Lucene search
Mandriva Update for freeciv MDVSA-2010:205 (freeciv)
🗓️ 19 Oct 2010 00:00:00Reported by Copyright (c) 2010 Greenbone Networks GmbHType 
openvas🔗 plugins.openvas.org👁 16 Views
Mandriva Update for freeciv version 2.2.1 addresses a vulnerability allowing attackers to read arbitrary files or execute arbitrary commands via Lua functionality
Show more
| Reporter | Title | Published | Views | Family All 26 |
|---|---|---|---|---|
 | [SECURITY] Fedora 14 Update: freeciv-2.2.2-1.fc14 | 19 Aug 201001:11 | – | fedora |
| [SECURITY] Fedora 12 Update: freeciv-2.2.2-1.fc12 | 20 Aug 201001:31 | – | fedora |
| [SECURITY] Fedora 13 Update: freeciv-2.2.2-1.fc13 | 20 Aug 201002:24 | – | fedora |
 | Android 2.0 FreeCIV Arbitrary Code Execution | 28 Jun 202100:00 | – | packetstorm |
 | Mandriva Linux Security Advisory : freeciv (MDVSA-2010:205) | 18 Oct 201000:00 | – | nessus |
| Fedora 14 : freeciv-2.2.2-1.fc14 (2010-12371) | 19 Aug 201000:00 | – | nessus |
| Fedora 12 : freeciv-2.2.2-1.fc12 (2010-12262) | 20 Aug 201000:00 | – | nessus |
| Fedora 13 : freeciv-2.2.2-1.fc13 (2010-12256) | 20 Aug 201000:00 | – | nessus |
| GLSA-201402-07 : Freeciv: User-assisted execution of arbitrary code | 7 Feb 201400:00 | – | nessus |
 | CVE-2010-2445 | 8 Jul 201012:54 | – | debiancve |
10
###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for freeciv MDVSA-2010:205 (freeciv)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "A vulnerability was discovered and corrected in freeciv:
freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to
read arbitrary files or execute arbitrary commands via scenario
that contains Lua functionality, related to the (1) os, (2) io, (3)
package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8)
require modules or functions (CVE-2010-2445).
The updated packages have been upgraded to v2.2.1 which is not
vulnerable to this issue.";
tag_solution = "Please Install the Updated Packages.";
tag_affected = "freeciv on Mandriva Linux 2010.0,
Mandriva Linux 2010.0/X86_64,
Mandriva Linux 2010.1,
Mandriva Linux 2010.1/X86_64";
if(description)
{
script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2010-10/msg00026.php");
script_oid("1.3.6.1.4.1.25623.1.0.831209");
script_version("$Revision: 8528 $");
script_tag(name:"last_modification", value:"$Date: 2018-01-25 08:57:36 +0100 (Thu, 25 Jan 2018) $");
script_tag(name:"creation_date", value:"2010-10-19 15:54:15 +0200 (Tue, 19 Oct 2010)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name: "MDVSA", value: "2010:205");
script_cve_id("CVE-2010-2445");
script_name("Mandriva Update for freeciv MDVSA-2010:205 (freeciv)");
script_tag(name: "summary" , value: "Check for the Version of freeciv");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "MNDK_2010.1")
{
if ((res = isrpmvuln(pkg:"freeciv-client", rpm:"freeciv-client~2.2.1~0.1mdv2010.1", rls:"MNDK_2010.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"freeciv-data", rpm:"freeciv-data~2.2.1~0.1mdv2010.1", rls:"MNDK_2010.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"freeciv-server", rpm:"freeciv-server~2.2.1~0.1mdv2010.1", rls:"MNDK_2010.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"freeciv", rpm:"freeciv~2.2.1~0.1mdv2010.1", rls:"MNDK_2010.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2010.0")
{
if ((res = isrpmvuln(pkg:"freeciv-client", rpm:"freeciv-client~2.2.1~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"freeciv-data", rpm:"freeciv-data~2.2.1~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"freeciv-server", rpm:"freeciv-server~2.2.1~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"freeciv", rpm:"freeciv~2.2.1~0.1mdv2010.0", rls:"MNDK_2010.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo19 Oct 2010 00:00Current
6.5Medium risk
Vulners AI Score6.5
EPSS0.01602