Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20130919_SPICE_GTK_ON_SL6_X.NASL
HistorySep 20, 2013 - 12:00 a.m.

Scientific Linux Security Update : spice-gtk on SL6.x i386/x86_64 (20130919)

2013-09-2000:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

EPSS

0

Percentile

5.1%

JSON

spice-gtk communicated with PolicyKit for authorization via an API that is vulnerable to a race condition. This could lead to intended PolicyKit authorizations being bypassed. This update modifies spice-gtk to communicate with PolicyKit via a different API that is not vulnerable to the race condition. (CVE-2013-4324)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(70017);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2013-4324");

  script_name(english:"Scientific Linux Security Update : spice-gtk on SL6.x i386/x86_64 (20130919)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"spice-gtk communicated with PolicyKit for authorization via an API
that is vulnerable to a race condition. This could lead to intended
PolicyKit authorizations being bypassed. This update modifies
spice-gtk to communicate with PolicyKit via a different API that is
not vulnerable to the race condition. (CVE-2013-4324)"
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1309&L=scientific-linux-errata&T=0&P=1200
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?4551e400"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:spice-glib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:spice-glib-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:spice-gtk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:spice-gtk-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:spice-gtk-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:spice-gtk-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:spice-gtk-tools");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/10/03");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/09/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/20");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL6", reference:"spice-glib-0.14-7.el6_4.3")) flag++;
if (rpm_check(release:"SL6", reference:"spice-glib-devel-0.14-7.el6_4.3")) flag++;
if (rpm_check(release:"SL6", reference:"spice-gtk-0.14-7.el6_4.3")) flag++;
if (rpm_check(release:"SL6", reference:"spice-gtk-debuginfo-0.14-7.el6_4.3")) flag++;
if (rpm_check(release:"SL6", reference:"spice-gtk-devel-0.14-7.el6_4.3")) flag++;
if (rpm_check(release:"SL6", reference:"spice-gtk-python-0.14-7.el6_4.3")) flag++;
if (rpm_check(release:"SL6", reference:"spice-gtk-tools-0.14-7.el6_4.3")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "spice-glib / spice-glib-devel / spice-gtk / spice-gtk-debuginfo / etc");
}

Related

nessus 7
fedora 2
openvas 11
centos 1
oraclelinux 1
veracode 1
redhat 1
debiancve 1
cve 1
ibm 1
ubuntucve 1
nvd 1
prion 1
cvelist 1
gentoo 1
mageia 1
nessus
nessus
RHEL 6 : spice-gtk (RHSA-2013:1273)
2013-09-20 00:00:00
openSUSE Security Update : spice-gtk (openSUSE-SU-2013:1562-1)
2014-06-13 00:00:00
CentOS 6 : spice-gtk (CESA-2013:1273)
2013-09-20 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: spice-gtk-0.20-6.fc19
2013-09-27 00:45:25
[SECURITY] Fedora 18 Update: spice-gtk-0.18-3.fc18
2013-12-19 07:19:49
openvas
openvas
RedHat Update for spice-gtk RHSA-2013:1273-01
2013-09-24 00:00:00
Fedora Update for spice-gtk FEDORA-2013-17109
2013-10-03 00:00:00
Fedora Update for spice-gtk FEDORA-2013-17195
2013-12-23 00:00:00
centos
centos
spice security update
2013-09-20 02:25:25
oraclelinux
oraclelinux
spice-gtk security update
2013-09-19 00:00:00
veracode
veracode
Authorization Bypass
2019-01-15 08:59:36
redhat
redhat
(RHSA-2013:1273) Important: spice-gtk security update
2013-09-19 00:00:00
debiancve
debiancve
CVE-2013-4324
2013-10-03 21:55:04
cve
cve
CVE-2013-4324
2013-10-03 21:55:04
ibm
ibm
Security Bulletin: IBM Flex System Manger expired USERID password vulnerability (CVE-2013-5424)
2022-05-16 16:03:13
ubuntucve
ubuntucve
CVE-2013-4324
2013-10-03 00:00:00
nvd
nvd
CVE-2013-4324
2013-10-03 21:55:04
prion
prion
Race condition
2013-10-03 21:55:00
cvelist
cvelist
CVE-2013-4324
2013-10-03 21:00:00
gentoo
gentoo
polkit, Spice-Gtk, systemd, HPLIP, libvirt: Privilege escalation
2014-06-26 00:00:00
mageia
mageia
Updated polkit package and the packages that call polkit fixes security vulnerability
2013-10-05 21:53:02

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

EPSS

0

Percentile

5.1%

JSON
Related for SL_20130919_SPICE_GTK_ON_SL6_X.NASL
nessus7fedora2openvas11centos1oraclelinux1veracode1redhat1debiancve1cve1ibm1ubuntucve1nvd1prion1cvelist1gentoo1mageia1