Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-1418-1.NASL
HistoryApr 06, 2012 - 12:00 a.m.

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : gnutls13, gnutls26 vulnerabilities (USN-1418-1)

2012-04-0600:00:00
Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9
JSON

Alban Crequy discovered that the GnuTLS library incorrectly checked array bounds when copying TLS session data. A remote attacker could crash a client application, leading to a denial of service, as the client application prepared for TLS session resumption.
(CVE-2011-4128)

Matthew Hall discovered that the GnuTLS library incorrectly handled TLS records. A remote attacker could crash client and server applications, leading to a denial of service, by sending a crafted TLS record. (CVE-2012-1573).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1418-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(58618);
  script_version("1.8");
  script_cvs_date("Date: 2019/09/19 12:54:27");

  script_cve_id("CVE-2011-4128", "CVE-2012-1573");
  script_bugtraq_id(50609, 52667);
  script_xref(name:"USN", value:"1418-1");

  script_name(english:"Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : gnutls13, gnutls26 vulnerabilities (USN-1418-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Alban Crequy discovered that the GnuTLS library incorrectly checked
array bounds when copying TLS session data. A remote attacker could
crash a client application, leading to a denial of service, as the
client application prepared for TLS session resumption.
(CVE-2011-4128)

Matthew Hall discovered that the GnuTLS library incorrectly handled
TLS records. A remote attacker could crash client and server
applications, leading to a denial of service, by sending a crafted TLS
record. (CVE-2012-1573).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/1418-1/"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected libgnutls13 and / or libgnutls26 packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libgnutls13");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libgnutls26");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");

  script_set_attribute(attribute:"vuln_publication_date", value:"2011/12/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/04/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/04/06");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(8\.04|10\.04|10\.10|11\.04|11\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.04 / 10.04 / 10.10 / 11.04 / 11.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"8.04", pkgname:"libgnutls13", pkgver:"2.0.4-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"libgnutls26", pkgver:"2.8.5-2ubuntu0.1")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"libgnutls26", pkgver:"2.8.6-1ubuntu0.1")) flag++;
if (ubuntu_check(osver:"11.04", pkgname:"libgnutls26", pkgver:"2.8.6-1ubuntu2.1")) flag++;
if (ubuntu_check(osver:"11.10", pkgname:"libgnutls26", pkgver:"2.10.5-1ubuntu3.1")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libgnutls13 / libgnutls26");
}
VendorProductVersionCPE
canonicalubuntu_linuxlibgnutls13p-cpe:/a:canonical:ubuntu_linux:libgnutls13
canonicalubuntu_linuxlibgnutls26p-cpe:/a:canonical:ubuntu_linux:libgnutls26
canonicalubuntu_linux10.04cpe:/o:canonical:ubuntu_linux:10.04:-:lts
canonicalubuntu_linux10.10cpe:/o:canonical:ubuntu_linux:10.10
canonicalubuntu_linux11.04cpe:/o:canonical:ubuntu_linux:11.04
canonicalubuntu_linux11.10cpe:/o:canonical:ubuntu_linux:11.10
canonicalubuntu_linux8.04cpe:/o:canonical:ubuntu_linux:8.04:-:lts

Related

openvas 36
oraclelinux 2
nessus 29
fedora 4
centos 2
ubuntu 1
amazon 1
redhat 4
gentoo 1
prion 2
cve 2
slackware 1
freebsd 2
debiancve 1
checkpoint_advisories 1
veracode 2
debian 1
ubuntucve 2
securityvulns 1
suse 1
vmware 2
openvas
openvas
Fedora Update for gnutls FEDORA-2012-4569
2012-04-11 00:00:00
RedHat Update for gnutls RHSA-2012:0429-01
2012-07-09 00:00:00
CentOS Update for gnutls CESA-2012:0429 centos6
2012-07-30 00:00:00
oraclelinux
oraclelinux
gnutls security update
2012-03-28 00:00:00
gnutls security update
2012-03-27 00:00:00
nessus
nessus
Fedora 15 : gnutls-2.10.5-3.fc15 (2012-4569)
2012-04-11 00:00:00
Scientific Linux Security Update : gnutls on SL6.x i386/x86_64 (20120327)
2012-08-01 00:00:00
CentOS 6 : gnutls (CESA-2012:0429)
2012-03-29 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: gnutls-2.10.5-3.fc15
2012-04-11 03:49:48
[SECURITY] Fedora 15 Update: gnutls-2.10.5-3.fc15
2012-04-11 17:00:37
[SECURITY] Fedora 16 Update: gnutls-2.12.14-2.fc16
2012-03-26 17:54:06
centos
centos
gnutls security update
2012-03-28 01:12:42
gnutls security update
2012-03-28 00:49:15
ubuntu
ubuntu
GnuTLS vulnerabilities
2012-04-05 00:00:00
amazon
amazon
Important: gnutls
2012-04-05 12:47:00
redhat
redhat
(RHSA-2012:0429) Important: gnutls security update
2012-03-27 00:00:00
(RHSA-2012:0428) Important: gnutls security update
2012-03-27 00:00:00
(RHSA-2012:0488) Important: rhev-hypervisor5 security and bug fix update
2012-04-17 00:00:00
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2012-06-23 00:00:00
prion
prion
Memory corruption
2012-03-26 19:55:00
Buffer overflow
2011-12-08 20:55:00
cve
cve
CVE-2012-1573
2012-03-26 19:55:00
CVE-2011-4128
2011-12-08 20:55:00
slackware
slackware
[slackware-security] gnutls
2013-10-15 00:18:30
freebsd
freebsd
gnutls -- possible overflow/Denial of service vulnerabilities
2012-03-20 00:00:00
gnutls -- client session resumption vulnerability
2011-11-08 00:00:00
debiancve
debiancve
CVE-2012-1573
2012-03-26 19:55:00
checkpoint_advisories
checkpoint_advisories
GnuTLS TLS Record Application GenericBlockCipher Parsing Integer Overflow (CVE-2012-1573)
2012-09-03 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:12:39
Denial Of Service (DoS)
2020-04-10 01:12:38
debian
debian
[SECURITY] [DSA 2441-1] gnutls26 security update
2012-03-25 18:53:32
ubuntucve
ubuntucve
CVE-2012-1573
2012-03-26 00:00:00
CVE-2011-4128
2011-12-08 00:00:00
securityvulns
securityvulns
GnuTLS / libtasn1 security vulnerabilities
2012-03-26 00:00:00
suse
suse
Security update for gnutls (critical)
2014-03-04 01:04:52
vmware
vmware
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
JSON
Related for UBUNTU_USN-1418-1.NASL
openvas36oraclelinux2nessus29fedora4centos2ubuntu1amazon1redhat4gentoo1prion2cve2slackware1freebsd2debiancve1checkpoint_advisories1veracode2debian1ubuntucve2securityvulns1suse1vmware2