Slackware: Security Advisory (SSA:2017-258-01) - 'bluez' package(s) update availabl
Reporter | Title | Published | Views | Family All 67 |
---|---|---|---|---|
![]() | CVE-2017-1000250 | 12 Sep 201717:00 | – | cvelist |
![]() | [SECURITY] [DSA 3972-1] bluez security update | 13 Sep 201711:54 | – | debian |
![]() | [SECURITY] [DSA 3972-1] bluez security update | 13 Sep 201711:54 | – | debian |
![]() | [SECURITY] [DLA 1103-1] bluez security update | 21 Sep 201721:01 | – | debian |
![]() | Fedora 27 : bluez (2017-77f991e537) (BlueBorne) | 15 Jan 201800:00 | – | nessus |
![]() | Scientific Linux Security Update : bluez on SL6.x, SL7.x i386/x86_64 (20170912) (BlueBorne) | 13 Sep 201700:00 | – | nessus |
![]() | Oracle Linux 6 / 7 : bluez (ELSA-2017-2685) | 13 Sep 201700:00 | – | nessus |
![]() | EulerOS Virtualization for ARM 64 3.0.1.0 : bluez (EulerOS-SA-2019-1378) | 14 May 201900:00 | – | nessus |
![]() | Debian DLA-1103-1 : bluez security update (BlueBorne) | 22 Sep 201700:00 | – | nessus |
![]() | RHEL 5 : bluez-utils (Unpatched Vulnerability) | 3 Jun 202400:00 | – | nessus |
Source | Link |
---|---|
slackware | www.slackware.com/security/viewer.php |
www.2017-258-01 |
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.13.2017.258.01");
script_cve_id("CVE-2017-1000250");
script_tag(name:"creation_date", value:"2022-04-21 12:12:27 +0000 (Thu, 21 Apr 2022)");
script_version("2024-02-02T05:06:09+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:09 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"3.3");
script_tag(name:"cvss_base_vector", value:"AV:A/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2017-09-23 14:47:37 +0000 (Sat, 23 Sep 2017)");
script_name("Slackware: Security Advisory (SSA:2017-258-01)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2022 Greenbone AG");
script_family("Slackware Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/slackware_linux", "ssh/login/slackpack", re:"ssh/login/release=SLK(13\.1|13\.37|14\.0|14\.1|14\.2|current)");
script_xref(name:"Advisory-ID", value:"SSA:2017-258-01");
script_xref(name:"URL", value:"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.505994");
script_tag(name:"summary", value:"The remote host is missing an update for the 'bluez' package(s) announced via the SSA:2017-258-01 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"New bluez packages are available for Slackware 13.1, 13.37, 14.0, 14.1, 14.2,
and -current to fix a security issue.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/bluez-5.47-i586-1_slack14.2.txz: Upgraded.
Fixed an information disclosure vulnerability which allows remote attackers
to obtain sensitive information from the bluetoothd process memory. This
vulnerability lies in the processing of SDP search attribute requests.
For more information, see:
[link moved to references]
(* Security fix *)
+--------------------------+");
script_tag(name:"affected", value:"'bluez' package(s) on Slackware 13.1, Slackware 13.37, Slackware 14.0, Slackware 14.1, Slackware 14.2, Slackware current.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-slack.inc");
release = slk_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLK13.1") {
if(!isnull(res = isslkpkgvuln(pkg:"bluez", ver:"4.64-i486-2_slack13.1", rls:"SLK13.1"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"bluez", ver:"4.64-x86_64-2_slack13.1", rls:"SLK13.1"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLK13.37") {
if(!isnull(res = isslkpkgvuln(pkg:"bluez", ver:"4.91-i486-2_slack13.37", rls:"SLK13.37"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"bluez", ver:"4.91-x86_64-2_slack13.37", rls:"SLK13.37"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLK14.0") {
if(!isnull(res = isslkpkgvuln(pkg:"bluez", ver:"4.99-i486-3_slack14.0", rls:"SLK14.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"bluez", ver:"4.99-x86_64-3_slack14.0", rls:"SLK14.0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLK14.1") {
if(!isnull(res = isslkpkgvuln(pkg:"bluez", ver:"4.99-i486-4_slack14.1", rls:"SLK14.1"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"bluez", ver:"4.99-x86_64-4_slack14.1", rls:"SLK14.1"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLK14.2") {
if(!isnull(res = isslkpkgvuln(pkg:"bluez", ver:"5.47-i586-1_slack14.2", rls:"SLK14.2"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"bluez", ver:"5.47-x86_64-1_slack14.2", rls:"SLK14.2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLKcurrent") {
if(!isnull(res = isslkpkgvuln(pkg:"bluez", ver:"5.47-i586-1", rls:"SLKcurrent"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"bluez", ver:"5.47-x86_64-1", rls:"SLKcurrent"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo