Lucene search
Copyright (C) 2009 Greenbone Networks GmbHOPENVAS:840256HistoryMar 23, 2009 - 12:00 a.m.
Ubuntu Update for vm-builder vulnerability USN-670-1
2009-03-2300:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
11
0.001 Low
EPSS
Percentile
45.1%
Ubuntu Update for Linux kernel vulnerabilities USN-670-1
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_670_1.nasl 7969 2017-12-01 09:23:16Z santu $
#
# Ubuntu Update for vm-builder vulnerability USN-670-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Mathias Gug discovered that vm-builder improperly set the root
password when creating virtual machines. An attacker could exploit
this to gain root privileges to the virtual machine by using a
predictable password.
This vulnerability only affects virtual machines created with
vm-builder under Ubuntu 8.10, and does not affect native Ubuntu
installations. An update was made to the shadow package to detect
vulnerable systems and disable password authentication for the
root account. Vulnerable virtual machines which an attacker has
access to should be considered compromised, and appropriate actions
taken to secure the machine.";
tag_summary = "Ubuntu Update for Linux kernel vulnerabilities USN-670-1";
tag_affected = "vm-builder vulnerability on Ubuntu 6.06 LTS ,
Ubuntu 7.10 ,
Ubuntu 8.04 LTS ,
Ubuntu 8.10";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-670-1/");
script_id(840256);
script_cve_id("CVE-2008-5103","CVE-2008-5104");
script_version("$Revision: 7969 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $");
script_tag(name:"creation_date", value:"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name: "USN", value: "670-1");
script_name( "Ubuntu Update for vm-builder vulnerability USN-670-1");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
script_tag(name : "summary" , value : tag_summary);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-deb.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "UBUNTU6.06 LTS")
{
if ((res = isdpkgvuln(pkg:"login", ver:"4.0.13-7ubuntu3.3", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"passwd", ver:"4.0.13-7ubuntu3.3", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU8.10")
{
if ((res = isdpkgvuln(pkg:"login", ver:"4.1.1-1ubuntu1.1", rls:"UBUNTU8.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"passwd", ver:"4.1.1-1ubuntu1.1", rls:"UBUNTU8.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"python-vm-builder-ec2", ver:"0.9-0ubuntu3.1", rls:"UBUNTU8.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"python-vm-builder", ver:"0.9-0ubuntu3.1", rls:"UBUNTU8.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"ubuntu-vm-builder", ver:"0.9-0ubuntu3.1", rls:"UBUNTU8.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU8.04 LTS")
{
if ((res = isdpkgvuln(pkg:"login", ver:"4.0.18.2-1ubuntu2.1", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"passwd", ver:"4.0.18.2-1ubuntu2.1", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU7.10")
{
if ((res = isdpkgvuln(pkg:"login", ver:"4.0.18.1-9ubuntu0.1", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"passwd", ver:"4.0.18.1-9ubuntu0.1", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
References
Related
nessus
nessus
cve
cve
CVE-2008-5103
2008-11-17 18:18:00
CVE-2008-5104
2008-11-17 18:18:00
prion
prion
Design/Logic Flaw
2008-11-17 18:18:00
Default credentials
2008-11-17 18:18:00
cvelist
cvelist
CVE-2008-5103
2008-11-17 18:00:00
CVE-2008-5104
2008-11-17 18:00:00
ubuntucve
ubuntucve
CVE-2008-5103
2008-11-17 00:00:00
CVE-2008-5104
2008-11-17 00:00:00