Lucene search
Copyright (c) 2012 E-Soft Inc. http://www.securityspace.comOPENVAS:71462HistoryAug 10, 2012 - 12:00 a.m.
Debian Security Advisory DSA 2482-1 (libgdata)
2012-08-1000:00:00
Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com
plugins.openvas.org
7
0.011 Low
EPSS
Percentile
83.1%
The remote host is missing an update to libgdata
announced via advisory DSA 2482-1.
# OpenVAS Vulnerability Test
# $Id: deb_2482_1.nasl 6612 2017-07-07 12:08:03Z cfischer $
# Description: Auto-generated from advisory DSA 2482-1 (libgdata)
#
# Authors:
# Thomas Reinke <[email protected]>
#
# Copyright:
# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "Vreixo Formoso discovered that libgdata, a library used to access various
Google services, wasn't validating certificates against trusted system
root CAs when using an https connection.
For the stable distribution (squeeze), this problem has been fixed in
version 0.6.4-2+squeeze1.
For the testing distribution (wheezy), this problem has been fixed in
version 0.10.2-1.
For the unstable distribution (sid), this problem has been fixed in
version 0.10.2-1.
We recommend that you upgrade your libgdata packages.";
tag_summary = "The remote host is missing an update to libgdata
announced via advisory DSA 2482-1.";
tag_solution = "https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202482-1";
if(description)
{
script_id(71462);
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_cve_id("CVE-2012-2653");
script_version("$Revision: 6612 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $");
script_tag(name:"creation_date", value:"2012-08-10 02:56:43 -0400 (Fri, 10 Aug 2012)");
script_name("Debian Security Advisory DSA 2482-1 (libgdata)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages");
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-deb.inc");
res = "";
report = "";
if((res = isdpkgvuln(pkg:"gir1.0-gdata-0.0", ver:"0.6.4-2+squeeze1", rls:"DEB6.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libgdata-common", ver:"0.6.4-2+squeeze1", rls:"DEB6.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libgdata-dev", ver:"0.6.4-2+squeeze1", rls:"DEB6.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libgdata-doc", ver:"0.6.4-2+squeeze1", rls:"DEB6.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libgdata7", ver:"0.6.4-2+squeeze1", rls:"DEB6.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"gir1.2-gdata-0.0", ver:"0.12.0-1", rls:"DEB7.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libgdata-common", ver:"0.12.0-1", rls:"DEB7.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libgdata-dev", ver:"0.12.0-1", rls:"DEB7.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libgdata-doc", ver:"0.12.0-1", rls:"DEB7.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libgdata13", ver:"0.12.0-1", rls:"DEB7.0")) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
Related
openvas
openvas
Mandriva Update for arpwatch MDVSA-2012:113 (arpwatch)
2012-07-30 00:00:00
Mandriva Update for arpwatch MDVSA-2012:113 (arpwatch)
2012-07-30 00:00:00
Fedora Update for arpwatch FEDORA-2012-8677
2012-08-30 00:00:00
securityvulns
securityvulns
arpwatch protection bypass
2012-06-17 00:00:00
[SECURITY] [DSA 2481-1] arpwatch security update
2012-06-17 00:00:00
nessus
nessus
GLSA-201607-16 : arpwatch: Privilege escalation
2016-07-21 00:00:00
Mandriva Linux Security Advisory : arpwatch (MDVSA-2013:030)
2013-04-20 00:00:00
Fedora 15 : arpwatch-2.1a15-16.fc15 (2012-8702)
2012-06-20 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: arpwatch-2.1a15-18.fc16
2012-06-20 00:35:29
[SECURITY] Fedora 17 Update: arpwatch-2.1a15-20.fc17
2012-06-20 00:31:35
[SECURITY] Fedora 15 Update: arpwatch-2.1a15-16.fc15
2012-06-20 00:34:25
gentoo
gentoo
arpwatch: Privilege escalation
2016-07-20 00:00:00
debian
debian
[SECURITY] [DSA 2481-1] arpwatch security update
2012-06-02 12:50:29
[SECURITY] [DSA 2482-1] arpwatch security update
2012-06-02 12:52:49
[SECURITY] [DSA 2482-1] libgdata security update
2012-06-02 13:06:05
ubuntucve
ubuntucve
CVE-2012-2653
2012-07-12 00:00:00
debiancve
debiancve
CVE-2012-2653
2012-07-12 20:55:00
cbl_mariner
cbl_mariner
CVE-2012-2653 affecting package arpwatch 2.1a15-51
2024-05-05 09:06:37
prion
prion
Design/Logic Flaw
2012-07-12 20:55:00
cve
cve
CVE-2012-2653
2012-07-12 20:55:00
