Vulnerabilities > CVE-2011-1675 - Resource Management Errors vulnerability in Linux Util-Linux

047910
CVSS 3.3 - LOW
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
local
linux
CWE-399
nessus

Summary

mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2012-0307.NASL
    descriptionFrom Red Hat Security Advisory 2012:0307 : An updated util-linux package that fixes multiple security issues, various bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, util-linux contains the fdisk configuration tool and the login program. Multiple flaws were found in the way the mount and umount commands performed mtab (mounted file systems table) file updates. A local, unprivileged user allowed to mount or unmount file systems could use these flaws to corrupt the mtab file and create a stale lock file, preventing other users from mounting and unmounting file systems. (CVE-2011-1675, CVE-2011-1677) This update also fixes the following bugs : * When the user logged into a telnet server, the login utility did not update the utmp database properly if the utility was executed from the telnetd daemon. This was due to telnetd not creating an appropriate entry in a utmp file before executing login. With this update, correct entries are created and the database is updated properly. (BZ#646300) * Various options were not described on the blockdev(8) manual page. With this update, the blockdev(8) manual page includes all the relevant options. (BZ#650937) * Prior to this update, the build process of the util-linux package failed in the po directory with the following error message:
    last seen2020-06-01
    modified2020-06-02
    plugin id68478
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68478
    titleOracle Linux 5 : util-linux (ELSA-2012-0307)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2012:0307 and 
    # Oracle Linux Security Advisory ELSA-2012-0307 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(68478);
      script_version("1.7");
      script_cvs_date("Date: 2019/09/30 10:58:17");
    
      script_cve_id("CVE-2011-1675", "CVE-2011-1677");
      script_bugtraq_id(50941);
      script_xref(name:"RHSA", value:"2012:0307");
    
      script_name(english:"Oracle Linux 5 : util-linux (ELSA-2012-0307)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2012:0307 :
    
    An updated util-linux package that fixes multiple security issues,
    various bugs, and adds two enhancements is now available for Red Hat
    Enterprise Linux 5.
    
    The Red Hat Security Response Team has rated this update as having low
    security impact. Common Vulnerability Scoring System (CVSS) base
    scores, which give detailed severity ratings, are available for each
    vulnerability from the CVE links in the References section.
    
    The util-linux package contains a large variety of low-level system
    utilities that are necessary for a Linux system to function. Among
    others, util-linux contains the fdisk configuration tool and the login
    program.
    
    Multiple flaws were found in the way the mount and umount commands
    performed mtab (mounted file systems table) file updates. A local,
    unprivileged user allowed to mount or unmount file systems could use
    these flaws to corrupt the mtab file and create a stale lock file,
    preventing other users from mounting and unmounting file systems.
    (CVE-2011-1675, CVE-2011-1677)
    
    This update also fixes the following bugs :
    
    * When the user logged into a telnet server, the login utility did not
    update the utmp database properly if the utility was executed from the
    telnetd daemon. This was due to telnetd not creating an appropriate
    entry in a utmp file before executing login. With this update, correct
    entries are created and the database is updated properly. (BZ#646300)
    
    * Various options were not described on the blockdev(8) manual page.
    With this update, the blockdev(8) manual page includes all the
    relevant options. (BZ#650937)
    
    * Prior to this update, the build process of the util-linux package
    failed in the po directory with the following error message:
    '@MKINSTALLDIRS@: No such file or directory'. An upstream patch has
    been applied to address this issue, and the util-linux package now
    builds successfully. (BZ#677452)
    
    * Previously, the ipcs(1) and ipcrm(1) manual pages mentioned an
    invalid option, '-b'. With this update, only valid options are listed
    on those manual pages. (BZ#678407)
    
    * Previously, the mount(8) manual page contained incomplete
    information about the ext4 and XFS file systems. With this update, the
    mount(8) manual page contains the missing information. (BZ#699639)
    
    In addition, this update adds the following enhancements :
    
    * Previously, if DOS mode was enabled on a device, the fdisk utility
    could report error messages similar to the following :
    
    Partition 1 has different physical/logical beginnings (non-Linux?):
    phys=(0, 1, 1) logical=(0, 2, 7)
    
    This update enables users to switch off DOS compatible mode (by
    specifying the '-c' option), and such error messages are no longer
    displayed. (BZ#678430)
    
    * This update adds the 'fsfreeze' command which halts access to a file
    system on a disk. (BZ#726572)
    
    All users of util-linux are advised to upgrade to this updated
    package, which contains backported patches to correct these issues and
    add these enhancements."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2012-March/002658.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected util-linux package."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:util-linux");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/04/09");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/03/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL5", reference:"util-linux-2.13-0.59.0.1.el5")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "util-linux");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-0307.NASL
    descriptionAn updated util-linux package that fixes multiple security issues, various bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, util-linux contains the fdisk configuration tool and the login program. Multiple flaws were found in the way the mount and umount commands performed mtab (mounted file systems table) file updates. A local, unprivileged user allowed to mount or unmount file systems could use these flaws to corrupt the mtab file and create a stale lock file, preventing other users from mounting and unmounting file systems. (CVE-2011-1675, CVE-2011-1677) This update also fixes the following bugs : * When the user logged into a telnet server, the login utility did not update the utmp database properly if the utility was executed from the telnetd daemon. This was due to telnetd not creating an appropriate entry in a utmp file before executing login. With this update, correct entries are created and the database is updated properly. (BZ#646300) * Various options were not described on the blockdev(8) manual page. With this update, the blockdev(8) manual page includes all the relevant options. (BZ#650937) * Prior to this update, the build process of the util-linux package failed in the po directory with the following error message:
    last seen2020-04-16
    modified2012-02-21
    plugin id58061
    published2012-02-21
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/58061
    titleRHEL 5 : util-linux (RHSA-2012:0307)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2012:0307. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(58061);
      script_version ("1.18");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/04/15");
    
      script_cve_id("CVE-2011-1675", "CVE-2011-1677");
      script_bugtraq_id(50941);
      script_xref(name:"RHSA", value:"2012:0307");
    
      script_name(english:"RHEL 5 : util-linux (RHSA-2012:0307)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An updated util-linux package that fixes multiple security issues,
    various bugs, and adds two enhancements is now available for Red Hat
    Enterprise Linux 5.
    
    The Red Hat Security Response Team has rated this update as having low
    security impact. Common Vulnerability Scoring System (CVSS) base
    scores, which give detailed severity ratings, are available for each
    vulnerability from the CVE links in the References section.
    
    The util-linux package contains a large variety of low-level system
    utilities that are necessary for a Linux system to function. Among
    others, util-linux contains the fdisk configuration tool and the login
    program.
    
    Multiple flaws were found in the way the mount and umount commands
    performed mtab (mounted file systems table) file updates. A local,
    unprivileged user allowed to mount or unmount file systems could use
    these flaws to corrupt the mtab file and create a stale lock file,
    preventing other users from mounting and unmounting file systems.
    (CVE-2011-1675, CVE-2011-1677)
    
    This update also fixes the following bugs :
    
    * When the user logged into a telnet server, the login utility did not
    update the utmp database properly if the utility was executed from the
    telnetd daemon. This was due to telnetd not creating an appropriate
    entry in a utmp file before executing login. With this update, correct
    entries are created and the database is updated properly. (BZ#646300)
    
    * Various options were not described on the blockdev(8) manual page.
    With this update, the blockdev(8) manual page includes all the
    relevant options. (BZ#650937)
    
    * Prior to this update, the build process of the util-linux package
    failed in the po directory with the following error message:
    '@MKINSTALLDIRS@: No such file or directory'. An upstream patch has
    been applied to address this issue, and the util-linux package now
    builds successfully. (BZ#677452)
    
    * Previously, the ipcs(1) and ipcrm(1) manual pages mentioned an
    invalid option, '-b'. With this update, only valid options are listed
    on those manual pages. (BZ#678407)
    
    * Previously, the mount(8) manual page contained incomplete
    information about the ext4 and XFS file systems. With this update, the
    mount(8) manual page contains the missing information. (BZ#699639)
    
    In addition, this update adds the following enhancements :
    
    * Previously, if DOS mode was enabled on a device, the fdisk utility
    could report error messages similar to the following :
    
    Partition 1 has different physical/logical beginnings (non-Linux?):
    phys=(0, 1, 1) logical=(0, 2, 7)
    
    This update enables users to switch off DOS compatible mode (by
    specifying the '-c' option), and such error messages are no longer
    displayed. (BZ#678430)
    
    * This update adds the 'fsfreeze' command which halts access to a file
    system on a disk. (BZ#726572)
    
