Lucene search
K

Slackware: Security Advisory (SSA:2005-310-01)

🗓️ 10 Sep 2012 00:00:00Reported by Copyright (C) 2012 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 37 Views

The remote host is missing an update for the 'curl/wget' package(s) announced via the SSA:2005-310-01 advisory. New curl packages are available for Slackware 9.1, 10.0, 10.1, 10.2, and -current, and new wget packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current. These address a buffer overflow in NTLM handling which may present a security problem, though no public exploits are known at this time

Related
Refs
Code
ReporterTitlePublishedViews
Family
nessus
Apache HTTP Request Parsing HTML Injection
30 Jun 200500:00
nessus
nessus
Apache < 2.0.55 HTTP Smuggling Vulnerability
25 Jul 200500:00
nessus
nessus
GNU WGet < 1.10.2 Buffer Overflow
14 Oct 200500:00
nessus
nessus
Curl NTLM Buffer Overflow
14 Oct 200500:00
nessus
nessus
Mac OS X Multiple Vulnerabilities (Security Update 2005-009)
30 Nov 200500:00
nessus
nessus
CentOS 3 / 4 : curl (CESA-2005:807)
3 Jul 200600:00
nessus
nessus
CentOS 3 / 4 : wget (CESA-2005:812)
3 Jul 200600:00
nessus
nessus
Debian DSA-919-2 : curl - buffer overflow
14 Oct 200600:00
nessus
nessus
Fedora Core 3 : curl-7.12.3-4.fc3 (2005-1000)
19 Oct 200500:00
nessus
nessus
Fedora Core 4 : curl-7.13.1-4.fc4 (2005-1129)
11 Dec 200500:00
nessus
Rows per page
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.55804");
  script_cve_id("CVE-2005-3185");
  script_tag(name:"creation_date", value:"2012-09-10 23:34:21 +0000 (Mon, 10 Sep 2012)");
  script_version("2025-01-14T05:37:02+0000");
  script_tag(name:"last_modification", value:"2025-01-14 05:37:02 +0000 (Tue, 14 Jan 2025)");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_name("Slackware: Security Advisory (SSA:2005-310-01)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2012 Greenbone AG");
  script_family("Slackware Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/slackware_linux", "ssh/login/slackpack", re:"ssh/login/release=SLK(10\.0|10\.1|10\.2|8\.1|9\.0|9\.1|current)");

  script_xref(name:"Advisory-ID", value:"SSA:2005-310-01");
  script_xref(name:"URL", value:"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.519010");
  script_xref(name:"URL", value:"http://curl.haxx.se/docs/security.html");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'curl/wget' package(s) announced via the SSA:2005-310-01 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"New curl packages are available for Slackware 9.1, 10.0, 10.1, 10.2,
and -current, and new wget packages are available for Slackware 8.1,
9.0, 9.1, 10.0, 10.1, 10.2, and -current. These address a buffer
overflow in NTLM handling which may present a security problem, though
no public exploits are known at this time.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

 [link moved to references]

Here are the details from the Slackware 10.2 ChangeLog:
+--------------------------+
patches/packages/curl-7.12.2-i486-2.tgz: Patched. This addresses a buffer
 overflow in libcurl's NTLM function that could have possible security
 implications.
 For more details, see:
 [links moved to references]
 (* Security fix *)
patches/packages/wget-1.10.2-i486-1.tgz: Upgraded to wget-1.10.2.
 This addresses a buffer overflow in wget's NTLM handling function that could
 have possible security implications.
 For more details, see:
 [link moved to references]
 (* Security fix *)
+--------------------------+");

  script_tag(name:"affected", value:"'curl/wget' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware current.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-slack.inc");

release = slk_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "SLK10.0") {

  if(!isnull(res = isslkpkgvuln(pkg:"curl", ver:"7.12.2-i486-2", rls:"SLK10.0"))) {
    report += res;
  }

  if(!isnull(res = isslkpkgvuln(pkg:"wget", ver:"1.10.2-i486-1", rls:"SLK10.0"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "SLK10.1") {

  if(!isnull(res = isslkpkgvuln(pkg:"curl", ver:"7.12.2-i486-2", rls:"SLK10.1"))) {
    report += res;
  }

  if(!isnull(res = isslkpkgvuln(pkg:"wget", ver:"1.10.2-i486-1", rls:"SLK10.1"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "SLK10.2") {

  if(!isnull(res = isslkpkgvuln(pkg:"curl", ver:"7.12.2-i486-2", rls:"SLK10.2"))) {
    report += res;
  }

  if(!isnull(res = isslkpkgvuln(pkg:"wget", ver:"1.10.2-i486-1", rls:"SLK10.2"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "SLK8.1") {

  if(!isnull(res = isslkpkgvuln(pkg:"wget", ver:"1.10.2-i386-1", rls:"SLK8.1"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "SLK9.0") {

  if(!isnull(res = isslkpkgvuln(pkg:"wget", ver:"1.10.2-i386-1", rls:"SLK9.0"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "SLK9.1") {

  if(!isnull(res = isslkpkgvuln(pkg:"curl", ver:"7.10.7-i486-2", rls:"SLK9.1"))) {
    report += res;
  }

  if(!isnull(res = isslkpkgvuln(pkg:"wget", ver:"1.10.2-i486-1", rls:"SLK9.1"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "SLKcurrent") {

  if(!isnull(res = isslkpkgvuln(pkg:"curl", ver:"7.12.2-i486-2", rls:"SLKcurrent"))) {
    report += res;
  }

  if(!isnull(res = isslkpkgvuln(pkg:"wget", ver:"1.10.2-i486-1", rls:"SLKcurrent"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation