Vulnerabilities > CVE-2011-4088 - Information Exposure vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
ABRT might allow attackers to obtain sensitive information from crash reports.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
OS | 1 | |
OS | 3 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Subverting Environment Variable Values The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
- Footprinting An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
- Exploiting Trust in Client (aka Make the Client Invisible) An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
- Browser Fingerprinting An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
- Session Credential Falsification through Prediction This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2011-16990.NASL description The remote Fedora host is missing one or more security updates : libreport-2.0.8-3.fc16 : - Fri Dec 9 2011 Jiri Moskovcak <jmoskovc at redhat.com> 2.0.8-3 - fixed few crashes in bodhi plugin - Thu Dec 8 2011 Jiri Moskovcak <jmoskovc at redhat.com> 2.0.8-2 - fixed crash in bodhi plugin - re-upload better backtrace if available - fixed dupe finding for selinux - don last seen 2020-06-01 modified 2020-06-02 plugin id 57328 published 2011-12-19 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57328 title Fedora 16 : abrt-2.0.7-2.fc16 / libreport-2.0.8-3.fc16 (2011-16990) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2011-16990. # include("compat.inc"); if (description) { script_id(57328); script_version("1.9"); script_cvs_date("Date: 2019/08/02 13:32:34"); script_cve_id("CVE-2011-4088"); script_xref(name:"FEDORA", value:"2011-16990"); script_name(english:"Fedora 16 : abrt-2.0.7-2.fc16 / libreport-2.0.8-3.fc16 (2011-16990)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The remote Fedora host is missing one or more security updates : libreport-2.0.8-3.fc16 : - Fri Dec 9 2011 Jiri Moskovcak <jmoskovc at redhat.com> 2.0.8-3 - fixed few crashes in bodhi plugin - Thu Dec 8 2011 Jiri Moskovcak <jmoskovc at redhat.com> 2.0.8-2 - fixed crash in bodhi plugin - re-upload better backtrace if available - fixed dupe finding for selinux - don't duplicate comments in bugzilla - fixed problem with empty release - Tue Dec 6 2011 Jiri Moskovcak <jmoskovc at redhat.com> 2.0.8-1 - new version - added bodhi plugin rhbz#655783 - one tab per file on details page rhbz#751833 - search box search thru all data (should help with privacy) rhbz#748457 - fixed close button position rhbz#741230 - rise the attachment limit to 4kb rhbz#712602 - fixed make check (rpath problem) - save chnages in editable lines rhbz#710100 - ignore backup files rhbz#707959 - added support for proxies rhbz#533652 - Resolves: 753183 748457 737991 723219 712602 711986 692274 636000 631856 655783 741257 748457 741230 712602 753183 748457 741230 712602 710100 707959 533652 - Sat Nov 5 2011 Jiri Moskovcak <jmoskovc at redhat.com> 2.0.7-2 - bumped release - Fri Nov 4 2011 Jiri Moskovcak <jmoskovc at redhat.com> 2.0.7-1 - new version - added support for bodhi (preview) - dropped unused patches - reporter-bugzilla/rhts: add code to prevent duplicate reporting. Closes rhbz#727494 (dvlasenk at redhat.com) - wizard: search thru all items + tabbed details rhbz#748457 (jmoskovc at redhat.com) - wizard: add 'I don't know what caused this problem' checkbox. Closes rhbz#712508 (dvlasenk at redhat.com) - reporter-bugzilla: add optional 'Product' parameter. Closes rhbz#665210 (dvlasenk at redhat.com) - rhbz#728190 - man pages contain suspicious version string (npajkovs at redhat.com) - reporter-print: expand leading ~/ if present. Closes rhbz#737991 (dvlasenk at redhat.com) - reporter-rhtsupport: ask rs/problems endpoint before creating new case. (working on rhbz#677052) (dvlasenk at redhat.com) - reporter-mailx: use Bugzilla's output format. Closes rhbz#717321. (dvlasenk at redhat.com) - report-newt: add option to display version (rhbz#741590) (mlichvar at redhat.com) - Resolves: #727494 #748457 #712508 #665210 rhbz#728190 #737991 #677052 #717321 #741590 abrt-2.0.7-2.fc16 : - Thu Dec 8 2011 Jiri Moskovcak <jmoskovc at redhat.com> 2.0.7-2 - added man page - fixed weird number formatting - Wed Dec 7 2011 Jiri Moskovcak <jmoskovc at redhat.com> 2.0.7-1 - new version - disabled kerneloops.org - abrt-ccpp hook fixes - catch indentation errors in python rhbz#578969 - fixed make check - fixed retrace-client to work with rawhide - require abrtd service in other services rhbz#752014 - fixed problems with dupes rhbz#701717 - keep abrt services enabled when updating F15->F16 - Resolves: 752014 749891 749603 744887 730422 665210 639068 625445 701717 752014 578969 732876 757683 753183 756146 749100 - Fri Nov 4 2011 Jiri Moskovcak <jmoskovc at redhat.com> 2.0.6-1 - new version - Resolves: #701171 #712508 #726033 #728194 #728314 #730107 #733389 #738602 - Resolves: #741242 #749365 #700252 #734298 #736016 #738324 #748457 #692274 - Resolves: #711986 #723219 #749891 #712602 #744887 #749603 #625445 #665210 - Resolves: #737991 #639068 #578969 #636000 #631856 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=749854" ); # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071026.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c5f77b2d" ); # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071027.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7e1ca5f3" ); script_set_attribute( attribute:"solution", value:"Update the affected abrt and / or libreport packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:abrt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libreport"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:16"); script_set_attribute(attribute:"patch_publication_date", value:"2011/12/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/19"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^16([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 16.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC16", reference:"abrt-2.0.7-2.fc16")) flag++; if (rpm_check(release:"FC16", reference:"libreport-2.0.8-3.fc16")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get()); else security_note(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "abrt / libreport"); }
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-0841.NASL description From Red Hat Security Advisory 2012:0841 : Updated abrt, libreport, btparser, and python-meh packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them. The python-meh package provides a python library for handling exceptions. If the C handler plug-in in ABRT was enabled (the abrt-addon-ccpp package installed and the abrt-ccpp service running), and the sysctl fs.suid_dumpable option was set to last seen 2020-06-01 modified 2020-06-02 plugin id 68553 published 2013-07-12 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68553 title Oracle Linux 6 : abrt / btparser / libreport / python-meh (ELSA-2012-0841) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2012:0841 and # Oracle Linux Security Advisory ELSA-2012-0841 respectively. # include("compat.inc"); if (description) { script_id(68553); script_version("1.5"); script_cvs_date("Date: 2020/02/06"); script_cve_id("CVE-2011-4088", "CVE-2012-1106"); script_bugtraq_id(51100, 54121); script_xref(name:"RHSA", value:"2012:0841"); script_name(english:"Oracle Linux 6 : abrt / btparser / libreport / python-meh (ELSA-2012-0841)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2012:0841 : Updated abrt, libreport, btparser, and python-meh packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them. The python-meh package provides a python library for handling exceptions. If the C handler plug-in in ABRT was enabled (the abrt-addon-ccpp package installed and the abrt-ccpp service running), and the sysctl fs.suid_dumpable option was set to '2' (it is '0' by default), core dumps of set user ID (setuid) programs were created with insecure group ID permissions. This could allow local, unprivileged users to obtain sensitive information from the core dump files of setuid processes they would otherwise not be able to access. (CVE-2012-1106) ABRT did not allow users to easily search the collected crash information for sensitive data prior to submitting it. This could lead to users unintentionally exposing sensitive information via the submitted crash reports. This update adds functionality to search across all the collected data. Note that this fix does not apply to the default configuration, where reports are sent to Red Hat Customer Support. It only takes effect for users sending information to Red Hat Bugzilla. (CVE-2011-4088) Red Hat would like to thank Jan Iven for reporting CVE-2011-4088. These updated packages include numerous bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.3 Technical Notes for information on the most significant of these changes. All users of abrt, libreport, btparser, and python-meh are advised to upgrade to these updated packages, which correct these issues." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2012-July/002905.html" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:abrt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:abrt-addon-ccpp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:abrt-addon-kerneloops"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:abrt-addon-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:abrt-addon-vmcore"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:abrt-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:abrt-desktop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:abrt-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:abrt-gui"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:abrt-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:abrt-tui"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:btparser"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:btparser-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:btparser-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libreport"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libreport-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libreport-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libreport-gtk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libreport-gtk-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libreport-newt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libreport-plugin-bugzilla"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libreport-plugin-kerneloops"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libreport-plugin-logger"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libreport-plugin-mailx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libreport-plugin-reportuploader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libreport-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python-meh"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/07/03"); script_set_attribute(attribute:"patch_publication_date", value:"2012/07/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL6", reference:"abrt-2.0.8-6.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"abrt-addon-ccpp-2.0.8-6.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"abrt-addon-kerneloops-2.0.8-6.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"abrt-addon-python-2.0.8-6.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"abrt-addon-vmcore-2.0.8-6.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"abrt-cli-2.0.8-6.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"abrt-desktop-2.0.8-6.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"abrt-devel-2.0.8-6.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"abrt-gui-2.0.8-6.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"abrt-libs-2.0.8-6.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"abrt-tui-2.0.8-6.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"btparser-0.16-3.el6")) flag++; if (rpm_check(release:"EL6", reference:"btparser-devel-0.16-3.el6")) flag++; if (rpm_check(release:"EL6", reference:"btparser-python-0.16-3.el6")) flag++; if (rpm_check(release:"EL6", reference:"libreport-2.0.9-5.