    All users of util-linux are advised to upgrade to this updated
    package, which contains backported patches to correct these issues and
    add these enhancements."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2012:0307"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-1677"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-1675"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected util-linux and / or util-linux-debuginfo packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:util-linux");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:util-linux-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/04/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/02/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/02/21");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2012:0307";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"util-linux-2.13-0.59.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"util-linux-2.13-0.59.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"util-linux-2.13-0.59.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"util-linux-debuginfo-2.13-0.59.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"util-linux-debuginfo-2.13-0.59.el5")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"util-linux-debuginfo-2.13-0.59.el5")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "util-linux / util-linux-debuginfo");
      }
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2011-1691.NASL
    descriptionUpdated util-linux-ng packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The util-linux-ng packages contain a large variety of low-level system utilities that are necessary for a Linux operating system to function. Multiple flaws were found in the way the mount and umount commands performed mtab (mounted file systems table) file updates. A local, unprivileged user allowed to mount or unmount file systems could use these flaws to corrupt the mtab file and create a stale lock file, preventing other users from mounting and unmounting file systems. (CVE-2011-1675, CVE-2011-1677) This update also fixes the following bugs : * Due to a hard-coded limit of 128 devices, an attempt to run the
    last seen2020-06-01
    modified2020-06-02
    plugin id57019
    published2011-12-06
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/57019
    titleRHEL 6 : util-linux-ng (RHSA-2011:1691)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2011:1691. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(57019);
      script_version ("1.15");
      script_cvs_date("Date: 2019/10/25 13:36:16");
    
      script_cve_id("CVE-2011-1675", "CVE-2011-1677");
      script_xref(name:"RHSA", value:"2011:1691");
    
      script_name(english:"RHEL 6 : util-linux-ng (RHSA-2011:1691)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated util-linux-ng packages that fix multiple security issues,
    several bugs, and add various enhancements are now available for Red
    Hat Enterprise Linux 6.
    
    The Red Hat Security Response Team has rated this update as having low
    security impact. Common Vulnerability Scoring System (CVSS) base
    scores, which give detailed severity ratings, are available for each
    vulnerability from the CVE links in the References section.
    
    The util-linux-ng packages contain a large variety of low-level system
    utilities that are necessary for a Linux operating system to function.
    
    Multiple flaws were found in the way the mount and umount commands
    performed mtab (mounted file systems table) file updates. A local,
    unprivileged user allowed to mount or unmount file systems could use
    these flaws to corrupt the mtab file and create a stale lock file,
    preventing other users from mounting and unmounting file systems.
    (CVE-2011-1675, CVE-2011-1677)
    
    This update also fixes the following bugs :
    
    * Due to a hard-coded limit of 128 devices, an attempt to run the
    'blkid -c' command on more than 128 devices caused blkid to terminate
    unexpectedly. This update increases the maximum number of devices to
    8192 so that blkid no longer crashes in this scenario. (BZ#675999)
    
    * Previously, the 'swapon -a' command did not detect device-mapper
    devices that were already in use. This update corrects the swapon
    utility to detect such devices as expected. (BZ#679741)
    
    * Prior to this update, the presence of an invalid line in the
    /etc/fstab file could cause the umount utility to terminate
    unexpectedly with a segmentation fault. This update applies a patch
    that corrects this error so that umount now correctly reports invalid
    lines and no longer crashes. (BZ#684203)
    
    * Previously, an attempt to use the wipefs utility on a partitioned
    device caused the utility to terminate unexpectedly with an error.
    This update adapts wipefs to only display a warning message in this
    situation. (BZ#696959)
    
    * When providing information on interprocess communication (IPC)
    facilities, the ipcs utility could previously display a process owner
    as a negative number if the user's UID was too large. This update
    adapts the underlying source code to make sure the UID values are now
    displayed correctly. (BZ#712158)
    
    * In the installation scriptlets, the uuidd package uses the chkconfig
    utility to enable and disable the uuidd service. Previously, this
    package did not depend on the chkconfig package, which could lead to
    errors during installation if chkconfig was not installed. This update
    adds chkconfig to the list of dependencies so that such errors no
    longer occur. (BZ#712808)
    
    * The previous version of the /etc/udev/rules.d/60-raw.rules file
    contained a statement that both this file and raw devices are
    deprecated. This is no longer true and the Red Hat Enterprise Linux
    kernel supports this functionality. With this update, the
    aforementioned file no longer contains this incorrect statement.
    (BZ#716995)
    
    * Previously, an attempt to use the cfdisk utility to read the default
    Red Hat Enterprise Linux 6 partition layout failed with an error. This
    update corrects this error and the cfdisk utility can now read the
    default partition layout as expected. (BZ#723352)
    
    * The previous version of the tailf(1) manual page incorrectly stated
    that users can use the '--lines=NUMBER' command line option to limit
    the number of displayed lines. However, the tailf utility does not
    allow the use of the equals sign (=) between the option and its
    argument. This update corrects this error. (BZ#679831)
    
    * The fstab(5) manual page has been updated to clarify that empty
    lines in the /etc/fstab configuration file are ignored. (BZ#694648)
    
    As well, this update adds the following enhancements :
    
    * A new fstrim utility has been added to the package. This utility
    allows the root user to discard unused blocks on a mounted file
    system. (BZ#692119)
    
    * The login utility has been updated to provide support for failed
    login attempts that are reported by PAM. (BZ#696731)
    
    * The lsblk utility has been updated to provide additional information
    about the topology and status of block devices. (BZ#723638)
    
    * The agetty utility has been updated to pass the hostname to the
    login utility. (BZ#726092)
    
    All users of util-linux-ng are advised to upgrade to these updated
    packages, which contain backported patches to correct these issues and
    add these enhancements."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-1675"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-1677"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2011:1691"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libblkid");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libblkid-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libuuid");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libuuid-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:util-linux-ng");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:util-linux-ng-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:uuidd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/04/09");
      script_set_attribute(attribute:"patch_publication_date", value:"2011/12/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2011:1691";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL6", reference:"libblkid-2.17.2-12.4.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"libblkid-devel-2.17.2-12.4.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"libuuid-2.17.2-12.4.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"libuuid-devel-2.17.2-12.4.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"util-linux-ng-2.17.2-12.4.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"util-linux-ng-debuginfo-2.17.2-12.4.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"uuidd-2.17.2-12.4.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"uuidd-2.17.2-12.4.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"uuidd-2.17.2-12.4.el6")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libblkid / libblkid-devel / libuuid / libuuid-devel / util-linux-ng / etc");
      }
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20111206_UTIL_LINUX_NG_ON_SL6_X.NASL
    descriptionThe util-linux-ng packages contain a large variety of low-level system utilities that are necessary for a Linux operating system to function. Multiple flaws were found in the way the mount and umount commands performed mtab (mounted file systems table) file updates. A local, unprivileged user allowed to mount or unmount file systems could use these flaws to corrupt the mtab file and create a stale lock file, preventing other users from mounting and unmounting file systems. (CVE-2011-1675, CVE-2011-1677) This update also fixes the following bugs : - Due to a hard-coded limit of 128 devices, an attempt to run the
    last seen2020-06-01
    modified2020-06-02
    plugin id61200
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61200
    titleScientific Linux Security Update : util-linux-ng on SL6.x i386/x86_64
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61200);
      script_version("1.6");
      script_cvs_date("Date: 2019/10/25 13:36:20");
    
      script_cve_id("CVE-2011-1675", "CVE-2011-1677");
    
      script_name(english:"Scientific Linux Security Update : util-linux-ng on SL6.x i386/x86_64");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The util-linux-ng packages contain a large variety of low-level system
    utilities that are necessary for a Linux operating system to function.
    
    Multiple flaws were found in the way the mount and umount commands
    performed mtab (mounted file systems table) file updates. A local,
    unprivileged user allowed to mount or unmount file systems could use
    these flaws to corrupt the mtab file and create a stale lock file,
    preventing other users from mounting and unmounting file systems.
    (CVE-2011-1675, CVE-2011-1677)
    
    This update also fixes the following bugs :
    
      - Due to a hard-coded limit of 128 devices, an attempt to
        run the 'blkid -c' command on more than 128 devices
        caused blkid to terminate unexpectedly. This update
        increases the maximum number of devices to 8192 so that
        blkid no longer crashes in this scenario.
    
      - Previously, the 'swapon -a' command did not detect
        device-mapper devices that were already in use. This
        update corrects the swapon utility to detect such
        devices as expected.
    
      - Prior to this update, the presence of an invalid line in
        the /etc/fstab file could cause the umount utility to
        terminate unexpectedly with a segmentation fault. This
        update applies a patch that corrects this error so that
        umount now correctly reports invalid lines and no longer
        crashes.
    
