Lucene search
Mandriva Update for tcl MDVSA-2008:059 (tcl)
🗓️ 09 Apr 2009 00:00:00Reported by Copyright (C) 2009 Greenbone Networks GmbHType 
openvas🔗 plugins.openvas.org👁 22 Views
Mandriva Update for tcl MDVSA-2008:059 (tcl) describes a flaw in Tcl regular expression handling engine that can result in an infinite loop, leading to an update recommendation
Show more
| Reporter | Title | Published | Views | Family All 128 |
|---|---|---|---|---|
 | Design/Logic Flaw | 9 Jan 200821:46 | – | prion |
 | Regular Expression Denial Of Service (ReDoS) | 15 Jan 201908:52 | – | veracode |
| Denial Of Service (DoS) | 2 May 201904:45 | – | veracode |
 | CVE-2007-4772 | 9 Jan 200821:00 | – | cvelist |
 | Mandriva Linux Security Advisory : tcl (MDVSA-2008:059) | 23 Apr 200900:00 | – | nessus |
| Scientific Linux Security Update : tcl on SL5.x i386/x86_64 (20130108) | 17 Jan 201300:00 | – | nessus |
| CentOS 5 : tcl (CESA-2013:0122) | 17 Jan 201300:00 | – | nessus |
| RHEL 5 : tcl (RHSA-2013:0122) | 8 Jan 201300:00 | – | nessus |
| RHEL 4 : tcl (Unpatched Vulnerability) | 3 Jun 202400:00 | – | nessus |
| Oracle Linux 5 : tcl (ELSA-2013-0122) | 12 Jul 201300:00 | – | nessus |
10
###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for tcl MDVSA-2008:059 (tcl)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "A flaw in the Tcl regular expression handling engine was originally
discovered by Will Drewry in the PostgreSQL database server's Tcl
regular expression engine. This flaw can result in an infinite loop
when processing certain regular expressions.
The updated packages have been patched to correct these issues.";
tag_affected = "tcl on Mandriva Linux 2007.0,
Mandriva Linux 2007.0/X86_64,
Mandriva Linux 2007.1,
Mandriva Linux 2007.1/X86_64,
Mandriva Linux 2008.0,
Mandriva Linux 2008.0/X86_64";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2008-03/msg00004.php");
script_id(830597);
script_version("$Revision: 6568 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-04-09 14:18:58 +0200 (Thu, 09 Apr 2009)");
script_tag(name:"cvss_base", value:"4.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:N/I:N/A:P");
script_xref(name: "MDVSA", value: "2008:059");
script_cve_id("CVE-2007-4772");
script_name( "Mandriva Update for tcl MDVSA-2008:059 (tcl)");
script_summary("Check for the Version of tcl");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "MNDK_2007.1")
{
if ((res = isrpmvuln(pkg:"libtcl8.4", rpm:"libtcl8.4~8.4.14~1.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libtcl8.4-devel", rpm:"libtcl8.4-devel~8.4.14~1.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"tcl", rpm:"tcl~8.4.14~1.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64tcl8.4", rpm:"lib64tcl8.4~8.4.14~1.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64tcl8.4-devel", rpm:"lib64tcl8.4-devel~8.4.14~1.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2007.0")
{
if ((res = isrpmvuln(pkg:"libtcl8.4", rpm:"libtcl8.4~8.4.13~1.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libtcl8.4-devel", rpm:"libtcl8.4-devel~8.4.13~1.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"tcl", rpm:"tcl~8.4.13~1.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64tcl8.4", rpm:"lib64tcl8.4~8.4.13~1.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64tcl8.4-devel", rpm:"lib64tcl8.4-devel~8.4.13~1.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2008.0")
{
if ((res = isrpmvuln(pkg:"libtcl-devel", rpm:"libtcl-devel~8.5a6~4.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libtcl8.5", rpm:"libtcl8.5~8.5a6~4.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"tcl", rpm:"tcl~8.5a6~4.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64tcl-devel", rpm:"lib64tcl-devel~8.5a6~4.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64tcl8.5", rpm:"lib64tcl8.5~8.5a6~4.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo09 Apr 2009 00:00Current
8.9High risk
Vulners AI Score8.9
EPSS0.024