Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 Tenable Network Security, Inc.MANDRIVA_MDVSA-2009-099.NASL
HistoryApr 28, 2009 - 12:00 a.m.

Mandriva Linux Security Advisory : openafs (MDVSA-2009:099-1)

2009-04-2800:00:00
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
www.tenable.com
16

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.163

Percentile

96.0%

JSON

Multiple vulnerabilities has been found and corrected in openafs :

The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro (CVE-2009-1250).

Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays (CVE-2009-1251).

The updated packages have been patched to correct these issues.

Update :

Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2009:099. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(38192);
  script_version("1.18");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2009-1250", "CVE-2009-1251");
  script_bugtraq_id(34404, 34407);
  script_xref(name:"MDVSA", value:"2009:099-1");

  script_name(english:"Mandriva Linux Security Advisory : openafs (MDVSA-2009:099-1)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Multiple vulnerabilities has been found and corrected in openafs :

The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0
through 1.5.58 on Linux allows remote attackers to cause a denial of
service (system crash) via an RX response with a large error-code
value that is interpreted as a pointer and dereferenced, related to
use of the ERR_PTR macro (CVE-2009-1250).

Heap-based buffer overflow in the cache manager in the client in
OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms
allows remote attackers to cause a denial of service (system crash) or
possibly execute arbitrary code via an RX response containing more
data than specified in a request, related to use of XDR arrays
(CVE-2009-1251).

The updated packages have been patched to correct these issues.

Update :

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(119, 189);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:dkms-libafs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64openafs1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64openafs1-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libopenafs1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libopenafs1-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openafs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openafs-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openafs-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openafs-server");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/12/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/28");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2008.0", reference:"dkms-libafs-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64openafs1-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64openafs1-devel-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libopenafs1-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libopenafs1-devel-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"openafs-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"openafs-client-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"openafs-doc-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"openafs-server-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

Related

openvas 9
securityvulns 4
nessus 4
debian 3
osv 1
gentoo 2
cvelist 2
nvd 2
ubuntucve 2
debiancve 2
cve 2
seebug 1
prion 2
openvas
openvas
Mandriva Security Advisory MDVSA-2009:099-1 (openafs)
2009-12-14 00:00:00
Mandriva Security Advisory MDVSA-2009:099-1 (openafs)
2009-12-14 00:00:00
Debian: Security Advisory (DSA-1768-1)
2009-04-15 00:00:00
securityvulns
securityvulns
[ GLSA 201101-05 ] OpenAFS: Arbitrary code execution
2011-01-19 00:00:00
OpenAFS security vulnerabilities
2011-01-19 00:00:00
[SECURITY] [DSA 1768-1] New openafs packages potential code execution
2009-04-12 00:00:00
nessus
nessus
GLSA-201101-05 : OpenAFS: Arbitrary code execution
2011-01-17 00:00:00
Scientific Linux Security Update : openafs on SL3.x, SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
Debian DSA-1768-1 : openafs - several vulnerabilities
2009-04-11 00:00:00
debian
debian
[SECURITY] [DSA 1768-1] New openafs packages potential code execution
2009-04-10 14:51:13
[Backports-security-announce] Security Update for openafs
2009-04-10 21:48:30
[Backports-security-announce] Security Update for openafs
2009-04-10 21:38:35
osv
osv
openafs - potential code execution
2009-04-10 00:00:00
gentoo
gentoo
OpenAFS: Arbitrary code execution
2011-01-16 00:00:00
OpenAFS: Multiple vulnerabilities
2014-04-07 00:00:00
cvelist
cvelist
CVE-2009-1250
2009-04-09 00:00:00
CVE-2009-1251
2009-04-09 00:00:00
nvd
nvd
CVE-2009-1251
2009-04-09 00:30:00
CVE-2009-1250
2009-04-09 00:30:00
ubuntucve
ubuntucve
CVE-2009-1251
2009-04-09 00:00:00
CVE-2009-1250
2009-04-09 00:00:00
debiancve
debiancve
CVE-2009-1251
2009-04-09 00:30:00
CVE-2009-1250
2009-04-09 00:30:00
cve
cve
CVE-2009-1251
2009-04-09 00:30:00
CVE-2009-1250
2009-04-09 00:30:00
seebug
seebug
OpenAFSε‡Ίι”™δ»£η θΏœη¨‹ζ‹’η»ζœεŠ‘ζΌζ΄ž
2009-04-10 00:00:00
prion
prion
Null pointer dereference
2009-04-09 00:30:00
Heap overflow
2009-04-09 00:30:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.163

Percentile

96.0%

JSON
Related for MANDRIVA_MDVSA-2009-099.NASL
openvas9securityvulns4nessus4debian3osv1gentoo2cvelist2nvd2ubuntucve2debiancve2cve2seebug1prion2