Vulnerabilities > CVE-2011-2190 - Cryptographic Issues vulnerability in Cherokee-Project Cherokee
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The generate_admin_password function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for local users to determine admin passwords via a brute-force attack.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2011-14622.NASL description Latest 1.2.x upstream release Resolves bz 746532 - put some deps back: GeoIP-devel openldap-devel Latest 1.2.x upstream release .spec corrections for optional build for systemd Resolves bz 710474 Resolves bz 713307 Resolves bz 680691 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 56930 published 2011-11-26 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56930 title Fedora 16 : cherokee-1.2.101-1.fc16 (2011-14622) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2011-14622. # include("compat.inc"); if (description) { script_id(56930); script_version("1.7"); script_cvs_date("Date: 2019/08/02 13:32:34"); script_cve_id("CVE-2011-2190", "CVE-2011-2191"); script_xref(name:"FEDORA", value:"2011-14622"); script_name(english:"Fedora 16 : cherokee-1.2.101-1.fc16 (2011-14622)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Latest 1.2.x upstream release Resolves bz 746532 - put some deps back: GeoIP-devel openldap-devel Latest 1.2.x upstream release .spec corrections for optional build for systemd Resolves bz 710474 Resolves bz 713307 Resolves bz 680691 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=680691" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=710474" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=713307" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=746532" ); # https://lists.fedoraproject.org/pipermail/package-announce/2011-November/069712.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?e2a3d758" ); script_set_attribute( attribute:"solution", value:"Update the affected cherokee package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:cherokee"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:16"); script_set_attribute(attribute:"patch_publication_date", value:"2011/10/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/11/26"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^16([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 16.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC16", reference:"cherokee-1.2.101-1.fc16")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cherokee"); }NASL family Fedora Local Security Checks NASL id FEDORA_2011-12657.NASL description Latest 1.2.x upstream release and bugzilla resolving Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 56358 published 2011-10-03 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56358 title Fedora 16 : cherokee-1.2.99-1.fc16 (2011-12657) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2011-12657. # include("compat.inc"); if (description) { script_id(56358); script_version("1.10"); script_cvs_date("Date: 2019/08/02 13:32:34"); script_cve_id("CVE-2011-2190", "CVE-2011-2191"); script_bugtraq_id(49772); script_xref(name:"FEDORA", value:"2011-12657"); script_name(english:"Fedora 16 : cherokee-1.2.99-1.fc16 (2011-12657)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Latest 1.2.x upstream release and bugzilla resolving Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=701196" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=710473" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=712555" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=713306" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=720515" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=728741" ); # https://lists.fedoraproject.org/pipermail/package-announce/2011-September/066605.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c60f696a" ); script_set_attribute( attribute:"solution", value:"Update the affected cherokee package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:cherokee"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:16"); script_set_attribute(attribute:"patch_publication_date", value:"2011/09/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/10/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^16([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 16.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC16", reference:"cherokee-1.2.99-1.fc16")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cherokee"); }NASL family Fedora Local Security Checks NASL id FEDORA_2011-14660.NASL description Latest 1.2.x upstream release Resolves bz 746532 - put some deps back: GeoIP-devel openldap-devel Latest 1.2.x upstream release .spec corrections for optional build for systemd Resolves bz 710474 Resolves bz 713307 Resolves bz 680691 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 56932 published 2011-11-26 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56932 title Fedora 14 : cherokee-1.2.101-1.fc14 (2011-14660) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2011-14660. # include("compat.inc"); if (description) { script_id(56932); script_version("1.7"); script_cvs_date("Date: 2019/08/02 13:32:34"); script_cve_id("CVE-2011-2190", "CVE-2011-2191"); script_xref(name:"FEDORA", value:"2011-14660"); script_name(english:"Fedora 14 : cherokee-1.2.101-1.fc14 (2011-14660)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Latest 1.2.x upstream release Resolves bz 746532 - put some deps back: GeoIP-devel openldap-devel Latest 1.2.x upstream release .spec corrections for optional build for systemd Resolves bz 710474 Resolves bz 713307 Resolves bz 680691 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=680691" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=710474" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=713307" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=746532" ); # https://lists.fedoraproject.org/pipermail/package-announce/2011-November/069716.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?d30665b5" ); script_set_attribute( attribute:"solution", value:"Update the affected cherokee package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:cherokee"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:14"); script_set_attribute(attribute:"patch_publication_date", value:"2011/10/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/11/26"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^14([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 14.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC14", reference:"cherokee-1.2.101-1.fc14")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cherokee"); }NASL family Fedora Local Security Checks NASL id FEDORA_2011-12698.NASL description Latest 1.2.x upstream release and bugzilla resolving Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 56294 published 2011-09-26 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56294 title Fedora 15 : cherokee-1.2.99-1.fc15 (2011-12698) NASL family Fedora Local Security Checks NASL id FEDORA_2011-12687.NASL description Latest 1.2.x upstream release and bugzilla resolving Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 56293 published 2011-09-26 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56293 title Fedora 14 : cherokee-1.2.99-1.fc14 (2011-12687) NASL family Fedora Local Security Checks NASL id FEDORA_2011-14634.NASL description Latest 1.2.x upstream release Resolves bz 746532 - put some deps back: GeoIP-devel openldap-devel Latest 1.2.x upstream release .spec corrections for optional build for systemd Resolves bz 710474 Resolves bz 713307 Resolves bz 680691 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 56931 published 2011-11-26 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56931 title Fedora 15 : cherokee-1.2.101-1.fc15 (2011-14634)
References
- http://code.google.com/p/cherokee/issues/detail?id=1212
- http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066222.html
- http://www.cherokee-project.com/download/LATEST_is_1.2.99/cherokee-1.2.99.tar.gz
- http://www.openwall.com/lists/oss-security/2011/06/03/4
- http://www.openwall.com/lists/oss-security/2011/06/06/21
- http://www.securityfocus.com/bid/49772
- https://bugzilla.redhat.com/show_bug.cgi?id=713304