      - Previously, an attempt to use the wipefs utility on a
        partitioned device caused the utility to terminate
        unexpectedly with an error. This update adapts wipefs to
        only display a warning message in this situation.
    
      - When providing information on interprocess communication
        (IPC) facilities, the ipcs utility could previously
        display a process owner as a negative number if the
        user's UID was too large. This update adapts the
        underlying source code to make sure the UID values are
        now displayed correctly.
    
      - In the installation scriptlets, the uuidd package uses
        the chkconfig utility to enable and disable the uuidd
        service. Previously, this package did not depend on the
        chkconfig package, which could lead to errors during
        installation if chkconfig was not installed. This update
        adds chkconfig to the list of dependencies so that such
        errors no longer occur.
    
      - The previous version of the
        /etc/udev/rules.d/60-raw.rules file contained a
        statement that both this file and raw devices are
        deprecated. This is no longer true and the Scientific
        Linux kernel supports this functionality. With this
        update, the aforementioned file no longer contains this
        incorrect statement.
    
      - Previously, an attempt to use the cfdisk utility to read
        the default Scientific Linux 6 partition layout failed
        with an error. This update corrects this error and the
        cfdisk utility can now read the default partition layout
        as expected.
    
      - The previous version of the tailf(1) manual page
        incorrectly stated that users can use the
        '--lines=NUMBER' command line option to limit the number
        of displayed lines. However, the tailf utility does not
        allow the use of the equals sign (=) between the option
        and its argument. This update corrects this error.
    
      - The fstab(5) manual page has been updated to clarify
        that empty lines in the /etc/fstab configuration file
        are ignored.
    
    As well, this update adds the following enhancements :
    
      - A new fstrim utility has been added to the package. This
        utility allows the root user to discard unused blocks on
        a mounted file system.
    
      - The login utility has been updated to provide support
        for failed login attempts that are reported by PAM.
    
      - The lsblk utility has been updated to provide additional
        information about the topology and status of block
        devices.
    
      - The agetty utility has been updated to pass the hostname
        to the login utility.
    
    All users of util-linux-ng are advised to upgrade to these updated
    packages, which contain backported patches to correct these issues and
    add these enhancements."
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1112&L=scientific-linux-errata&T=0&P=1321
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?fa33b746"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/04/09");
      script_set_attribute(attribute:"patch_publication_date", value:"2011/12/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL6", reference:"libblkid-2.17.2-12.4.el6")) flag++;
    if (rpm_check(release:"SL6", reference:"libblkid-devel-2.17.2-12.4.el6")) flag++;
    if (rpm_check(release:"SL6", reference:"libuuid-2.17.2-12.4.el6")) flag++;
    if (rpm_check(release:"SL6", reference:"libuuid-devel-2.17.2-12.4.el6")) flag++;
    if (rpm_check(release:"SL6", reference:"util-linux-ng-2.17.2-12.4.el6")) flag++;
    if (rpm_check(release:"SL6", reference:"util-linux-ng-debuginfo-2.17.2-12.4.el6")) flag++;
    if (rpm_check(release:"SL6", reference:"uuidd-2.17.2-12.4.el6")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20120221_UTIL_LINUX_ON_SL5_X.NASL
    descriptionThe util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, util-linux contains the fdisk configuration tool and the login program. Multiple flaws were found in the way the mount and umount commands performed mtab (mounted file systems table) file updates. A local, unprivileged user allowed to mount or unmount file systems could use these flaws to corrupt the mtab file and create a stale lock file, preventing other users from mounting and unmounting file systems. (CVE-2011-1675, CVE-2011-1677) This update also fixes the following bugs : - When the user logged into a telnet server, the login utility did not update the utmp database properly if the utility was executed from the telnetd daemon. This was due to telnetd not creating an appropriate entry in a utmp file before executing login. With this update, correct entries are created and the database is updated properly. - Various options were not described on the blockdev(8) manual page. With this update, the blockdev(8) manual page includes all the relevant options. - Prior to this update, the build process of the util-linux package failed in the po directory with the following error message:
    last seen2020-03-18
    modified2012-08-01
    plugin id61272
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61272
    titleScientific Linux Security Update : util-linux on SL5.x i386/x86_64 (20120221)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61272);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2011-1675", "CVE-2011-1677");
    
      script_name(english:"Scientific Linux Security Update : util-linux on SL5.x i386/x86_64 (20120221)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The util-linux package contains a large variety of low-level system
    utilities that are necessary for a Linux system to function. Among
    others, util-linux contains the fdisk configuration tool and the login
    program.
    
