Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2008-2021 Tenable Network Security, Inc.SUSE_AUDIT-5212.NASL
HistoryApr 28, 2008 - 12:00 a.m.

openSUSE 10 Security Update : audit (audit-5212)

2008-04-2800:00:00
This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.
www.tenable.com
8
JSON

A bug in the audit_log_user_command() function could lead to a buffer overflow. No program in openSUSE uses that function. Third-party applications could be affected though (CVE-2008-1628).

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update audit-5212.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(32076);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2008-1628");

  script_name(english:"openSUSE 10 Security Update : audit (audit-5212)");
  script_summary(english:"Check for the audit-5212 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A bug in the audit_log_user_command() function could lead to a buffer
overflow. No program in openSUSE uses that function. Third-party
applications could be affected though (CVE-2008-1628)."
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected audit packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:S/C:P/I:P/A:P");
  script_cwe_id(119,264);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:audit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:audit-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:audit-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:audit-libs-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:audit-libs-python");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3");

  script_set_attribute(attribute:"patch_publication_date", value:"2008/04/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2008/04/28");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE10.3", reference:"audit-1.5.5-13.4") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"audit-devel-1.5.5-13.4") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"audit-libs-1.5.5-13.4") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"audit-libs-python-1.5.5-20.4") ) flag++;
if ( rpm_check(release:"SUSE10.3", cpu:"x86_64", reference:"audit-libs-32bit-1.5.5-13.4") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "audit / audit-devel / audit-libs / audit-libs-32bit / etc");
}
VendorProductVersionCPE
novellopensuseauditp-cpe:/a:novell:opensuse:audit
novellopensuseaudit-develp-cpe:/a:novell:opensuse:audit-devel
novellopensuseaudit-libsp-cpe:/a:novell:opensuse:audit-libs
novellopensuseaudit-libs-32bitp-cpe:/a:novell:opensuse:audit-libs-32bit
novellopensuseaudit-libs-pythonp-cpe:/a:novell:opensuse:audit-libs-python
novellopensuse10.3cpe:/o:novell:opensuse:10.3

Related

nessus 3
openvas 6
ubuntucve 1
prion 1
securityvulns 2
cve 1
gentoo 1
fedora 1
debiancve 1
nessus
nessus
Mandriva Linux Security Advisory : audit (MDVSA-2008:083)
2009-04-23 00:00:00
Fedora 8 : audit-1.6.8-4.fc8 (2008-3012)
2008-04-11 00:00:00
GLSA-200807-14 : Linux Audit: Buffer overflow
2008-08-01 00:00:00
openvas
openvas
Mandriva Update for audit MDVSA-2008:083 (audit)
2009-04-09 00:00:00
Gentoo Security Advisory GLSA 200807-14 (audit)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200807-14 (audit)
2008-09-24 00:00:00
ubuntucve
ubuntucve
CVE-2008-1628
2008-04-02 00:00:00
prion
prion
Stack overflow
2008-04-02 17:44:00
securityvulns
securityvulns
Audit buffer overflow
2008-04-10 00:00:00
[ MDVSA-2008:083 ] - Updated audit packages fix vulnerability
2008-04-10 00:00:00
cve
cve
CVE-2008-1628
2008-04-02 17:44:00
gentoo
gentoo
Linux Audit: Buffer overflow
2008-07-31 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: audit-1.6.8-4.fc8
2008-04-09 05:22:20
debiancve
debiancve
CVE-2008-1628
2008-04-02 17:44:00
JSON
Related for SUSE_AUDIT-5212.NASL
nessus3openvas6ubuntucve1prion1securityvulns2cve1gentoo1fedora1debiancve1