Mandriva Update for cpio MDVSA-2010:065 (cpio) - Heap-based buffer overflow in rmt client functionalit
Reporter | Title | Published | Views | Family All 129 |
---|---|---|---|---|
![]() | GLSA-201111-11 : GNU Tar: User-assisted execution of arbitrary code | 22 Nov 201100:00 | โ | nessus |
![]() | GLSA-201311-21 : cpio: Arbitrary code execution | 29 Nov 201300:00 | โ | nessus |
![]() | SuSE9 Security Update : cpio (YOU Patch Number 12603) | 4 May 201000:00 | โ | nessus |
![]() | Fedora 12 : tar-1.22-12.fc12 (2010-4309) | 1 Jul 201000:00 | โ | nessus |
![]() | SuSE 11 Security Update : cpio (SAT Patch Number 2198) | 2 Dec 201000:00 | โ | nessus |
![]() | Fedora 11 : cpio-2.9.90-8.fc11 (2010-4302) | 1 Jul 201000:00 | โ | nessus |
![]() | Fedora 12 : cpio-2.10-5.fc12 (2010-4321) | 1 Jul 201000:00 | โ | nessus |
![]() | openSUSE Security Update : tar (openSUSE-SU-2010:0189-1) | 1 May 201000:00 | โ | nessus |
![]() | RHEL 3 : tar (RHSA-2010:0142) | 11 May 201000:00 | โ | nessus |
![]() | RHEL 4 : cpio (RHSA-2010:0143) | 11 May 201000:00 | โ | nessus |
###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for cpio MDVSA-2010:065 (cpio)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "A vulnerability has been found and corrected in cpio and tar:
Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c
in the rmt client functionality in GNU tar before 1.23 and GNU cpio
before 2.11 allows remote rmt servers to cause a denial of service
(memory corruption) or possibly execute arbitrary code by sending more
data than was requested, related to archive filenames that contain a :
(colon) character (CVE-2010-0624).
The Tar package as shipped with Mandriva Linux is not affected
by this vulnerability, but it was patched nonetheless in order to
provide additional security to customers who recompile the package
while having the rsh package installed.
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The updated packages have been patched to correct this issue.";
tag_affected = "cpio on Mandriva Linux 2008.0,
Mandriva Linux 2008.0/X86_64,
Mandriva Linux 2009.0,
Mandriva Linux 2009.0/X86_64,
Mandriva Linux 2009.1,
Mandriva Linux 2009.1/X86_64,
Mandriva Linux 2010.0,
Mandriva Linux 2010.0/X86_64,
Mandriva Enterprise Server 5,
Mandriva Enterprise Server 5/X86_64";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2010-03/msg00040.php");
script_oid("1.3.6.1.4.1.25623.1.0.830959");
script_version("$Revision: 8495 $");
script_tag(name:"last_modification", value:"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $");
script_tag(name:"creation_date", value:"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_xref(name: "MDVSA", value: "2010:065");
script_cve_id("CVE-2010-0624");
script_name("Mandriva Update for cpio MDVSA-2010:065 (cpio)");
script_tag(name: "summary" , value: "Check for the Version of cpio");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "MNDK_2008.0")
{
if ((res = isrpmvuln(pkg:"cpio", rpm:"cpio~2.9~2.2mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"tar", rpm:"tar~1.18~1.2mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_mes5")
{
if ((res = isrpmvuln(pkg:"cpio", rpm:"cpio~2.9~5.1mdvmes5", rls:"MNDK_mes5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"tar", rpm:"tar~1.20~7.1mdvmes5", rls:"MNDK_mes5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2010.0")
{
if ((res = isrpmvuln(pkg:"cpio", rpm:"cpio~2.10~1.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"tar", rpm:"tar~1.22~2.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2009.1")
{
if ((res = isrpmvuln(pkg:"cpio", rpm:"cpio~2.9~6.1mdv2009.1", rls:"MNDK_2009.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"tar", rpm:"tar~1.21~2.1mdv2009.1", rls:"MNDK_2009.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2009.0")
{
if ((res = isrpmvuln(pkg:"cpio", rpm:"cpio~2.9~5.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"tar", rpm:"tar~1.20~7.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo