Lucene search
Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-1288-1.NASLHistoryDec 07, 2011 - 12:00 a.m.
Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : vsftpd vulnerability (USN-1288-1)
2011-12-0700:00:00
Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.025
Percentile
90.2%
It was discovered that the 2.6.35 and earlier Linux kernel does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) in applications that require a separate namespace per connection, like vsftpd. This update adjusts vsftpd to only use network namespaces on kernels that are known to be not affected.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1288-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(57038);
script_version("1.6");
script_cvs_date("Date: 2019/09/19 12:54:27");
script_cve_id("CVE-2011-2189");
script_xref(name:"USN", value:"1288-1");
script_name(english:"Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : vsftpd vulnerability (USN-1288-1)");
script_summary(english:"Checks dpkg output for updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Ubuntu host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"It was discovered that the 2.6.35 and earlier Linux kernel does not
properly handle a high rate of creation and cleanup of network
namespaces, which makes it easier for remote attackers to cause a
denial of service (memory consumption) in applications that require a
separate namespace per connection, like vsftpd. This update adjusts
vsftpd to only use network namespaces on kernels that are known to be
not affected.
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/1288-1/"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected vsftpd package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:vsftpd");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.04");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.10");
script_set_attribute(attribute:"vuln_publication_date", value:"2011/10/10");
script_set_attribute(attribute:"patch_publication_date", value:"2011/12/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/07");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(10\.04|10\.10|11\.04|11\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 10.04 / 10.10 / 11.04 / 11.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"10.04", pkgname:"vsftpd", pkgver:"2.2.2-3ubuntu6.3")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"vsftpd", pkgver:"2.3.0~pre2-4ubuntu2.3")) flag++;
if (ubuntu_check(osver:"11.04", pkgname:"vsftpd", pkgver:"2.3.2-3ubuntu4.1")) flag++;
if (ubuntu_check(osver:"11.10", pkgname:"vsftpd", pkgver:"2.3.2-3ubuntu5.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "vsftpd");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | vsftpd | p-cpe:/a:canonical:ubuntu_linux:vsftpd |
| canonical | ubuntu_linux | 10.04 | cpe:/o:canonical:ubuntu_linux:10.04:-:lts |
| canonical | ubuntu_linux | 10.10 | cpe:/o:canonical:ubuntu_linux:10.10 |
| canonical | ubuntu_linux | 11.04 | cpe:/o:canonical:ubuntu_linux:11.04 |
| canonical | ubuntu_linux | 11.10 | cpe:/o:canonical:ubuntu_linux:11.10 |
Related
openvas
openvas
Ubuntu Update for vsftpd USN-1288-1
2011-12-09 00:00:00
Ubuntu: Security Advisory (USN-1288-1)
2011-12-09 00:00:00
Debian Security Advisory DSA 2305-1 (vsftpd)
2011-10-16 00:00:00
attackerkb
attackerkb
CVE-2011-2189
2011-10-10 00:00:00
cvelist
cvelist
CVE-2011-2189
2011-10-10 10:00:00
cve
cve
CVE-2011-2189
2011-10-10 10:55:05
prion
prion
Design/Logic Flaw
2011-10-10 10:55:00
ubuntu
ubuntu
vsftpd vulnerability
2011-12-07 00:00:00
debiancve
debiancve
CVE-2011-2189
2011-10-10 10:55:05
ubuntucve
ubuntucve
CVE-2011-2189
2011-10-10 00:00:00
nvd
nvd
CVE-2011-2189
2011-10-10 10:55:05
securityvulns
securityvulns
vsftpd DoS
2011-03-03 00:00:00
debian
debian
[SECURITY] [DSA 2305-1] vsftpd security update
2011-09-19 03:49:17
osv
osv
vsftpd - denial of service
2011-09-19 00:00:00
nessus
nessus
Debian DSA-2305-1 : vsftpd - denial of service
2011-09-20 00:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.025
Percentile
90.2%
Related for UBUNTU_USN-1288-1.NASL