Vulnerabilities > CVE-2010-2192 - Link Following vulnerability in Vincent Fourmond Pmount 0.9.18

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
vincent-fourmond
CWE-59
nessus
NVD
Published: 2010-06-18
Updated: 2024-11-21

Summary

The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/.

Vulnerable Configurations

Part Description Count
Application
Vincent_Fourmond
1

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Symlink Attack
    An attacker positions a symbolic link in such a manner that the targeted user or application accesses the link's endpoint, assuming that it is accessing a file with the link's name. The endpoint file may be either output or input. If the file is output, the result is that the endpoint is modified, instead of a file at the intended location. Modifications to the endpoint file may include appending, overwriting, corrupting, changing permissions, or other modifications. In some variants of this attack the attacker may be able to control the change to a file while in other cases they cannot. The former is especially damaging since the attacker may be able to grant themselves increased privileges or insert false information, but the latter can also be damaging as it can expose sensitive information or corrupt or destroy vital system or application files. Alternatively, the endpoint file may serve as input to the targeted application. This can be used to feed malformed input into the target or to cause the target to process different information, possibly allowing the attacker to control the actions of the target or to cause the target to expose information to the attacker. Moreover, the actions taken on the endpoint file are undertaken with the permissions of the targeted user or application, which may exceed the permissions that the attacker would normally have.
  • Accessing, Modifying or Executing Executable Files
    An attack of this type exploits a system's configuration that allows an attacker to either directly access an executable file, for example through shell access; or in a possible worst case allows an attacker to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
  • Leverage Executable Code in Non-Executable Files
    An attack of this type exploits a system's trust in configuration and resource files, when the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high. The attack can be directed at a client system, such as causing buffer overrun through loading seemingly benign image files, as in Microsoft Security Bulletin MS04-028 where specially crafted JPEG files could cause a buffer overrun once loaded into the browser. Another example targets clients reading pdf files. In this case the attacker simply appends javascript to the end of a legitimate url for a pdf (http://www.gnucitizen.org/blog/danger-danger-danger/) http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here The client assumes that they are reading a pdf, but the attacker has modified the resource and loaded executable javascript into the client's browser process. The attack can also target server processes. The attacker edits the resource or configuration file, for example a web.xml file used to configure security permissions for a J2EE app server, adding role name "public" grants all users with the public role the ability to use the administration functionality. The server trusts its configuration file to be correct, but when they are manipulated, the attacker gains full control.
  • Manipulating Input to File System Calls
    An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201412-08.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201412-08 (Multiple packages, Multiple vulnerabilities fixed in 2010) Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. Insight Perl Tk Module Source-Navigator Tk Partimage Mlmmj acl Xinit gzip ncompress liblzw splashutils GNU M4 KDE Display Manager GTK+ KGet dvipng Beanstalk Policy Mount pam_krb5 GNU gv LFTP Uzbl Slim Bitdefender Console iputils DVBStreamer Impact : A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. Workaround : There are no known workarounds at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id79961
    published2014-12-15
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79961
    titleGLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010
    code
    #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 201412-08.
#
# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include("compat.inc");

if (description)
{
  script_id(79961);
  script_version("1.6");
  script_cvs_date("Date: 2019/08/12 17:35:38");

  script_cve_id("CVE-2006-3005", "CVE-2007-2741", "CVE-2008-0553", "CVE-2008-1382", "CVE-2008-5907", "CVE-2008-6218", "CVE-2008-6661", "CVE-2009-0040", "CVE-2009-0360", "CVE-2009-0361", "CVE-2009-0946", "CVE-2009-2042", "CVE-2009-2624", "CVE-2009-3736", "CVE-2009-4029", "CVE-2009-4411", "CVE-2009-4896", "CVE-2010-0001", "CVE-2010-0436", "CVE-2010-0732", "CVE-2010-0829", "CVE-2010-1000", "CVE-2010-1205", "CVE-2010-1511", "CVE-2010-2056", "CVE-2010-2060", "CVE-2010-2192", "CVE-2010-2251", "CVE-2010-2529", "CVE-2010-2809", "CVE-2010-2945");
  script_bugtraq_id(24001, 27655, 28770, 31920, 32751, 33740, 33741, 33827, 33990, 34550, 35233, 37128, 37378, 37455, 37886, 37888, 38211, 39467, 39969, 40141, 40426, 40516, 40939, 41174, 41841, 41911, 42297, 43728);
  script_xref(name:"GLSA", value:"201412-08");

  script_name(english:"GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-201412-08
(Multiple packages, Multiple vulnerabilities fixed in 2010)

    Vulnerabilities have been discovered in the packages listed below.
      Please review the CVE identifiers in the Reference section for details.
      Insight
      Perl Tk Module
      Source-Navigator
      Tk
      Partimage
      Mlmmj
      acl
      Xinit
      gzip
      ncompress
      liblzw
      splashutils
      GNU M4
      KDE Display Manager
      GTK+
      KGet
      dvipng
      Beanstalk
      Policy Mount
      pam_krb5
      GNU gv
      LFTP
      Uzbl
      Slim
      Bitdefender Console
      iputils
      DVBStreamer
  
Impact :

    A context-dependent attacker may be able to gain escalated privileges,
      execute arbitrary code, cause Denial of Service, obtain sensitive
      information, or otherwise bypass security restrictions.
  
