Vulnerabilities > CVE-2009-1251 - Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
unix
openafs
CWE-119
critical
nessus
NVD
Published: 2009-04-09
Updated: 2011-01-26

Summary

Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays.

Vulnerable Configurations

Part Description Count
OS
Unix
1
Application
Openafs
71

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1768.NASL
    descriptionTwo vulnerabilities were discovered in the client part of OpenAFS, a distributed file system. - CVE-2009-1251 An attacker with control of a file server or the ability to forge RX packets may be able to execute arbitrary code in kernel mode on an OpenAFS client, due to a vulnerability in XDR array decoding. - CVE-2009-1250 An attacker with control of a file server or the ability to forge RX packets may crash OpenAFS clients because of wrongly handled error return codes in the kernel module. Note that in order to apply this security update, you must rebuild the OpenAFS kernel module. Be sure to also upgrade openafs-modules-source, build a new kernel module for your system following the instructions in /usr/share/doc/openafs-client/README.modules.gz, and then either stop and restart openafs-client or reboot the system to reload the kernel module.
    last seen2020-06-01
    modified2020-06-02
    plugin id36135
    published2009-04-11
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/36135
    titleDebian DSA-1768-1 : openafs - several vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-1768. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include("compat.inc");

if (description)
{
  script_id(36135);
  script_version("1.15");
  script_cvs_date("Date: 2019/08/02 13:32:21");

  script_cve_id("CVE-2009-1250", "CVE-2009-1251");
  script_bugtraq_id(34404, 34407);
  script_xref(name:"DSA", value:"1768");

  script_name(english:"Debian DSA-1768-1 : openafs - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Two vulnerabilities were discovered in the client part of OpenAFS, a
distributed file system.

  - CVE-2009-1251
    An attacker with control of a file server or the ability
    to forge RX packets may be able to execute arbitrary
    code in kernel mode on an OpenAFS client, due to a
    vulnerability in XDR array decoding.

  - CVE-2009-1250
    An attacker with control of a file server or the ability
    to forge RX packets may crash OpenAFS clients because of
    wrongly handled error return codes in the kernel module.

Note that in order to apply this security update, you must rebuild the
OpenAFS kernel module. Be sure to also upgrade openafs-modules-source,
build a new kernel module for your system following the instructions
in /usr/share/doc/openafs-client/README.modules.gz, and then either
stop and restart openafs-client or reboot the system to reload the
kernel module."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2009-1251"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2009-1250"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2009/dsa-1768"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the openafs packages.

For the old stable distribution (etch), these problems have been fixed
in version 1.4.2-6etch2.

For the stable distribution (lenny), these problems have been fixed in
version 1.4.7.dfsg1-6+lenny1."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(119, 189);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openafs");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/04/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/11");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"4.0", prefix:"libopenafs-dev", reference:"1.4.2-6etch2")) flag++;
if (deb_check(release:"4.0", prefix:"libpam-openafs-kaserver", reference:"1.4.2-6etch2")) flag++;
if (deb_check(release:"4.0", prefix:"openafs-client", reference:"1.4.2-6etch2")) flag++;
if (deb_check(release:"4.0", prefix:"openafs-dbg", reference:"1.4.2-6etch2")) flag++;
if (deb_check(release:"4.0", prefix:"openafs-dbserver", reference:"1.4.2-6etch2")) flag++;
if (deb_check(release:"4.0", prefix:"openafs-doc", reference:"1.4.2-6etch2")) flag++;
if (deb_check(release:"4.0", prefix:"openafs-fileserver", reference:"1.4.2-6etch2")) flag++;
if (deb_check(release:"4.0", prefix:"openafs-kpasswd", reference:"1.4.2-6etch2")) flag++;
if (deb_check(release:"4.0", prefix:"openafs-krb5", reference:"1.4.2-6etch2")) flag++;
if (deb_check(release:"4.0", prefix:"openafs-modules-source", reference:"1.4.2-6etch2")) flag++;
if (deb_check(release:"5.0", prefix:"libopenafs-dev", reference:"1.4.7.dfsg1-6+lenny1")) flag++;
if (deb_check(release:"5.0", prefix:"libpam-openafs-kaserver", reference:"1.4.7.dfsg1-6+lenny1")) flag++;
if (deb_check(release:"5.0", prefix:"openafs-client", reference:"1.4.7.dfsg1-6+lenny1")) flag++;
if (deb_check(release:"5.0", prefix:"openafs-dbg", reference:"1.4.7.dfsg1-6+lenny1")) flag++;
if (deb_check(release:"5.0", prefix:"openafs-dbserver", reference:"1.4.7.dfsg1-6+lenny1")) flag++;
if (deb_check(release:"5.0", prefix:"openafs-doc", reference:"1.4.7.dfsg1-6+lenny1")) flag++;
if (deb_check(release:"5.0", prefix:"openafs-fileserver", reference:"1.4.7.dfsg1-6+lenny1")) flag++;
if (deb_check(release:"5.0", prefix:"openafs-kpasswd", reference:"1.4.7.dfsg1-6+lenny1")) flag++;
if (deb_check(release:"5.0", prefix:"openafs-krb5", reference:"1.4.7.dfsg1-6+lenny1")) flag++;
if (deb_check(release:"5.0", prefix:"openafs-modules-source", reference:"1.4.7.dfsg1-6+lenny1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201404-05.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201404-05 (OpenAFS: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenAFS. Please review the CVE identifiers referenced below for details. Impact : An attacker could potentially execute arbitrary code with the permissions of the user running the AFS server, cause a Denial of Service condition, or gain access to sensitive information. Additionally, an attacker could compromise a cell’s private key, allowing them to impersonate any user in the cell. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id73394
    published2014-04-08
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/73394
    titleGLSA-201404-05 : OpenAFS: Multiple vulnerabilities
    code
    #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 201404-05.
#
# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include("compat.inc");

