:00", "published": "2011-05-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=69329", "id": "OPENVAS:69329", "title": "Debian Security Advisory DSA 2193-1 (libcgroup)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2193_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2193-1 (libcgroup)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several issues have been discovered in libcgroup, a library to control\nand monitor control groups:\n\nCVE-2011-1006\n\nHeap-based buffer overflow by converting list of controllers for\ngiven task into an array of strings could lead to privilege\nescalation by a local attacker.\n\nCVE-2011-1022\n\nlibcgroup did not properly check the origin of Netlink messages,\nallowing a local attacker to send crafted Netlink messages which\ncould lead to privilege escalation.\n\nThe oldstable distribution (lenny) does not contain libgroup packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.36.2-3+squeeze1.\n\nFor the testing distribution (wheezy) and unstable distribution (sid),\nthis problem will be fixed soon.\n\nWe recommend that you upgrade your libcgroup packages.\";\ntag_summary = \"The remote host is missing an update to libcgroup\nannounced via advisory DSA 2193-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202193-1\";\n\n\nif(description)\n{\n script_id(69329);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_name(\"Debian Security Advisory DSA 2193-1 (libcgroup)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"cgroup-bin\", ver:\"0.36.2-3+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgroup-dev\", ver:\"0.36.2-3+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgroup1\", ver:\"0.36.2-3+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-cgroup\", ver:\"0.36.2-3+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:03:07", "bulletinFamily": "scanner", "description": "The remote host is missing an update to libcgroup\nannounced via advisory DSA 2193-1.", "modified": "2018-04-06T00:00:00", "published": "2011-05-12T00:00:00", "id": "OPENVAS:136141256231069329", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069329", "title": "Debian Security Advisory DSA 2193-1 (libcgroup)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2193_1.nasl 9351 2018-04-06 07:05:43Z cfischer $\n# Description: Auto-generated from advisory DSA 2193-1 (libcgroup)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several issues have been discovered in libcgroup, a library to control\nand monitor control groups:\n\nCVE-2011-1006\n\nHeap-based buffer overflow by converting list of controllers for\ngiven task into an array of strings could lead to privilege\nescalation by a local attacker.\n\nCVE-2011-1022\n\nlibcgroup did not properly check the origin of Netlink messages,\nallowing a local attacker to send crafted Netlink messages which\ncould lead to privilege escalation.\n\nThe oldstable distribution (lenny) does not contain libgroup packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.36.2-3+squeeze1.\n\nFor the testing distribution (wheezy) and unstable distribution (sid),\nthis problem will be fixed soon.\n\nWe recommend that you upgrade your libcgroup packages.\";\ntag_summary = \"The remote host is missing an update to libcgroup\nannounced via advisory DSA 2193-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202193-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69329\");\n script_version(\"$Revision: 9351 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:05:43 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_name(\"Debian Security Advisory DSA 2193-1 (libcgroup)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"cgroup-bin\", ver:\"0.36.2-3+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgroup-dev\", ver:\"0.36.2-3+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcgroup1\", ver:\"0.36.2-3+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpam-cgroup\", ver:\"0.36.2-3+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-11T11:06:52", "bulletinFamily": "scanner", "description": "Check for the Version of libcgroup", "modified": "2018-01-10T00:00:00", "published": "2012-07-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=870680", "id": "OPENVAS:870680", "title": "RedHat Update for libcgroup RHSA-2011:0320-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for libcgroup RHSA-2011:0320-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The libcgroup packages provide tools and libraries to control and monitor\n control groups.\n\n A heap-based buffer overflow flaw was found in the way libcgroup converted\n a list of user-provided controllers for a particular task into an array of\n strings. A local attacker could use this flaw to escalate their privileges\n via a specially-crafted list of controllers. (CVE-2011-1006)\n\n It was discovered that libcgroup did not properly check the origin of\n Netlink messages. A local attacker could use this flaw to send crafted\n Netlink messages to the cgrulesengd daemon, causing it to put processes\n into one or more existing control groups, based on the attacker's choosing,\n possibly allowing the particular tasks to run with more resources (memory,\n CPU, etc.) than originally intended. (CVE-2011-1022)\n\n Red Hat would like to thank Nelson Elhage for reporting the CVE-2011-1006\n issue.\n\n All libcgroup users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"libcgroup on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-March/msg00011.html\");\n script_id(870680);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:45:59 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0320-01\");\n script_name(\"RedHat Update for libcgroup RHSA-2011:0320-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libcgroup\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libcgroup\", rpm:\"libcgroup~0.36.1~6.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcgroup-debuginfo\", rpm:\"libcgroup-debuginfo~0.36.1~6.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcgroup-devel\", rpm:\"libcgroup-devel~0.36.1~6.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:21", "bulletinFamily": "scanner", "description": "Check for the Version of libcgroup", "modified": "2017-07-10T00:00:00", "published": "2011-06-03T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=863104", "id": "OPENVAS:863104", "title": "Fedora Update for libcgroup FEDORA-2011-2570", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libcgroup FEDORA-2011-2570\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libcgroup on Fedora 13\";\ntag_insight = \"Control groups infrastructure. The tools and library help manipulate, control,\n administrate and monitor control groups and the associated controllers.