Lucene search
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2018-0874-1.NASLHistoryApr 06, 2018 - 12:00 a.m.
SUSE SLES11 Security Update : glibc (SUSE-SU-2018:0874-1)
2018-04-0600:00:00
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
26
This update for glibc fixes the following issues: Security issues fixed :
-
CVE-2017-12133: Avoid use-after-free read access in clntudp_call (bsc#1081556) Non security issue fixed :
-
Fix incorrect getaddrinfo assertion trigger (bsc#1076871)
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2018:0874-1.
# The text itself is copyright (C) SUSE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(108871);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2017-12133");
script_name(english:"SUSE SLES11 Security Update : glibc (SUSE-SU-2018:0874-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"This update for glibc fixes the following issues: Security issues
fixed :
- CVE-2017-12133: Avoid use-after-free read access in
clntudp_call (bsc#1081556) Non security issue fixed :
- Fix incorrect getaddrinfo assertion trigger
(bsc#1076871)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1076871"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1081556"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-12133/"
);
# https://www.suse.com/support/update/announcement/2018/suse-su-20180874-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?51687111"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t
patch sdksp4-glibc-13548=1
SUSE Linux Enterprise Server 11-SP4:zypper in -t patch
slessp4-glibc-13548=1
SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch
dbgsp4-glibc-13548=1"
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-html");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-i18ndata");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-info");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-locale");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-profile");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nscd");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/09/07");
script_set_attribute(attribute:"patch_publication_date", value:"2018/04/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/06");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES11" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP4", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"glibc-32bit-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"glibc-devel-32bit-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"glibc-locale-32bit-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"glibc-profile-32bit-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"glibc-32bit-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"glibc-devel-32bit-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"glibc-locale-32bit-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"glibc-profile-32bit-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"glibc-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"glibc-devel-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"glibc-html-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"glibc-i18ndata-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"glibc-info-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"glibc-locale-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"glibc-profile-2.11.3-17.110.9.2")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"nscd-2.11.3-17.110.9.2")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | glibc | p-cpe:/a:novell:suse_linux:glibc |
| novell | suse_linux | glibc-devel | p-cpe:/a:novell:suse_linux:glibc-devel |
| novell | suse_linux | glibc-html | p-cpe:/a:novell:suse_linux:glibc-html |
| novell | suse_linux | glibc-i18ndata | p-cpe:/a:novell:suse_linux:glibc-i18ndata |
| novell | suse_linux | glibc-info | p-cpe:/a:novell:suse_linux:glibc-info |
| novell | suse_linux | glibc-locale | p-cpe:/a:novell:suse_linux:glibc-locale |
| novell | suse_linux | glibc-profile | p-cpe:/a:novell:suse_linux:glibc-profile |
| novell | suse_linux | nscd | p-cpe:/a:novell:suse_linux:nscd |
| novell | suse_linux | 11 | cpe:/o:novell:suse_linux:11 |
Related
debiancve
debiancve
CVE-2017-12133
2017-09-07 13:29:00
nessus
nessus
Photon OS 1.0: Glibc PHSA-2017-0040
2019-02-07 00:00:00
Fedora 25 : glibc (2017-270ab2baa3)
2017-09-05 00:00:00
openSUSE Security Update : glibc (openSUSE-2018-250)
2018-03-13 00:00:00
cve
cve
CVE-2017-12133
2017-09-07 13:29:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:0874-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0655-1)
2021-04-19 00:00:00
Fedora Update for glibc FEDORA-2017-270ab2baa3
2017-09-05 00:00:00
ibm
ibm
fedora
fedora
[SECURITY] Fedora 25 Update: glibc-2.24-10.fc25
2017-09-04 21:51:08
prion
prion
Design/Logic Flaw
2017-09-07 13:29:00
osv
osv
CVE-2017-12133
2017-09-07 13:29:00
ubuntucve
ubuntucve
CVE-2017-12133
2017-09-07 00:00:00
redhatcve
redhatcve
CVE-2017-12133
2017-08-04 08:48:34
mageia
mageia
Updated glibc packages fix security vulnerabilities
2017-12-22 13:31:08
Updated glibc packages fix security vulnerabilities
2017-12-28 16:16:56
cloudfoundry
cloudfoundry
USN-4416-1: GNU C Library vulnerabilities | Cloud Foundry
2020-08-27 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2020-07-06 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2017-0080
2017-10-24 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1844
2021-07-02 16:56:21
Related for SUSE_SU-2018-0874-1.NASL