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"libreport-cli-2.0.9-5.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"libreport-devel-2.0.9-5.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"libreport-gtk-2.0.9-5.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"libreport-gtk-devel-2.0.9-5.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"libreport-newt-2.0.9-5.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"libreport-plugin-bugzilla-2.0.9-5.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"libreport-plugin-kerneloops-2.0.9-5.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"libreport-plugin-logger-2.0.9-5.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"libreport-plugin-mailx-2.0.9-5.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"libreport-plugin-reportuploader-2.0.9-5.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"libreport-python-2.0.9-5.0.1.el6")) flag++; if (rpm_check(release:"EL6", reference:"python-meh-0.12.1-3.el6")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "abrt / abrt-addon-ccpp / abrt-addon-kerneloops / abrt-addon-python / etc"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0841.NASL description Updated abrt, libreport, btparser, and python-meh packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them. The python-meh package provides a python library for handling exceptions. If the C handler plug-in in ABRT was enabled (the abrt-addon-ccpp package installed and the abrt-ccpp service running), and the sysctl fs.suid_dumpable option was set to last seen 2020-06-01 modified 2020-06-02 plugin id 59589 published 2012-06-20 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59589 title RHEL 6 : abrt, libreport, btparser, and python-meh (RHSA-2012:0841) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2012:0841. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(59589); script_version ("1.16"); script_cvs_date("Date: 2020/02/06"); script_cve_id("CVE-2011-4088", "CVE-2012-1106"); script_xref(name:"RHSA", value:"2012:0841"); script_name(english:"RHEL 6 : abrt, libreport, btparser, and python-meh (RHSA-2012:0841)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated abrt, libreport, btparser, and python-meh packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them. The python-meh package provides a python library for handling exceptions. If the C handler plug-in in ABRT was enabled (the abrt-addon-ccpp package installed and the abrt-ccpp service running), and the sysctl fs.suid_dumpable option was set to '2' (it is '0' by default), core dumps of set user ID (setuid) programs were created with insecure group ID permissions. This could allow local, unprivileged users to obtain sensitive information from the core dump files of setuid processes they would otherwise not be able to access. (CVE-2012-1106) ABRT did not allow users to easily search the collected crash information for sensitive data prior to submitting it. This could lead to users unintentionally exposing sensitive information via the submitted crash reports. This update adds functionality to search across all the collected data. Note that this fix does not apply to the default configuration, where reports are sent to Red Hat Customer Support. It only takes effect for users sending information to Red Hat Bugzilla. (CVE-2011-4088) Red Hat would like to thank Jan Iven for reporting CVE-2011-4088. These updated packages include numerous bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.3 Technical Notes for information on the most significant of these changes. All users of abrt, libreport, btparser, and python-meh are advised to upgrade to these updated packages, which correct these issues." ); # https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?056c0c27" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2012:0841" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-4088" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2012-1106" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:abrt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:abrt-addon-ccpp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:abrt-addon-kerneloops"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:abrt-addon-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:abrt-addon-vmcore"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:abrt-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:abrt-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:abrt-desktop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:abrt-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:abrt-gui"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:abrt-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:abrt-tui"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:btparser"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:btparser-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:btparser-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:btparser-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-gtk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-gtk-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-newt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-bugzilla"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-kerneloops"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-logger"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-mailx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-reportuploader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-rhtsupport"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreport-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-meh"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/07/03"); script_set_attribute(attribute:"patch_publication_date", value:"2012/06/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/06/20"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2012:0841"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"abrt-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"abrt-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"abrt-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"abrt-addon-ccpp-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"abrt-addon-ccpp-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"abrt-addon-ccpp-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"abrt-addon-kerneloops-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"abrt-addon-kerneloops-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"abrt-addon-kerneloops-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"abrt-addon-python-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"abrt-addon-python-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"abrt-addon-python-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"abrt-addon-vmcore-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"abrt-addon-vmcore-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"abrt-addon-vmcore-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"abrt-cli-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"abrt-cli-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"abrt-cli-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"abrt-debuginfo-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"abrt-desktop-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"abrt-desktop-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"abrt-desktop-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"abrt-devel-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"abrt-gui-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"abrt-gui-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"abrt-gui-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"abrt-libs-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"abrt-tui-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"abrt-tui-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"abrt-tui-2.0.8-6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"btparser-0.16-3.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"btparser-debuginfo-0.16-3.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"btparser-devel-0.16-3.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"btparser-python-0.16-3.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"btparser-python-0.16-3.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"btparser-python-0.16-3.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"libreport-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libreport-cli-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libreport-cli-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libreport-cli-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"libreport-debuginfo-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"libreport-devel-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"libreport-gtk-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"libreport-gtk-devel-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libreport-newt-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libreport-newt-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libreport-newt-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libreport-plugin-bugzilla-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libreport-plugin-bugzilla-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libreport-plugin-bugzilla-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libreport-plugin-kerneloops-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libreport-plugin-kerneloops-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libreport-plugin-kerneloops-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libreport-plugin-logger-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libreport-plugin-logger-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libreport-plugin-logger-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libreport-plugin-mailx-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libreport-plugin-mailx-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libreport-plugin-mailx-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libreport-plugin-reportuploader-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libreport-plugin-reportuploader-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libreport-plugin-reportuploader-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libreport-plugin-rhtsupport-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libreport-plugin-rhtsupport-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libreport-plugin-rhtsupport-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libreport-python-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libreport-python-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libreport-python-2.0.9-5.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"python-meh-0.12.1-3.el6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "abrt / abrt-addon-ccpp / abrt-addon-kerneloops / abrt-addon-python / etc"); } }
NASL family Scientific Linux Local Security Checks NASL id SL_20120620_ABRT__LIBREPORT__BTPARSER__AND_PYTHON_MEH_ON_SL6_X.NASL description ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them. The python-meh package provides a python library for handling exceptions. If the C handler plug-in in ABRT was enabled (the abrt-addon-ccpp package installed and the abrt-ccpp service running), and the sysctl fs.suid_dumpable option was set to last seen 2020-03-18 modified 2012-08-01 plugin id 61336 published 2012-08-01 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61336 title Scientific Linux Security Update : abrt, libreport, btparser, and python-meh on SL6.x i386/x86_64 (20120620) code # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(61336); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/27"); script_cve_id("CVE-2011-4088", "CVE-2012-1106"); script_name(english:"Scientific Linux Security Update : abrt, libreport, btparser, and python-meh on SL6.x i386/x86_64 (20120620)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them. The python-meh