ID OPENVAS:864230 Type openvas Reporter Copyright (c) 2012 Greenbone Networks GmbH Modified 2017-12-28T00:00:00
Description
Check for the Version of grub2
###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for grub2 FEDORA-2012-7579
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_affected = "grub2 on Fedora 16";
tag_insight = "The GRand Unified Bootloader (GRUB) is a highly configurable and customizable
bootloader with modular architecture. It support rich varietyof kernel formats,
file systems, computer architectures and hardware devices.";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080188.html");
script_id(864230);
script_version("$Revision: 8253 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $");
script_tag(name:"creation_date", value:"2012-05-11 11:02:03 +0530 (Fri, 11 May 2012)");
script_tag(name:"cvss_base", value:"2.1");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:P/I:N/A:N");
script_cve_id("CVE-2012-2314");
script_xref(name: "FEDORA", value: "2012-7579");
script_name("Fedora Update for grub2 FEDORA-2012-7579");
script_tag(name: "summary" , value: "Check for the Version of grub2");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2012 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "FC16")
{
if ((res = isrpmvuln(pkg:"grub2", rpm:"grub2~1.99~13.fc16.3", rls:"FC16")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"bulletinFamily": "scanner", "viewCount": 0, "naslFamily": "Fedora Local Security Checks", "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080188.html", "2012-7579"], "description": "Check for the Version of grub2", "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "d5544a8a7cdd7bebebea93c70c993064"}, {"key": "cvss", "hash": "635d7f080910dc81e99c0ca9b0d4203f"}, {"key": "description", "hash": "c331e5e337dbe412cd550b4721819b0a"}, {"key": "href", "hash": "69b638bedf4b3c6a83736b6d616a18ac"}, {"key": "modified", "hash": "a56f16e50d6dc773971a340f19fe6cdf"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "5398f6e9298bd605a6f4d20320823395"}, {"key": "published", "hash": "00dce7bc5dc69a1d68920d5e2ffb2f26"}, {"key": "references", "hash": "2c046a087852e40da6bcfbb91fd1c81b"}, {"key": "reporter", "hash": "a282f166ddc6c378940071a6b738e1a3"}, {"key": "sourceData", "hash": "4a28ba975a1482780de29857bae7ff1d"}, {"key": "title", "hash": "29c71bb84b0ed36f02729371f38d0578"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "href": "http://plugins.openvas.org/nasl.php?oid=864230", "modified": "2017-12-28T00:00:00", "objectVersion": "1.3", "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "id": "OPENVAS:864230", "title": "Fedora Update for grub2 FEDORA-2012-7579", "hash": "c8a73764ff580d86a63cd6d5f675cb13bfe8c15a72add8eaba583c59b56d13df", "edition": 3, "published": "2012-05-11T00:00:00", "type": "openvas", "history": [{"lastseen": "2017-07-02T21:10:57", "bulletin": {"hash": "8a8c05cbab238c2e7685771123042889e360bda0386f4a1edc82d9aec83e2d65", "viewCount": 0, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080188.html", "2012-7579"], "description": "Check for the Version of grub2", "hashmap": [{"key": "cvss", "hash": "635d7f080910dc81e99c0ca9b0d4203f"}, {"key": "href", "hash": "69b638bedf4b3c6a83736b6d616a18ac"}, {"key": "sourceData", "hash": "84146384d8ca49f177f5bce65c04ae5b"}, {"key": "description", "hash": "c331e5e337dbe412cd550b4721819b0a"}, {"key": "modified", "hash": "5b7c6fd49f967bd86231503220ad4da6"}, {"key": "references", "hash": "2c046a087852e40da6bcfbb91fd1c81b"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}, {"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "reporter", "hash": "a282f166ddc6c378940071a6b738e1a3"}, {"key": "published", "hash": "00dce7bc5dc69a1d68920d5e2ffb2f26"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "5398f6e9298bd605a6f4d20320823395"}, {"key": "cvelist", "hash": "d5544a8a7cdd7bebebea93c70c993064"}, {"key": "title", "hash": "29c71bb84b0ed36f02729371f38d0578"}], "naslFamily": "Fedora Local Security Checks", "modified": "2016-04-11T00:00:00", "objectVersion": "1.3", "href": "http://plugins.openvas.org/nasl.php?oid=864230", "published": "2012-05-11T00:00:00", "enchantments": {}, "id": "OPENVAS:864230", "title": "Fedora Update for grub2 FEDORA-2012-7579", "bulletinFamily": "scanner", "edition": 1, "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for grub2 FEDORA-2012-7579\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"grub2 on Fedora 16\";\ntag_insight = \"The GRand Unified Bootloader (GRUB) is a highly configurable and customizable\n bootloader with modular architecture. It support rich varietyof kernel formats,\n file systems, computer architectures and hardware devices.