Lucene search

K
nessus
This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.SUSE_NDISWRAPPER-5833.NASL
HistoryDec 05, 2008 - 12:00 a.m.

openSUSE 10 Security Update : ndiswrapper (ndiswrapper-5833)

2008-12-0500:00:00
This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.
www.tenable.com
10

The ndiswrapper was updated to fix multiple buffer overflows that can be exploited over a connected WLAN by using long ESSID stings.
(CVE-2008-4395)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update ndiswrapper-5833.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(35039);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2008-4395");

  script_name(english:"openSUSE 10 Security Update : ndiswrapper (ndiswrapper-5833)");
  script_summary(english:"Check for the ndiswrapper-5833 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The ndiswrapper was updated to fix multiple buffer overflows that can
be exploited over a connected WLAN by using long ESSID stings.
(CVE-2008-4395)"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected ndiswrapper packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ndiswrapper");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-bigsmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-xenpae");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3");

  script_set_attribute(attribute:"patch_publication_date", value:"2008/11/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2008/12/05");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE10.3", reference:"ndiswrapper-1.47-32.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"ndiswrapper-kmp-bigsmp-1.47_2.6.22.19_0.1-32.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"ndiswrapper-kmp-default-1.47_2.6.22.19_0.1-32.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"ndiswrapper-kmp-xen-1.47_2.6.22.19_0.1-32.2") ) flag++;
if ( rpm_check(release:"SUSE10.3", reference:"ndiswrapper-kmp-xenpae-1.47_2.6.22.19_0.1-32.2") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ndiswrapper");
}
How to find holes in your network?

Try incredible fast Vulners Perimeter Scanner and find vulnerabilities and unnecessary ip and ports in network devices inside your network before anyone else.

Try Network Scanner
Related for SUSE_NDISWRAPPER-5833.NASL