Lucene search
Copyright (C) 2012 Greenbone AGOPENVAS:1361412562310831727HistoryAug 24, 2012 - 12:00 a.m.
Mandriva Update for openslp MDVSA-2012:141 (openslp)
2012-08-2400:00:00
Copyright (C) 2012 Greenbone AG
plugins.openvas.org
12
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
7.7
Confidence
High
EPSS
0.371
Percentile
97.2%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_xref(name:"URL", value:"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:141");
script_oid("1.3.6.1.4.1.25623.1.0.831727");
script_version("2023-07-14T05:06:08+0000");
script_tag(name:"last_modification", value:"2023-07-14 05:06:08 +0000 (Fri, 14 Jul 2023)");
script_tag(name:"creation_date", value:"2012-08-24 09:57:24 +0530 (Fri, 24 Aug 2012)");
script_cve_id("CVE-2010-3609");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_xref(name:"MDVSA", value:"2012:141");
script_name("Mandriva Update for openslp MDVSA-2012:141 (openslp)");
script_tag(name:"summary", value:"The remote host is missing an update for the 'openslp'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2012 Greenbone AG");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release", re:"ssh/login/release=MNDK_(2011\.0|mes5\.2)");
script_tag(name:"affected", value:"openslp on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2");
script_tag(name:"solution", value:"Please Install the Updated Packages.");
script_tag(name:"insight", value:"A vulnerability has been discovered and corrected in openslp:
The extension parser in slp_v2message.c in OpenSLP 1.2.1 allows
remote attackers to cause a denial of service (infinite loop) via a
packet with a next extension offset that references this extension
or a previous extension (CVE-2010-3609).
The updated packages have been patched to correct this issue.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release) exit(0);
res = "";
if(release == "MNDK_2011.0")
{
if ((res = isrpmvuln(pkg:"libopenslp1", rpm:"libopenslp1~1.2.1~12.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libopenslp1-devel", rpm:"libopenslp1-devel~1.2.1~12.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openslp", rpm:"openslp~1.2.1~12.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64openslp1", rpm:"lib64openslp1~1.2.1~12.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64openslp1-devel", rpm:"lib64openslp1-devel~1.2.1~12.1", rls:"MNDK_2011.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
if(release == "MNDK_mes5.2")
{
if ((res = isrpmvuln(pkg:"libopenslp1", rpm:"libopenslp1~1.2.1~12.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libopenslp1-devel", rpm:"libopenslp1-devel~1.2.1~12.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"openslp", rpm:"openslp~1.2.1~12.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64openslp1", rpm:"lib64openslp1~1.2.1~12.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64openslp1-devel", rpm:"lib64openslp1-devel~1.2.1~12.1mdvmes5.2", rls:"MNDK_mes5.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
Related
nessus
nessus
Mandriva Linux Security Advisory : openslp (MDVSA-2013:111)
2013-04-20 00:00:00
openSUSE Security Update : openslp (openSUSE-SU-2010:0992-1)
2011-05-05 00:00:00
SuSE 10 Security Update : openslp (ZYPP Patch Number 7187)
2010-11-30 00:00:00
openvas
openvas
Ubuntu Update for openslp-dfsg USN-1118-1
2011-05-10 00:00:00
Ubuntu: Security Advisory (USN-1118-1)
2011-05-10 00:00:00
Mandriva Update for openslp MDVSA-2012:141 (openslp)
2012-08-24 00:00:00
ubuntucve
ubuntucve
CVE-2010-3609
2011-03-11 00:00:00
cve
cve
CVE-2010-3609
2011-03-11 17:55:02
CVE-2015-5155
2019-11-26 22:15:14
nvd
nvd
CVE-2010-3609
2011-03-11 17:55:02
CVE-2015-5155
2019-11-26 22:15:14
ubuntu
ubuntu
OpenSLP vulnerability
2011-04-20 00:00:00
packetstorm
packetstorm
SLP (Service Location Protocol) Denial Of Service
2011-07-26 00:00:00
cert
cert
OpenSLP denial of service vulnerability
2011-03-21 00:00:00
cvelist
cvelist
CVE-2010-3609
2011-03-11 17:00:00
prion
prion
Design/Logic Flaw
2011-03-11 17:55:00
exploitdb
exploitdb
OpenSLP 1.2.1 / < 1647 trunk - Denial of Service
2011-08-05 00:00:00
securityvulns
securityvulns
fedora
fedora
[SECURITY] Fedora 20 Update: openslp-1.2.1-22.fc20
2015-05-27 16:29:19
osv
osv
openslp-dfsg - security update
2015-09-03 00:00:00
debian
debian
[SECURITY] [DLA 304-1] openslp-dfsg security update
2015-09-03 07:43:06
gentoo
gentoo
OpenSLP: Multiple vulnerabilities
2017-07-08 00:00:00
vmware
vmware
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
7.7
Confidence
High
EPSS
0.371
Percentile
97.2%
Related for OPENVAS:1361412562310831727