Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2022 Greenbone AGOPENVAS:13614125623111020130321
HistoryJan 28, 2022 - 12:00 a.m.

Mageia: Security Advisory (MGASA-2013-0321)

2022-01-2800:00:00
Copyright (C) 2022 Greenbone AG
plugins.openvas.org
3

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.025 Low

EPSS

Percentile

90.2%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.10.2013.0321");
  script_cve_id("CVE-2013-2925", "CVE-2013-2926", "CVE-2013-2927", "CVE-2013-2928");
  script_tag(name:"creation_date", value:"2022-01-28 10:58:44 +0000 (Fri, 28 Jan 2022)");
  script_version("2024-02-02T05:06:08+0000");
  script_tag(name:"last_modification", value:"2024-02-02 05:06:08 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_name("Mageia: Security Advisory (MGASA-2013-0321)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2022 Greenbone AG");
  script_family("Mageia Linux Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA(2|3)");

  script_xref(name:"Advisory-ID", value:"MGASA-2013-0321");
  script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2013-0321.html");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html");
  script_xref(name:"URL", value:"http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_22.html");
  script_xref(name:"URL", value:"http://www.debian.org/security/2013/dsa-2785");
  script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=11554");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2013-0321 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"Updated chromium-browser-stable packages fix security vulnerabilities:

Atte Kettunen of OUSPG discover a use-after-free issue in Blink's XML HTTP
request implementation (CVE-2013-2925).

cloudfuzzer discovered a use-after-free issue in the list indenting
implementation (CVE-2013-2926).

cloudfuzzer discovered a use-after-free issue in the HTML form submission
implementation (CVE-2013-2927).

The chrome 30 development team found various issues from internal fuzzing,
audits, and other studies (CVE-2013-2928).

This updates to the newest version from the Linux stable channel, fixing
these and several other issues.");

  script_tag(name:"affected", value:"'chromium-browser-stable' package(s) on Mageia 2, Mageia 3.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "MAGEIA2") {

  if(!isnull(res = isrpmvuln(pkg:"chromium-browser", rpm:"chromium-browser~30.0.1599.114~1.mga2", rls:"MAGEIA2"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"chromium-browser-stable", rpm:"chromium-browser-stable~30.0.1599.114~1.mga2", rls:"MAGEIA2"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "MAGEIA3") {

  if(!isnull(res = isrpmvuln(pkg:"chromium-browser", rpm:"chromium-browser~30.0.1599.114~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"chromium-browser", rpm:"chromium-browser~30.0.1599.114~1.mga3.tainted", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"chromium-browser-stable", rpm:"chromium-browser-stable~30.0.1599.114~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"chromium-browser-stable", rpm:"chromium-browser-stable~30.0.1599.114~1.mga3.tainted", rls:"MAGEIA3"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

openvas 10
nessus 21
mageia 1
freebsd 1
chrome 1
threatpost 2
nvd 4
debiancve 4
prion 4
cve 4
cvelist 4
ubuntucve 4
suse 2
osv 1
debian 2
securityvulns 14
gentoo 1
thn 1
openvas
openvas
Google Chrome Multiple Vulnerabilities-02 (Oct 2013) - Windows
2013-10-23 00:00:00
Google Chrome Multiple Vulnerabilities-02 (Oct 2013) - Linux
2013-10-23 00:00:00
Google Chrome Multiple Vulnerabilities-02 (Oct 2013) - Mac OS X
2013-10-23 00:00:00
nessus
nessus
Google Chrome < 30.0.1599.101 Multiple Vulnerabilities
2013-11-11 00:00:00
Google Chrome < 30.0.1599.101 Multiple Vulnerabilities (Mac OS X)
2013-11-13 00:00:00
openSUSE Security Update : chromium (openSUSE-SU-2013:1729-1)
2014-06-13 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix multiple vulnerabilities
2013-11-09 22:58:53
freebsd
freebsd
chromium -- multiple vulnerabilities
2013-10-15 00:00:00
chrome
chrome
Stable Channel Update
2013-10-15 00:00:00
threatpost
threatpost
Google Fixes Three High-Risk Flaws in Chrome
2013-10-15 13:37:29
May 2014 Apple Safari Browser Security Patches
2014-05-23 09:03:49
nvd
nvd
CVE-2013-2925
2013-10-16 20:55:04
CVE-2013-2927
2013-10-16 20:55:06
CVE-2013-2926
2013-10-16 20:55:06
debiancve
debiancve
CVE-2013-2927
2013-10-16 20:55:00
CVE-2013-2925
2013-10-16 20:55:00
CVE-2013-2926
2013-10-16 20:55:00
prion
prion
Design/Logic Flaw
2013-10-16 20:55:00
Design/Logic Flaw
2013-10-16 20:55:00
Design/Logic Flaw
2013-10-16 20:55:00
cve
cve
CVE-2013-2927
2013-10-16 20:55:06
CVE-2013-2926
2013-10-16 20:55:06
CVE-2013-2925
2013-10-16 20:55:04
cvelist
cvelist
CVE-2013-2925
2013-10-16 20:00:00
CVE-2013-2927
2013-10-16 20:00:00
CVE-2013-2926
2013-10-16 20:00:00
ubuntucve
ubuntucve
CVE-2013-2925
2013-10-16 00:00:00
CVE-2013-2927
2013-10-16 00:00:00
CVE-2013-2926
2013-10-16 00:00:00
suse
suse
chromium: 31.0.1650.57 version update (important)
2013-11-27 20:04:13
chromium: update to 31.0.1650.57 (important)
2013-12-12 18:05:02
osv
osv
chromium-browser - several
2013-10-26 00:00:00
debian
debian
[SECURITY] [DSA 2785-1] chromium-browser security update
2013-10-26 19:03:01
[SECURITY] [DSA 2785-1] chromium-browser security update
2013-10-26 19:03:01
securityvulns
securityvulns
Apple Safari multiple security vulnerabilities
2014-04-03 00:00:00
APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3
2014-04-03 00:00:00
APPLE-SA-2014-03-10-2 Apple TV 6.1
2014-03-13 00:00:00
gentoo
gentoo
Chromium, V8: Multiple vulnerabilities
2014-03-05 00:00:00
thn
thn
Apple Patches 22 Safari WebKit Vulnerabilities
2014-05-23 20:33:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.025 Low

EPSS

Percentile

90.2%

JSON
Related for OPENVAS:13614125623111020130321
openvas10nessus21mageia1freebsd1chrome1threatpost2nvd4debiancve4prion4cve4cvelist4ubuntucve4suse2osv1debian2securityvulns14gentoo1thn1