Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.UBUNTU_USN-173-2.NASL
HistoryJan 15, 2006 - 12:00 a.m.

Ubuntu 4.10 / 5.04 : pcre3, apache2 vulnerabilities (USN-173-2)

2006-01-1500:00:00
Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
www.tenable.com
20
JSON

USN-173-1 fixed a buffer overflow vulnerability in the PCRE library.
However, it was determined that this did not suffice to prevent all possible overflows, so another update is necessary.

In addition, it was found that the Ubuntu 4.10 version of Apache 2 contains a static copy of the library code, so this package needs to be updated as well. In Ubuntu 5.04, Apache 2 uses the external library from the libpcre3 package.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-173-2. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(20581);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2005-2491");
  script_bugtraq_id(14620);
  script_xref(name:"USN", value:"173-2");

  script_name(english:"Ubuntu 4.10 / 5.04 : pcre3, apache2 vulnerabilities (USN-173-2)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"USN-173-1 fixed a buffer overflow vulnerability in the PCRE library.
However, it was determined that this did not suffice to prevent all
possible overflows, so another update is necessary.

In addition, it was found that the Ubuntu 4.10 version of Apache 2
contains a static copy of the library code, so this package needs to
be updated as well. In Ubuntu 5.04, Apache 2 uses the external library
from the libpcre3 package.

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:ND");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-perchild");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-threadpool");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-prefork-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-threaded-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapr0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapr0-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpcre3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpcre3-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:pcregrep");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:pgrep");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:4.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.04");

  script_set_attribute(attribute:"patch_publication_date", value:"2005/08/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/15");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(4\.10|5\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 4.10 / 5.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"4.10", pkgname:"apache2", pkgver:"2.0.50-12ubuntu4.4")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-common", pkgver:"2.0.50-12ubuntu4.4")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-doc", pkgver:"2.0.50-12ubuntu4.4")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-mpm-perchild", pkgver:"2.0.50-12ubuntu4.4")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-mpm-prefork", pkgver:"2.0.50-12ubuntu4.4")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-mpm-threadpool", pkgver:"2.0.50-12ubuntu4.4")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-mpm-worker", pkgver:"2.0.50-12ubuntu4.4")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-prefork-dev", pkgver:"2.0.50-12ubuntu4.4")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-threaded-dev", pkgver:"2.0.50-12ubuntu4.4")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libapr0", pkgver:"2.0.50-12ubuntu4.4")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libapr0-dev", pkgver:"2.0.50-12ubuntu4.4")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libpcre3", pkgver:"4.5-1.1ubuntu0.4.10.1")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libpcre3-dev", pkgver:"4.5-1.1ubuntu0.4.10.1")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"pcregrep", pkgver:"4.5-1.1ubuntu0.4.10.1")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"pgrep", pkgver:"4.5-1.1ubuntu0.4.10.1")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"libpcre3", pkgver:"4.5-1.1ubuntu0.5.04.1")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"libpcre3-dev", pkgver:"4.5-1.1ubuntu0.5.04.1")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"pcregrep", pkgver:"4.5-1.1ubuntu0.5.04.1")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"pgrep", pkgver:"4.5-1.1ubuntu0.5.04.1")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2 / apache2-common / apache2-doc / apache2-mpm-perchild / etc");
}
VendorProductVersionCPE
canonicalubuntu_linuxapache2p-cpe:/a:canonical:ubuntu_linux:apache2
canonicalubuntu_linuxapache2-commonp-cpe:/a:canonical:ubuntu_linux:apache2-common
canonicalubuntu_linuxapache2-docp-cpe:/a:canonical:ubuntu_linux:apache2-doc
canonicalubuntu_linuxapache2-mpm-perchildp-cpe:/a:canonical:ubuntu_linux:apache2-mpm-perchild
canonicalubuntu_linuxapache2-mpm-preforkp-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork
canonicalubuntu_linuxapache2-mpm-threadpoolp-cpe:/a:canonical:ubuntu_linux:apache2-mpm-threadpool
canonicalubuntu_linuxapache2-mpm-workerp-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker
canonicalubuntu_linuxapache2-prefork-devp-cpe:/a:canonical:ubuntu_linux:apache2-prefork-dev
canonicalubuntu_linuxapache2-threaded-devp-cpe:/a:canonical:ubuntu_linux:apache2-threaded-dev
canonicalubuntu_linuxlibapr0p-cpe:/a:canonical:ubuntu_linux:libapr0
Rows per page:
1-10 of 171

