Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (c) 2011 Greenbone Networks GmbHOPENVAS:831467
HistoryOct 14, 2011 - 12:00 a.m.

Mandriva Update for rpm MDVA-2011:057 (rpm)

2011-10-1400:00:00
Copyright (c) 2011 Greenbone Networks GmbH
plugins.openvas.org
14

0.058 Low

EPSS

Percentile

92.6%

JSON

Check for the Version of rpm

###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for rpm MDVA-2011:057 (rpm)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "It was discovered the xz v5.0.0 (lzma) changes in MDVSA-2011:143
  were incomplete. This advisory upgrades the xz package to the 5.0.3
  version and the spec-helper package to the 0.30.5 version to be able
  to handle lzma files.

  Packages for 2009.0 are provided as of the Extended Maintenance
  Program. Please visit this link to learn more:
  http://store.mandriva.com/product_info.php?cPath=149&products_id=490";
tag_solution = "Please Install the Updated Packages.";

tag_affected = "rpm on Mandriva Linux 2009.0,
  Mandriva Linux 2009.0/X86_64,
  Mandriva Enterprise Server 5,
  Mandriva Enterprise Server 5/X86_64";


if(description)
{
  script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2011-10/msg00022.php");
  script_id(831467);
  script_cve_id("CVE-2011-3378");
 script_tag(name:"cvss_base", value:"9.3");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_version("$Revision: 6570 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $");
  script_tag(name:"creation_date", value:"2011-10-14 14:22:41 +0200 (Fri, 14 Oct 2011)");
  script_xref(name: "MDVA", value: "2011:057");
  script_name("Mandriva Update for rpm MDVA-2011:057 (rpm)");

  script_summary("Check for the Version of rpm");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
  script_family("Mandrake Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "MNDK_mes5")
{

  if ((res = isrpmvuln(pkg:"liblzma5", rpm:"liblzma5~5.0.3~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"liblzma-devel", rpm:"liblzma-devel~5.0.3~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpopt0", rpm:"libpopt0~1.10.8~32.5mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpopt-devel", rpm:"libpopt-devel~1.10.8~32.5mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"librpm4.4", rpm:"librpm4.4~4.4.2.3~20.5mnb2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"librpm-devel", rpm:"librpm-devel~4.4.2.3~20.5mnb2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"popt-data", rpm:"popt-data~1.10.8~32.5mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"python-rpm", rpm:"python-rpm~4.4.2.3~20.5mnb2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"rpm", rpm:"rpm~4.4.2.3~20.5mnb2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"rpm-build", rpm:"rpm-build~4.4.2.3~20.5mnb2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"spec-helper", rpm:"spec-helper~0.30.5~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"xz", rpm:"xz~5.0.3~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64lzma5", rpm:"lib64lzma5~5.0.3~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64lzma-devel", rpm:"lib64lzma-devel~5.0.3~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64popt0", rpm:"lib64popt0~1.10.8~32.5mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64popt-devel", rpm:"lib64popt-devel~1.10.8~32.5mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64rpm4.4", rpm:"lib64rpm4.4~4.4.2.3~20.5mnb2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64rpm-devel", rpm:"lib64rpm-devel~4.4.2.3~20.5mnb2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "MNDK_2009.0")
{

  if ((res = isrpmvuln(pkg:"liblzma5", rpm:"liblzma5~5.0.3~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"liblzma-devel", rpm:"liblzma-devel~5.0.3~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpopt0", rpm:"libpopt0~1.10.8~32.5mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpopt-devel", rpm:"libpopt-devel~1.10.8~32.5mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"librpm4.4", rpm:"librpm4.4~4.4.2.3~20.5mnb2", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"librpm-devel", rpm:"librpm-devel~4.4.2.3~20.5mnb2", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"popt-data", rpm:"popt-data~1.10.8~32.5mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"python-rpm", rpm:"python-rpm~4.4.2.3~20.5mnb2", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"rpm", rpm:"rpm~4.4.2.3~20.5mnb2", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"rpm-build", rpm:"rpm-build~4.4.2.3~20.5mnb2", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"spec-helper", rpm:"spec-helper~0.30.5~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"xz", rpm:"xz~5.0.3~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64lzma5", rpm:"lib64lzma5~5.0.3~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64lzma-devel", rpm:"lib64lzma-devel~5.0.3~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64popt0", rpm:"lib64popt0~1.10.8~32.5mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64popt-devel", rpm:"lib64popt-devel~1.10.8~32.5mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64rpm4.4", rpm:"lib64rpm4.4~4.4.2.3~20.5mnb2", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64rpm-devel", rpm:"lib64rpm-devel~4.4.2.3~20.5mnb2", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

Related

openvas 27
suse 3
nessus 20
oraclelinux 1
prion 1
fedora 3
securityvulns 2
amazon 1
ubuntucve 1
veracode 1
debiancve 1
centos 1
cve 1
redhat 2
ubuntu 1
gentoo 1
vmware 2
openvas
openvas
Fedora Update for rpm FEDORA-2011-13766
2012-04-02 00:00:00
CentOS Update for popt CESA-2011:1349 centos4 x86_64
2012-07-30 00:00:00
Mandriva Update for rpm MDVA-2011:057 (rpm)
2011-10-14 00:00:00
suse
suse
Security update for popt (important)
2011-10-17 20:08:22
Security update for popt (important)
2011-11-02 23:08:26
rpm (CVE-2011-3378) (important)
2011-11-02 20:08:26
nessus
nessus
Amazon Linux AMI : rpm (ALAS-2011-14)
2013-09-04 00:00:00
Fedora 15 : rpm-4.9.1.2-1.fc15 (2011-13785)
2011-10-12 00:00:00
Mandriva Linux Security Advisory : rpm (MDVSA-2011:143)
2011-10-06 00:00:00
oraclelinux
oraclelinux
rpm security update
2011-10-04 00:00:00
prion
prion
Memory corruption
2011-12-24 19:55:00
fedora
fedora
[SECURITY] Fedora 15 Update: rpm-4.9.1.2-1.fc15
2011-10-11 08:27:39
[SECURITY] Fedora 16 Update: rpm-4.9.1.2-1.fc16
2011-10-09 19:40:11
[SECURITY] Fedora 15 Update: rpm-4.9.1.3-1.fc15
2012-04-22 03:24:37
securityvulns
securityvulns
[ MDVSA-2011:143 ] rpm
2011-10-10 00:00:00
rpm multiple security vulnerabilities
2011-10-10 00:00:00
amazon
amazon
Medium: rpm
2011-10-31 18:25:00
ubuntucve
ubuntucve
CVE-2011-3378
2011-12-24 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:03:00
debiancve
debiancve
CVE-2011-3378
2011-12-24 19:55:00
centos
centos
popt, rpm security update
2011-10-03 21:56:34
cve
cve
CVE-2011-3378
2011-12-24 19:55:00
redhat
redhat
(RHSA-2011:1349) Important: rpm security update
2011-10-03 00:00:00
(RHSA-2011:1408) Moderate: rhev-hypervisor security update
2011-10-26 00:00:00
ubuntu
ubuntu
RPM vulnerabilities
2013-01-17 00:00:00
gentoo
gentoo
RPM: Multiple vulnerabilities
2012-06-24 00:00:00
vmware
vmware
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00

0.058 Low

EPSS

Percentile

92.6%

JSON
Related for OPENVAS:831467
openvas27suse3nessus20oraclelinux1prion1fedora3securityvulns2amazon1ubuntucve1veracode1debiancve1centos1cve1redhat2ubuntu1gentoo1vmware2