Vulnerabilities > CVE-2008-3949 - Unspecified vulnerability in Suse Linux

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
suse
nessus

Summary

emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file.

Vulnerable Configurations

Part Description Count
OS
Suse
1

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200902-06.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200902-06 (GNU Emacs, XEmacs: Multiple vulnerabilities) Morten Welinder reports about GNU Emacs and edit-utils in XEmacs: By shipping a .flc accompanying a source file (.c for example) and setting font-lock-support-mode to fast-lock-mode in the source file through local variables, any Lisp code in the .flc file is executed without warning (CVE-2008-2142). Romain Francoise reported a security risk in a feature of GNU Emacs related to interacting with Python. The vulnerability arises because Python, by default, prepends the current directory to the module search path, allowing for arbitrary code execution when launched from a specially crafted directory (CVE-2008-3949). Impact : Remote attackers could entice a user to open a specially crafted file in GNU Emacs, possibly leading to the execution of arbitrary Emacs Lisp code or arbitrary Python code with the privileges of the user running GNU Emacs or XEmacs. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id35732
    published2009-02-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35732
    titleGLSA-200902-06 : GNU Emacs, XEmacs: Multiple vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 200902-06.
    #
    # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(35732);
      script_version("1.15");
      script_cvs_date("Date: 2019/08/02 13:32:45");
    
      script_cve_id("CVE-2008-2142", "CVE-2008-3949");
      script_bugtraq_id(29176);
      script_xref(name:"GLSA", value:"200902-06");
    
      script_name(english:"GLSA-200902-06 : GNU Emacs, XEmacs: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-200902-06
    (GNU Emacs, XEmacs: Multiple vulnerabilities)
    
        Morten Welinder reports about GNU Emacs and edit-utils in XEmacs: By
        shipping a .flc accompanying a source file (.c for example) and setting
        font-lock-support-mode to fast-lock-mode in the source file through
        local variables, any Lisp code in the .flc file is executed without
        warning (CVE-2008-2142).
        Romain Francoise reported a security risk in a feature of GNU Emacs
        related to interacting with Python. The vulnerability arises because
        Python, by default, prepends the current directory to the module search
        path, allowing for arbitrary code execution when launched from a
        specially crafted directory (CVE-2008-3949).
      
    Impact :
    
        Remote attackers could entice a user to open a specially crafted file
        in GNU Emacs, possibly leading to the execution of arbitrary Emacs Lisp
        code or arbitrary Python code with the privileges of the user running
        GNU Emacs or XEmacs.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200902-06"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All GNU Emacs users should upgrade to the latest version:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=app-editors/emacs-22.2-r3'
        All edit-utils users should upgrade to the latest version:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=app-xemacs/edit-utils-2.39'"
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:edit-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:emacs");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/02/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/02/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"app-editors/emacs", unaffected:make_list("ge 22.2-r3", "rge 21.4-r17", "lt 19"), vulnerable:make_list("lt 22.2-r3"))) flag++;
    if (qpkg_check(package:"app-xemacs/edit-utils", unaffected:make_list("ge 2.39"), vulnerable:make_list("lt 2.39"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "GNU Emacs / XEmacs");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-216.NASL
    descriptionA vulnerability was found in how Emacs would import python scripts from the current working directory during the editing of a python file. This could allow a local user to execute arbitrary code via a trojan python file (CVE-2008-3949).
    last seen2020-06-01
    modified2020-06-02
    plugin id37477
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/37477
    titleMandriva Linux Security Advisory : emacs (MDVSA-2008:216)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2008:216. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(37477);
      script_version ("1.13");
      script_cvs_date("Date: 2019/08/02 13:32:50");
    
      script_cve_id("CVE-2008-3949");
      script_xref(name:"MDVSA", value:"2008:216");
    
      script_name(english:"Mandriva Linux Security Advisory : emacs (MDVSA-2008:216)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A vulnerability was found in how Emacs would import python scripts
    from the current working directory during the editing of a python
    file. This could allow a local user to execute arbitrary code via a
    trojan python file (CVE-2008-3949)."
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:emacs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:emacs-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:emacs-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:emacs-el");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:emacs-gtk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:emacs-leim");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:emacs-nox");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/10/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2008.0", reference:"emacs-22.1-5.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"emacs-common-22.1-5.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"emacs-doc-22.1-5.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"emacs-el-22.1-5.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"emacs-gtk-22.1-5.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"emacs-leim-22.1-5.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"emacs-nox-22.1-5.4mdv2008.0", yank:"mdv")) flag++;
    
    if (rpm_check(release:"MDK2008.1", reference:"emacs-22.1-7.3mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.1", reference:"emacs-common-22.1-7.3mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.1", reference:"emacs-doc-22.1-7.3mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.1", reference:"emacs-el-22.1-7.3mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.1", reference:"emacs-gtk-22.1-7.3mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.1", reference:"emacs-leim-22.1-7.3mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.1", reference:"emacs-nox-22.1-7.3mdv2008.1", yank:"mdv")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_EMACS-080912.NASL
    descriptionWhen editing Python files Emacs accidentally imported other Python script in the current directory (CVE-2008-3949).
    last seen2020-06-01
    modified2020-06-02
    plugin id39954
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/39954
    titleopenSUSE Security Update : emacs (emacs-190)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update emacs-190.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(39954);
      script_version("1.11");
      script_cvs_date("Date: 2019/10/25 13:36:31");
    
      script_cve_id("CVE-2008-3949");
    
      script_name(english:"openSUSE Security Update : emacs (emacs-190)");
      script_summary(english:"Check for the emacs-190 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "When editing Python files Emacs accidentally imported other Python
    script in the current directory (CVE-2008-3949)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=424340"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected emacs packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:emacs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:emacs-el");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:emacs-info");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:emacs-nox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:emacs-x11");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/09/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.0", reference:"emacs-22.2-24.2") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"emacs-el-22.2-24.2") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"emacs-info-22.2-24.2") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"emacs-nox-22.2-24.2") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"emacs-x11-22.2-24.2") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "emacs / emacs-el / emacs-info / emacs-nox / emacs-x11");
    }
    
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_66657BD5AC9211DDB541001F3B19D541.NASL
    descriptionEmacs developers report : The Emacs command `run-python
    last seen2020-06-01
    modified2020-06-02
    plugin id34732
    published2008-11-11
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34732
    titleFreeBSD : emacs -- run-python vulnerability (66657bd5-ac92-11dd-b541-001f3b19d541)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from the FreeBSD VuXML database :
    #
    # Copyright 2003-2018 Jacques Vidrine and contributors
    #
    # Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
    # HTML, PDF, PostScript, RTF and so forth) with or without modification,
    # are permitted provided that the following conditions are met:
    # 1. Redistributions of source code (VuXML) must retain the above
    #    copyright notice, this list of conditions and the following
    #    disclaimer as the first lines of this file unmodified.
    # 2. Redistributions in compiled form (transformed to other DTDs,
    #    published online in any format, converted to PDF, PostScript,
    #    RTF and other formats) must reproduce the above copyright
    #    notice, this list of conditions and the following disclaimer
    #    in the documentation and/or other materials provided with the
    #    distribution.
    # 
    # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
    # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
    # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
    # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
    # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
    # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
    # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(34732);
      script_version("1.14");
      script_cvs_date("Date: 2019/08/02 13:32:39");
    
      script_cve_id("CVE-2008-3949");
    
      script_name(english:"FreeBSD : emacs -- run-python vulnerability (66657bd5-ac92-11dd-b541-001f3b19d541)");
      script_summary(english:"Checks for updated package in pkg_info output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote FreeBSD host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Emacs developers report :
    
    The Emacs command `run-python' launches an interactive Python
    interpreter. After the Python process starts up, Emacs automatically
    sends it the line :
    
    import emacs
    
    which normally imports a script named emacs.py which is distributed
    with Emacs. This script, which is typically located in a
    write-protected installation directory with other Emacs program files,
    defines various functions to help the Python process communicate with
    Emacs.
    
    The vulnerability arises because Python, by default, prepends '' to
    the module search path, so modules are looked for in the current
    directory. If the current directory is world-writable, an attacker may
    insert malicious code by adding a fake Python module named emacs.py
    into that directory."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://lists.gnu.org/archive/html/emacs-devel/2008-09/msg00215.html"
      );
      # https://vuxml.freebsd.org/freebsd/66657bd5-ac92-11dd-b541-001f3b19d541.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?5d5628a7"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected package.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:emacs");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2008/09/05");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/11/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/11/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"FreeBSD Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("freebsd_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
    if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (pkg_test(save_report:TRUE, pkg:"emacs>=22<=22.2_1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_EMACS-5597.NASL
    descriptionWhen editing Python files Emacs accidentally imported other Python script in the current directory (CVE-2008-3949).
    last seen2020-06-01
    modified2020-06-02
    plugin id34213
    published2008-09-16
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34213
    titleopenSUSE 10 Security Update : emacs (emacs-5597)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update emacs-5597.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(34213);
      script_version ("1.9");
      script_cvs_date("Date: 2019/10/25 13:36:32");
    
      script_cve_id("CVE-2008-3949");
    
      script_name(english:"openSUSE 10 Security Update : emacs (emacs-5597)");
      script_summary(english:"Check for the emacs-5597 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "When editing Python files Emacs accidentally imported other Python
    script in the current directory (CVE-2008-3949)."
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected emacs packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:emacs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:emacs-el");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:emacs-info");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:emacs-nox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:emacs-x11");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/09/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/09/16");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE10.3", reference:"emacs-22.1-40.12") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"emacs-el-22.1-40.12") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"emacs-info-22.1-40.12") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"emacs-nox-22.1-40.12") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"emacs-x11-22.1-40.12") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "emacs / emacs-el / emacs-info / emacs-nox / emacs-x11");
    }
    

Statements

contributorJoshua Bressers
lastmodified2017-08-07
organizationRed Hat
statementNot vulnerable. This issue did not affect the versions of the emacs package, as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.