CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
EPSS
Percentile
85.5%
A vulnerability was discovered and corrected in xmlsec1 :
xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification (CVE-2011-1425).
Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149 products_id=490
The updated packages have been patched to correct this issue.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandriva Linux Security Advisory MDVSA-2011:063.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(53289);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2011-1425");
script_xref(name:"MDVSA", value:"2011:063");
script_name(english:"Mandriva Linux Security Advisory : xmlsec1 (MDVSA-2011:063)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandriva Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"A vulnerability was discovered and corrected in xmlsec1 :
xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in
WebKit and other products, when XSLT is enabled, allows remote
attackers to create or overwrite arbitrary files via vectors involving
the libxslt output extension and a ds:Transform element during
signature verification (CVE-2011-1425).
Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149 products_id=490
The updated packages have been patched to correct this issue."
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-gnutls-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-gnutls1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-nss-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-nss1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-openssl-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-openssl1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-gnutls-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-gnutls1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-nss-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-nss1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-openssl-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-openssl1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:xmlsec1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.0");
script_set_attribute(attribute:"patch_publication_date", value:"2011/04/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/04/05");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64xmlsec1-1-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64xmlsec1-devel-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64xmlsec1-gnutls-devel-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64xmlsec1-gnutls1-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64xmlsec1-nss-devel-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64xmlsec1-nss1-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64xmlsec1-openssl-devel-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64xmlsec1-openssl1-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libxmlsec1-1-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libxmlsec1-devel-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libxmlsec1-gnutls-devel-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libxmlsec1-gnutls1-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libxmlsec1-nss-devel-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libxmlsec1-nss1-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libxmlsec1-openssl-devel-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libxmlsec1-openssl1-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"xmlsec1-1.2.10-7.3mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64xmlsec1-1-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64xmlsec1-devel-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64xmlsec1-gnutls-devel-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64xmlsec1-gnutls1-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64xmlsec1-nss-devel-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64xmlsec1-nss1-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64xmlsec1-openssl-devel-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64xmlsec1-openssl1-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libxmlsec1-1-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libxmlsec1-devel-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libxmlsec1-gnutls-devel-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libxmlsec1-gnutls1-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libxmlsec1-nss-devel-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libxmlsec1-nss1-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libxmlsec1-openssl-devel-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libxmlsec1-openssl1-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", reference:"xmlsec1-1.2.13-1.2mdv2010.0", yank:"mdv")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
mandriva | linux | lib64xmlsec1-1 | p-cpe:/a:mandriva:linux:lib64xmlsec1-1 |
mandriva | linux | lib64xmlsec1-devel | p-cpe:/a:mandriva:linux:lib64xmlsec1-devel |
mandriva | linux | lib64xmlsec1-gnutls-devel | p-cpe:/a:mandriva:linux:lib64xmlsec1-gnutls-devel |
mandriva | linux | lib64xmlsec1-gnutls1 | p-cpe:/a:mandriva:linux:lib64xmlsec1-gnutls1 |
mandriva | linux | lib64xmlsec1-nss-devel | p-cpe:/a:mandriva:linux:lib64xmlsec1-nss-devel |
mandriva | linux | lib64xmlsec1-nss1 | p-cpe:/a:mandriva:linux:lib64xmlsec1-nss1 |
mandriva | linux | lib64xmlsec1-openssl-devel | p-cpe:/a:mandriva:linux:lib64xmlsec1-openssl-devel |
mandriva | linux | lib64xmlsec1-openssl1 | p-cpe:/a:mandriva:linux:lib64xmlsec1-openssl1 |
mandriva | linux | libxmlsec1-1 | p-cpe:/a:mandriva:linux:libxmlsec1-1 |
mandriva | linux | libxmlsec1-devel | p-cpe:/a:mandriva:linux:libxmlsec1-devel |