package provides a python library for handling exceptions. If the C handler plug-in in ABRT was enabled (the abrt-addon-ccpp package installed and the abrt-ccpp service running), and the sysctl fs.suid_dumpable option was set to '2' (it is '0' by default), core dumps of set user ID (setuid) programs were created with insecure group ID permissions. This could allow local, unprivileged users to obtain sensitive information from the core dump files of setuid processes they would otherwise not be able to access. (CVE-2012-1106) ABRT did not allow users to easily search the collected crash information for sensitive data prior to submitting it. This could lead to users unintentionally exposing sensitive information via the submitted crash reports. This update adds functionality to search across all the collected data. (CVE-2011-4088) These updated packages include numerous bug fixes. All users of abrt, libreport, btparser, and python-meh are advised to upgrade to these updated packages, which correct these issues." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1207&L=scientific-linux-errata&T=0&P=2933 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?416034de" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:abrt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:abrt-addon-ccpp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:abrt-addon-kerneloops"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:abrt-addon-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:abrt-addon-vmcore"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:abrt-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:abrt-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:abrt-desktop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:abrt-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:abrt-gui"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:abrt-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:abrt-tui"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:btparser"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:btparser-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:btparser-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:btparser-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-gtk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-gtk-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-newt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-bugzilla"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-kerneloops"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-logger"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-mailx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-reportuploader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-rhtsupport"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libreport-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:python-meh"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/07/03"); script_set_attribute(attribute:"patch_publication_date", value:"2012/06/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL6", cpu:"x86_64", reference:"abrt-2.0.8-6.el6")) flag++; if (rpm_check(release:"SL6", cpu:"x86_64", reference:"abrt-addon-ccpp-2.0.8-6.el6")) flag++; if (rpm_check(release:"SL6", cpu:"x86_64", reference:"abrt-addon-kerneloops-2.0.8-6.el6")) flag++; if (rpm_check(release:"SL6", cpu:"x86_64", reference:"abrt-addon-python-2.0.8-6.el6")) flag++; if (rpm_check(release:"SL6", reference:"abrt-addon-vmcore-2.0.8-6.el6")) flag++; if (rpm_check(release:"SL6", cpu:"x86_64", reference:"abrt-cli-2.0.8-6.el6")) flag++; if (rpm_check(release:"SL6", reference:"abrt-debuginfo-2.0.8-6.el6")) flag++; if (rpm_check(release:"SL6", cpu:"x86_64", reference:"abrt-desktop-2.0.8-6.el6")) flag++; if (rpm_check(release:"SL6", reference:"abrt-devel-2.0.8-6.el6")) flag++; if (rpm_check(release:"SL6", reference:"abrt-gui-2.0.8-6.el6")) flag++; if (rpm_check(release:"SL6", cpu:"x86_64", reference:"abrt-libs-2.0.8-6.el6")) flag++; if (rpm_check(release:"SL6", cpu:"x86_64", reference:"abrt-tui-2.0.8-6.el6")) flag++; if (rpm_check(release:"SL6", reference:"btparser-0.16-3.el6")) flag++; if (rpm_check(release:"SL6", reference:"btparser-debuginfo-0.16-3.el6")) flag++; if (rpm_check(release:"SL6", reference:"btparser-devel-0.16-3.el6")) flag++; if (rpm_check(release:"SL6", reference:"btparser-python-0.16-3.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-cli-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-debuginfo-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-devel-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-gtk-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-gtk-devel-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-newt-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-plugin-bugzilla-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-plugin-kerneloops-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-plugin-logger-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-plugin-mailx-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-plugin-reportuploader-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-plugin-rhtsupport-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"libreport-python-2.0.9-5.el6")) flag++; if (rpm_check(release:"SL6", reference:"python-meh-0.12.1-3.el6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "abrt / abrt-addon-ccpp / abrt-addon-kerneloops / abrt-addon-python / etc"); }
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-0841.NASL description Updated abrt, libreport, btparser, and python-meh packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them. The python-meh package provides a python library for handling exceptions. If the C handler plug-in in ABRT was enabled (the abrt-addon-ccpp package installed and the abrt-ccpp service running), and the sysctl fs.suid_dumpable option was set to last seen 2020-06-01 modified 2020-06-02 plugin id 59924 published 2012-07-11 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59924 title CentOS 6 : abrt (CESA-2012:0841)
Redhat
rpms |
|