Vulnerabilities > CVE-2006-0803

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
novell
suse
nessus

Summary

The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used.

Vulnerable Configurations

Part Description Count
OS
Novell
1
OS
Suse
1

Nessus

NASL familySuSE Local Security Checks
NASL idSUSE9_10892.NASL
descriptionGPG signed files were checked by YAST using a method of GPG that was not using correct signature verification methods. This is tracked by the Mitre CVE ID CVE-2006-0803.
last seen2020-06-01
modified2020-06-02
plugin id41087
published2009-09-24
reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/41087
titleSuSE9 Security Update : liby2util (YOU Patch Number 10892)
code
#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

include("compat.inc");

if (description)
{
  script_id(41087);
  script_version("1.7");
  script_cvs_date("Date: 2019/10/25 13:36:28");

  script_cve_id("CVE-2006-0803");

  script_name(english:"SuSE9 Security Update : liby2util (YOU Patch Number 10892)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 9 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"GPG signed files were checked by YAST using a method of GPG that was
not using correct signature verification methods.

This is tracked by the Mitre CVE ID CVE-2006-0803."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2006-0803/"
  );
  script_set_attribute(attribute:"solution", value:"Apply YOU patch number 10892.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2006/02/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SUSE9", reference:"liby2util-2.9.27-0.7")) flag++;
if (rpm_check(release:"SUSE9", reference:"liby2util-devel-2.9.27-0.7")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else exit(0, "The host is not affected.");