Vulnerabilities > CVE-2001-0872

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
openbsd
redhat
suse
nessus

Summary

OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.

Nessus

  • NASL familyMisc.
    NASL idOPENSSH_USELOGIN_ENVIRONMENT.NASL
    descriptionYou are running a version of OpenSSH which is older than 3.0.2. Versions prior than 3.0.2 have the following vulnerabilities : - When the UseLogin feature is enabled, a local user could export environment variables, resulting in command execution as root. The UseLogin feature is disabled by default. (CVE-2001-0872) - A local information disclosure vulnerability. Only FreeBSD hosts are affected by this issue. (CVE-2001-1029)
    last seen2020-06-01
    modified2020-06-02
    plugin id10823
    published2001-12-10
    reporterThis script is copyright (C) 2001-2018 by EMAZE Networks S.p.A.
    sourcehttps://www.tenable.com/plugins/nessus/10823
    titleOpenSSH < 3.0.2 Multiple Vulnerabilities
    code
    #
    # This script is copyright  2001 by EMAZE Networks S.p.A.
    # under the General Public License (GPL). All Rights Reserved.
    #
    # Script audit and contributions from Carmichael Security <http://www.carmichaelsecurity.com>
    #      Erik Anderson <[email protected]>
    #      Added BugtraqID
    
    # Changes by Tenable:
    # - Updated title, xrefs, synopsis, and description (11/16/11)
    # - Updated description, static report [RD]
    # - Title update, output formatting, family change (8/18/09)
    
    
    include("compat.inc");
    
    if (description)
    {
      script_id(10823);
      script_version("1.32");
      script_cvs_date("Date: 2018/11/15 20:50:23");
    
      script_cve_id("CVE-2001-0872", "CVE-2001-1029");
      script_bugtraq_id(3614);
    
      script_name(english:"OpenSSH < 3.0.2 Multiple Vulnerabilities");
      script_summary(english:"Checks for the remote SSH version");
     
      script_set_attribute(attribute:"synopsis", value:
    "The SSH service running on the remote host has multiple
    vulnerabilities."
      );
      script_set_attribute(attribute:"description", value:
    "You are running a version of OpenSSH which is older than 3.0.2.
    Versions prior than 3.0.2 have the following vulnerabilities :
    
      - When the UseLogin feature is enabled, a local user
        could export environment variables, resulting in
        command execution as root.  The UseLogin feature is
        disabled by default. (CVE-2001-0872)
    
      - A local information disclosure vulnerability.
        Only FreeBSD hosts are affected by this issue.
        (CVE-2001-1029)");
      script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2001/Sep/208");
      script_set_attribute(attribute:"see_also", value:"https://www.freebsd.org/releases/4.4R/errata.html");
      # http://lists.mindrot.org/pipermail/openssh-unix-announce/2001-December/000031.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f85ed76c");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to OpenSSH 3.0.2 or apply the patch for prior
    versions. (Available at: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH)" );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    	
      script_set_attribute(attribute:"plugin_publication_date", value: "2001/12/10");
      script_set_attribute(attribute:"vuln_publication_date", value: "2001/12/03");
      script_set_attribute(attribute:"patch_publication_date", value: "2001/12/03");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:openbsd:openssh");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is copyright (C) 2001-2018 by EMAZE Networks S.p.A.");
      script_family(english:"Misc.");
    
      script_dependencie("ssh_detect.nasl");
      script_require_ports("Services/ssh", 22);
    
      exit(0);
    }
    
    include("backport.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    
    # Ensure the port is open.
    port = get_service(svc:"ssh", exit_on_fail:TRUE);
    
    # Get banner for service.
    banner = get_kb_item_or_exit("SSH/banner/"+port);
    
    bp_banner = tolower(get_backport_banner(banner:banner));
    if ("openssh" >!< bp_banner) exit(0, "The SSH service on port "+port+" is not OpenSSH.");
    if (backported) exit(1, "The banner from the OpenSSH server on port "+port+" indicates patches may have been backported.");
    
    if (ereg(pattern:"openssh[-_](1\..*|2\..*|3\.0.[0-1])", string:bp_banner))
      security_hole(port);
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-091.NASL
    descriptionIf the UseLogin feature is enabled in ssh local users could pass environment variables (including variables like LD_PRELOAD) to the login process. This has been fixed by not copying the environment if UseLogin is enabled. Please note that the default configuration for Debian does not have UseLogin enabled.
    last seen2020-06-01
    modified2020-06-02
    plugin id14928
    published2004-09-29
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14928
    titleDebian DSA-091-1 : ssh - influencing login
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-091. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(14928);
      script_version("1.21");
      script_cvs_date("Date: 2019/08/02 13:32:16");
    
      script_cve_id("CVE-2001-0872");
      script_bugtraq_id(3614);
      script_xref(name:"DSA", value:"091");
    
      script_name(english:"Debian DSA-091-1 : ssh - influencing login");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "If the UseLogin feature is enabled in ssh local users could pass
     environment variables (including variables like LD_PRELOAD) to the
     login process. This has been fixed by not copying the environment if
     UseLogin is enabled.
    
