Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2008-0287.NASL
HistoryMay 22, 2008 - 12:00 a.m.

RHEL 2.1 / 3 / 4 / 5 : libxslt (RHSA-2008:0287)

2008-05-2200:00:00
This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.018

Percentile

88.4%

JSON

Updated libxslt packages that fix a security issue are now available.

This update has been rated as having important security impact by the Red Hat Security Response Team.

libxslt is a C library, based on libxml, for parsing of XML files into other textual formats (eg HTML, plain text and other XML representations of the underlying data) It uses the standard XSLT stylesheet transformation mechanism and, being written in plain ANSI C, is designed to be simple to incorporate into other applications

Anthony de Almeida Lopes reported the libxslt library did not properly process long β€˜transformation match’ conditions in the XSL stylesheet files. An attacker could create a malicious XSL file that would cause a crash, or, possibly, execute and arbitrary code with the privileges of the application using libxslt library to perform XSL transformations. (CVE-2008-1767)

All users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2008:0287. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(32421);
  script_version("1.25");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2008-1767");
  script_bugtraq_id(29312);
  script_xref(name:"RHSA", value:"2008:0287");

  script_name(english:"RHEL 2.1 / 3 / 4 / 5 : libxslt (RHSA-2008:0287)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated libxslt packages that fix a security issue are now available.

This update has been rated as having important security impact by the
Red Hat Security Response Team.

libxslt is a C library, based on libxml, for parsing of XML files into
other textual formats (eg HTML, plain text and other XML
representations of the underlying data) It uses the standard XSLT
stylesheet transformation mechanism and, being written in plain ANSI
C, is designed to be simple to incorporate into other applications

Anthony de Almeida Lopes reported the libxslt library did not properly
process long 'transformation match' conditions in the XSL stylesheet
files. An attacker could create a malicious XSL file that would cause
a crash, or, possibly, execute and arbitrary code with the privileges
of the application using libxslt library to perform XSL
transformations. (CVE-2008-1767)

All users are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2008-1767"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2008:0287"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Update the affected libxslt, libxslt-devel and / or libxslt-python
packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libxslt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libxslt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libxslt-python");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.1");

  script_set_attribute(attribute:"vuln_publication_date", value:"2008/05/23");
  script_set_attribute(attribute:"patch_publication_date", value:"2008/05/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2008/05/22");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(2\.1|3|4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1 / 3.x / 4.x / 5.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2008:0287";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"libxslt-1.0.15-3")) flag++;

  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"libxslt-devel-1.0.15-3")) flag++;

  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"libxslt-python-1.0.15-3")) flag++;


  if (rpm_check(release:"RHEL3", reference:"libxslt-1.0.33-6")) flag++;

  if (rpm_check(release:"RHEL3", reference:"libxslt-devel-1.0.33-6")) flag++;


  if (rpm_check(release:"RHEL4", reference:"libxslt-1.1.11-1.el4_6.1")) flag++;

  if (rpm_check(release:"RHEL4", reference:"libxslt-devel-1.1.11-1.el4_6.1")) flag++;

  if (rpm_check(release:"RHEL4", reference:"libxslt-python-1.1.11-1.el4_6.1")) flag++;


  if (rpm_check(release:"RHEL5", reference:"libxslt-1.1.17-2.el5_1.1")) flag++;

  if (rpm_check(release:"RHEL5", reference:"libxslt-devel-1.1.17-2.el5_1.1")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"libxslt-python-1.1.17-2.el5_1.1")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"libxslt-python-1.1.17-2.el5_1.1")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"libxslt-python-1.1.17-2.el5_1.1")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libxslt / libxslt-devel / libxslt-python");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxlibxsltp-cpe:/a:redhat:enterprise_linux:libxslt
redhatenterprise_linuxlibxslt-develp-cpe:/a:redhat:enterprise_linux:libxslt-devel
redhatenterprise_linuxlibxslt-pythonp-cpe:/a:redhat:enterprise_linux:libxslt-python
redhatenterprise_linux2.1cpe:/o:redhat:enterprise_linux:2.1
redhatenterprise_linux3cpe:/o:redhat:enterprise_linux:3
redhatenterprise_linux4cpe:/o:redhat:enterprise_linux:4
redhatenterprise_linux4.6cpe:/o:redhat:enterprise_linux:4.6
redhatenterprise_linux5cpe:/o:redhat:enterprise_linux:5
redhatenterprise_linux5.1cpe:/o:redhat:enterprise_linux:5.1

Related

centos 2
openvas 24
nessus 15
gentoo 1
cvelist 1
securityvulns 2
ubuntucve 1
redhat 1
debian 1
seebug 1
slackware 1
nvd 1
oraclelinux 1
debiancve 1
prion 1
cve 1
ubuntu 1
centos
centos
libxslt security update
2008-05-22 06:09:03
libxslt security update
2008-05-21 13:50:56
openvas
openvas
Debian: Security Advisory (DSA-1589-1)
2023-03-08 00:00:00
Slackware Advisory SSA:2008-210-03 libxslt
2012-09-11 00:00:00
RedHat Update for libxslt RHSA-2008:0287-01
2009-03-06 00:00:00
nessus
nessus
SuSE 10 Security Update : libxslt (ZYPP Patch Number 5343)
2008-06-16 00:00:00
SuSE9 Security Update : libxslt (YOU Patch Number 12184)
2009-09-24 00:00:00
Slackware 12.0 / 12.1 / current : libxslt (SSA:2008-210-03)
2008-07-29 00:00:00
gentoo
gentoo
libxslt: Execution of arbitrary code
2008-06-03 00:00:00
cvelist
cvelist
CVE-2008-1767
2008-05-23 14:00:00
securityvulns
securityvulns
libxslt memory corruption
2008-06-04 00:00:00
[ GLSA 200806-02 ] libxslt: Execution of arbitrary code
2008-06-04 00:00:00
ubuntucve
ubuntucve
CVE-2008-1767
2008-05-23 00:00:00
redhat
redhat
(RHSA-2008:0287) Important: libxslt security update
2008-05-21 00:00:00
debian
debian
[SECURITY] [DSA 1589-1] New libxslt packages fix execution of arbitrary code
2008-05-28 14:14:39
seebug
seebug
libxslt XSLζ–‡δ»Άε€„η†ηΌ“ε†²εŒΊζΊ’ε‡ΊζΌζ΄ž
2008-05-29 00:00:00
slackware
slackware
[slackware-security] libxslt
2008-07-29 05:32:12
nvd
nvd
CVE-2008-1767
2008-05-23 15:32:00
oraclelinux
oraclelinux
libxslt security update
2008-05-21 00:00:00
debiancve
debiancve
CVE-2008-1767
2008-05-23 15:32:00
prion
prion
Buffer overflow
2008-05-23 15:32:00
cve
cve
CVE-2008-1767
2008-05-23 15:32:00
ubuntu
ubuntu
libxslt vulnerabilities
2008-08-01 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.018

Percentile

88.4%

JSON
Related for REDHAT-RHSA-2008-0287.NASL
centos2openvas24nessus15gentoo1cvelist1securityvulns2ubuntucve1redhat1debian1seebug1slackware1nvd1oraclelinux1debiancve1prion1cve1ubuntu1