Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2013 Greenbone AGOPENVAS:1361412562310881695
HistoryMar 22, 2013 - 12:00 a.m.

CentOS Update for boost CESA-2013:0668 centos6

2013-03-2200:00:00
Copyright (C) 2013 Greenbone AG
plugins.openvas.org
7

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.5%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2013-March/019661.html");
  script_oid("1.3.6.1.4.1.25623.1.0.881695");
  script_version("2023-07-10T08:07:43+0000");
  script_tag(name:"last_modification", value:"2023-07-10 08:07:43 +0000 (Mon, 10 Jul 2023)");
  script_tag(name:"creation_date", value:"2013-03-22 10:40:39 +0530 (Fri, 22 Mar 2013)");
  script_cve_id("CVE-2012-2677");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_xref(name:"CESA", value:"2013:0668");
  script_name("CentOS Update for boost CESA-2013:0668 centos6");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'boost'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2013 Greenbone AG");
  script_family("CentOS Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS6");
  script_tag(name:"affected", value:"boost on CentOS 6");
  script_tag(name:"solution", value:"Please install the updated packages.");
  script_tag(name:"insight", value:"The boost packages provide free, peer-reviewed, portable C++ source
  libraries with emphasis on libraries which work well with the C++ Standard
  Library.

  A flaw was found in the way the ordered_malloc() routine in Boost sanitized
  the 'next_size' and 'max_size' parameters when allocating memory. If an
  application used the Boost C++ libraries for memory allocation, and
  performed memory allocation based on user-supplied input, an attacker could
  use this flaw to crash the application or, potentially, execute arbitrary
  code with the privileges of the user running the application.
  (CVE-2012-2677)

  All users of boost are advised to upgrade to these updated packages, which
  contain a backported patch to fix this issue.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";

if(release == "CentOS6")
{

  if ((res = isrpmvuln(pkg:"boost", rpm:"boost~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-date-time", rpm:"boost-date-time~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-devel", rpm:"boost-devel~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-doc", rpm:"boost-doc~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-filesystem", rpm:"boost-filesystem~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-graph", rpm:"boost-graph~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-graph-mpich2", rpm:"boost-graph-mpich2~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-graph-openmpi", rpm:"boost-graph-openmpi~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-iostreams", rpm:"boost-iostreams~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-math", rpm:"boost-math~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-mpich2", rpm:"boost-mpich2~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-mpich2-devel", rpm:"boost-mpich2-devel~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-mpich2-python", rpm:"boost-mpich2-python~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-openmpi", rpm:"boost-openmpi~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-openmpi-devel", rpm:"boost-openmpi-devel~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-openmpi-python", rpm:"boost-openmpi-python~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-program-options", rpm:"boost-program-options~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-python", rpm:"boost-python~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-regex", rpm:"boost-regex~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-serialization", rpm:"boost-serialization~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-signals", rpm:"boost-signals~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-static", rpm:"boost-static~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-system", rpm:"boost-system~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-test", rpm:"boost-test~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-thread", rpm:"boost-thread~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"boost-wave", rpm:"boost-wave~1.41.0~15.el6_4", rls:"CentOS6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Related

oraclelinux 1
nessus 11
openvas 11
gentoo 1
redhat 1
centos 1
ubuntucve 1
veracode 1
cve 1
prion 1
cvelist 1
f5 2
ibm 7
nvd 1
oraclelinux
oraclelinux
boost security update
2013-03-21 00:00:00
nessus
nessus
SuSE 11.1 Security Update : boost (SAT Patch Number 6507)
2013-01-25 00:00:00
Fedora 17 : boost-1.48.0-13.fc17 (2012-9818)
2012-06-28 00:00:00
Oracle Linux 5 / 6 : boost (ELSA-2013-0668)
2013-07-12 00:00:00
openvas
openvas
Fedora Update for boost FEDORA-2012-9818
2012-08-30 00:00:00
CentOS Update for boost CESA-2013:0668 centos6
2013-03-22 00:00:00
Fedora Update for boost FEDORA-2012-9029
2012-07-06 00:00:00
gentoo
gentoo
Boost: Buffer overflow
2021-05-26 00:00:00
redhat
redhat
(RHSA-2013:0668) Moderate: boost security update
2013-03-21 00:00:00
centos
centos
boost security update
2013-03-21 19:01:31
ubuntucve
ubuntucve
CVE-2012-2677
2012-07-25 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:00:37
cve
cve
CVE-2012-2677
2012-07-25 19:55:03
prion
prion
Integer overflow
2012-07-25 19:55:00
cvelist
cvelist
CVE-2012-2677
2012-07-25 19:00:00
f5
f5
K16946 : Boost memory allocator vulnerability CVE-2012-2677
2015-09-15 00:00:00
SOL16946 - Boost memory allocator vulnerability CVE-2012-2677
2015-07-10 00:00:00
ibm
ibm
Security Bulletin: IBM® Db2® is affected by a vulnerability in an open source library boost (CVE-2012-2677)
2024-04-10 17:27:09
Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server
2024-04-05 22:31:02
Security Bulletin: Multiple security vulnerabilities have been identified in IBM DB2 which is shipped with IBM Intelligent Operations Center.
2024-04-05 08:23:20
nvd
nvd
CVE-2012-2677
2012-07-25 19:55:03

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.5%

JSON
Related for OPENVAS:1361412562310881695
oraclelinux1nessus11openvas11gentoo1redhat1centos1ubuntucve1veracode1cve1prion1cvelist1f52ibm7nvd1