Vulnerabilities > CVE-2009-1250 - Numeric Errors vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1768.NASL description Two vulnerabilities were discovered in the client part of OpenAFS, a distributed file system. - CVE-2009-1251 An attacker with control of a file server or the ability to forge RX packets may be able to execute arbitrary code in kernel mode on an OpenAFS client, due to a vulnerability in XDR array decoding. - CVE-2009-1250 An attacker with control of a file server or the ability to forge RX packets may crash OpenAFS clients because of wrongly handled error return codes in the kernel module. Note that in order to apply this security update, you must rebuild the OpenAFS kernel module. Be sure to also upgrade openafs-modules-source, build a new kernel module for your system following the instructions in /usr/share/doc/openafs-client/README.modules.gz, and then either stop and restart openafs-client or reboot the system to reload the kernel module. last seen 2020-06-01 modified 2020-06-02 plugin id 36135 published 2009-04-11 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36135 title Debian DSA-1768-1 : openafs - several vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-1768. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(36135); script_version("1.15"); script_cvs_date("Date: 2019/08/02 13:32:21"); script_cve_id("CVE-2009-1250", "CVE-2009-1251"); script_bugtraq_id(34404, 34407); script_xref(name:"DSA", value:"1768"); script_name(english:"Debian DSA-1768-1 : openafs - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Two vulnerabilities were discovered in the client part of OpenAFS, a distributed file system. - CVE-2009-1251 An attacker with control of a file server or the ability to forge RX packets may be able to execute arbitrary code in kernel mode on an OpenAFS client, due to a vulnerability in XDR array decoding. - CVE-2009-1250 An attacker with control of a file server or the ability to forge RX packets may crash OpenAFS clients because of wrongly handled error return codes in the kernel module. Note that in order to apply this security update, you must rebuild the OpenAFS kernel module. Be sure to also upgrade openafs-modules-source, build a new kernel module for your system following the instructions in /usr/share/doc/openafs-client/README.modules.gz, and then either stop and restart openafs-client or reboot the system to reload the kernel module." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-1251" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-1250" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2009/dsa-1768" ); script_set_attribute( attribute:"solution", value: "Upgrade the openafs packages. For the old stable distribution (etch), these problems have been fixed in version 1.4.2-6etch2. For the stable distribution (lenny), these problems have been fixed in version 1.4.7.dfsg1-6+lenny1." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(119, 189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openafs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0"); script_set_attribute(attribute:"patch_publication_date", value:"2009/04/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"4.0", prefix:"libopenafs-dev", reference:"1.4.2-6etch2")) flag++; if (deb_check(release:"4.0", prefix:"libpam-openafs-kaserver", reference:"1.4.2-6etch2")) flag++; if (deb_check(release:"4.0", prefix:"openafs-client", reference:"1.4.2-6etch2")) flag++; if (deb_check(release:"4.0", prefix:"openafs-dbg", reference:"1.4.2-6etch2")) flag++; if (deb_check(release:"4.0", prefix:"openafs-dbserver", reference:"1.4.2-6etch2")) flag++; if (deb_check(release:"4.0", prefix:"openafs-doc", reference:"1.4.2-6etch2")) flag++; if (deb_check(release:"4.0", prefix:"openafs-fileserver", reference:"1.4.2-6etch2")) flag++; if (deb_check(release:"4.0", prefix:"openafs-kpasswd", reference:"1.4.2-6etch2")) flag++; if (deb_check(release:"4.0", prefix:"openafs-krb5", reference:"1.4.2-6etch2")) flag++; if (deb_check(release:"4.0", prefix:"openafs-modules-source", reference:"1.4.2-6etch2")) flag++; if (deb_check(release:"5.0", prefix:"libopenafs-dev", reference:"1.4.7.dfsg1-6+lenny1")) flag++; if (deb_check(release:"5.0", prefix:"libpam-openafs-kaserver", reference:"1.4.7.dfsg1-6+lenny1")) flag++; if (deb_check(release:"5.0", prefix:"openafs-client", reference:"1.4.7.dfsg1-6+lenny1")) flag++; if (deb_check(release:"5.0", prefix:"openafs-dbg", reference:"1.4.7.dfsg1-6+lenny1")) flag++; if (deb_check(release:"5.0", prefix:"openafs-dbserver", reference:"1.4.7.dfsg1-6+lenny1")) flag++; if (deb_check(release:"5.0", prefix:"openafs-doc", reference:"1.4.7.dfsg1-6+lenny1")) flag++; if (deb_check(release:"5.0", prefix:"openafs-fileserver", reference:"1.4.7.dfsg1-6+lenny1")) flag++; if (deb_check(release:"5.0", prefix:"openafs-kpasswd", reference:"1.4.7.dfsg1-6+lenny1")) flag++; if (deb_check(release:"5.0", prefix:"openafs-krb5", reference:"1.4.7.dfsg1-6+lenny1")) flag++; if (deb_check(release:"5.0", prefix:"openafs-modules-source", reference:"1.4.7.dfsg1-6+lenny1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201404-05.NASL description The remote host is affected by the vulnerability described in GLSA-201404-05 (OpenAFS: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenAFS. Please review the CVE identifiers referenced below for details. Impact : An attacker could potentially execute arbitrary code with the permissions of the user running the AFS server, cause a Denial of Service condition, or gain access to sensitive information. Additionally, an attacker could compromise a cell’s private key, allowing them to impersonate any user in the cell. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 73394 published 2014-04-08 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73394 title GLSA-201404-05 : OpenAFS: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201404-05. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(73394); script_version("1.6"); script_cvs_date("Date: 2018/07/12 19:01:15"); script_cve_id("CVE-2009-1250", "CVE-2009-1251", "CVE-2011-0430", "CVE-2011-0431", "CVE-2013-1794", "CVE-2013-1795", "CVE-2013-4134", "CVE-2013-4135"); script_bugtraq_id(34404, 34407, 46428, 58299, 58300, 61438, 61439); script_xref(name:"GLSA", value:"201404-05"); script_name(english:"GLSA-201404-05 : OpenAFS: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201404-05 (OpenAFS: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenAFS. Please review the CVE identifiers referenced below for details. Impact : An attacker could potentially execute arbitrary code with the permissions of the user running the AFS server, cause a Denial of Service condition, or gain access to sensitive information. Additionally, an attacker could compromise a cell’s private key, allowing them to impersonate any user in the cell. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201404-05" ); script_set_attribute( attribute:"solution", value: "All OpenAFS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-fs/openafs-1.6.5'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(119, 189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:openafs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2014/04/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"net-fs/openafs", unaffected:make_list("ge 1.6.5"), vulnerable:make_list("lt 1.6.5"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "OpenAFS"); }NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-099.NASL description Multiple vulnerabilities has been found and corrected in openafs : The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro (CVE-2009-1250). Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays (CVE-2009-1251). The updated packages have been patched to correct these issues. Update : Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers last seen 2020-06-01 modified 2020-06-02 plugin id 38192 published 2009-04-28 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38192 title Mandriva Linux Security Advisory : openafs (MDVSA-2009:099-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2009:099. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(38192); script_version ("1.17"); script_cvs_date("Date: 2019/08/02 13:32:51"); script_cve_id("CVE-2009-1250", "CVE-2009-1251"); script_bugtraq_id(34404, 34407); script_xref(name:"MDVSA", value:"2009:099-1"); script_name(english:"Mandriva Linux Security Advisory : openafs (MDVSA-2009:099-1)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Multiple vulnerabilities has been found and corrected in openafs : The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro (CVE-2009-1250). Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays (CVE-2009-1251). The updated packages have been patched to correct these issues. Update : Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(119, 189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:dkms-libafs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64openafs1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64openafs1-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libopenafs1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libopenafs1-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openafs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openafs-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openafs-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openafs-server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0"); script_set_attribute(attribute:"patch_publication_date", value:"2009/12/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/28"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2008.0", reference:"dkms-libafs-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64openafs1-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64openafs1-devel-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libopenafs1-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libopenafs1-devel-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"openafs-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"openafs-client-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"openafs-doc-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"openafs-server-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201101-05.NASL description The remote host is affected by the vulnerability described in GLSA-201101-05 (OpenAFS: Arbitrary code execution) Two vulnerabilities were discovered: Simon Wilkinson discovered from a bug report by Toby Blake that the cache manager of OpenAFS contains a heap-based buffer overflow which is related to the use of the ERR_PTR macro (CVE-2009-1250). A pointer dereference bug when using XDR arrays was discovered by Simon Wilkinson, with assistance from Derrick Brashear and Jeffrey Altman. (CVE-2009-1251). Impact : The vulnerabilities might allow remote unauthenticated attackers to cause a Denial of Service (system crash) and possibly execute arbitrary code. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 51535 published 2011-01-17 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51535 title GLSA-201101-05 : OpenAFS: Arbitrary code execution code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201101-05. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(51535); script_version("1.9"); script_cvs_date("Date: 2018/08/10 18:07:07"); script_cve_id("CVE-2009-1250", "CVE-2009-1251"); script_xref(name:"GLSA", value:"201101-05"); script_name(english:"GLSA-201101-05 : OpenAFS: Arbitrary code execution"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201101-05 (OpenAFS: Arbitrary code execution) Two vulnerabilities were discovered: Simon Wilkinson discovered from a bug report by Toby Blake that the cache manager of OpenAFS contains a heap-based buffer overflow which is related to the use of the ERR_PTR macro (CVE-2009-1250). A pointer dereference bug when using XDR arrays was discovered by Simon Wilkinson, with assistance from Derrick Brashear and Jeffrey Altman. (CVE-2009-1251). Impact : The vulnerabilities might allow remote unauthenticated attackers to cause a Denial of Service (system crash) and possibly execute arbitrary code. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201101-05" ); script_set_attribute( attribute:"solution", value: "All OpenAFS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-fs/openafs-1.4.9'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(119, 189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:openafs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/01/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"net-fs/openafs", unaffected:make_list("ge 1.4.9"), vulnerable:make_list("lt 1.4.9"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "OpenAFS"); }NASL family Scientific Linux Local Security Checks NASL id SL_20090430_OPENAFS_ON_SL3_X.NASL description An attacker with control of a fileserver, or the ability to forge RX packets, can crash the cache manager, and hence the kernel, of affected Linux AFS clients. (CVE-2009-1250) An attacker with control of a fileserver, or the ability to forge RX packets, can crash the cache manager, and hence the kernel, of any Unix AFS client. It may be possible for an attacker to cause the kernel to execute arbitrary code. (CVE-2009-1251) The Scientific Linux Team has backported the patches to the stable version of openafs for SL3, SL4 and SL5. openafs must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 60579 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60579 title Scientific Linux Security Update : openafs on SL3.x, SL4.x, SL5.x i386/x86_64 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(60579); script_version("1.5"); script_cvs_date("Date: 2019/10/25 13:36:18"); script_cve_id("CVE-2009-1250", "CVE-2009-1251"); script_name(english:"Scientific Linux Security Update : openafs on SL3.x, SL4.x, SL5.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An attacker with control of a fileserver, or the ability to forge RX packets, can crash the cache manager, and hence the kernel, of affected Linux AFS clients. (CVE-2009-1250) An attacker with control of a fileserver, or the ability to forge RX packets, can crash the cache manager, and hence the kernel, of any Unix AFS client. It may be possible for an attacker to cause the kernel to execute arbitrary code. (CVE-2009-1251) The Scientific Linux Team has backported the patches to the stable version of openafs for SL3, SL4 and SL5. openafs must be restarted for the update to take effect." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0904&L=scientific-linux-errata&T=0&P=3574 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?95ee4c62" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(119, 189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2009/04/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-52.EL-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-52.ELsmp-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-53.EL-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-53.ELsmp-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-57.EL-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-57.ELsmp-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-58.EL-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-58.ELsmp-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"openafs-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"openafs-client-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"openafs-compat-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"openafs-debug-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"openafs-devel-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"openafs-kernel-source-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"openafs-kpasswd-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"openafs-krb5-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL3", reference:"openafs-server-1.2.13-15.18.SL")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-11.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-11.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-11.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-22.0.1.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-22.0.1.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-22.0.1.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-22.0.2.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-22.0.2.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-22.0.2.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-22.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-22.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-22.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-34.0.1.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-34.0.1.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-34.0.1.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-34.0.2.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-34.0.2.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-34.0.2.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-34.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-34.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-34.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-34.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.10.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-42.0.10.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-42.0.10.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.10.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.2.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-42.0.2.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-42.0.2.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.2.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.3.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-42.0.3.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-42.0.3.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.3.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.8.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-42.0.8.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-42.0.8.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.8.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-42.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-42.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-5.0.5.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-5.0.5.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.12.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-55.0.12.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-55.0.12.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.12.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.12.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.2.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-55.0.2.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-55.0.2.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.2.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.2.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.6.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-55.0.6.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-55.0.6.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.6.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.6.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.9.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-55.0.9.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-55.0.9.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.9.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.9.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-55.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-55.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.1.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.0.1.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.0.1.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.1.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.1.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.15.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.0.15.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.0.15.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.15.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.15.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.20.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.0.20.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.0.20.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.20.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.20.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.22.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.0.22.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.0.22.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.22.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.22.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.4.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.0.4.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.0.4.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.4.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.4.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.7.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.0.7.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.0.7.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.7.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.7.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.1.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-78.0.1.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-78.0.1.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.1.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.1.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.13.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-78.0.13.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-78.0.13.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.13.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.13.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.17.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-78.0.17.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-78.0.17.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.17.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.17.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.5.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-78.0.5.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-78.0.5.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.5.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.5.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.8.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-78.0.8.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-78.0.8.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.8.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.8.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.EL-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-78.ELhugemem-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-78.ELlargesmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.ELsmp-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.ELxenU-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"openafs-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"openafs-authlibs-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"openafs-authlibs-devel-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"openafs-client-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"openafs-compat-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"openafs-debug-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"openafs-devel-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"openafs-kernel-source-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"openafs-kpasswd-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"openafs-krb5-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL4", reference:"openafs-server-1.4.7-68.2.SL4")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-128.1.1.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-128.1.1.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-128.1.1.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-128.1.6.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-128.1.6.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-128.1.6.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-128.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-128.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-128.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.13.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.1.13.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.13.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.14.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.1.14.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.14.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.19.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.1.19.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.19.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.21.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.1.21.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.21.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.4.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.1.4.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.4.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.6.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.1.6.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.6.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.10.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.10.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.10.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.14.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.14.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.14.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.15.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.15.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.15.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.3.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.3.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.3.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.4.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.4.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.4.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.6.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.6.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.6.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.8.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.8.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.8.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.1.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.1.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.1.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.10.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.10.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.10.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.13.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.13.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.13.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.17.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.17.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.17.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.18.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.18.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.18.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.22.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.22.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.22.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.6.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.6.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.6.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.el5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.el5PAE-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.el5xen-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"openafs-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"openafs-authlibs-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"openafs-authlibs-devel-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"openafs-client-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"openafs-compat-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"openafs-debug-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"openafs-devel-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"openafs-kernel-source-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"openafs-kpasswd-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"openafs-krb5-1.4.7-68.2.SL5")) flag++; if (rpm_check(release:"SL5", reference:"openafs-server-1.4.7-68.2.SL5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 34404 CVE(CAN) ID: CVE-2009-1250 OpenAFS是一套开放源代码的分布式文件系统,允许系统之间通过局域和广域网来分享档案和资源。 OpenAFS客户端可能会使用一套将出错代码和指针合并为一个单个值的机制将从文件服务器获得的错误代码直接传送给Linux内核,但这套机制无法区分某些指针的出错代码。当AFS向内核返回这种类型的代码时,内核会将其处理为指针并试图引用。如果攻击者伪造了已有文件服务器的响应或诱骗用户访问了受控的文件服务器,就可以导致客户端崩溃。 OpenAFS OpenAFS 1.5.0 - 1.5.58 OpenAFS OpenAFS 1.0 - 1.4.8 OpenAFS ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://www.openafs.org/security/openafs-sa-2009-002.patch target=_blank rel=external nofollow>http://www.openafs.org/security/openafs-sa-2009-002.patch</a> |
| id | SSV:5026 |
| last seen | 2017-11-19 |
| modified | 2009-04-10 |
| published | 2009-04-10 |
| reporter | Root |
| title | OpenAFS出错代码远程拒绝服务漏洞 |
References
- http://secunia.com/advisories/34655
- http://secunia.com/advisories/34684
- http://secunia.com/advisories/36310
- http://secunia.com/advisories/42896
- http://security.gentoo.org/glsa/glsa-201101-05.xml
- http://www.debian.org/security/2009/dsa-1768
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:099
- http://www.openafs.org/security/openafs-sa-2009-002.patch
- http://www.openafs.org/security/OPENAFS-SA-2009-002.txt
- http://www.securityfocus.com/bid/34404
- http://www.vupen.com/english/advisories/2009/0984
- http://www.vupen.com/english/advisories/2011/0117
- http://www-01.ibm.com/support/docview.wss?uid=swg21396389
- http://www-1.ibm.com/support/docview.wss?uid=swg1ID71123