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080188.html\");\n script_id(864230);\n script_version(\"$Revision: 3029 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-04-11 14:20:59 +0200 (Mon, 11 Apr 2016) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-11 11:02:03 +0530 (Fri, 11 May 2012)\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-2314\");\n script_xref(name: \"FEDORA\", value: \"2012-7579\");\n script_name(\"Fedora Update for grub2 FEDORA-2012-7579\");\n\n script_summary(\"Check for the Version of grub2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"grub2\", rpm:\"grub2~1.99~13.fc16.3\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "type": "openvas", "history": [], "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvelist": ["CVE-2012-2314"], "lastseen": "2017-07-02T21:10:57", "pluginID": "864230"}, "differentElements": ["modified", "sourceData"], "edition": 1}, {"lastseen": "2017-07-25T10:51:24", "bulletin": {"hash": "cbc7eb92a5528937d7595adb45263b05607b75e1f3b92d52fd0aec5988622708", "viewCount": 0, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080188.html", "2012-7579"], "description": "Check for the Version of grub2", "hashmap": [{"key": "sourceData", "hash": "2e5ab7e68250967f2853858e2e38a0a9"}, {"key": "cvss", "hash": "635d7f080910dc81e99c0ca9b0d4203f"}, {"key": "href", "hash": "69b638bedf4b3c6a83736b6d616a18ac"}, {"key": "description", "hash": "c331e5e337dbe412cd550b4721819b0a"}, {"key": "references", "hash": "2c046a087852e40da6bcfbb91fd1c81b"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}, {"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "reporter", "hash": "a282f166ddc6c378940071a6b738e1a3"}, {"key": "published", "hash": "00dce7bc5dc69a1d68920d5e2ffb2f26"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "5398f6e9298bd605a6f4d20320823395"}, {"key": "cvelist", "hash": "d5544a8a7cdd7bebebea93c70c993064"}, {"key": "title", "hash": "29c71bb84b0ed36f02729371f38d0578"}, {"key": "modified", "hash": "0d134bf170d66438eb1e01173ee0187f"}], "naslFamily": "Fedora Local Security Checks", "modified": "2017-07-10T00:00:00", "objectVersion": "1.3", "href": "http://plugins.openvas.org/nasl.php?oid=864230", "published": "2012-05-11T00:00:00", "enchantments": {"score": {"value": 2.1, "modified": "2017-07-25T10:51:24"}}, "id": "OPENVAS:864230", "title": "Fedora Update for grub2 FEDORA-2012-7579", "bulletinFamily": "scanner", "edition": 2, "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for grub2 FEDORA-2012-7579\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"grub2 on Fedora 16\";\ntag_insight = \"The GRand Unified Bootloader (GRUB) is a highly configurable and customizable\n bootloader with modular architecture. It support rich varietyof kernel formats,\n file systems, computer architectures and hardware devices.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080188.html\");\n script_id(864230);\n script_version(\"$Revision: 6627 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:31:14 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-11 11:02:03 +0530 (Fri, 11 May 2012)\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-2314\");\n script_xref(name: \"FEDORA\", value: \"2012-7579\");\n script_name(\"Fedora Update for grub2 FEDORA-2012-7579\");\n\n script_summary(\"Check for the Version of grub2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"grub2\", rpm:\"grub2~1.99~13.fc16.3\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "type": "openvas", "history": [], "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvelist": ["CVE-2012-2314"], "lastseen": "2017-07-25T10:51:24", "pluginID": "864230"}, "differentElements": ["modified", "sourceData"], "edition": 2}], "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvelist": ["CVE-2012-2314"], "lastseen": "2018-01-02T10:58:24", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for grub2 FEDORA-2012-7579\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"grub2 on Fedora 16\";\ntag_insight = \"The GRand Unified Bootloader (GRUB) is a highly configurable and customizable\n bootloader with modular architecture. It support rich varietyof kernel formats,\n file systems, computer architectures and hardware devices.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080188.html\");\n script_id(864230);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-11 11:02:03 +0530 (Fri, 11 May 2012)\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-2314\");\n script_xref(name: \"FEDORA\", value: \"2012-7579\");\n script_name(\"Fedora Update for grub2 FEDORA-2012-7579\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of grub2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"grub2\", rpm:\"grub2~1.99~13.fc16.3\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "pluginID": "864230"}