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060769.html\");\n script_id(863104);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-03 09:20:26 +0200 (Fri, 03 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-2570\");\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_name(\"Fedora Update for libcgroup FEDORA-2011-2570\");\n\n script_summary(\"Check for the Version of libcgroup\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"libcgroup\", rpm:\"libcgroup~0.35.1~5.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:43", "bulletinFamily": "scanner", "description": "Check for the Version of libcgroup", "modified": "2017-07-10T00:00:00", "published": "2011-04-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862954", "id": "OPENVAS:862954", "title": "Fedora Update for libcgroup FEDORA-2011-2631", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libcgroup FEDORA-2011-2631\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libcgroup on Fedora 14\";\ntag_insight = \"Control groups infrastructure. The tools and library help manipulate, control,\n administrate and monitor control groups and the associated controllers.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056683.html\");\n script_id(862954);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-2631\");\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_name(\"Fedora Update for libcgroup FEDORA-2011-2631\");\n\n script_summary(\"Check for the Version of libcgroup\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"libcgroup\", rpm:\"libcgroup~0.36.2~6.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-28T18:24:37", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2011-0320", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310122230", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122230", "title": "Oracle Linux Local Check: ELSA-2011-0320", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0320.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122230\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:06 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0320\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0320 - libcgroup security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0320\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0320.html\");\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"libcgroup\", rpm:\"libcgroup~0.36.1~6.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libcgroup-devel\", rpm:\"libcgroup-devel~0.36.1~6.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libcgroup-pam\", rpm:\"libcgroup-pam~0.36.1~6.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:03:22", "bulletinFamily": "scanner", "description": "Check for the Version of libcgroup", "modified": "2018-04-06T00:00:00", "published": "2011-04-01T00:00:00", "id": "OPENVAS:1361412562310862954", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862954", "title": "Fedora Update for libcgroup FEDORA-2011-2631", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libcgroup FEDORA-2011-2631\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libcgroup on Fedora 14\";\ntag_insight = \"Control groups infrastructure. The tools and library help manipulate, control,\n administrate and monitor control groups and the associated controllers.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056683.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862954\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-2631\");\n script_cve_id(\"CVE-2011-1006\", \"CVE-2011-1022\");\n script_name(\"Fedora Update for libcgroup FEDORA-2011-2631\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of libcgroup\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"libcgroup\", rpm:\"libcgroup~0.36.2~6.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:14:40", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2193-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nMarch 16, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libcgroup\nVulnerability : several\nProblem type : local\nDebian-specific: no\nCVE ID : CVE-2011-1006 CVE-2011-1022\nDebian Bug : 615987\n\nSeveral issues have been discovered in libcgroup, a library to control\nand monitor control groups:\n\nCVE-2011-1006\n\n Heap-based buffer overflow by converting list of controllers for\n given task into an array of strings could lead to privilege\n escalation by a local attacker.\n\nCVE-2011-1022\n\n libcgroup did not properly check the origin of Netlink messages,\n allowing a local attacker to send crafted Netlink messages which\n could lead to privilege escalation.\n\nThe oldstable distribution (lenny) does not contain libgroup packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.36.2-3+squeeze1.\n\nFor the testing distribution (wheezy) and unstable distribution (sid),\nthis problem will be fixed soon.\n\nWe recommend that you upgrade your libcgroup packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2011-03-16T21:09:24", "published": "2011-03-16T21:09:24", "id": "DEBIAN:DSA-2193-1:4D846", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00060.html", "title": "[SECURITY] [DSA 2193-1] libcgroup security update", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T19:41:43", "bulletinFamily": "unix", "description": "The libcgroup packages provide tools and libraries to control and monitor\ncontrol groups.\n\nA heap-based buffer overflow flaw was found in the way libcgroup converted\na list of user-provided controllers for a particular task into an array of\nstrings. A local attacker could use this flaw to escalate their privileges\nvia a specially-crafted list of controllers. (CVE-2011-1006)\n\nIt was discovered that libcgroup did not properly check the origin of\nNetlink messages. A local attacker could use this flaw to send crafted\nNetlink messages to the cgrulesengd daemon, causing it to put processes\ninto one or more existing control groups, based on the attacker's choosing,\npossibly allowing the particular tasks to run with more resources (memory,\nCPU, etc.) than originally intended. (CVE-2011-1022)\n\nRed Hat would like to thank Nelson Elhage for reporting the CVE-2011-1006\nissue.\n\nAll libcgroup users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\n", "modified": "2018-06-06T20:24:26", "published": "2011-03-03T05:00:00", "id": "RHSA-2011:0320", "href": "https://access.redhat.com/errata/RHSA-2011:0320", "type": "redhat", "title": "(RHSA-2011:0320) Important: libcgroup security update", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:43:39", "bulletinFamily": "unix", "description": "[0.36-6.1]\n- Fixed buffer overflow when parsing cgexec command line parameters.\n- Added checking of source of netlink messages to cgrulesengd daemon.\n- Resolves: CVE-2011-1006 CVE-2011-1022", "modified": "2011-03-03T00:00:00", "published": "2011-03-03T00:00:00", "id": "ELSA-2011-0320", "href": "http://linux.oracle.com/errata/ELSA-2011-0320.html", "title": "libcgroup security update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
