Lucene search
CentOS Update for glibc CESA-2012:0397 centos5
🗓️ 30 Jul 2012 00:00:00Reported by Copyright (c) 2012 Greenbone Networks GmbHType 
openvas🔗 plugins.openvas.org👁 26 Views
CentOS Update for glibc CESA-2012:0397 centos5. The glibc packages provide standard C and math libraries used by multiple programs. An integer overflow flaw was found in the implementation of the printf functions family. Upgrade to updated packages to resolve this issue
Show more
| Reporter | Title | Published | Views | Family All 85 |
|---|---|---|---|---|
 | CVE-2012-0864 | 23 Feb 201200:00 | – | ubuntucve |
| CVE-2012-2118 | 18 May 201200:00 | – | ubuntucve |
 | [SECURITY] Fedora 15 Update: glibc-2.14.1-6 | 8 Mar 201205:00 | – | fedora |
| [SECURITY] Fedora 15 Update: glibc-2.14.1-6 | 8 Mar 201203:55 | – | fedora |
| [SECURITY] Fedora 16 Update: glibc-2.14.90-24.fc16.6 | 25 Feb 201208:36 | – | fedora |
| [SECURITY] Fedora 17 Update: glibc-2.15-23.fc17 | 28 Feb 201211:00 | – | fedora |
 | Arbitrary Code Execution | 10 Apr 202001:11 | – | veracode |
 | RHSA-2012:0393 Red Hat Security Advisory: glibc security and bug fix update | 13 Sep 202407:59 | – | osv |
| RHSA-2012:0397 Red Hat Security Advisory: glibc security update | 13 Sep 202407:59 | – | osv |
| RHSA-2012:0531 Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update | 13 Sep 202407:59 | – | osv |
10
###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for glibc CESA-2012:0397 centos5
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "The glibc packages provide the standard C and standard math libraries used
by multiple programs on the system. Without these libraries, the Linux
system cannot function correctly.
An integer overflow flaw was found in the implementation of the printf
functions family. This could allow an attacker to bypass FORTIFY_SOURCE
protections and execute arbitrary code using a format string flaw in an
application, even though these protections are expected to limit the impact
of such flaws to an application abort. (CVE-2012-0864)
All users of glibc are advised to upgrade to these updated packages, which
contain a patch to resolve this issue.";
tag_affected = "glibc on CentOS 5";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.centos.org/pipermail/centos-announce/2012-March/018506.html");
script_id(881113);
script_version("$Revision: 8265 $");
script_tag(name:"last_modification", value:"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $");
script_tag(name:"creation_date", value:"2012-07-30 16:10:49 +0530 (Mon, 30 Jul 2012)");
script_cve_id("CVE-2012-0864");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_xref(name: "CESA", value: "2012:0397");
script_name("CentOS Update for glibc CESA-2012:0397 centos5 ");
script_tag(name: "summary" , value: "Check for the Version of glibc");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2012 Greenbone Networks GmbH");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "CentOS5")
{
if ((res = isrpmvuln(pkg:"glibc", rpm:"glibc~2.5~81.el5_8.1", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"glibc-common", rpm:"glibc-common~2.5~81.el5_8.1", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"glibc-devel", rpm:"glibc-devel~2.5~81.el5_8.1", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"glibc-headers", rpm:"glibc-headers~2.5~81.el5_8.1", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"glibc-utils", rpm:"glibc-utils~2.5~81.el5_8.1", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"nscd", rpm:"nscd~2.5~81.el5_8.1", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo30 Jul 2012 00:00Current
8.6High risk
Vulners AI Score8.6
EPSS0.02114