CentOS Update for ipsec-tools CESA-2008:0849 centos3 x86_64

2009-02-27T00:00:00
ID OPENVAS:880153
Type openvas
Reporter Copyright (C) 2009 Greenbone Networks GmbH
Modified 2017-07-10T00:00:00

Description

Check for the Version of ipsec-tools

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for ipsec-tools CESA-2008:0849 centos3 x86_64
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "The ipsec-tools package is used in conjunction with the IPsec functionality
  in the Linux kernel and includes racoon, an IKEv1 keying daemon.

  Two denial of service flaws were found in the ipsec-tools racoon daemon. It
  was possible for a remote attacker to cause the racoon daemon to consume
  all available memory. (CVE-2008-3651, CVE-2008-3652)
  
  Users of ipsec-tools should upgrade to this updated package, which contains
  backported patches that resolve these issues.";

tag_affected = "ipsec-tools on CentOS 3";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name : "URL" , value : "http://lists.centos.org/pipermail/centos-announce/2008-August/015208.html");
  script_id(880153);
  script_version("$Revision: 6651 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $");
  script_tag(name:"creation_date", value:"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_xref(name: "CESA", value: "2008:0849");
  script_cve_id("CVE-2008-3651", "CVE-2008-3652");
  script_name( "CentOS Update for ipsec-tools CESA-2008:0849 centos3 x86_64");

  script_summary("Check for the Version of ipsec-tools");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
  script_family("CentOS Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/centos", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "CentOS3")
{

  if ((res = isrpmvuln(pkg:"ipsec-tools", rpm:"ipsec-tools~0.2.5~0.7.rhel3.5", rls:"CentOS3")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}