Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_GLIBC-8387.NASL
HistoryDec 19, 2012 - 12:00 a.m.

SuSE 10 Security Update : glibc (ZYPP Patch Number 8387)

2012-12-1900:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7
JSON

This update for GNU C library (glibc) fixes multiple integer overflows in strtod and related functions.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(63295);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2012-3480");

  script_name(english:"SuSE 10 Security Update : glibc (ZYPP Patch Number 8387)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 10 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for GNU C library (glibc) fixes multiple integer overflows
in strtod and related functions."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-3480.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 8387.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/11/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/12/19");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SLED10", sp:4, reference:"glibc-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"glibc-devel-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"glibc-html-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"glibc-i18ndata-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"glibc-info-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"glibc-locale-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"nscd-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"glibc-32bit-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"glibc-devel-32bit-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"glibc-locale-32bit-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"glibc-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"glibc-devel-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"glibc-html-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"glibc-i18ndata-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"glibc-info-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"glibc-locale-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"glibc-profile-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"nscd-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"glibc-32bit-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"glibc-devel-32bit-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"glibc-locale-32bit-2.4-31.107.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"glibc-profile-32bit-2.4-31.107.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else exit(0, "The host is not affected.");
VendorProductVersionCPE
susesuse_linuxcpe:/o:suse:suse_linux

Related

nessus 26
openvas 24
securityvulns 3
redhat 4
centos 2
fedora 3
amazon 1
oraclelinux 2
prion 1
debiancve 1
veracode 1
cve 1
ubuntucve 1
slackware 1
ubuntu 2
vmware 2
gentoo 1
debian 1
osv 1
nessus
nessus
SUSE SLED10 / SLES10 Security Update : glibc (SUSE-SU-2012:1667-1)
2015-05-20 00:00:00
Fedora 16 : glibc-2.14.90-24.fc16.9 (2012-11928)
2012-08-28 00:00:00
Fedora 17 : glibc-2.15-56.fc17 (2012-11927)
2012-08-20 00:00:00
openvas
openvas
CentOS Update for glibc CESA-2012:1207 centos5
2012-08-28 00:00:00
CentOS Update for glibc CESA-2012:1208 centos6
2012-08-28 00:00:00
Fedora Update for glibc FEDORA-2012-11928
2012-08-30 00:00:00
securityvulns
securityvulns
GNU libc buffer overflow
2012-09-04 00:00:00
[slackware-security] glibc &#40;SSA:2012-244-01&#41;
2012-09-04 00:00:00
VMSA-2012-0018 VMware security updates for vCSA and ESXi
2013-01-02 00:00:00
redhat
redhat
(RHSA-2012:1207) Moderate: glibc security and bug fix update
2012-08-27 00:00:00
(RHSA-2012:1208) Moderate: glibc security update
2012-08-27 00:00:00
(RHSA-2012:1262) Important: rhev-hypervisor5 security and bug fix update
2012-09-13 00:00:00
centos
centos
glibc, nscd security update
2012-08-27 19:18:45
glibc, nscd security update
2012-08-27 16:45:54
fedora
fedora
[SECURITY] Fedora 17 Update: glibc-2.15-56.fc17
2012-08-18 01:30:04
[SECURITY] Fedora 18 Update: glibc-2.16-8.fc18
2012-09-17 23:50:57
[SECURITY] Fedora 16 Update: glibc-2.14.90-24.fc16.9
2012-08-27 22:59:56
amazon
amazon
Medium: glibc
2012-09-04 10:23:00
oraclelinux
oraclelinux
glibc security and bug fix update
2012-08-27 00:00:00
glibc security update
2012-08-27 00:00:00
prion
prion
Integer overflow
2012-08-25 10:29:00
debiancve
debiancve
CVE-2012-3480
2012-08-25 10:29:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:56:24
cve
cve
CVE-2012-3480
2012-08-25 10:29:00
ubuntucve
ubuntucve
CVE-2012-3480
2012-08-25 00:00:00
slackware
slackware
[slackware-security] glibc
2012-08-31 18:37:01
ubuntu
ubuntu
GNU C Library regression
2012-12-17 00:00:00
GNU C Library vulnerabilities
2012-10-02 00:00:00
vmware
vmware
VMware security updates for vCSA, vCenter Server, and ESXi
2012-12-20 00:00:00
VMware security updates for vCSA, vCenter Server, and ESXi
2012-12-20 00:00:00
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2015-03-08 00:00:00
debian
debian
[SECURITY] [DLA 165-1] eglibc security update
2015-03-06 15:39:53
osv
osv
eglibc - security update
2015-03-06 00:00:00
JSON
Related for SUSE_GLIBC-8387.NASL
nessus26openvas24securityvulns3redhat4centos2fedora3amazon1oraclelinux2prion1debiancve1veracode1cve1ubuntucve1slackware1ubuntu2vmware2gentoo1debian1osv1