if (description)
{
  script_id(73394);
  script_version("1.6");
  script_cvs_date("Date: 2018/07/12 19:01:15");

  script_cve_id("CVE-2009-1250", "CVE-2009-1251", "CVE-2011-0430", "CVE-2011-0431", "CVE-2013-1794", "CVE-2013-1795", "CVE-2013-4134", "CVE-2013-4135");
  script_bugtraq_id(34404, 34407, 46428, 58299, 58300, 61438, 61439);
  script_xref(name:"GLSA", value:"201404-05");

  script_name(english:"GLSA-201404-05 : OpenAFS: Multiple vulnerabilities");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-201404-05
(OpenAFS: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in OpenAFS. Please review
      the CVE identifiers referenced below for details.
  
Impact :

    An attacker could potentially execute arbitrary code with the
      permissions of the user running the AFS server, cause a Denial of Service
      condition, or gain access to sensitive information. Additionally, an
      attacker could compromise a cell’s private key, allowing them to
      impersonate any user in the cell.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/201404-05"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All OpenAFS users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=net-fs/openafs-1.6.5'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(119, 189);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:openafs");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/04/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/08");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"net-fs/openafs", unaffected:make_list("ge 1.6.5"), vulnerable:make_list("lt 1.6.5"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "OpenAFS");
}
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2009-099.NASL
    descriptionMultiple vulnerabilities has been found and corrected in openafs : The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro (CVE-2009-1250). Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays (CVE-2009-1251). The updated packages have been patched to correct these issues. Update : Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers
    last seen2020-06-01
    modified2020-06-02
    plugin id38192
    published2009-04-28
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38192
    titleMandriva Linux Security Advisory : openafs (MDVSA-2009:099-1)
    code
    #%NASL_MIN_LEVEL 80502

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2009:099. 
# The text itself is copyright (C) Mandriva S.A.
#

include("compat.inc");

if (description)
{
  script_id(38192);
  script_version ("1.17");
  script_cvs_date("Date: 2019/08/02 13:32:51");

  script_cve_id("CVE-2009-1250", "CVE-2009-1251");
  script_bugtraq_id(34404, 34407);
  script_xref(name:"MDVSA", value:"2009:099-1");

  script_name(english:"Mandriva Linux Security Advisory : openafs (MDVSA-2009:099-1)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Multiple vulnerabilities has been found and corrected in openafs :

The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0
through 1.5.58 on Linux allows remote attackers to cause a denial of
service (system crash) via an RX response with a large error-code
value that is interpreted as a pointer and dereferenced, related to
use of the ERR_PTR macro (CVE-2009-1250).

Heap-based buffer overflow in the cache manager in the client in
OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms
allows remote attackers to cause a denial of service (system crash) or
possibly execute arbitrary code via an RX response containing more
data than specified in a request, related to use of XDR arrays
(CVE-2009-1251).

