Lucene search
This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.MANDRIVA_MDVSA-2010-004.NASLHistoryJan 14, 2010 - 12:00 a.m.
Mandriva Linux Security Advisory : bash (MDVSA-2010:004)
2010-01-1400:00:00
This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
16.2%
A vulnerability have been discovered in Mandriva bash package, which could allow a malicious user to hide files from the ls command, or garble its output by crafting files or directories which contain special characters or escape sequences (CVE-2010-0002). This update fixes the issue by disabling the display of control characters by default.
Additionally, this update fixes the unsafe file creation in bash-doc sample scripts (CVE-2008-5374).
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandriva Linux Security Advisory MDVSA-2010:004.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(43880);
script_version("1.18");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2008-5374", "CVE-2010-0002");
script_bugtraq_id(32733);
script_xref(name:"MDVSA", value:"2010:004");
script_name(english:"Mandriva Linux Security Advisory : bash (MDVSA-2010:004)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandriva Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"A vulnerability have been discovered in Mandriva bash package, which
could allow a malicious user to hide files from the ls command, or
garble its output by crafting files or directories which contain
special characters or escape sequences (CVE-2010-0002). This update
fixes the issue by disabling the display of control characters by
default.
Additionally, this update fixes the unsafe file creation in bash-doc
sample scripts (CVE-2008-5374).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers."
);
script_set_attribute(
attribute:"solution",
value:"Update the affected bash and / or bash-doc packages."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:ND");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(20, 59);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:bash");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:bash-doc");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.0");
script_set_attribute(attribute:"patch_publication_date", value:"2010/01/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/14");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK2008.0", reference:"bash-3.2-5.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"bash-doc-3.2-5.1mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"bash-3.2-10.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"bash-doc-3.2-10.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", reference:"bash-3.2.48-3.1mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", reference:"bash-doc-3.2.48-3.1mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", reference:"bash-4.0-7.1mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", reference:"bash-doc-4.0-7.1mdv2010.0", yank:"mdv")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mandriva | linux | bash | p-cpe:/a:mandriva:linux:bash |
| mandriva | linux | bash-doc | p-cpe:/a:mandriva:linux:bash-doc |
| mandriva | linux | 2008.0 | cpe:/o:mandriva:linux:2008.0 |
| mandriva | linux | 2009.0 | cpe:/o:mandriva:linux:2009.0 |
| mandriva | linux | 2009.1 | cpe:/o:mandriva:linux:2009.1 |
| mandriva | linux | 2010.0 | cpe:/o:mandriva:linux:2010.0 |
Related
openvas
openvas
Mandriva Update for bash MDVSA-2010:004 (bash)
2010-01-19 00:00:00
Mandriva Update for bash MDVSA-2010:004 (bash)
2010-01-19 00:00:00
CentOS Update for bash CESA-2011:1073 centos5 x86_64
2012-07-30 00:00:00
securityvulns
securityvulns
[ MDVSA-2010:004 ] bash
2010-01-17 00:00:00
bash terminal characters injection
2010-01-17 00:00:00
oraclelinux
oraclelinux
bash security and bug fix update
2011-02-23 00:00:00
bash security, bug fix, and enhancement update
2011-07-31 00:00:00
cve
cve
CVE-2008-5374
2008-12-08 23:30:00
CVE-2010-0002
2022-10-03 16:21:13
nessus
nessus
Scientific Linux Security Update : bash on SL5.x i386/x86_64
2012-08-01 00:00:00
Oracle Linux 4 : bash (ELSA-2011-0261)
2013-07-12 00:00:00
Scientific Linux Security Update : bash on SL4.x i386/x86_64
2012-08-01 00:00:00
redhat
redhat
(RHSA-2011:1073) Low: bash security, bug fix, and enhancement update
2011-07-21 00:00:00
(RHSA-2011:0261) Low: bash security and bug fix update
2011-02-16 00:00:00
(RHSA-2011:1090) Moderate: rhev-hypervisor security and bug fix update
2011-07-27 00:00:00
veracode
veracode
Symlink Attack
2020-04-10 00:58:24
cvelist
cvelist
CVE-2008-5374
2008-12-08 23:00:00
CVE-2010-0002
2022-10-03 16:21:13
nvd
nvd
CVE-2008-5374
2008-12-08 23:30:00
CVE-2010-0002
2010-01-14 18:30:00
debiancve
debiancve
CVE-2008-5374
2008-12-08 23:30:00
CVE-2010-0002
2022-10-03 16:21:13
prion
prion
Code injection
2008-12-08 23:30:00
Code injection
2010-01-14 18:30:00
centos
centos
bash security update
2011-09-01 16:10:39
ubuntucve
ubuntucve
CVE-2008-5374
2008-12-08 00:00:00
CVE-2010-0002
2010-01-14 00:00:00
gentoo
gentoo
Bash: Multiple vulnerabilities
2012-10-20 00:00:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
16.2%
Related for MANDRIVA_MDVSA-2010-004.NASL