Lucene search
Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-1296-1.NASLHistoryDec 09, 2011 - 12:00 a.m.
Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : acpid vulnerabilities (USN-1296-1)
2011-12-0900:00:00
Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
50
Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled power button events. A local attacker could use this to execute arbitrary code, and possibly escalate privileges. (CVE-2011-2777)
Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask (umask). A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask. (CVE-2011-4578).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1296-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(57060);
script_version("1.8");
script_cvs_date("Date: 2019/09/19 12:54:27");
script_cve_id("CVE-2011-2777", "CVE-2011-4578");
script_bugtraq_id(50945);
script_xref(name:"USN", value:"1296-1");
script_name(english:"Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : acpid vulnerabilities (USN-1296-1)");
script_summary(english:"Checks dpkg output for updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Ubuntu host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled
power button events. A local attacker could use this to execute
arbitrary code, and possibly escalate privileges. (CVE-2011-2777)
Helmut Grohne and Michael Biebl discovered that ACPI scripts were
executed with a permissive file mode creation mask (umask). A local
attacker could read files and modify directories created by ACPI
scripts that did not set a strict umask. (CVE-2011-4578).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/1296-1/"
);
script_set_attribute(attribute:"solution", value:"Update the affected acpid package.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:acpid");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.04");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.10");
script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/29");
script_set_attribute(attribute:"patch_publication_date", value:"2011/12/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/09");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(10\.04|10\.10|11\.04|11\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 10.04 / 10.10 / 11.04 / 11.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"10.04", pkgname:"acpid", pkgver:"1.0.10-5ubuntu2.5")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"acpid", pkgver:"1.0.10-5ubuntu4.4")) flag++;
if (ubuntu_check(osver:"11.04", pkgname:"acpid", pkgver:"1:2.0.7-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"11.10", pkgname:"acpid", pkgver:"1:2.0.10-1ubuntu2.3")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acpid");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | acpid | p-cpe:/a:canonical:ubuntu_linux:acpid |
| canonical | ubuntu_linux | 10.04 | cpe:/o:canonical:ubuntu_linux:10.04:-:lts |
| canonical | ubuntu_linux | 10.10 | cpe:/o:canonical:ubuntu_linux:10.10 |
| canonical | ubuntu_linux | 11.04 | cpe:/o:canonical:ubuntu_linux:11.04 |
| canonical | ubuntu_linux | 11.10 | cpe:/o:canonical:ubuntu_linux:11.10 |
Related
securityvulns
securityvulns
ACPI scripts privilege escalation
2011-12-12 00:00:00
[USN-1296-1] acpid vulnerabilities
2011-12-12 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1296-1)
2011-12-09 00:00:00
Mandriva Update for acpid MDVSA-2012:137 (acpid)
2012-08-21 00:00:00
Ubuntu Update for acpid USN-1296-1
2011-12-09 00:00:00
ubuntu
ubuntu
acpid vulnerabilities
2011-12-08 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : acpid (MDVSA-2012:137)
2012-09-06 00:00:00
Debian DSA-2362-1 : acpid - several vulnerabilities
2012-01-12 00:00:00
GLSA-201310-20 : acpid2: Privilege escalation
2013-10-29 00:00:00
debian
debian
[SECURITY] [DSA 2362-1] acpid security update
2011-12-10 10:30:09
osv
osv
acpid - several
2011-12-10 00:00:00
cve
cve
CVE-2011-2777
2012-08-29 22:55:00
CVE-2011-4578
2012-08-29 22:55:00
debiancve
debiancve
CVE-2011-2777
2012-08-29 22:55:00
CVE-2011-4578
2012-08-29 22:55:00
prion
prion
Command injection
2012-08-29 22:55:00
Code injection
2012-08-29 22:55:00
exploitpack
exploitpack
ubuntucve
ubuntucve
CVE-2011-2777
2011-12-08 00:00:00
CVE-2011-4578
2011-12-06 00:00:00
seebug
seebug
Acpid 1:2.0.10-1ubuntu2 Privilege Boundary Crossing Vulnerability
2014-07-01 00:00:00
packetstorm
packetstorm
Acpid Privilege Boundary Crossing
2011-12-10 00:00:00
gentoo
gentoo
acpid2: Privilege escalation
2013-10-28 00:00:00
exploitdb
exploitdb
Related for UBUNTU_USN-1296-1.NASL