Lucene search
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2013-302.NASLHistoryJun 13, 2014 - 12:00 a.m.
openSUSE Security Update : dhcp (openSUSE-SU-2013:0620-1)
2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
0.943
Percentile
99.2%
ISC DHCP was updated to ISC dhcp-4.2.5-P1 release, which contains updated bind-9.8.4-P2 sources with removed regex.h check in configure (bnc#811934, CVE-2013-2266).
Also: Changed spec make the bind export library build output visible.
Added dhcp6-server service template for SuSEfirewall2 (bnc#783002) Update config.guess/sub for aarch64
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2013-302.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(74958);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2013-2266");
script_name(english:"openSUSE Security Update : dhcp (openSUSE-SU-2013:0620-1)");
script_summary(english:"Check for the openSUSE-2013-302 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"ISC DHCP was updated to ISC dhcp-4.2.5-P1 release, which contains
updated bind-9.8.4-P2 sources with removed regex.h check in configure
(bnc#811934, CVE-2013-2266).
Also: Changed spec make the bind export library build output visible.
Added dhcp6-server service template for SuSEfirewall2 (bnc#783002)
Update config.guess/sub for aarch64"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=783002"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=811934"
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.opensuse.org/opensuse-updates/2013-04/msg00038.html"
);
script_set_attribute(attribute:"solution", value:"Update the affected dhcp packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-client-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-relay");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-relay-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-server-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.3");
script_set_attribute(attribute:"patch_publication_date", value:"2013/03/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE12.3", reference:"dhcp-4.2.5.P1-0.2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"dhcp-client-4.2.5.P1-0.2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"dhcp-client-debuginfo-4.2.5.P1-0.2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"dhcp-debuginfo-4.2.5.P1-0.2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"dhcp-debugsource-4.2.5.P1-0.2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"dhcp-devel-4.2.5.P1-0.2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"dhcp-relay-4.2.5.P1-0.2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"dhcp-relay-debuginfo-4.2.5.P1-0.2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"dhcp-server-4.2.5.P1-0.2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"dhcp-server-debuginfo-4.2.5.P1-0.2.4.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "dhcp");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | dhcp | p-cpe:/a:novell:opensuse:dhcp |
| novell | opensuse | dhcp-client | p-cpe:/a:novell:opensuse:dhcp-client |
| novell | opensuse | dhcp-client-debuginfo | p-cpe:/a:novell:opensuse:dhcp-client-debuginfo |
| novell | opensuse | dhcp-debuginfo | p-cpe:/a:novell:opensuse:dhcp-debuginfo |
| novell | opensuse | dhcp-debugsource | p-cpe:/a:novell:opensuse:dhcp-debugsource |
| novell | opensuse | dhcp-devel | p-cpe:/a:novell:opensuse:dhcp-devel |
| novell | opensuse | dhcp-relay | p-cpe:/a:novell:opensuse:dhcp-relay |
| novell | opensuse | dhcp-relay-debuginfo | p-cpe:/a:novell:opensuse:dhcp-relay-debuginfo |
| novell | opensuse | dhcp-server | p-cpe:/a:novell:opensuse:dhcp-server |
| novell | opensuse | dhcp-server-debuginfo | p-cpe:/a:novell:opensuse:dhcp-server-debuginfo |
Related
nessus
nessus
Oracle Linux 5 : bind97 (ELSA-2013-0690)
2013-07-12 00:00:00
CentOS 5 : bind97 (CESA-2013:0690)
2013-03-29 00:00:00
Fedora 17 : bind-9.9.2-7.P2.fc17 (2013-4533)
2013-04-08 00:00:00
openvas
openvas
Ubuntu Update for bind9 USN-1783-1
2013-04-02 00:00:00
Debian Security Advisory DSA 2656-1 (bind9 - denial of service)
2013-03-30 00:00:00
Amazon Linux: Security Advisory (ALAS-2013-176)
2015-09-08 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:51:10
prion
prion
Code injection
2013-03-28 16:55:00
Design/Logic Flaw
2013-03-28 16:55:00
fedora
fedora
[SECURITY] Fedora 18 Update: bind-9.9.2-10.P2.fc18
2013-04-05 23:08:28
[SECURITY] Fedora 17 Update: bind-9.9.2-7.P2.fc17
2013-04-07 00:25:01
[SECURITY] Fedora 18 Update: bind-9.9.3-4.P2.fc18
2013-08-04 00:13:45
redhat
redhat
(RHSA-2013:0690) Important: bind97 security update
2013-03-28 00:00:00
(RHSA-2013:0689) Important: bind security and bug fix update
2013-03-28 00:00:00
(RHSA-2013:0746) Important: rhev-hypervisor6 security and bug fix update
2013-04-23 00:00:00
oraclelinux
oraclelinux
bind security and bug fix update
2013-03-28 00:00:00
bind97 security update
2013-03-28 00:00:00
bind97 security and bug fix update
2014-09-17 00:00:00
cvelist
cvelist
CVE-2013-2266
2013-03-28 16:00:00
CVE-2013-2494
2022-10-03 16:14:59
freebsd
freebsd
dns/bind9* -- Malicious Regex Can Cause Memory Exhaustion
2013-03-11 00:00:00
FreeBSD -- BIND remote denial of service
2013-04-02 00:00:00
amazon
amazon
Important: bind
2013-04-04 11:09:00
nvd
nvd
CVE-2013-2266
2013-03-28 16:55:01
CVE-2013-2494
2013-03-28 16:55:01
checkpoint_advisories
checkpoint_advisories
ISC BIND Regular Expression Handling Denial of Service (CVE-2013-2266)
2013-06-30 00:00:00
f5
f5
K14386 : BIND vulnerability CVE-2013-2266
2014-08-26 00:00:00
SOL14386 - BIND vulnerability CVE-2013-2266
2013-05-01 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-13:04.bind
2013-04-02 00:00:00
debian
debian
[SECURITY] [DSA 2656-1] bind9 security update
2013-03-30 15:42:49
securityvulns
securityvulns
[slackware-security] dhcp (SSA:2013-086-02)
2013-04-01 00:00:00
[USN-1783-1] Bind vulnerability
2013-04-01 00:00:00
bind / dhcp DoS
2013-04-01 00:00:00
centos
centos
bind security update
2013-03-29 00:19:00
bind97 security update
2013-03-28 23:25:41
cve
cve
CVE-2013-2266
2013-03-28 16:55:01
CVE-2013-2494
2022-10-03 16:14:59
debiancve
debiancve
CVE-2013-2266
2013-03-28 16:55:01
CVE-2013-2494
2022-10-03 16:14:59
seebug
seebug
ISC BIND 9 'libdns' θΏη¨ζη»ζε‘ζΌζ΄(CVE-2013-2266)
2013-03-29 00:00:00
ubuntu
ubuntu
Bind vulnerability
2013-03-29 00:00:00
ubuntucve
ubuntucve
CVE-2013-2266
2013-03-26 00:00:00
CVE-2013-2494
2013-03-28 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1822
2021-07-02 16:37:55
gentoo
gentoo
BIND: Denial of service
2014-01-29 00:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
0.943
Percentile
99.2%
Related for OPENSUSE-2013-302.NASL