{"cve": [{"lastseen": "2016-09-03T16:35:54", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=819031", "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080188.html", "http://www.openwall.com/lists/oss-security/2012/05/04/10", "http://git.fedorahosted.org/git/?p=anaconda.git;a=commit;h=03ef13b625cc06873a924e0610340f8489fd92df", "http://www.securityfocus.com/bid/53486", "http://www.openwall.com/lists/oss-security/2012/05/04/12"], "edition": 1, "description": "The bootloader configuration module (pyanaconda/bootloader.py) in Anaconda uses 755 permissions for /etc/grub.d, which allows local users to obtain password hashes and conduct brute force password guessing attacks.", "reporter": "NVD", "published": "2012-07-03T18:55:01", "title": "CVE-2012-2314", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-2314"], "scanner": [], "modified": "2012-08-13T23:37:16", "cpe": ["cpe:/a:fedoraproject:anaconda:-"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2314", "id": "CVE-2012-2314", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2018-09-02T00:04:20", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=819031", "http://www.nessus.org/u?8157ad49"], "pluginID": "59072", "description": "Don't allow non-root users to view contents of /etc/grub.d (CVE-2012-2314)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2012-05-11T00:00:00", "title": "Fedora 16 : grub2-1.99-13.fc16.3 (2012-7579)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2314"], "modified": "2015-10-20T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:grub2", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-7579.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=59072", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-7579.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59072);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2015/10/20 22:53:51 $\");\n\n script_cve_id(\"CVE-2012-2314\");\n script_xref(name:\"FEDORA\", value:\"2012-7579\");\n\n script_name(english:\"Fedora 16 : grub2-1.99-13.fc16.3 (2012-7579)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Don't allow non-root users to view contents of /etc/grub.d\n(CVE-2012-2314)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=819031\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080188.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8157ad49\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected grub2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"grub2-1.99-13.fc16.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "openvas": [{"lastseen": "2018-09-02T00:01:52", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080188.html", "2012-7579"], "pluginID": "1361412562310864230", "description": "Check for the Version of grub2", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-05-11T00:00:00", "title": "Fedora Update for grub2 FEDORA-2012-7579", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2314"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310864230", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864230", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for grub2 FEDORA-2012-7579\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"grub2 on Fedora 16\";\ntag_insight = \"The GRand Unified Bootloader (GRUB) is a highly configurable and customizable\n bootloader with modular architecture. It support rich varietyof kernel formats,\n file systems, computer architectures and hardware devices.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080188.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864230\");\n script_version(\"$Revision: 9352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-11 11:02:03 +0530 (Fri, 11 May 2012)\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-2314\");\n script_xref(name: \"FEDORA\", value: \"2012-7579\");\n script_name(\"Fedora Update for grub2 FEDORA-2012-7579\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of grub2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"grub2\", rpm:\"grub2~1.99~13.fc16.3\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}]}
