Lucene search
Copyright (C) 2008 E-Soft Inc.OPENVAS:136141256231056418HistorySep 24, 2008 - 12:00 a.m.
Gentoo Security Advisory GLSA 200603-10 (cube)
2008-09-2400:00:00
Copyright (C) 2008 E-Soft Inc.
plugins.openvas.org
3
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.1 High
AI Score
Confidence
Low
0.492 Medium
EPSS
Percentile
97.5%
The remote host is missing updates announced in
advisory GLSA 200603-10.
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.56418");
script_version("2023-07-14T16:09:26+0000");
script_tag(name:"last_modification", value:"2023-07-14 16:09:26 +0000 (Fri, 14 Jul 2023)");
script_tag(name:"creation_date", value:"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)");
script_cve_id("CVE-2006-1100", "CVE-2006-1101", "CVE-2006-1102");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Gentoo Security Advisory GLSA 200603-10 (cube)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Gentoo Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
script_tag(name:"insight", value:"Cube is vulnerable to a buffer overflow, invalid memory access and remote
client crashes, possibly leading to a Denial of Service or remote code
execution.");
script_tag(name:"solution", value:"Upstream stated that there will be no fixed version of Cube, thus the
Gentoo Security Team decided to hardmask Cube for security reasons. All
Cube users are encouraged to uninstall Cube:
# emerge --ask --unmerge games-fps/cube");
script_xref(name:"URL", value:"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200603-10");
script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=125289");
script_tag(name:"summary", value:"The remote host is missing updates announced in
advisory GLSA 200603-10.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-gentoo.inc");
include("revisions-lib.inc");
res = "";
report = "";
report = "";
if ((res = ispkgvuln(pkg:"games-fps/cube", unaffected: make_list(), vulnerable: make_list("le 20050829"))) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
Related
nessus
nessus
GLSA-200603-10 : Cube: Multiple vulnerabilities
2006-03-13 00:00:00
gentoo
gentoo
Cube: Multiple vulnerabilities
2006-03-13 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200603-10 (cube)
2008-09-24 00:00:00
nvd
nvd
prion
prion
Design/Logic Flaw
2006-03-09 13:06:00
Out-of-bounds
2006-03-09 13:06:00
Buffer overflow
2006-03-09 13:06:00
cvelist
cvelist
cve
cve
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.1 High
AI Score
Confidence
Low
0.492 Medium
EPSS
Percentile
97.5%
Related for OPENVAS:136141256231056418