The updated packages have been patched to correct these issues.

Update :

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(119, 189);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:dkms-libafs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64openafs1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64openafs1-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libopenafs1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libopenafs1-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openafs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openafs-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openafs-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:openafs-server");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/12/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/28");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2008.0", reference:"dkms-libafs-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64openafs1-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64openafs1-devel-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libopenafs1-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libopenafs1-devel-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"openafs-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"openafs-client-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"openafs-doc-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"openafs-server-1.4.4-8.3mdv2008.0", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201101-05.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201101-05 (OpenAFS: Arbitrary code execution) Two vulnerabilities were discovered: Simon Wilkinson discovered from a bug report by Toby Blake that the cache manager of OpenAFS contains a heap-based buffer overflow which is related to the use of the ERR_PTR macro (CVE-2009-1250). A pointer dereference bug when using XDR arrays was discovered by Simon Wilkinson, with assistance from Derrick Brashear and Jeffrey Altman. (CVE-2009-1251). Impact : The vulnerabilities might allow remote unauthenticated attackers to cause a Denial of Service (system crash) and possibly execute arbitrary code. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id51535
    published2011-01-17
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51535
    titleGLSA-201101-05 : OpenAFS: Arbitrary code execution
    code
    #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 201101-05.
#
# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include("compat.inc");

if (description)
{
  script_id(51535);
  script_version("1.9");
  script_cvs_date("Date: 2018/08/10 18:07:07");

  script_cve_id("CVE-2009-1250", "CVE-2009-1251");
  script_xref(name:"GLSA", value:"201101-05");

  script_name(english:"GLSA-201101-05 : OpenAFS: Arbitrary code execution");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-201101-05
(OpenAFS: Arbitrary code execution)

    Two vulnerabilities were discovered:
    Simon Wilkinson discovered from a bug report by Toby Blake that the
    cache manager of OpenAFS contains a heap-based buffer overflow which is
    related to the use of the ERR_PTR macro (CVE-2009-1250).
    A
    pointer dereference bug when using XDR arrays was discovered by Simon
    Wilkinson, with assistance from Derrick Brashear and Jeffrey Altman.
    (CVE-2009-1251).
  
Impact :

    The vulnerabilities might allow remote unauthenticated attackers to
    cause a Denial of Service (system crash) and possibly execute arbitrary
    code.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/201101-05"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All OpenAFS users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=net-fs/openafs-1.4.9'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_cwe_id(119, 189);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:openafs");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/01/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/17");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"net-fs/openafs", unaffected:make_list("ge 1.4.9"), vulnerable:make_list("lt 1.4.9"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "OpenAFS");
}
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20090430_OPENAFS_ON_SL3_X.NASL
    descriptionAn attacker with control of a fileserver, or the ability to forge RX packets, can crash the cache manager, and hence the kernel, of affected Linux AFS clients. (CVE-2009-1250) An attacker with control of a fileserver, or the ability to forge RX packets, can crash the cache manager, and hence the kernel, of any Unix AFS client. It may be possible for an attacker to cause the kernel to execute arbitrary code. (CVE-2009-1251) The Scientific Linux Team has backported the patches to the stable version of openafs for SL3, SL4 and SL5. openafs must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id60579
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60579
    titleScientific Linux Security Update : openafs on SL3.x, SL4.x, SL5.x i386/x86_64
    code
    #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include("compat.inc");

if (description)
{
  script_id(60579);
  script_version("1.5");
  script_cvs_date("Date: 2019/10/25 13:36:18");

  script_cve_id("CVE-2009-1250", "CVE-2009-1251");

  script_name(english:"Scientific Linux Security Update : openafs on SL3.x, SL4.x, SL5.x i386/x86_64");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"An attacker with control of a fileserver, or the ability to forge RX
packets, can crash the cache manager, and hence the kernel, of
affected Linux AFS clients. (CVE-2009-1250)

An attacker with control of a fileserver, or the ability to forge RX
packets, can crash the cache manager, and hence the kernel, of any
Unix AFS client. It may be possible for an attacker to cause the
kernel to execute arbitrary code. (CVE-2009-1251)

The Scientific Linux Team has backported the patches to the stable
version of openafs for SL3, SL4 and SL5.

