Ubuntu Update for postgresql-8.4 USN-1229-1, blowfish algorithm vulnerabilit
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
![]() | Mandriva Update for postgresql MDVSA-2011:161 (postgresql) | 31 Oct 201100:00 | – | openvas |
![]() | Amazon Linux: Security Advisory (ALAS-2011-12) | 8 Sep 201500:00 | – | openvas |
![]() | RedHat Update for postgresql RHSA-2011:1377-01 | 21 Oct 201100:00 | – | openvas |
![]() | CentOS Update for postgresql84 CESA-2011:1378 centos5 x86_64 | 30 Jul 201200:00 | – | openvas |
![]() | Debian: Security Advisory (DSA-2340-1) | 8 Mar 202300:00 | – | openvas |
![]() | CentOS Update for postgresql84 CESA-2011:1378 centos5 x86_64 | 30 Jul 201200:00 | – | openvas |
![]() | CentOS Update for postgresql CESA-2011:1377 centos4 x86_64 | 30 Jul 201200:00 | – | openvas |
![]() | CentOS Update for postgresql84 CESA-2011:1378 centos5 i386 | 21 Oct 201100:00 | – | openvas |
![]() | CentOS Update for postgresql CESA-2011:1377 centos4 x86_64 | 30 Jul 201200:00 | – | openvas |
![]() | PHP 5.3.x < 5.3.7 Multiple Security Vulnerabilities | 29 Aug 201100:00 | – | openvas |
Source | Link |
---|---|
ubuntu | www.ubuntu.com/usn/usn-1229-1/ |
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_1229_1.nasl 7964 2017-12-01 07:32:11Z santu $
#
# Ubuntu Update for postgresql-8.4 USN-1229-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "It was discovered that the blowfish algorithm in the pgcrypto module
incorrectly handled certain 8-bit characters, resulting in the password
hashes being easier to crack than expected. An attacker who could obtain
the password hashes would be able to recover the plaintext with less
effort.";
tag_summary = "Ubuntu Update for Linux kernel vulnerabilities USN-1229-1";
tag_affected = "postgresql-8.4 on Ubuntu 11.04 ,
Ubuntu 10.10 ,
Ubuntu 10.04 LTS ,
Ubuntu 8.04 LTS";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-1229-1/");
script_id(840772);
script_version("$Revision: 7964 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $");
script_tag(name:"creation_date", value:"2011-10-14 14:22:41 +0200 (Fri, 14 Oct 2011)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_xref(name: "USN", value: "1229-1");
script_cve_id("CVE-2011-2483");
script_name("Ubuntu Update for postgresql-8.4 USN-1229-1");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
script_tag(name : "summary" , value : tag_summary);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-deb.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "UBUNTU10.10")
{
if ((res = isdpkgvuln(pkg:"postgresql-8.4", ver:"8.4.9-0ubuntu0.10.10", rls:"UBUNTU10.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU10.04 LTS")
{
if ((res = isdpkgvuln(pkg:"postgresql-8.4", ver:"8.4.9-0ubuntu0.10.04", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU11.04")
{
if ((res = isdpkgvuln(pkg:"postgresql-8.4", ver:"8.4.9-0ubuntu0.11.04", rls:"UBUNTU11.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU8.04 LTS")
{
if ((res = isdpkgvuln(pkg:"postgresql-8.3", ver:"8.3.16-0ubuntu0.8.04", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo