Lucene search
Copyright (c) 2011 Greenbone Networks GmbHOPENVAS:870498HistoryOct 10, 2011 - 12:00 a.m.
RedHat Update for rpm RHSA-2011:1349-01
2011-10-1000:00:00
Copyright (c) 2011 Greenbone Networks GmbH
plugins.openvas.org
7
0.058 Low
EPSS
Percentile
92.6%
Check for the Version of rpm
###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for rpm RHSA-2011:1349-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "The RPM Package Manager (RPM) is a command line driven package management
system capable of installing, uninstalling, verifying, querying, and
updating software packages.
Multiple flaws were found in the way the RPM library parsed package
headers. An attacker could create a specially-crafted RPM package that,
when queried or installed, would cause rpm to crash or, potentially,
execute arbitrary code. (CVE-2011-3378)
Note: Although an RPM package can, by design, execute arbitrary code when
installed, this issue would allow a specially-crafted RPM package to
execute arbitrary code before its digital signature has been verified.
Package downloads from the Red Hat Network remain secure due to certificate
checks performed on the secure connection.
All RPM users should upgrade to these updated packages, which contain a
backported patch to correct these issues. All running applications linked
against the RPM library must be restarted for this update to take effect.";
tag_affected = "rpm on Red Hat Enterprise Linux (v. 5 server),
Red Hat Enterprise Linux AS version 4,
Red Hat Enterprise Linux ES version 4,
Red Hat Enterprise Linux WS version 4";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2011-October/msg00000.html");
script_id(870498);
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_version("$Revision: 6685 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $");
script_tag(name:"creation_date", value:"2011-10-10 16:05:48 +0200 (Mon, 10 Oct 2011)");
script_xref(name: "RHSA", value: "2011:1349-01");
script_cve_id("CVE-2011-3378");
script_name("RedHat Update for rpm RHSA-2011:1349-01");
script_summary("Check for the Version of rpm");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_family("Red Hat Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "RHENT_5")
{
if ((res = isrpmvuln(pkg:"popt", rpm:"popt~1.10.2.3~22.el5_7.2", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm", rpm:"rpm~4.4.2.3~22.el5_7.2", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm-apidocs", rpm:"rpm-apidocs~4.4.2.3~22.el5_7.2", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm-build", rpm:"rpm-build~4.4.2.3~22.el5_7.2", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm-debuginfo", rpm:"rpm-debuginfo~4.4.2.3~22.el5_7.2", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm-devel", rpm:"rpm-devel~4.4.2.3~22.el5_7.2", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm-libs", rpm:"rpm-libs~4.4.2.3~22.el5_7.2", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm-python", rpm:"rpm-python~4.4.2.3~22.el5_7.2", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "RHENT_4")
{
if ((res = isrpmvuln(pkg:"popt", rpm:"popt~1.9.1~35_nonptl.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm", rpm:"rpm~4.3.3~35_nonptl.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm-build", rpm:"rpm-build~4.3.3~35_nonptl.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm-debuginfo", rpm:"rpm-debuginfo~4.3.3~35_nonptl.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm-devel", rpm:"rpm-devel~4.3.3~35_nonptl.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm-libs", rpm:"rpm-libs~4.3.3~35_nonptl.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"rpm-python", rpm:"rpm-python~4.3.3~35_nonptl.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Related
openvas
openvas
CentOS Update for popt CESA-2011:1349 centos5 x86_64
2012-07-30 00:00:00
Fedora Update for rpm FEDORA-2011-13766
2012-04-02 00:00:00
Mandriva Update for rpm MDVA-2011:057 (rpm)
2011-10-14 00:00:00
suse
suse
Security update for popt (important)
2011-10-17 20:08:22
Security update for popt (important)
2011-11-02 23:08:26
rpm (CVE-2011-3378) (important)
2011-11-02 20:08:26
nessus
nessus
Amazon Linux AMI : rpm (ALAS-2011-14)
2013-09-04 00:00:00
Fedora 15 : rpm-4.9.1.2-1.fc15 (2011-13785)
2011-10-12 00:00:00
CentOS 4 / 5 : rpm (CESA-2011:1349)
2011-10-04 00:00:00
oraclelinux
oraclelinux
rpm security update
2011-10-04 00:00:00
prion
prion
Memory corruption
2011-12-24 19:55:00
securityvulns
securityvulns
[ MDVSA-2011:143 ] rpm
2011-10-10 00:00:00
rpm multiple security vulnerabilities
2011-10-10 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: rpm-4.9.1.2-1.fc15
2011-10-11 08:27:39
[SECURITY] Fedora 16 Update: rpm-4.9.1.2-1.fc16
2011-10-09 19:40:11
[SECURITY] Fedora 15 Update: rpm-4.9.1.3-1.fc15
2012-04-22 03:24:37
amazon
amazon
Medium: rpm
2011-10-31 18:25:00
ubuntucve
ubuntucve
CVE-2011-3378
2011-12-24 00:00:00
redhat
redhat
(RHSA-2011:1349) Important: rpm security update
2011-10-03 00:00:00
(RHSA-2011:1408) Moderate: rhev-hypervisor security update
2011-10-26 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:03:00
cve
cve
CVE-2011-3378
2011-12-24 19:55:00
centos
centos
popt, rpm security update
2011-10-03 21:56:34
debiancve
debiancve
CVE-2011-3378
2011-12-24 19:55:00
ubuntu
ubuntu
RPM vulnerabilities
2013-01-17 00:00:00
gentoo
gentoo
RPM: Multiple vulnerabilities
2012-06-24 00:00:00
vmware
vmware
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00