    Please note that the default configuration for Debian does not have
    UseLogin enabled."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.debian.org/security/2001/dsa-091"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"This has been fixed in version 1:1.2.3-9.4."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:ssh");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:2.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2001/12/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/29");
      script_set_attribute(attribute:"vuln_publication_date", value:"2001/12/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"2.2", prefix:"ssh", reference:"1.2.3-9.4")) flag++;
    if (deb_check(release:"2.2", prefix:"ssh-askpass-gnome", reference:"1.2.3-9.4")) flag++;
    if (deb_check(release:"2.2", prefix:"ssh-askpass-ptk", reference:"1.2.3-9.4")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyMisc.
    NASL idSUNSSH_PLAINTEXT_RECOVERY.NASL
    descriptionThe version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could exploit this to gain access to sensitive information. Note that this version of SunSSH is also prone to several additional issues but Nessus did not test for them.
    last seen2020-06-01
    modified2020-06-02
    plugin id55992
    published2011-08-29
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/55992
    titleSunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    
    include("compat.inc");
    
    
    if (description)
    {
      script_id(55992);
      script_version("1.17");
      script_cvs_date("Date: 2018/07/31 17:27:54");
    
      script_cve_id(
        "CVE-2000-0525",
        "CVE-2000-1169",
        "CVE-2001-0361",
        "CVE-2001-0529",
        "CVE-2001-0572",
        "CVE-2001-0816",
        "CVE-2001-0872",
        "CVE-2001-1380",
        "CVE-2001-1382",
        "CVE-2001-1459",
        "CVE-2001-1507",
        "CVE-2001-1585",
        "CVE-2002-0083",
        "CVE-2002-0575",
        "CVE-2002-0639",
        "CVE-2002-0640",
        "CVE-2002-0765",
        "CVE-2003-0190",
        "CVE-2003-0386",
        "CVE-2003-0682",
        "CVE-2003-0693",
        "CVE-2003-0695",
        "CVE-2003-0786",
        "CVE-2003-0787",
        "CVE-2003-1562",
        "CVE-2004-0175",
        "CVE-2004-1653",
        "CVE-2004-2069",
        "CVE-2004-2760",
        "CVE-2005-2666",
        "CVE-2005-2797",
        "CVE-2005-2798",
        "CVE-2006-0225",
        "CVE-2006-4924",
        "CVE-2006-4925",
        "CVE-2006-5051",
        "CVE-2006-5052",
        "CVE-2006-5229",
        "CVE-2006-5794",
        "CVE-2007-2243",
        "CVE-2007-2768",
        "CVE-2007-3102",
        "CVE-2007-4752",
        "CVE-2008-1483",
        "CVE-2008-1657",
        "CVE-2008-3259",
        "CVE-2008-4109",
        "CVE-2008-5161"
      );
      script_bugtraq_id(32319);
      script_xref(name:"CERT", value:"958563");
    
      script_name(english:"SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure");
      script_summary(english:"Checks SSH banner");
    
      script_set_attribute(
        attribute:"synopsis",
        value:
    "The SSH service running on the remote host has an information
    disclosure vulnerability."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "The version of SunSSH running on the remote host has an information
    disclosure vulnerability.  A design flaw in the SSH specification
    could allow a man-in-the-middle attacker to recover up to 32 bits of
    plaintext from an SSH-protected connection in the standard
    configuration.  An attacker could exploit this to gain access to
    sensitive information.
    
    Note that this version of SunSSH is also prone to several additional
    issues but Nessus did not test for them." );
    
      # http://web.archive.org/web/20090523091544/http://www.cpni.gov.uk/docs/vulnerability_advisory_ssh.txt
      script_set_attribute(attribute:"see_also",value:"http://www.nessus.org/u?4984aeb9");
      # http://hub.opensolaris.org/bin/view/Community+Group+security/SSH#HHistoryofSunSSH
      script_set_attribute(attribute:"see_also",value:"http://www.nessus.org/u?b679208a");
      script_set_attribute(attribute:"see_also",value:"http://blogs.oracle.com/janp/entry/on_sunssh_versioning");
      script_set_attribute(
        attribute:"solution",
        value:"Upgrade to SunSSH 1.1.1 / 1.3 or later"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(16, 20, 22, 189, 200, 255, 264, 287, 310, 362, 399);
      script_set_attribute(attribute:"vuln_publication_date",value:"2008/11/17");
      script_set_attribute(attribute:"patch_publication_date",value:"2008/12/11");
      script_set_attribute(attribute:"plugin_publication_date",value:"2011/08/29");
      script_set_attribute(attribute:"plugin_type",value:"remote");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Misc.");
    
      script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");
    
      script_dependencies("ssh_detect.nasl");
      script_require_ports("Services/ssh");
    
      exit(0);
    }
    
    include("global_settings.inc");
    include("misc_func.inc");
    