    Multiple flaws were found in the way the mount and umount commands
    performed mtab (mounted file systems table) file updates. A local,
    unprivileged user allowed to mount or unmount file systems could use
    these flaws to corrupt the mtab file and create a stale lock file,
    preventing other users from mounting and unmounting file systems.
    (CVE-2011-1675, CVE-2011-1677)
    
    This update also fixes the following bugs :
    
      - When the user logged into a telnet server, the login
        utility did not update the utmp database properly if the
        utility was executed from the telnetd daemon. This was
        due to telnetd not creating an appropriate entry in a
        utmp file before executing login. With this update,
        correct entries are created and the database is updated
        properly.
    
      - Various options were not described on the blockdev(8)
        manual page. With this update, the blockdev(8) manual
        page includes all the relevant options.
    
      - Prior to this update, the build process of the
        util-linux package failed in the po directory with the
        following error message: '@MKINSTALLDIRS@: No such file
        or directory'. An upstream patch has been applied to
        address this issue, and the util-linux package now
        builds successfully.
    
      - Previously, the ipcs(1) and ipcrm(1) manual pages
        mentioned an invalid option, '-b'. With this update,
        only valid options are listed on those manual pages.
    
      - Previously, the mount(8) manual page contained
        incomplete information about the ext4 and XFS file
        systems. With this update, the mount(8) manual page
        contains the missing information.
    
    In addition, this update adds the following enhancements :
    
      - Previously, if DOS mode was enabled on a device, the
        fdisk utility could report error messages similar to the
        following :
    
    Partition 1 has different physical/logical beginnings (non-Linux?):
    phys=(0, 1, 1) logical=(0, 2, 7)
    
    This update enables users to switch off DOS compatible mode (by
    specifying the '-c' option), and such error messages are no longer
    displayed.
    
      - This update adds the 'fsfreeze' command which halts
        access to a file system on a disk.
    
    All users of util-linux are advised to upgrade to this updated
    package, which contains backported patches to correct these issues and
    add these enhancements."
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1203&L=scientific-linux-errata&T=0&P=3164
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?82291f93"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected util-linux and / or util-linux-debuginfo packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:util-linux");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:util-linux-debuginfo");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/04/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/02/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 5.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL5", reference:"util-linux-2.13-0.59.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"util-linux-debuginfo-2.13-0.59.el5")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "util-linux / util-linux-debuginfo");
    }
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201405-15.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201405-15 (util-linux: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in util-linux. Please review the CVE identifiers referenced below for details. Impact : A local attacker may be able to cause a Denial of Service condition, trigger corruption of /etc/mtab, obtain sensitive information, or have other unspecified impact. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id74058
    published2014-05-19
    reporterThis script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74058
    titleGLSA-201405-15 : util-linux: Multiple vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201405-15.
    #
    # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(74058);
      script_version("1.4");
      script_cvs_date("Date: 2018/12/05 20:31:22");
    
      script_cve_id("CVE-2011-1675", "CVE-2011-1676", "CVE-2011-1677", "CVE-2013-0157");
      script_bugtraq_id(50941, 57168);
      script_xref(name:"GLSA", value:"201405-15");
    
      script_name(english:"GLSA-201405-15 : util-linux: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201405-15
    (util-linux: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in util-linux. Please
          review the CVE identifiers referenced below for details.
      
    Impact :
    
        A local attacker may be able to cause a Denial of Service condition,
          trigger corruption of /etc/mtab, obtain sensitive information, or have
          other unspecified impact.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201405-15"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All util-linux users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=sys-apps/util-linux-2.22.2'"
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:util-linux");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/05/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/19");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"sys-apps/util-linux", unaffected:make_list("ge 2.22.2"), vulnerable:make_list("lt 2.22.2"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "util-linux");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-0168.NASL
    descriptionAn updated rhev-hypervisor5 package that fixes several security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host. (CVE-2012-0029) A divide-by-zero flaw was found in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id79283
    published2014-11-17
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79283
    titleRHEL 5 : rhev-hypervisor5 (RHSA-2012:0168)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2012:0168. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(79283);
      script_version("1.11");
      script_cvs_date("Date: 2019/10/24 15:35:35");
    
      script_cve_id("CVE-2006-1168", "CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830", "CVE-2010-4008", "CVE-2011-0216", "CVE-2011-1083", "CVE-2011-1089", "CVE-2011-1526", "CVE-2011-2716", "CVE-2011-2834", "CVE-2011-3638", "CVE-2011-3905", "CVE-2011-3919", "CVE-2011-4086", "CVE-2011-4109", "CVE-2011-4127", "CVE-2011-4347", "CVE-2011-4576", "CVE-2011-4619", "CVE-2012-0028", "CVE-2012-0029", "CVE-2012-0207");
      script_bugtraq_id(51281, 51343, 51642);
      script_xref(name:"RHSA", value:"2012:0168");
    
      script_name(english:"RHEL 5 : rhev-hypervisor5 (RHSA-2012:0168)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An updated rhev-hypervisor5 package that fixes several security issues
    and various bugs is now available.
    
    The Red Hat Security Response Team has rated this update as having
    important security impact. Common Vulnerability Scoring System (CVSS)
    base scores, which give detailed severity ratings, are available for
    each vulnerability from the CVE links in the References section.
    
    The rhev-hypervisor5 package provides a Red Hat Enterprise
    Virtualization Hypervisor ISO disk image. The Red Hat Enterprise
    Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine
    (KVM) hypervisor. It includes everything necessary to run and manage
    virtual machines: A subset of the Red Hat Enterprise Linux operating
    environment and the Red Hat Enterprise Virtualization Agent.
    
    Note: Red Hat Enterprise Virtualization Hypervisor is only available
    for the Intel 64 and AMD64 architectures with virtualization
    extensions.
    
    A heap overflow flaw was found in the way QEMU-KVM emulated the e1000
    network interface card. A privileged guest user in a virtual machine
    whose network interface is configured to use the e1000 emulated driver
    could use this flaw to crash the host or, possibly, escalate their
    privileges on the host. (CVE-2012-0029)
    
    A divide-by-zero flaw was found in the Linux kernel's
    igmp_heard_query() function. An attacker able to send certain IGMP
    (Internet Group Management Protocol) packets to a target system could
    use this flaw to cause a denial of service. (CVE-2012-0207)
    
    A double free flaw was discovered in the policy checking code in
    OpenSSL. A remote attacker could use this flaw to crash an application
    that uses OpenSSL by providing an X.509 certificate that has specially
    crafted policy extension data. (CVE-2011-4109)
    
    An information leak flaw was found in the SSL 3.0 protocol
    implementation in OpenSSL. Incorrect initialization of SSL record
    padding bytes could cause an SSL client or server to send a limited
    amount of possibly sensitive data to its SSL peer via the encrypted
    connection. (CVE-2011-4576)
    
    It was discovered that OpenSSL did not limit the number of TLS/SSL
    handshake restarts required to support Server Gated Cryptography. A
    remote attacker could use this flaw to make a TLS/SSL server using
    OpenSSL consume an excessive amount of CPU by continuously restarting
    the handshake. (CVE-2011-4619)
    
    Red Hat would like to thank Nicolae Mogoreanu for reporting
    CVE-2012-0029, and Simon McVittie for reporting CVE-2012-0207.
    
    This updated package provides updated components that include fixes
    for various security issues. These issues have no security impact on
    Red Hat Enterprise Virtualization Hypervisor itself, however. The
    security fixes included in this update address the following CVE
    numbers :
    
    CVE-2006-1168 and CVE-2011-2716 (busybox issues)
    
    CVE-2009-5029, CVE-2009-5064, CVE-2010-0830 and CVE-2011-1089 (glibc
    issues)
    
    CVE-2011-1083, CVE-2011-3638, CVE-2011-4086, CVE-2011-4127 and
    CVE-2012-0028 (kernel issues)
    
    CVE-2011-1526 (krb5 issue)
    
    CVE-2011-4347 (kvm issue)
    
    CVE-2010-4008, CVE-2011-0216, CVE-2011-2834, CVE-2011-3905,
    CVE-2011-3919 and CVE-2011-1944 (libxml2 issues)
    
    CVE-2011-1749 (nfs-utils issue)
    
    CVE-2011-4108 (openssl issue)
    
    CVE-2011-0010 (sudo issue)
    