openafs must be restarted for the update to take effect."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0904&L=scientific-linux-errata&T=0&P=3574
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?95ee4c62"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_cwe_id(119, 189);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/04/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-52.EL-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-52.ELsmp-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-53.EL-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-53.ELsmp-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-57.EL-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-57.ELsmp-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-58.EL-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"kernel-module-openafs-2.4.21-58.ELsmp-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"openafs-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"openafs-client-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"openafs-compat-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"openafs-debug-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"openafs-devel-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"openafs-kernel-source-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"openafs-kpasswd-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"openafs-krb5-1.2.13-15.18.SL")) flag++;
if (rpm_check(release:"SL3", reference:"openafs-server-1.2.13-15.18.SL")) flag++;

if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-11.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-11.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-11.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-22.0.1.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-22.0.1.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-22.0.1.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-22.0.2.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-22.0.2.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-22.0.2.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-22.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-22.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-22.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-34.0.1.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-34.0.1.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-34.0.1.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-34.0.2.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-34.0.2.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-34.0.2.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-34.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-34.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-34.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-34.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.10.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-42.0.10.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-42.0.10.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.10.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.2.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-42.0.2.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-42.0.2.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.2.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.3.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-42.0.3.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-42.0.3.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.3.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.8.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-42.0.8.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-42.0.8.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.0.8.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-42.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-42.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-42.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-5.0.5.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-5.0.5.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.12.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-55.0.12.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-55.0.12.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.12.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.12.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.2.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-55.0.2.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-55.0.2.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.2.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.2.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.6.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-55.0.6.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-55.0.6.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.6.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.6.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.9.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-55.0.9.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-55.0.9.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.9.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.0.9.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-55.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-55.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-55.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.1.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.0.1.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.0.1.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.1.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.1.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.15.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.0.15.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.0.15.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.15.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.15.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.20.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.0.20.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.0.20.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.20.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.20.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.22.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.0.22.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.0.22.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.22.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.22.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.4.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.0.4.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.0.4.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.4.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.4.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.7.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.0.7.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.0.7.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.7.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.0.7.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-67.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-67.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-67.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.1.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-78.0.1.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-78.0.1.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.1.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.1.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.13.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-78.0.13.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-78.0.13.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.13.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.13.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.17.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-78.0.17.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-78.0.17.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.17.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.17.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.5.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-78.0.5.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-78.0.5.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.5.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.5.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.8.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-78.0.8.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-78.0.8.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.8.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.0.8.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.EL-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-module-openafs-2.6.9-78.ELhugemem-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-module-openafs-2.6.9-78.ELlargesmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.ELsmp-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"kernel-module-openafs-2.6.9-78.ELxenU-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"openafs-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"openafs-authlibs-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"openafs-authlibs-devel-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"openafs-client-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"openafs-compat-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"openafs-debug-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"openafs-devel-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"openafs-kernel-source-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"openafs-kpasswd-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"openafs-krb5-1.4.7-68.2.SL4")) flag++;
if (rpm_check(release:"SL4", reference:"openafs-server-1.4.7-68.2.SL4")) flag++;

if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-128.1.1.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-128.1.1.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-128.1.1.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-128.1.6.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-128.1.6.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-128.1.6.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-128.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-128.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-128.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.13.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.1.13.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.13.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.14.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.1.14.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.14.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.19.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.1.19.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.19.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.21.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.1.21.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.21.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.4.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.1.4.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.4.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.6.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.1.6.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.1.6.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-53.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-53.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.10.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.10.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.10.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.14.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.14.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.14.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.15.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.15.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.15.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.3.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.3.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.3.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.4.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.4.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.4.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.6.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.6.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.6.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.8.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-8.1.8.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-8.1.8.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.1.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.1.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.1.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.10.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.10.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.10.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.13.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.13.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.13.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.17.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.17.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.17.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.18.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.18.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.18.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.22.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.22.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.22.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.6.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.1.6.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.1.6.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.el5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-module-openafs-2.6.18-92.el5PAE-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"kernel-module-openafs-2.6.18-92.el5xen-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"openafs-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"openafs-authlibs-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"openafs-authlibs-devel-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"openafs-client-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"openafs-compat-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"openafs-debug-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"openafs-devel-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"openafs-kernel-source-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"openafs-kpasswd-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"openafs-krb5-1.4.7-68.2.SL5")) flag++;
if (rpm_check(release:"SL5", reference:"openafs-server-1.4.7-68.2.SL5")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

References