Workaround :

    There are no known workarounds at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/201412-08"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All Insight users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=dev-util/insight-6.7.1-r1'
    All Perl Tk Module users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=dev-perl/perl-tk-804.028-r2'
    All Source-Navigator users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=dev-util/sourcenav-5.1.4'
    All Tk users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=dev-lang/tk-8.4.18-r1'
    All Partimage users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=sys-block/partimage-0.6.8'
    All Mlmmj users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=net-mail/mlmmj-1.2.17.1'
    All acl users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=sys-apps/acl-2.2.49'
    All Xinit users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=x11-apps/xinit-1.2.0-r4'
    All gzip users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=app-arch/gzip-1.4'
    All ncompress users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=app-arch/ncompress-4.2.4.3'
    All liblzw users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=dev-libs/liblzw-0.2'
    All splashutils users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose
      '>=media-gfx/splashutils-1.5.4.3-r3'
    All GNU M4 users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=sys-devel/m4-1.4.14-r1'
    All KDE Display Manager users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=kde-base/kdm-4.3.5-r1'
    All GTK+ users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=x11-libs/gtk+-2.18.7'
    All KGet 4.3 users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=kde-base/kget-4.3.5-r1'
    All dvipng users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=app-text/dvipng-1.13'
    All Beanstalk users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=app-misc/beanstalkd-1.4.6'
    All Policy Mount users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=sys-apps/pmount-0.9.23'
    All pam_krb5 users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=sys-auth/pam_krb5-4.3'
    All GNU gv users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=app-text/gv-3.7.1'
    All LFTP users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=net-ftp/lftp-4.0.6'
    All Uzbl users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=www-client/uzbl-2010.08.05'
    All Slim users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=x11-misc/slim-1.3.2'
    All iputils users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=net-misc/iputils-20100418'
    All DVBStreamer users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=media-tv/dvbstreamer-1.1-r1'
    Gentoo has discontinued support for Bitdefender Console. We recommend
      that users unmerge Bitdefender Console:
      # emerge --unmerge 'app-antivirus/bitdefender-console'
    NOTE: This is a legacy GLSA. Updates for all affected architectures have
      been available since 2011. It is likely that your system is already no
      longer affected by these issues."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(20, 94, 119, 189, 200, 264, 287, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:acl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:beanstalkd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:bitdefender-console");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:dvbstreamer");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:dvipng");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:gtk+");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:gv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:gzip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:insight");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:iputils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:kdm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:kget");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:lftp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:liblzw");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:m4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mlmmj");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ncompress");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:pam_krb5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:partimage");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:perl-tk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:pmount");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:slim");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:sourcenav");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:splashutils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:tk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:uzbl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:xinit");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/12/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/12/15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"app-arch/gzip", unaffected:make_list("ge 1.4"), vulnerable:make_list("lt 1.4"))) flag++;
if (qpkg_check(package:"kde-base/kget", unaffected:make_list("ge 4.3.5-r1"), vulnerable:make_list("lt 4.3.5-r1"))) flag++;
if (qpkg_check(package:"dev-libs/liblzw", unaffected:make_list("ge 0.2"), vulnerable:make_list("lt 0.2"))) flag++;
if (qpkg_check(package:"kde-base/kdm", unaffected:make_list("ge 4.3.5-r1"), vulnerable:make_list("lt 4.3.5-r1"))) flag++;
if (qpkg_check(package:"app-text/dvipng", unaffected:make_list("ge 1.13"), vulnerable:make_list("lt 1.13"))) flag++;
if (qpkg_check(package:"x11-apps/xinit", unaffected:make_list("ge 1.2.0-r4"), vulnerable:make_list("lt 1.2.0-r4"))) flag++;
if (qpkg_check(package:"net-ftp/lftp", unaffected:make_list("ge 4.0.6"), vulnerable:make_list("lt 4.0.6"))) flag++;
if (qpkg_check(package:"net-mail/mlmmj", unaffected:make_list("ge 1.2.17.1"), vulnerable:make_list("lt 1.2.17.1"))) flag++;
if (qpkg_check(package:"sys-apps/pmount", unaffected:make_list("ge 0.9.23"), vulnerable:make_list("lt 0.9.23"))) flag++;
if (qpkg_check(package:"sys-block/partimage", unaffected:make_list("ge 0.6.8"), vulnerable:make_list("lt 0.6.8"))) flag++;
if (qpkg_check(package:"sys-apps/acl", unaffected:make_list("ge 2.2.49"), vulnerable:make_list("lt 2.2.49"))) flag++;
if (qpkg_check(package:"app-arch/ncompress", unaffected:make_list("ge 4.2.4.3"), vulnerable:make_list("lt 4.2.4.3"))) flag++;
if (qpkg_check(package:"media-gfx/splashutils", unaffected:make_list("ge 1.5.4.3-r3"), vulnerable:make_list("lt 1.5.4.3-r3"))) flag++;
if (qpkg_check(package:"www-client/uzbl", unaffected:make_list("ge 2010.08.05"), vulnerable:make_list("lt 2010.08.05"))) flag++;
if (qpkg_check(package:"dev-util/insight", unaffected:make_list("ge 6.7.1-r1"), vulnerable:make_list("lt 6.7.1-r1"))) flag++;
if (qpkg_check(package:"sys-devel/m4", unaffected:make_list("ge 1.4.14-r1"), vulnerable:make_list("lt 1.4.14-r1"))) flag++;
if (qpkg_check(package:"app-antivirus/bitdefender-console", unaffected:make_list(), vulnerable:make_list("le 7.1"))) flag++;
if (qpkg_check(package:"app-text/gv", unaffected:make_list("ge 3.7.1"), vulnerable:make_list("lt 3.7.1"))) flag++;
if (qpkg_check(package:"media-tv/dvbstreamer", unaffected:make_list("ge 1.1-r1"), vulnerable:make_list("lt 1.1-r1"))) flag++;
if (qpkg_check(package:"app-misc/beanstalkd", unaffected:make_list("ge 1.4.6"), vulnerable:make_list("lt 1.4.6"))) flag++;
if (qpkg_check(package:"net-misc/iputils", unaffected:make_list("ge 20100418"), vulnerable:make_list("lt 20100418"))) flag++;
if (qpkg_check(package:"dev-util/sourcenav", unaffected:make_list("ge 5.1.4"), vulnerable:make_list("lt 5.1.4"))) flag++;
if (qpkg_check(package:"x11-libs/gtk+", unaffected:make_list("ge 2.18.7"), vulnerable:make_list("lt 2.18.7"))) flag++;
if (qpkg_check(package:"sys-auth/pam_krb5", unaffected:make_list("ge 4.3"), vulnerable:make_list("lt 4.3"))) flag++;
if (qpkg_check(package:"dev-lang/tk", unaffected:make_list("ge 8.4.18-r1"), vulnerable:make_list("lt 8.4.18-r1"))) flag++;
if (qpkg_check(package:"x11-misc/slim", unaffected:make_list("ge 1.3.2"), vulnerable:make_list("lt 1.3.2"))) flag++;
if (qpkg_check(package:"dev-perl/perl-tk", unaffected:make_list("ge 804.028-r2"), vulnerable:make_list("lt 804.028-r2"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "app-arch/gzip / kde-base/kget / dev-libs/liblzw / kde-base/kdm / etc");
}
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2063.NASL
    descriptionDan Rosenberg discovered that pmount, a wrapper around the standard mount program which permits normal users to mount removable devices without a matching /etc/fstab entry, creates files in /var/lock insecurely. A local attacker could overwrite arbitrary files utilising a symlink attack.
    last seen2020-06-01
    modified2020-06-02
    plugin id47105
    published2010-06-21
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47105
    titleDebian DSA-2063-1 : pmount - insecure temporary file
    code
    #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2063. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include("compat.inc");

if (description)
{
  script_id(47105);
  script_version("1.11");
  script_cvs_date("Date: 2019/08/02 13:32:22");

  script_cve_id("CVE-2010-2192");
  script_xref(name:"DSA", value:"2063");

  script_name(english:"Debian DSA-2063-1 : pmount - insecure temporary file");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Dan Rosenberg discovered that pmount, a wrapper around the standard
mount program which permits normal users to mount removable devices
without a matching /etc/fstab entry, creates files in /var/lock
insecurely. A local attacker could overwrite arbitrary files utilising
a symlink attack."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2010/dsa-2063"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the pmount package.

For the stable distribution (lenny), this problem has been fixed in
version 0.9.18-2+lenny1"
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:pmount");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/06/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/06/21");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"5.0", prefix:"pmount", reference:"0.9.18-2+lenny1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());
  else security_note(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

References