SLES11: Security update for YaST2 LDAP module

Security update for YaST2 LDAP module. The remote host is missing updates to packages that affect the system security. Please install the updates provided by SuSE

Reporter	Title	Published	Views	Family All 10
CVE	CVE-2009-1648	5 Jul 200916:00	–	cve
Cvelist	CVE-2009-1648	5 Jul 200916:00	–	cvelist
EUVD	EUVD-2009-1643	7 Oct 202500:30	–	euvd
NVD	CVE-2009-1648	5 Jul 200916:30	–	nvd
OpenVAS	SUSE: Security Summary (SUSE-SR:2009:012)	6 Jul 200900:00	–	openvas
OpenVAS	SLES11: Security update for YaST2 LDAP module	11 Oct 200900:00	–	openvas
OpenVAS	SuSE Security Summary SUSE-SR:2009:012	6 Jul 200900:00	–	openvas
Prion	Code injection	5 Jul 200916:30	–	prion
SUSE CVE	SUSE CVE-2009-1648	15 Feb 202306:04	–	susecve
Tenable Nessus	SuSE 11 Security Update : YaST2 LDAP module (SAT Patch Number 896)	24 Sep 200900:00	–	nessus

Source	Link
bugzilla	www.bugzilla.novell.com/show_bug.cgi
bugzilla	www.bugzilla.novell.com/show_bug.cgi

#
#VID a61c9004daf93521fb888db28237e4b4
# OpenVAS Vulnerability Test
# $
# Description: Security update for YaST2 LDAP module
#
# Authors:
# Thomas Reinke <[email protected]>
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_summary = "The remote host is missing updates to packages that affect
the security of your system.  One or more of the following packages
are affected:

    yast2-ldap-server


More details may also be found by searching for the SuSE
Enterprise Server 11 patch database located at
http://download.novell.com/patch/finder/";

tag_solution = "Please install the updates provided by SuSE.";

if(description)
{
 script_xref(name : "URL" , value : "https://bugzilla.novell.com/show_bug.cgi?id=496862");
 script_xref(name : "URL" , value : "https://bugzilla.novell.com/show_bug.cgi?id=492441");
 script_id(65681);
 script_version("$Revision: 6666 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $");
 script_tag(name:"creation_date", value:"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)");
 script_cve_id("CVE-2009-1648");
 script_tag(name:"cvss_base", value:"7.5");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_name("SLES11: Security update for YaST2 LDAP module");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
 script_family("SuSE Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms");
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-rpm.inc");

res = "";
report = "";
if ((res = isrpmvuln(pkg:"yast2-ldap-server", rpm:"yast2-ldap-server~2.17.21~0.1.1", rls:"SLES11.0")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

11 Jul 2017 00:00Current

7.7High risk

Vulners AI Score7.7

EPSS0.0046