Related

debian 8
nessus 36
osv 4
openvas 37
slackware 4
centos 5
ubuntu 3
gentoo 5
httpd 1
redhat 3
freebsd 1
ubuntucve 1
suse 4
oraclelinux 1
securityvulns 8
cve 1
debiancve 1
debian
debian
[SECURITY] [DSA 819-1] New python2.1 packages fix arbitrary code execution
2005-09-23 09:29:05
[SECURITY] [DSA 821-1] New python2.3 packages fix arbitrary code execution
2005-09-28 08:24:43
[SECURITY] [DSA 817-1] New python2.2 packages fix arbitrary code execution
2005-09-22 08:44:23
nessus
nessus
Ubuntu 4.10 / 5.04 : python2.1, python2.2, python2.3, gnumeric vulnerabilities (USN-173-4)
2006-01-15 00:00:00
Ubuntu 4.10 / 5.04 : pcre3 vulnerability (USN-173-1)
2006-01-15 00:00:00
Mandrake Linux Security Advisory : gnumeric (MDKSA-2005:153)
2005-10-05 00:00:00
osv
osv
python2.2 - integer overflow
2005-09-22 00:00:00
python2.3 - integer overflow
2005-09-28 00:00:00
python2.1 - integer overflow
2005-09-23 00:00:00
openvas
openvas
Debian Security Advisory DSA 821-1 (python2.3)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200509-02 (Gnumeric)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-819-1)
2008-01-17 00:00:00
slackware
slackware
PCRE library
2005-08-30 15:53:53
PHP
2005-08-30 15:54:11
php5 in Slackware 10.1
2005-09-08 15:55:19
centos
centos
python, tkinter security update
2006-03-09 21:29:49
pcre security update
2005-09-08 23:08:40
pcre security update
2005-09-08 18:08:23
ubuntu
ubuntu
PCRE vulnerability
2005-08-24 00:00:00
PCRE vulnerability
2005-08-25 00:00:00
PCRE vulnerabilities
2005-08-31 00:00:00
gentoo
gentoo
Gnumeric: Heap overflow in the included PCRE library
2005-09-03 00:00:00
libpcre: Heap integer overflow
2005-08-25 00:00:00
Python: Heap overflow in the included PCRE library
2005-09-12 00:00:00
httpd
httpd
Apache Httpd < 2.0.55 : PCRE overflow
2005-10-14 00:00:00
redhat
redhat
(RHSA-2006:0197) python security update
2006-03-09 00:00:00
(RHSA-2005:761) pcre security update
2005-09-08 00:00:00
(RHSA-2005:358) exim security update
2005-09-08 00:00:00
freebsd
freebsd
pcre -- regular expression buffer overflow
2005-08-01 00:00:00
ubuntucve
ubuntucve
CVE-2005-2491
2005-08-23 00:00:00
suse
suse
remote code execution in pcre
2005-08-30 13:56:51
local command execution, authentication bypass, in apache2
2005-09-16 12:34:21
remote code execution in php4, php5
2005-08-30 14:35:22
oraclelinux
oraclelinux
python security update
2006-11-30 00:00:00
securityvulns
securityvulns
Apache PCRE Integer Overflow Vulnerability
2005-09-05 00:00:00
MDKSA-2005:153 - Updated gnumeric packages fix integer overflow vulnerability
2005-08-28 00:00:00
MDKSA-2005:154 - Updated python packages fix integer overflow vulnerability
2005-08-28 00:00:00
cve
cve
CVE-2005-2491
2005-08-23 04:00:00
debiancve
debiancve
CVE-2005-2491
2005-08-23 04:00:00
JSON
Related for UBUNTU_USN-173-2.NASL
debian8nessus36osv4openvas37slackware4centos5ubuntu3gentoo5httpd1redhat3freebsd1ubuntucve1suse4oraclelinux1securityvulns8cve1debiancve1