Lucene search
Copyright (c) 2011 Greenbone Networks GmbHOPENVAS:870473HistoryAug 27, 2011 - 12:00 a.m.
RedHat Update for system-config-printer RHSA-2011:1196-01
2011-08-2700:00:00
Copyright (c) 2011 Greenbone Networks GmbH
plugins.openvas.org
22
EPSS
0.005
Percentile
77.1%
Check for the Version of system-config-printer
###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for system-config-printer RHSA-2011:1196-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "system-config-printer is a print queue configuration tool with a graphical
user interface.
It was found that system-config-printer did not properly sanitize NetBIOS
and workgroup names when searching for network printers. A remote attacker
could use this flaw to execute arbitrary code with the privileges of the
user running system-config-printer. (CVE-2011-2899)
All users of system-config-printer are advised to upgrade to these updated
packages, which contain a backported patch to resolve this issue. Running
instances of system-config-printer must be restarted for this update to
take effect.";
tag_affected = "system-config-printer on Red Hat Enterprise Linux (v. 5 server),
Red Hat Enterprise Linux AS version 4,
Red Hat Enterprise Linux ES version 4,
Red Hat Enterprise Linux WS version 4";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2011-August/msg00019.html");
script_id(870473);
script_version("$Revision: 6685 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $");
script_tag(name:"creation_date", value:"2011-08-27 16:37:49 +0200 (Sat, 27 Aug 2011)");
script_tag(name:"cvss_base", value:"5.1");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:N/C:P/I:P/A:P");
script_xref(name: "RHSA", value: "2011:1196-01");
script_cve_id("CVE-2011-2899");
script_name("RedHat Update for system-config-printer RHSA-2011:1196-01");
script_summary("Check for the Version of system-config-printer");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_family("Red Hat Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "RHENT_5")
{
if ((res = isrpmvuln(pkg:"system-config-printer", rpm:"system-config-printer~0.7.32.10~1.el5_7.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"system-config-printer-debuginfo", rpm:"system-config-printer-debuginfo~0.7.32.10~1.el5_7.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"system-config-printer-libs", rpm:"system-config-printer-libs~0.7.32.10~1.el5_7.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "RHENT_4")
{
if ((res = isrpmvuln(pkg:"system-config-printer", rpm:"system-config-printer~0.6.116.10~1.6.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"system-config-printer-debuginfo", rpm:"system-config-printer-debuginfo~0.6.116.10~1.6.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"system-config-printer-gui", rpm:"system-config-printer-gui~0.6.116.10~1.6.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Related
redhat
redhat
(RHSA-2011:1196) Moderate: system-config-printer security update
2011-08-23 00:00:00
nessus
nessus
Oracle Linux 4 / 5 : system-config-printer (ELSA-2011-1196)
2013-07-12 00:00:00
CentOS 4 / 5 : system-config-printer (CESA-2011:1196)
2011-08-30 00:00:00
RHEL 4 / 5 : system-config-printer (RHSA-2011:1196)
2011-08-24 00:00:00
centos
centos
system security update
2011-08-29 10:20:22
openvas
openvas
CentOS Update for system-config-printer CESA-2011:1196 centos5 i386
2011-09-23 00:00:00
CentOS Update for system-config-printer CESA-2011:1196 centos4 x86_64
2012-07-30 00:00:00
CentOS Update for system-config-printer CESA-2011:1196 centos5 x86_64
2012-07-30 00:00:00
cve
cve
CVE-2011-2899
2011-08-31 23:55:03
oraclelinux
oraclelinux
system-config-printer security update
2011-08-23 00:00:00
prion
prion
Code injection
2011-08-31 23:55:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:03:56
debiancve
debiancve
CVE-2011-2899
2011-08-31 23:55:03
cvelist
cvelist
CVE-2011-2899
2011-08-31 23:00:00
nvd
nvd
CVE-2011-2899
2011-08-31 23:55:03
ubuntucve
ubuntucve
CVE-2011-2899
2011-08-31 00:00:00