Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2009 Greenbone Networks GmbHOPENVAS:840051
HistoryMar 23, 2009 - 12:00 a.m.

Ubuntu Update for emacs22 vulnerability USN-541-1

2009-03-2300:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
11

0.001 Low

EPSS

Percentile

40.2%

JSON

Ubuntu Update for Linux kernel vulnerabilities USN-541-1

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_541_1.nasl 7969 2017-12-01 09:23:16Z santu $
#
# Ubuntu Update for emacs22 vulnerability USN-541-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "Drake Wilson discovered that Emacs did not correctly handle the safe
  mode of "enable-local-variables". If a user were tricked into opening
  a specially crafted file while "enable-local-variables" was set to the
  non-default ":safe", a remote attacker could execute arbitrary commands
  with the user's privileges.";

tag_summary = "Ubuntu Update for Linux kernel vulnerabilities USN-541-1";
tag_affected = "emacs22 vulnerability on Ubuntu 7.10";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-541-1/");
  script_id(840051);
  script_version("$Revision: 7969 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $");
  script_tag(name:"creation_date", value:"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)");
  script_tag(name:"cvss_base", value:"6.3");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:N/I:C/A:C");
  script_xref(name: "USN", value: "541-1");
  script_cve_id("CVE-2007-5795");
  script_name( "Ubuntu Update for emacs22 vulnerability USN-541-1");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-deb.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "UBUNTU7.10")
{

  if ((res = isdpkgvuln(pkg:"emacs22-bin-common", ver:"22.1-0ubuntu5.1", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"emacs22-nox", ver:"22.1-0ubuntu5.1", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"emacs22", ver:"22.1-0ubuntu5.1", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"emacs22-gtk", ver:"22.1-0ubuntu5.1", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"emacs22-common", ver:"22.1-0ubuntu5.1", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"emacs22-el", ver:"22.1-0ubuntu5.1", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"emacs", ver:"22.1-0ubuntu5.1", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

Related

prion 1
cve 1
fedora 2
nessus 7
cvelist 1
openvas 9
ubuntucve 1
securityvulns 2
ubuntu 1
gentoo 1
prion
prion
Design/Logic Flaw
2007-11-02 22:46:00
cve
cve
CVE-2007-5795
2007-11-02 22:46:00
fedora
fedora
[SECURITY] Fedora 7 Update: emacs-22.1-5.fc7
2007-11-17 05:34:28
[SECURITY] Fedora 8 Update: emacs-22.1-8.fc8
2007-11-17 05:33:04
nessus
nessus
Fedora 8 : emacs-22.1-8.fc8 (2007-2946)
2007-11-20 00:00:00
Fedora 7 : emacs-22.1-5.fc7 (2007-3056)
2007-11-20 00:00:00
openSUSE 10 Security Update : emacs (emacs-4620)
2007-11-06 00:00:00
cvelist
cvelist
CVE-2007-5795
2007-11-02 22:00:00
openvas
openvas
Fedora Update for emacs FEDORA-2007-2946
2009-02-27 00:00:00
Ubuntu: Security Advisory (USN-541-1)
2009-03-23 00:00:00
Fedora Update for emacs FEDORA-2007-3056
2009-02-27 00:00:00
ubuntucve
ubuntucve
CVE-2007-5795
2007-11-02 00:00:00
securityvulns
securityvulns
[USN-541-1] Emacs vulnerability
2007-11-14 00:00:00
Emacs safe mode protection bypass
2007-11-14 00:00:00
ubuntu
ubuntu
Emacs vulnerability
2007-11-13 00:00:00
gentoo
gentoo
GNU Emacs: Multiple vulnerabilities
2007-12-09 00:00:00

0.001 Low

EPSS

Percentile

40.2%

JSON
Related for OPENVAS:840051
prion1cve1fedora2nessus7cvelist1openvas9ubuntucve1securityvulns2ubuntu1gentoo1