    # Ensure the port is open.
    port = get_service(svc:"ssh", default:22, exit_on_fail:TRUE);
    
    # Get banner for service.
    banner = get_kb_item_or_exit("SSH/banner/" + port);
    
    # Check that we're using SunSSH.
    if ('sun_ssh' >!< tolower(banner))
      exit(0, "The SSH service on port " + port + " is not SunSSH.");
    
    # Check the version in the banner.
    match = eregmatch(string:banner, pattern:"sun_ssh[-_]([0-9.]+)$", icase:TRUE);
    if (isnull(match))
      exit(1, "Could not parse the version string from the banner on port " + port + ".");
    else
      version = match[1];
    
    # the Oracle (Sun) blog above explains how the versioning works. we could
    # probably explicitly check for each vulnerable version if it came down to it
    if (
      ver_compare(ver:version, fix:'1.1.1', strict:FALSE) == -1 ||
      version == '1.2'
    )
    {
      if (report_verbosity > 0)
      {
        report =
          '\n  Version source    : ' + banner +
          '\n  Installed version : ' + version +
          '\n  Fixed version     : 1.1.1 / 1.3\n';
        security_hole(port:port, extra:report);
      }
      else security_hole(port);
    }
    else exit(0, "The SunSSH server on port "+port+" is not affected as it's version "+version+".");
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2001-092.NASL
    descriptionThe new OpenSSH 3.0.2 fixes a vulnerability in the UseLogin option. By default, Mandrake Linux does not enable UseLogin, but if the administrator enables it, local users are able to pass environment variables to the login process. This update also fixes a security hole in the KerberosV support that is present in versions 2.9.9 and 3.0.0.
    last seen2020-06-01
    modified2020-06-02
    plugin id13905
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13905
    titleMandrake Linux Security Advisory : openssh (MDKSA-2001:092)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2001:092. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(13905);
      script_version ("1.18");
      script_cvs_date("Date: 2019/08/02 13:32:46");
    
      script_cve_id("CVE-2001-0872");
      script_bugtraq_id(3614);
      script_xref(name:"CERT", value:"157447");
      script_xref(name:"MDKSA", value:"2001:092");
    
      script_name(english:"Mandrake Linux Security Advisory : openssh (MDKSA-2001:092)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandrake Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The new OpenSSH 3.0.2 fixes a vulnerability in the UseLogin option. By
    default, Mandrake Linux does not enable UseLogin, but if the
    administrator enables it, local users are able to pass environment
    variables to the login process. This update also fixes a security hole
    in the KerberosV support that is present in versions 2.9.9 and 3.0.0."
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openssh");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openssh-askpass");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openssh-askpass-gnome");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openssh-clients");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openssh-server");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:7.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:7.2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2001/12/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK7.1", cpu:"i386", reference:"openssh-3.0.2p1-1.4mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK7.1", cpu:"i386", reference:"openssh-askpass-3.0.2p1-1.4mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK7.1", cpu:"i386", reference:"openssh-askpass-gnome-3.0.2p1-1.4mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK7.1", cpu:"i386", reference:"openssh-clients-3.0.2p1-1.4mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK7.1", cpu:"i386", reference:"openssh-server-3.0.2p1-1.4mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"openssh-3.0.2p1-1.3mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"openssh-askpass-3.0.2p1-1.3mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"openssh-askpass-gnome-3.0.2p1-1.3mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"openssh-clients-3.0.2p1-1.3mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"openssh-server-3.0.2p1-1.3mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"openssh-3.0.2p1-1.2mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"openssh-askpass-3.0.2p1-1.2mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"openssh-askpass-gnome-3.0.2p1-1.2mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"openssh-clients-3.0.2p1-1.2mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"openssh-server-3.0.2p1-1.2mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"openssh-3.0.2p1-1.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"openssh-askpass-3.0.2p1-1.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"openssh-askpass-gnome-3.0.2p1-1.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"openssh-clients-3.0.2p1-1.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"openssh-server-3.0.2p1-1.1mdk", yank:"mdk")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    

Redhat

advisories
rhsa
idRHSA-2001:161