    CVE-2011-1675 and CVE-2011-1677 (util-linux issues)
    
    CVE-2010-0424 (vixie-cron issue)
    
    This updated rhev-hypervisor5 package fixes various bugs.
    Documentation of these changes will be available shortly in the
    Technical Notes document :
    
    https://docs.redhat.com/docs/en-US/
    Red_Hat_Enterprise_Virtualization_for_Servers/2.2/html/Technical_Notes
    / index.html
    
    Users of Red Hat Enterprise Virtualization Hypervisor are advised to
    upgrade to this updated package, which fixes these issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-4109"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-4576"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2011-4619"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2012-0029"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2012-0207"
      );
      # https://docs.redhat.com/docs/en-US/
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/documentation/en-US/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2012:0168"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected rhev-hypervisor5 and / or rhev-hypervisor5-tools
    packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor5-tools");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2006/08/14");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/02/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/17");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2012:0168";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL5", reference:"rhev-hypervisor5-5.8-20120202.0.el5")) flag++;
      if (rpm_check(release:"RHEL5", reference:"rhev-hypervisor5-tools-5.8-20120202.0.el5")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rhev-hypervisor5 / rhev-hypervisor5-tools");
      }
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2012-083.NASL
    descriptionMultiple vulnerabilities has been discovered and corrected in util-linux : mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089 (CVE-2011-1675). mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors (CVE-2011-1677). The updated packages have been patched to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id59304
    published2012-05-30
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59304
    titleMandriva Linux Security Advisory : util-linux (MDVSA-2012:083)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2012:083. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(59304);
      script_version("1.9");
      script_cvs_date("Date: 2019/08/02 13:32:54");
    
      script_cve_id("CVE-2011-1675", "CVE-2011-1677");
      script_bugtraq_id(50941);
      script_xref(name:"MDVSA", value:"2012:083");
    
      script_name(english:"Mandriva Linux Security Advisory : util-linux (MDVSA-2012:083)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple vulnerabilities has been discovered and corrected in
    util-linux :
    
    mount in util-linux 2.19 and earlier attempts to append to the
    /etc/mtab.tmp file without first checking whether resource limits
    would interfere, which allows local users to trigger corruption of the
    /etc/mtab file via a process with a small RLIMIT_FSIZE value, a
    related issue to CVE-2011-1089 (CVE-2011-1675).
    
    mount in util-linux 2.19 and earlier does not remove the /etc/mtab~
    lock file after a failed attempt to add a mount entry, which has
    unspecified impact and local attack vectors (CVE-2011-1677).
    
    The updated packages have been patched to correct this issue."
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64blkid-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64blkid1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mount-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mount1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64uuid-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64uuid1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libblkid-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libblkid1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmount-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmount1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libuuid-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libuuid1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:util-linux");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:util-linux-ng");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:uuidd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2011");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2012/05/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/05/30");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64blkid-devel-2.17.1-5.2mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64blkid1-2.17.1-5.2mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64uuid-devel-2.17.1-5.2mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64uuid1-2.17.1-5.2mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libblkid-devel-2.17.1-5.2mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libblkid1-2.17.1-5.2mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libuuid-devel-2.17.1-5.2mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libuuid1-2.17.1-5.2mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"util-linux-ng-2.17.1-5.2mdv2010.2", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.1", reference:"uuidd-2.17.1-5.2mdv2010.2", yank:"mdv")) flag++;
    
    if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64blkid-devel-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64blkid1-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64mount-devel-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64mount1-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64uuid-devel-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64uuid1-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libblkid-devel-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libblkid1-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libmount-devel-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libmount1-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libuuid-devel-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libuuid1-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", reference:"util-linux-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", reference:"uuidd-2.19-3.2-mdv2011.0", yank:"mdv")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    

Redhat

advisories
rhsa
idRHSA-2011:1691
rpms
  • libblkid-0:2.17.2-12.4.el6
  • libblkid-devel-0:2.17.2-12.4.el6
  • libuuid-0:2.17.2-12.4.el6
  • libuuid-devel-0:2.17.2-12.4.el6
  • util-linux-ng-0:2.17.2-12.4.el6
  • util-linux-ng-debuginfo-0:2.17.2-12.4.el6
  • uuidd-0:2.17.2-12.4.el6
  • util-linux-0:2.13-0.59.el5
  • util-linux-debuginfo-0:2.13-0.59.el5