Search...

Fedora Update for rootsh FEDORA-2018-94665e91e0

2018-01-19T00:00:00

ID OPENVAS:1361412562310874032
Type openvas
Reporter Copyright (C) 2018 Greenbone Networks GmbH
Modified 2019-03-15T00:00:00

Description

The remote host is missing an update for the

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_fedora_2018_94665e91e0_rootsh_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $
#
# Fedora Update for rootsh FEDORA-2018-94665e91e0
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.874032");
  script_version("$Revision: 14223 $");
  script_tag(name:"last_modification", value:"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $");
  script_tag(name:"creation_date", value:"2018-01-19 07:45:32 +0100 (Fri, 19 Jan 2018)");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"qod_type", value:"package");
  script_name("Fedora Update for rootsh FEDORA-2018-94665e91e0");
  script_tag(name:"summary", value:"The remote host is missing an update for the 'rootsh'
  package(s) announced via the referenced advisory.");
  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
  script_tag(name:"affected", value:"rootsh on Fedora 26");
  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_xref(name:"FEDORA", value:"2018-94665e91e0");
  script_xref(name:"URL", value:"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG2GB3GJ2HS3WYJRDFURFEVSUSGMDXDQ");
  script_tag(name:"solution_type", value:"VendorFix");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2018 Greenbone Networks GmbH");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC26");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";

if(release == "FC26")
{

  if ((res = isrpmvuln(pkg:"rootsh", rpm:"rootsh~1.5.3~17.fc26", rls:"FC26")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

JSON Vulners Source

Initial Source

{"pluginID": "1361412562310874032", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_94665e91e0_rootsh_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for rootsh FEDORA-2018-94665e91e0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874032\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-01-19 07:45:32 +0100 (Fri, 19 Jan 2018)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rootsh FEDORA-2018-94665e91e0\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rootsh'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rootsh on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-94665e91e0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG2GB3GJ2HS3WYJRDFURFEVSUSGMDXDQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"rootsh\", rpm:\"rootsh~1.5.3~17.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Check the version of rootsh", "edition": 1, "enchantments": {"dependencies": {"modified": "2018-01-22T13:04:09", "references": []}, "score": {"value": 10.0, "vector": "NONE"}}, "hash": "8f1441a1866d4786489b96e28fd9174301a912788d9dce23ebbeda80406e0135", "hashmap": [{"hash": "cae1fe8cfb750a7edbef5792beef8a27", "key": "sourceData"}, {"hash": "bb8dea3112df0516a41d553c59c1b7c5", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "b0a635c803a404302b1505799a5a3e0d", "key": "pluginID"}, {"hash": "8acef1c33f73aafdb7cffe84eda8c2b1", "key": "published"}, {"hash": "bd2811809d78a66b4d39bc1fb8b08ee6", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "39e45a847bb3c692dd04ccb7f506a7b2", "key": "description"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "8acef1c33f73aafdb7cffe84eda8c2b1", "key": "modified"}, {"hash": "cc98cfff8b9017b151f816550f851f9c", "key": "references"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "1837fd06050ace80a14f10c8805ac28e", "key": "href"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874032", "id": "OPENVAS:1361412562310874032", "lastseen": "2018-01-22T13:04:09", "modified": "2018-01-19T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310874032", "published": "2018-01-19T00:00:00", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG2GB3GJ2HS3WYJRDFURFEVSUSGMDXDQ", "2018-94665e91e0"], "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_94665e91e0_rootsh_fc26.nasl 8473 2018-01-19 15:49:03Z gveerendra $\n#\n# Fedora Update for rootsh FEDORA-2018-94665e91e0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874032\");\n script_version(\"$Revision: 8473 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 16:49:03 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-01-19 07:45:32 +0100 (Fri, 19 Jan 2018)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rootsh FEDORA-2018-94665e91e0\");\n script_tag(name: \"summary\", value: \"Check the version of rootsh\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Rootsh is a wrapper for shells which logs \nall echoed keystrokes and terminal output to a file and/or to syslog. Its main \npurpose is the auditing of users who need a shell with root privileges. \nThey start rootsh through the sudo mechanism.\n\");\n script_tag(name: \"affected\", value: \"rootsh on Fedora 26\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2018-94665e91e0\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG2GB3GJ2HS3WYJRDFURFEVSUSGMDXDQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"rootsh\", rpm:\"rootsh~1.5.3~17.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "Fedora Update for rootsh FEDORA-2018-94665e91e0", "type": "openvas", "viewCount": 1}, "differentElements": ["description", "modified", "sourceData"], "edition": 1, "lastseen": "2018-01-22T13:04:09"}], "description": "The remote host is missing an update for the ", "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874032", "type": "openvas", "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "1693b96dcccf4fbcd463bf8baaa2bf3f"}, {"key": "href", "hash": "1837fd06050ace80a14f10c8805ac28e"}, {"key": "modified", "hash": "4525bc09d1c4c408a417a5eb7b850972"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "b0a635c803a404302b1505799a5a3e0d"}, {"key": "published", "hash": "8acef1c33f73aafdb7cffe84eda8c2b1"}, {"key": "references", "hash": "cc98cfff8b9017b151f816550f851f9c"}, {"key": "reporter", "hash": "bd2811809d78a66b4d39bc1fb8b08ee6"}, {"key": "sourceData", "hash": "7f42ee0d395bf9bf66f33668a872a5cc"}, {"key": "title", "hash": "bb8dea3112df0516a41d553c59c1b7c5"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "viewCount": 1, "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG2GB3GJ2HS3WYJRDFURFEVSUSGMDXDQ", "2018-94665e91e0"], "lastseen": "2019-03-18T14:23:05", "published": "2018-01-19T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "cvelist": [], "id": "OPENVAS:1361412562310874032", "hash": "7e12bcf951b3dfe7c8aea40584ed8ed306a97b43f6ab002b25f4fde45cd56109", "modified": "2019-03-15T00:00:00", "title": "Fedora Update for rootsh FEDORA-2018-94665e91e0", "edition": 2, "cvss": {"score": 0.0, "vector": "NONE"}, "bulletinFamily": "scanner", "enchantments": {"dependencies": {"references": [], "modified": "2019-03-18T14:23:05"}, "score": {"value": -0.0, "vector": "NONE", "modified": "2019-03-18T14:23:05"}, "vulnersScore": -0.0}, "scheme": null}