Debian: Security Advisory (DSA-2737-1)

# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.702737");
  script_cve_id("CVE-2013-2161", "CVE-2013-4155");
  script_tag(name:"creation_date", value:"2013-08-11 22:00:00 +0000 (Sun, 11 Aug 2013)");
  script_version("2024-02-01T14:37:10+0000");
  script_tag(name:"last_modification", value:"2024-02-01 14:37:10 +0000 (Thu, 01 Feb 2024)");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_name("Debian: Security Advisory (DSA-2737-1)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2013 Greenbone AG");
  script_family("Debian Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB7");

  script_xref(name:"Advisory-ID", value:"DSA-2737-1");
  script_xref(name:"URL", value:"https://www.debian.org/security/2013/DSA-2737-1");
  script_xref(name:"URL", value:"https://security-tracker.debian.org/tracker/DSA-2737");

  script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'swift' package(s) announced via the DSA-2737-1 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"Several vulnerabilities have been discovered in Swift, the Openstack object storage. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2013-2161

Alex Gaynor from Rackspace reported a vulnerability in XML handling within Swift account servers. Account strings were unescaped in xml listings, and an attacker could potentially generate unparsable or arbitrary XML responses which may be used to leverage other vulnerabilities in the calling software.

CVE-2013-4155

Peter Portante from Red Hat reported a vulnerability in Swift. By issuing requests with an old X-Timestamp value, an authenticated attacker can fill an object server with superfluous object tombstones, which may significantly slow down subsequent requests to that object server, facilitating a Denial of Service attack against Swift clusters.

For the stable distribution (wheezy), these problems have been fixed in version 1.4.8-2+deb7u1.

For the unstable distribution (sid), these problems have been fixed in version 1.8.0-6.

We recommend that you upgrade your swift packages.");

  script_tag(name:"affected", value:"'swift' package(s) on Debian 7.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

release = dpkg_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "DEB7") {

  if(!isnull(res = isdpkgvuln(pkg:"python-swift", ver:"1.4.8-2+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"swift", ver:"1.4.8-2+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"swift-account", ver:"1.4.8-2+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"swift-container", ver:"1.4.8-2+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"swift-doc", ver:"1.4.8-2+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"swift-object", ver:"1.4.8-2+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"swift-proxy", ver:"1.4.8-2+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);