Vulnerabilities > CVE-2012-3480 - Numeric Errors vulnerability in GNU Glibc 2.16

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
gnu
CWE-189
nessus
exploit available

Summary

Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.

Vulnerable Configurations

Part Description Count
Application
Gnu
1

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionGNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities. CVE-2012-3480. Local exploit for linux platform
idEDB-ID:37631
last seen2016-02-04
modified2012-08-13
published2012-08-13
reporterJoseph S. Myer
sourcehttps://www.exploit-db.com/download/37631/
titleGNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-11963.NASL
    description - Fix integer overflow leading to buffer overflow in strto* (#847718) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-09-18
    plugin id62130
    published2012-09-18
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62130
    titleFedora 18 : glibc-2.16-8.fc18 (2012-11963)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2012-11963.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(62130);
      script_version("1.7");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2012-3480");
      script_xref(name:"FEDORA", value:"2012-11963");
    
      script_name(english:"Fedora 18 : glibc-2.16-8.fc18 (2012-11963)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "  - Fix integer overflow leading to buffer overflow in
        strto* (#847718)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=847715"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2012-September/087344.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?86facb39"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected glibc package.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:18");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2012/08/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/18");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2020 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^18([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 18.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC18", reference:"glibc-2.16-8.fc18")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1208.NASL
    descriptionUpdated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc
    last seen2020-06-01
    modified2020-06-02
    plugin id61691
    published2012-08-28
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61691
    titleRHEL 6 : glibc (RHSA-2012:1208)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2012:1208. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61691);
      script_version ("1.18");
      script_cvs_date("Date: 2019/10/24 15:35:36");
    
      script_cve_id("CVE-2012-3480");
      script_xref(name:"RHSA", value:"2012:1208");
    
      script_name(english:"RHEL 6 : glibc (RHSA-2012:1208)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated glibc packages that fix multiple security issues are now
    available for Red Hat Enterprise Linux 6.
    
    The Red Hat Security Response Team has rated this update as having
    moderate security impact. A Common Vulnerability Scoring System (CVSS)
    base score, which gives a detailed severity rating, is available from
    the CVE link in the References section.
    
    The glibc packages provide the standard C and standard math libraries
    used by multiple programs on the system. Without these libraries, the
    Linux system cannot function properly.
    
    Multiple integer overflow flaws, leading to stack-based buffer
    overflows, were found in glibc's functions for converting a string to
    a numeric representation (strtod(), strtof(), and strtold()). If an
    application used such a function on attacker controlled input, it
    could cause the application to crash or, potentially, execute
    arbitrary code. (CVE-2012-3480)
    
    All users of glibc are advised to upgrade to these updated packages,
    which contain a backported patch to correct these issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2012:1208"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2012-3480"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-static");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nscd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/08/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/28");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2012:1208";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL6", reference:"glibc-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"glibc-common-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"glibc-common-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glibc-common-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"glibc-debuginfo-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"glibc-debuginfo-common-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"glibc-devel-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"glibc-headers-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"glibc-headers-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glibc-headers-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"glibc-static-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"glibc-utils-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"glibc-utils-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glibc-utils-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"nscd-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"nscd-2.12-1.80.el6_3.5")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"nscd-2.12-1.80.el6_3.5")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc");
      }
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1589-2.NASL
    descriptionUSN-1589-1 fixed vulnerabilities in the GNU C Library. One of the updates exposed a regression in the floating point parser. This update fixes the problem. We apologize for the inconvenience. It was discovered that positional arguments to the printf() family of functions were not handled properly in the GNU C Library. An attacker could possibly use this to cause a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code. (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406) It was discovered that multiple integer overflows existed in the strtod(), strtof() and strtold() functions in the GNU C Library. An attacker could possibly use this to trigger a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code. (CVE-2012-3480). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id63285
    published2012-12-18
    reporterUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63285
    titleUbuntu 8.04 LTS : glibc regression (USN-1589-2)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-1589-2. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(63285);
      script_version("1.14");
      script_cvs_date("Date: 2019/09/19 12:54:28");
    
      script_cve_id("CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406", "CVE-2012-3480");
      script_bugtraq_id(54982);
      script_xref(name:"USN", value:"1589-2");
    
      script_name(english:"Ubuntu 8.04 LTS : glibc regression (USN-1589-2)");
      script_summary(english:"Checks dpkg output for updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Ubuntu host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "USN-1589-1 fixed vulnerabilities in the GNU C Library. One of the
    updates exposed a regression in the floating point parser. This update
    fixes the problem.
    
    We apologize for the inconvenience.
    
    It was discovered that positional arguments to the printf() family of
    functions were not handled properly in the GNU C Library. An attacker
    could possibly use this to cause a stack-based buffer overflow,
    creating a denial of service or possibly execute arbitrary code.
    (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406)
    
    It was discovered that multiple integer overflows existed in
    the strtod(), strtof() and strtold() functions in the GNU C
    Library. An attacker could possibly use this to trigger a
    stack-based buffer overflow, creating a denial of service or
    possibly execute arbitrary code. (CVE-2012-3480).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/1589-2/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected libc6 package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:ND");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/12/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/12/18");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(8\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"8.04", pkgname:"libc6", pkgver:"2.7-10ubuntu8.3")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libc6");
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2012-1207.NASL
    descriptionUpdated glibc packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc
    last seen2020-06-01
    modified2020-06-02
    plugin id61683
    published2012-08-28
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61683
    titleCentOS 5 : glibc (CESA-2012:1207)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2012:1207 and 
    # CentOS Errata and Security Advisory 2012:1207 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61683);
      script_version("1.10");
      script_cvs_date("Date: 2020/01/07");
    
      script_cve_id("CVE-2012-3480");
      script_bugtraq_id(54982);
      script_xref(name:"RHSA", value:"2012:1207");
    
      script_name(english:"CentOS 5 : glibc (CESA-2012:1207)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated glibc packages that fix multiple security issues and one bug
    are now available for Red Hat Enterprise Linux 5.
    
    The Red Hat Security Response Team has rated this update as having
    moderate security impact. A Common Vulnerability Scoring System (CVSS)
    base score, which gives a detailed severity rating, is available from
    the CVE link in the References section.
    
    The glibc packages provide the standard C and standard math libraries
    used by multiple programs on the system. Without these libraries, the
    Linux system cannot function properly.
    
    Multiple integer overflow flaws, leading to stack-based buffer
    overflows, were found in glibc's functions for converting a string to
    a numeric representation (strtod(), strtof(), and strtold()). If an
    application used such a function on attacker controlled input, it
    could cause the application to crash or, potentially, execute
    arbitrary code. (CVE-2012-3480)
    
    This update also fixes the following bug :
    
    * Previously, logic errors in various mathematical functions,
    including exp, exp2, expf, exp2f, pow, sin, tan, and rint, caused
    inconsistent results when the functions were used with the non-default
    rounding mode. This could also cause applications to crash in some
    cases. With this update, the functions now give correct results across
    the four different rounding modes. (BZ#839411)
    
    All users of glibc are advised to upgrade to these updated packages,
    which contain backported patches to correct these issues."
      );
      # https://lists.centos.org/pipermail/centos-announce/2012-August/018826.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?acdfeeb2"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected glibc packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-3480");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:glibc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:glibc-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:glibc-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:glibc-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:glibc-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:nscd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/08/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/28");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-5", reference:"glibc-2.5-81.el5_8.7")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"glibc-common-2.5-81.el5_8.7")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"glibc-devel-2.5-81.el5_8.7")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"glibc-headers-2.5-81.el5_8.7")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"glibc-utils-2.5-81.el5_8.7")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"nscd-2.5-81.el5_8.7")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-devel / glibc-headers / glibc-utils / etc");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20120827_GLIBC_ON_SL5_X.NASL
    descriptionThe glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc
    last seen2020-03-18
    modified2012-08-28
    plugin id61692
    published2012-08-28
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61692
    titleScientific Linux Security Update : glibc on SL5.x i386/x86_64 (20120827)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61692);
      script_version("1.5");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2012-3480");
    
      script_name(english:"Scientific Linux Security Update : glibc on SL5.x i386/x86_64 (20120827)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The glibc packages provide the standard C and standard math libraries
    used by multiple programs on the system. Without these libraries, the
    Linux system cannot function properly.
    
    Multiple integer overflow flaws, leading to stack-based buffer
    overflows, were found in glibc's functions for converting a string to
    a numeric representation (strtod(), strtof(), and strtold()). If an
    application used such a function on attacker controlled input, it
    could cause the application to crash or, potentially, execute
    arbitrary code. (CVE-2012-3480)
    
    This update also fixes the following bug :
    
      - Previously, logic errors in various mathematical
        functions, including exp, exp2, expf, exp2f, pow, sin,
        tan, and rint, caused inconsistent results when the
        functions were used with the non-default rounding mode.
        This could also cause applications to crash in some
        cases. With this update, the functions now give correct
        results across the four different rounding modes.
    
    All users of glibc are advised to upgrade to these updated packages,
    which contain backported patches to correct these issues."
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1208&L=scientific-linux-errata&T=0&P=2838
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?2cfb0d10"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:glibc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:glibc-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:glibc-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:glibc-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:glibc-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:nscd");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/08/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/28");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 5.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL5", reference:"glibc-2.5-81.el5_8.7")) flag++;
    if (rpm_check(release:"SL5", reference:"glibc-common-2.5-81.el5_8.7")) flag++;
    if (rpm_check(release:"SL5", reference:"glibc-devel-2.5-81.el5_8.7")) flag++;
    if (rpm_check(release:"SL5", reference:"glibc-headers-2.5-81.el5_8.7")) flag++;
    if (rpm_check(release:"SL5", reference:"glibc-utils-2.5-81.el5_8.7")) flag++;
    if (rpm_check(release:"SL5", reference:"nscd-2.5-81.el5_8.7")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-devel / glibc-headers / glibc-utils / etc");
    }
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201503-04.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201503-04 (GNU C Library: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers referenced below for details. Impact : A local attacker may be able to execute arbitrary code or cause a Denial of Service condition,. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id81689
    published2015-03-09
    reporterThis script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81689
    titleGLSA-201503-04 : GNU C Library: Multiple vulnerabilities (GHOST)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201503-04.
    #
    # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(81689);
      script_version("$Revision: 1.22 $");
      script_cvs_date("$Date: 2016/05/20 14:03:00 $");
    
      script_cve_id("CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406", "CVE-2012-3480", "CVE-2012-4412", "CVE-2012-4424", "CVE-2012-6656", "CVE-2013-0242", "CVE-2013-1914", "CVE-2013-2207", "CVE-2013-4237", "CVE-2013-4332", "CVE-2013-4458", "CVE-2013-4788", "CVE-2014-4043", "CVE-2015-0235");
      script_bugtraq_id(54374, 54982, 55462, 55543, 57638, 58839, 61183, 61729, 61960, 62324, 63299, 68006, 69470, 72325);
      script_xref(name:"GLSA", value:"201503-04");
    
      script_name(english:"GLSA-201503-04 : GNU C Library: Multiple vulnerabilities (GHOST)");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201503-04
    (GNU C Library: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in the GNU C Library.
          Please review the CVE identifiers referenced below for details.
      
    Impact :
    
        A local attacker may be able to execute arbitrary code or cause a Denial
          of Service condition,.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201503-04"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All glibc users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=sys-libs/glibc-2.19-r1'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Exim GHOST (glibc gethostbyname) Buffer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:glibc");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/03/08");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/09");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"sys-libs/glibc", unaffected:make_list("ge 2.19-r1"), vulnerable:make_list("lt 2.19-r1"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "GNU C Library");
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2012-1208.NASL
    descriptionUpdated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc
    last seen2020-06-01
    modified2020-06-02
    plugin id61720
    published2012-08-30
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61720
    titleCentOS 6 : glibc (CESA-2012:1208)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2012:1208 and 
    # CentOS Errata and Security Advisory 2012:1208 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61720);
      script_version("1.11");
      script_cvs_date("Date: 2020/01/07");
    
      script_cve_id("CVE-2012-3480");
      script_xref(name:"RHSA", value:"2012:1208");
    
      script_name(english:"CentOS 6 : glibc (CESA-2012:1208)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated glibc packages that fix multiple security issues are now
    available for Red Hat Enterprise Linux 6.
    
    The Red Hat Security Response Team has rated this update as having
    moderate security impact. A Common Vulnerability Scoring System (CVSS)
    base score, which gives a detailed severity rating, is available from
    the CVE link in the References section.
    
    The glibc packages provide the standard C and standard math libraries
    used by multiple programs on the system. Without these libraries, the
    Linux system cannot function properly.
    
    Multiple integer overflow flaws, leading to stack-based buffer
    overflows, were found in glibc's functions for converting a string to
    a numeric representation (strtod(), strtof(), and strtold()). If an
    application used such a function on attacker controlled input, it
    could cause the application to crash or, potentially, execute
    arbitrary code. (CVE-2012-3480)
    
    All users of glibc are advised to upgrade to these updated packages,
    which contain a backported patch to correct these issues."
      );
      # https://lists.centos.org/pipermail/centos-announce/2012-August/018828.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?9be4e5d9"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected glibc packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-3480");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:glibc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:glibc-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:glibc-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:glibc-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:glibc-static");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:glibc-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:nscd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/08/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/30");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 6.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-6", reference:"glibc-2.12-1.80.el6_3.5")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"glibc-common-2.12-1.80.el6_3.5")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"glibc-devel-2.12-1.80.el6_3.5")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"glibc-headers-2.12-1.80.el6_3.5")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"glibc-static-2.12-1.80.el6_3.5")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"glibc-utils-2.12-1.80.el6_3.5")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"nscd-2.12-1.80.el6_3.5")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-devel / glibc-headers / glibc-static / etc");
    }
    
  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2012-0018.NASL
    descriptiona. vCenter Server Appliance directory traversal The vCenter Server Appliance (vCSA) contains a directory traversal vulnerability that allows an authenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose sensitive information stored on the server. VMware would like to thank Alexander Minozhenko from ERPScan for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-6324 to this issue. b. vCenter Server Appliance arbitrary file download The vCenter Server Appliance (vCSA) contains an XML parsing vulnerability that allows an authenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose sensitive information stored on the server. VMware would like to thank Alexander Minozhenko from ERPScan for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-6325 to this issue. c. Update to ESX glibc package The ESX glibc package is updated to version glibc-2.5-81.el5_8.1 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-5029, CVE-2009-5064, CVE-2010-0830, CVE-2011-1089, CVE-2011-4609, CVE-2012-0864 CVE-2012-3404, CVE-2012-3405, CVE-2012-3406 and CVE-2012-3480 to these issues. d. vCenter Server and vCSA webservice logging denial of service The vCenter Server and vCenter Server Appliance (vCSA) both contain a vulnerability that allows unauthenticated remote users to create abnormally large log entries. Exploitation of this issue may allow an attacker to fill the system volume of the vCenter host or appliance VM and create a denial-of-service condition. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-6326 to this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id63332
    published2012-12-24
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63332
    titleVMSA-2012-0018 : VMware security updates for vCSA and ESXi
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from VMware Security Advisory 2012-0018. 
    # The text itself is copyright (C) VMware Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(63332);
      script_version("1.22");
      script_cvs_date("Date: 2018/08/06 14:03:16");
    
      script_cve_id("CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830", "CVE-2011-1089", "CVE-2011-4609", "CVE-2012-0864", "CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406", "CVE-2012-3480", "CVE-2012-6324", "CVE-2012-6325", "CVE-2012-6326");
      script_bugtraq_id(40063, 46740, 50898, 51439, 52201, 54374, 54982, 57021, 57022, 58139);
      script_xref(name:"VMSA", value:"2012-0018");
    
      script_name(english:"VMSA-2012-0018 : VMware security updates for vCSA and ESXi");
      script_summary(english:"Checks esxupdate output for the patches");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote VMware ESXi host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "a. vCenter Server Appliance directory traversal
    
       The vCenter Server Appliance (vCSA) contains a directory
       traversal vulnerability that allows an authenticated 
       remote user to retrieve arbitrary files. Exploitation of
       this issue may expose sensitive information stored on the 
       server. 
    
       VMware would like to thank Alexander Minozhenko from ERPScan for
       reporting this issue to us.
    
       The Common Vulnerabilities and Exposures project (cve.mitre.org)
       has assigned the name CVE-2012-6324 to this issue.
    
     b. vCenter Server Appliance arbitrary file download
    
       The vCenter Server Appliance (vCSA) contains an XML parsing 
       vulnerability that allows an authenticated remote user to
       retrieve arbitrary files.  Exploitation of this issue may
       expose sensitive information stored on the server.
    
       VMware would like to thank Alexander Minozhenko from ERPScan for
       reporting this issue to us.
    
       The Common Vulnerabilities and Exposures project (cve.mitre.org)
       has assigned the name CVE-2012-6325 to this issue.
    
     c. Update to ESX glibc package
    
       The ESX glibc package is updated to version glibc-2.5-81.el5_8.1
       to resolve multiple security issues.
    
       The Common Vulnerabilities and Exposures project (cve.mitre.org)
       has assigned the names CVE-2009-5029, CVE-2009-5064,
       CVE-2010-0830, CVE-2011-1089, CVE-2011-4609, CVE-2012-0864
       CVE-2012-3404, CVE-2012-3405, CVE-2012-3406 and CVE-2012-3480
       to these issues.
    
     d. vCenter Server and vCSA webservice logging denial of service
    
       The vCenter Server and vCenter Server Appliance (vCSA) both
       contain a vulnerability that allows unauthenticated remote 
       users to create abnormally large log entries.  Exploitation
       of this issue may allow an attacker to fill the system volume
       of the vCenter host or appliance VM and create a 
       denial-of-service condition. 
    
       The Common Vulnerabilities and Exposures project (cve.mitre.org)
       has assigned the name CVE-2012-6326 to this issue."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://lists.vmware.com/pipermail/security-announce/2013/000212.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply the missing patches.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:5.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:5.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2012/12/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/12/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.");
      script_family(english:"VMware ESX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/VMware/release", "Host/VMware/version");
      script_require_ports("Host/VMware/esxupdate", "Host/VMware/esxcli_software_vibs");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("vmware_esx_packages.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/VMware/release")) audit(AUDIT_OS_NOT, "VMware ESX / ESXi");
    if (
      !get_kb_item("Host/VMware/esxcli_software_vibs") &&
      !get_kb_item("Host/VMware/esxupdate")
    ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    init_esx_check(date:"2012-12-20");
    flag = 0;
    
    
    if (esx_check(ver:"ESXi 5.0", vib:"VMware:esx-base:5.0.0-1.25.912577")) flag++;
    if (esx_check(ver:"ESXi 5.0", vib:"VMware:tools-light:5.0.0-1.25.912577")) flag++;
    
    if (esx_check(ver:"ESXi 5.1", vib:"VMware:esx-base:5.1.0-0.11.1063671")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2012-244-01.NASL
    descriptionNew glibc packages are available for Slackware 13.1, 13.37, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id61748
    published2012-09-04
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61748
    titleSlackware 13.1 / 13.37 / current : glibc (SSA:2012-244-01)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Slackware Security Advisory 2012-244-01. The text 
    # itself is copyright (C) Slackware Linux, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61748);
      script_version("1.5");
      script_cvs_date("Date: 2019/01/02 16:37:55");
    
      script_cve_id("CVE-2012-3480");
      script_bugtraq_id(54982);
      script_xref(name:"SSA", value:"2012-244-01");
    
      script_name(english:"Slackware 13.1 / 13.37 / current : glibc (SSA:2012-244-01)");
      script_summary(english:"Checks for updated packages in /var/log/packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Slackware host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "New glibc packages are available for Slackware 13.1, 13.37, and
    -current to fix security issues."
      );
      # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.782382
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?54b73d28"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:ND");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:glibc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:glibc-i18n");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:glibc-profile");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:glibc-solibs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:glibc-zoneinfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.37");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2012/08/31");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Slackware Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("slackware.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
    if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);
    
    
    flag = 0;
    if (slackware_check(osver:"13.1", pkgname:"glibc", pkgver:"2.11.1", pkgarch:"i486", pkgnum:"7_slack13.1")) flag++;
    if (slackware_check(osver:"13.1", pkgname:"glibc-i18n", pkgver:"2.11.1", pkgarch:"i486", pkgnum:"7_slack13.1")) flag++;
    if (slackware_check(osver:"13.1", pkgname:"glibc-profile", pkgver:"2.11.1", pkgarch:"i486", pkgnum:"7_slack13.1")) flag++;
    if (slackware_check(osver:"13.1", pkgname:"glibc-solibs", pkgver:"2.11.1", pkgarch:"i486", pkgnum:"7_slack13.1")) flag++;
    if (slackware_check(osver:"13.1", pkgname:"glibc-zoneinfo", pkgver:"2.11.1", pkgarch:"noarch", pkgnum:"7_slack13.1")) flag++;
    if (slackware_check(osver:"13.1", arch:"x86_64", pkgname:"glibc", pkgver:"2.11.1", pkgarch:"x86_64", pkgnum:"7_slack13.1")) flag++;
    if (slackware_check(osver:"13.1", arch:"x86_64", pkgname:"glibc-i18n", pkgver:"2.11.1", pkgarch:"x86_64", pkgnum:"7_slack13.1")) flag++;
    if (slackware_check(osver:"13.1", arch:"x86_64", pkgname:"glibc-profile", pkgver:"2.11.1", pkgarch:"x86_64", pkgnum:"7_slack13.1")) flag++;
    if (slackware_check(osver:"13.1", arch:"x86_64", pkgname:"glibc-solibs", pkgver:"2.11.1", pkgarch:"x86_64", pkgnum:"7_slack13.1")) flag++;
    if (slackware_check(osver:"13.1", arch:"x86_64", pkgname:"glibc-zoneinfo", pkgver:"2.11.1", pkgarch:"noarch", pkgnum:"7_slack13.1")) flag++;
    
    if (slackware_check(osver:"13.37", pkgname:"glibc", pkgver:"2.13", pkgarch:"i486", pkgnum:"6_slack13.37")) flag++;
    if (slackware_check(osver:"13.37", pkgname:"glibc-i18n", pkgver:"2.13", pkgarch:"i486", pkgnum:"6_slack13.37")) flag++;
    if (slackware_check(osver:"13.37", pkgname:"glibc-profile", pkgver:"2.13", pkgarch:"i486", pkgnum:"6_slack13.37")) flag++;
    if (slackware_check(osver:"13.37", pkgname:"glibc-solibs", pkgver:"2.13", pkgarch:"i486", pkgnum:"6_slack13.37")) flag++;
    if (slackware_check(osver:"13.37", pkgname:"glibc-zoneinfo", pkgver:"2.13", pkgarch:"noarch", pkgnum:"6_slack13.37")) flag++;
    if (slackware_check(osver:"13.37", arch:"x86_64", pkgname:"glibc", pkgver:"2.13", pkgarch:"x86_64", pkgnum:"6_slack13.37")) flag++;
    if (slackware_check(osver:"13.37", arch:"x86_64", pkgname:"glibc-i18n", pkgver:"2.13", pkgarch:"x86_64", pkgnum:"6_slack13.37")) flag++;
    if (slackware_check(osver:"13.37", arch:"x86_64", pkgname:"glibc-profile", pkgver:"2.13", pkgarch:"x86_64", pkgnum:"6_slack13.37")) flag++;
    if (slackware_check(osver:"13.37", arch:"x86_64", pkgname:"glibc-solibs", pkgver:"2.13", pkgarch:"x86_64", pkgnum:"6_slack13.37")) flag++;
    if (slackware_check(osver:"13.37", arch:"x86_64", pkgname:"glibc-zoneinfo", pkgver:"2.13", pkgarch:"noarch", pkgnum:"6_slack13.37")) flag++;
    
    if (slackware_check(osver:"current", pkgname:"glibc", pkgver:"2.15", pkgarch:"i486", pkgnum:"6")) flag++;
    if (slackware_check(osver:"current", pkgname:"glibc-i18n", pkgver:"2.15", pkgarch:"i486", pkgnum:"6")) flag++;
    if (slackware_check(osver:"current", pkgname:"glibc-profile", pkgver:"2.15", pkgarch:"i486", pkgnum:"6")) flag++;
    if (slackware_check(osver:"current", pkgname:"glibc-solibs", pkgver:"2.15", pkgarch:"i486", pkgnum:"6")) flag++;
    if (slackware_check(osver:"current", pkgname:"glibc-zoneinfo", pkgver:"2012e_2012e", pkgarch:"noarch", pkgnum:"6")) flag++;
    if (slackware_check(osver:"current", arch:"x86_64", pkgname:"glibc", pkgver:"2.15", pkgarch:"x86_64", pkgnum:"6")) flag++;
    if (slackware_check(osver:"current", arch:"x86_64", pkgname:"glibc-i18n", pkgver:"2.15", pkgarch:"x86_64", pkgnum:"6")) flag++;
    if (slackware_check(osver:"current", arch:"x86_64", pkgname:"glibc-profile", pkgver:"2.15", pkgarch:"x86_64", pkgnum:"6")) flag++;
    if (slackware_check(osver:"current", arch:"x86_64", pkgname:"glibc-solibs", pkgver:"2.15", pkgarch:"x86_64", pkgnum:"6")) flag++;
    if (slackware_check(osver:"current", arch:"x86_64", pkgname:"glibc-zoneinfo", pkgver:"2012e_2012e", pkgarch:"noarch", pkgnum:"6")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2012-1208.NASL
    descriptionFrom Red Hat Security Advisory 2012:1208 : Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc
    last seen2020-06-01
    modified2020-06-02
    plugin id68606
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68606
    titleOracle Linux 6 : glibc (ELSA-2012-1208)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2012:1208 and 
    # Oracle Linux Security Advisory ELSA-2012-1208 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(68606);
      script_version("1.7");
      script_cvs_date("Date: 2019/09/30 10:58:17");
    
      script_cve_id("CVE-2012-3480");
      script_xref(name:"RHSA", value:"2012:1208");
    
      script_name(english:"Oracle Linux 6 : glibc (ELSA-2012-1208)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2012:1208 :
    
    Updated glibc packages that fix multiple security issues are now
    available for Red Hat Enterprise Linux 6.
    
    The Red Hat Security Response Team has rated this update as having
    moderate security impact. A Common Vulnerability Scoring System (CVSS)
    base score, which gives a detailed severity rating, is available from
    the CVE link in the References section.
    
    The glibc packages provide the standard C and standard math libraries
    used by multiple programs on the system. Without these libraries, the
    Linux system cannot function properly.
    
    Multiple integer overflow flaws, leading to stack-based buffer
    overflows, were found in glibc's functions for converting a string to
    a numeric representation (strtod(), strtof(), and strtold()). If an
    application used such a function on attacker controlled input, it
    could cause the application to crash or, potentially, execute
    arbitrary code. (CVE-2012-3480)
    
    All users of glibc are advised to upgrade to these updated packages,
    which contain a backported patch to correct these issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2012-August/002995.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected glibc packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:glibc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:glibc-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:glibc-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:glibc-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:glibc-static");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:glibc-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:nscd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/08/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL6", reference:"glibc-2.12-1.80.el6_3.5")) flag++;
    if (rpm_check(release:"EL6", reference:"glibc-common-2.12-1.80.el6_3.5")) flag++;
    if (rpm_check(release:"EL6", reference:"glibc-devel-2.12-1.80.el6_3.5")) flag++;
    if (rpm_check(release:"EL6", reference:"glibc-headers-2.12-1.80.el6_3.5")) flag++;
    if (rpm_check(release:"EL6", reference:"glibc-static-2.12-1.80.el6_3.5")) flag++;
    if (rpm_check(release:"EL6", reference:"glibc-utils-2.12-1.80.el6_3.5")) flag++;
    if (rpm_check(release:"EL6", reference:"nscd-2.12-1.80.el6_3.5")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-devel / glibc-headers / glibc-static / etc");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1325.NASL
    descriptionAn updated rhev-hypervisor6 package that fixes multiple security issues and one bug is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way QEMU handled VT100 terminal escape sequences when emulating certain character devices. A guest user with privileges to write to a character device that is emulated on the host using a virtual console back-end could use this flaw to crash the qemu-kvm process on the host or, possibly, escalate their privileges on the host. (CVE-2012-3515) This flaw did not affect the default use of Red Hat Enterprise Virtualization Hypervisor: it is not possible to add a device that uses a virtual console back-end via Red Hat Enterprise Virtualization Manager. To specify a virtual console back-end for a device and therefore be vulnerable to this issue, the device would have to be created another way, for example, by using a VDSM hook. Note that at this time hooks can only be used on Red Hat Enterprise Linux hosts, not Red Hat Enterprise Virtualization Hypervisor. Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc
    last seen2020-06-01
    modified2020-06-02
    plugin id78935
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78935
    titleRHEL 6 : rhev-hypervisor6 (RHSA-2012:1325)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2012:1325. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(78935);
      script_version("1.12");
      script_cvs_date("Date: 2019/10/24 15:35:36");
    
      script_cve_id("CVE-2012-3480", "CVE-2012-3515");
      script_bugtraq_id(54982, 55413);
      script_xref(name:"RHSA", value:"2012:1325");
    
      script_name(english:"RHEL 6 : rhev-hypervisor6 (RHSA-2012:1325)");
      script_summary(english:"Checks the rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An updated rhev-hypervisor6 package that fixes multiple security
    issues and one bug is now available.
    
    The Red Hat Security Response Team has rated this update as having
    important security impact. Common Vulnerability Scoring System (CVSS)
    base scores, which give detailed severity ratings, are available for
    each vulnerability from the CVE links in the References section.
    
    The rhev-hypervisor6 package provides a Red Hat Enterprise
    Virtualization Hypervisor ISO disk image. The Red Hat Enterprise
    Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine
    (KVM) hypervisor. It includes everything necessary to run and manage
    virtual machines: A subset of the Red Hat Enterprise Linux operating
    environment and the Red Hat Enterprise Virtualization Agent.
    
    Note: Red Hat Enterprise Virtualization Hypervisor is only available
    for the Intel 64 and AMD64 architectures with virtualization
    extensions.
    
    A flaw was found in the way QEMU handled VT100 terminal escape
    sequences when emulating certain character devices. A guest user with
    privileges to write to a character device that is emulated on the host
    using a virtual console back-end could use this flaw to crash the
    qemu-kvm process on the host or, possibly, escalate their privileges
    on the host. (CVE-2012-3515)
    
    This flaw did not affect the default use of Red Hat Enterprise
    Virtualization Hypervisor: it is not possible to add a device that
    uses a virtual console back-end via Red Hat Enterprise Virtualization
    Manager.
    
    To specify a virtual console back-end for a device and therefore be
    vulnerable to this issue, the device would have to be created another
    way, for example, by using a VDSM hook. Note that at this time hooks
    can only be used on Red Hat Enterprise Linux hosts, not Red Hat
    Enterprise Virtualization Hypervisor.
    
    Multiple integer overflow flaws, leading to stack-based buffer
    overflows, were found in glibc's functions for converting a string to
    a numeric representation (strtod(), strtof(), and strtold()). If an
    application used such a function on attacker controlled input, it
    could cause the application to crash or, potentially, execute
    arbitrary code. (CVE-2012-3480)
    
    Red Hat would like to thank the Xen project for reporting the
    CVE-2012-3515 issue.
    
    This updated package provides updated components that include fixes
    for various security issues. These issues have no security impact on
    Red Hat Enterprise Virtualization Hypervisor itself, however. The
    security fixes included in this update address the following CVE
    numbers :
    
    CVE-2012-4244 (bind issue)
    
    CVE-2012-3524 (dbus issue)
    
    CVE-2012-2313, CVE-2012-2384, CVE-2012-2390, CVE-2012-3430, and
    CVE-2012-3552 (kernel issues)
    
    CVE-2012-3445 (libvirt issue)
    
    CVE-2011-3102 and CVE-2012-2807 (libxml2 issues)
    
    CVE-2011-1202, CVE-2011-3970, CVE-2012-2825, CVE-2012-2870,
    CVE-2012-2871, and CVE-2012-2893 (libxslt issues)
    
    This updated Red Hat Enterprise Virtualization Hypervisor package also
    fixes the following bug :
    
    * Previously, the Manager listed all installed Hypervisor ISO images
    as available even when they did not support the VDSM compatibility
    version required by the selected host. The rhev-hypervisor6 package
    now maintains a text file for each installed ISO image. The file lists
    the VDSM compatibility versions supported by the relevant ISO image.
    The Manager uses this information to ensure that only those Hypervisor
    ISO images that are relevant to the selected host are listed.
    (BZ#856827)
    
    Users of the Red Hat Enterprise Virtualization Hypervisor are advised
    to upgrade to this updated package, which fixes these issues."
      );
      # https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/5/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?2be17ee0"
      );
      # https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?b5caa05f"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2012:1325"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2012-3480"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2012-3515"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected rhev-hypervisor6 package."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:ND");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/10/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/08");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2012:1325";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL6", reference:"rhev-hypervisor6-6.3-20120926.0.el6_3")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "rhev-hypervisor6");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_GLIBC-121129.NASL
    descriptionThis collective update for the GNU C library (glibc) provides the following fixes : - Fix strtod integer/buffer overflows. (bnc#775690, CVE-2012-3480) - Fix vfprintf handling of many format specifiers. (bnc#770891, CVE-2012-3404 / CVE-2012-3405 / CVE-2012-3406) - Fix pthread_cond_timedwait stack unwinding. (bnc#750741, bnc#777233) - Improve fix for dynamic library unloading. (bnc#783060) - Fix resolver when first query fails, but second one succeeds. (bnc#767266)
    last seen2020-06-05
    modified2013-01-25
    plugin id64150
    published2013-01-25
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64150
    titleSuSE 11.2 Security Update : glibc (SAT Patch Number 7110)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(64150);
      script_version("1.8");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2012-3404", "CVE-2012-3405", "CVE-2012-3406", "CVE-2012-3480");
    
      script_name(english:"SuSE 11.2 Security Update : glibc (SAT Patch Number 7110)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This collective update for the GNU C library (glibc) provides the
    following fixes :
    
      - Fix strtod integer/buffer overflows. (bnc#775690,
        CVE-2012-3480)
    
      - Fix vfprintf handling of many format specifiers.
        (bnc#770891, CVE-2012-3404 / CVE-2012-3405 /
        CVE-2012-3406)
    
      - Fix pthread_cond_timedwait stack unwinding. (bnc#750741,
        bnc#777233)
    
      - Improve fix for dynamic library unloading. (bnc#783060)
    
      - Fix resolver when first query fails, but second one
        succeeds. (bnc#767266)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=750741"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=767266"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=770891"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=775690"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=777233"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=783060"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-3404.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-3405.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-3406.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-3480.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 7110.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:glibc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:glibc-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:glibc-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:glibc-html");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:glibc-i18ndata");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:glibc-info");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:glibc-locale");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:glibc-profile");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:nscd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2012/11/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/25");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"glibc-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"glibc-devel-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"glibc-i18ndata-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"glibc-locale-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"nscd-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i686", reference:"glibc-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"i686", reference:"glibc-devel-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"glibc-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"glibc-32bit-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"glibc-devel-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"glibc-devel-32bit-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"glibc-i18ndata-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"glibc-locale-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"glibc-locale-32bit-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"nscd-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"glibc-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"glibc-devel-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"glibc-html-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"glibc-i18ndata-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"glibc-info-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"glibc-locale-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"glibc-profile-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"nscd-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"s390x", reference:"glibc-32bit-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"s390x", reference:"glibc-devel-32bit-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"s390x", reference:"glibc-locale-32bit-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"s390x", reference:"glibc-profile-32bit-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"glibc-32bit-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"glibc-devel-32bit-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"glibc-locale-32bit-2.11.3-17.43.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"glibc-profile-32bit-2.11.3-17.43.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1207.NASL
    descriptionUpdated glibc packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc
    last seen2020-06-01
    modified2020-06-02
    plugin id61690
    published2012-08-28
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61690
    titleRHEL 5 : glibc (RHSA-2012:1207)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2012:1207. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61690);
      script_version ("1.18");
      script_cvs_date("Date: 2019/10/24 15:35:36");
    
      script_cve_id("CVE-2012-3480");
      script_bugtraq_id(54982);
      script_xref(name:"RHSA", value:"2012:1207");
    
      script_name(english:"RHEL 5 : glibc (RHSA-2012:1207)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated glibc packages that fix multiple security issues and one bug
    are now available for Red Hat Enterprise Linux 5.
    
    The Red Hat Security Response Team has rated this update as having
    moderate security impact. A Common Vulnerability Scoring System (CVSS)
    base score, which gives a detailed severity rating, is available from
    the CVE link in the References section.
    
    The glibc packages provide the standard C and standard math libraries
    used by multiple programs on the system. Without these libraries, the
    Linux system cannot function properly.
    
    Multiple integer overflow flaws, leading to stack-based buffer
    overflows, were found in glibc's functions for converting a string to
    a numeric representation (strtod(), strtof(), and strtold()). If an
    application used such a function on attacker controlled input, it
    could cause the application to crash or, potentially, execute
    arbitrary code. (CVE-2012-3480)
    
    This update also fixes the following bug :
    
    * Previously, logic errors in various mathematical functions,
    including exp, exp2, expf, exp2f, pow, sin, tan, and rint, caused
    inconsistent results when the functions were used with the non-default
    rounding mode. This could also cause applications to crash in some
    cases. With this update, the functions now give correct results across
    the four different rounding modes. (BZ#839411)
    
    All users of glibc are advised to upgrade to these updated packages,
    which contain backported patches to correct these issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2012:1207"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2012-3480"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nscd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2012/08/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/28");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = eregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2012:1207";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL5", reference:"glibc-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"glibc-common-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"glibc-common-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"glibc-common-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", reference:"glibc-debuginfo-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"glibc-debuginfo-common-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", reference:"glibc-devel-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"glibc-headers-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"glibc-headers-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"glibc-headers-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"glibc-utils-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"glibc-utils-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"glibc-utils-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"nscd-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"nscd-2.5-81.el5_8.7")) flag++;
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"nscd-2.5-81.el5_8.7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc");
      }
    }
    
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2012-120.NASL
    descriptionMultiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc
    last seen2020-06-01
    modified2020-06-02
    plugin id69610
    published2013-09-04
    reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/69610
    titleAmazon Linux AMI : glibc (ALAS-2012-120)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Amazon Linux AMI Security Advisory ALAS-2012-120.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(69610);
      script_version("1.5");
      script_cvs_date("Date: 2018/04/18 15:09:34");
    
      script_cve_id("CVE-2012-3480");
      script_xref(name:"ALAS", value:"2012-120");
      script_xref(name:"RHSA", value:"2012:1208");
    
      script_name(english:"Amazon Linux AMI : glibc (ALAS-2012-120)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Amazon Linux AMI host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple integer overflow flaws, leading to stack-based buffer
    overflows, were found in glibc's functions for converting a string to
    a numeric representation (strtod(), strtof(), and strtold()). If an
    application used such a function on attacker controlled input, it
    could cause the application to crash or, potentially, execute
    arbitrary code. (CVE-2012-3480)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://alas.aws.amazon.com/ALAS-2012-120.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Run 'yum update glibc' to update your system."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-debuginfo-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-static");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glibc-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:nscd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2012/09/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
      script_family(english:"Amazon Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/AmazonLinux/release");
    if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
    os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
    os_ver = os_ver[1];
    if (os_ver != "A")
    {
      if (os_ver == 'A') os_ver = 'AMI';
      audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
    }
    
    if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (rpm_check(release:"ALA", reference:"glibc-2.12-1.80.42.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"glibc-common-2.12-1.80.42.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"glibc-debuginfo-2.12-1.80.42.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"glibc-debuginfo-common-2.12-1.80.42.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"glibc-devel-2.12-1.80.42.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"glibc-headers-2.12-1.80.42.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"glibc-static-2.12-1.80.42.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"glibc-utils-2.12-1.80.42.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"nscd-2.12-1.80.42.amzn1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc");
    }
    
  • NASL familyMisc.
    NASL idVMWARE_ESXI_5_1_BUILD_1063671_REMOTE.NASL
    descriptionThe remote VMware ESXi 5.1 host is affected by the following security vulnerabilities : - An integer overflow condition exists in the glibc library in the __tzfile_read() function that allows a denial of service or arbitrary code execution. (CVE-2009-5029) - An error exists in the glibc library related to modified loaders and
    last seen2020-06-01
    modified2020-06-02
    plugin id70886
    published2013-11-13
    reporterThis script is (C) 2013-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/70886
    titleESXi 5.1 < Build 1063671 Multiple Vulnerabilities (remote check)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-11927.NASL
    description - Fix integer overflow leading to buffer overflow in strto* (#847718) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-08-20
    plugin id61584
    published2012-08-20
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61584
    titleFedora 17 : glibc-2.15-56.fc17 (2012-11927)
  • NASL familyMisc.
    NASL idVMWARE_ESXI_5_0_BUILD_912577_REMOTE.NASL
    descriptionThe remote VMware ESXi 5.0 host is affected by Multiple Vulnerabilities : - An integer overflow condition exists in the __tzfile_read() function in the glibc library. An unauthenticated, remote attacker can exploit this, via a crafted timezone (TZ) file, to cause a denial of service or the execution of arbitrary code. (CVE-2009-5029) - ldd in the glibc library is affected by a privilege escalation vulnerability due to the omission of certain LD_TRACE_LOADED_OBJECTS checks in a crafted executable file. Note that this vulnerability is disputed by the library vendor. (CVE-2009-5064) - A remote code execution vulnerability exists in the glibc library due to an integer signedness error in the elf_get_dynamic_info() function when the
    last seen2020-06-01
    modified2020-06-02
    plugin id70885
    published2013-11-13
    reporterThis script is (C) 2013-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/70885
    titleESXi 5.0 < Build 912577 Multiple Vulnerabilities (remote check)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2013-1251-1.NASL
    descriptionThis collective update for the GNU C library (glibc) provides the following fixes and enhancements : Security issues fixed : - Fix stack overflow in getaddrinfo with many results. (bnc#813121, CVE-2013-1914) - Fix a different stack overflow in getaddrinfo with many results. (bnc#828637) - Fix array overflow in floating point parser [bnc#775690] (CVE-2012-3480) - Fix strtod integer/buffer overflows [bnc#775690] (CVE-2012-3480) - Add patches for fix overflows in vfprintf. [bnc #770891, CVE-2012-3405, CVE-2012-3406] - Fix buffer overflow in glob. (bnc#691365) (CVE-2010-4756) - Flush stream in addmntent, to catch errors like reached file size limits. [bnc #676178, CVE-2011-1089] Bugs fixed : - Fix locking in _IO_cleanup. (bnc#796982) - Fix resolver when first query fails, but seconds succeeds. [bnc #767266] Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-20
    plugin id83594
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83594
    titleSUSE SLES11 Security Update : glibc (SUSE-SU-2013:1251-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-11928.NASL
    description - Fix integer overflow leading to buffer overflow in strto* (#847718) Avoid unbound alloca in vfprintf. (#841318) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-08-28
    plugin id61686
    published2012-08-28
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61686
    titleFedora 16 : glibc-2.14.90-24.fc16.9 (2012-11928)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1589-1.NASL
    descriptionIt was discovered that positional arguments to the printf() family of functions were not handled properly in the GNU C Library. An attacker could possibly use this to cause a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code. (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406) It was discovered that multiple integer overflows existed in the strtod(), strtof() and strtold() functions in the GNU C Library. An attacker could possibly use this to trigger a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code. (CVE-2012-3480). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id62388
    published2012-10-02
    reporterUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62388
    titleUbuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : eglibc, glibc vulnerabilities (USN-1589-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2012-1667-1.NASL
    descriptionThis update for GNU C library (glibc) fixes multiple integer overflows in strtod and related functions. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-20
    plugin id83570
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83570
    titleSUSE SLED10 / SLES10 Security Update : glibc (SUSE-SU-2012:1667-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2013-1287-1.NASL
    descriptionThis collective update for the GNU C library (glibc) provides the following fixes and enhancements : Security issues fixed : - Fix stack overflow in getaddrinfo with many results. (bnc#813121, CVE-2013-1914) - Fixed another stack overflow in getaddrinfo with many results (bnc#828637) - Fix buffer overflow in glob. (bnc#691365) (CVE-2010-4756) - Fix array overflow in floating point parser [bnc#775690] (CVE-2012-3480) - Fix strtod integer/buffer overflows [bnc#775690] (CVE-2012-3480) Make addmntent return errors also for cached streams. [bnc #676178, CVE-2011-1089] - Fix overflows in vfprintf. [bnc #770891, CVE 2012-3406] - Add vfprintf-nargs.diff for possible format string overflow. [bnc #747768, CVE-2012-0864] - Check values from file header in __tzfile_read. [bnc #735850, CVE-2009-5029] Also several bugs were fixed : - Fix locking in _IO_cleanup. (bnc#796982) - Fix memory leak in execve. (bnc#805899) Fix nscd timestamps in logging (bnc#783196) - Fix perl script error message (bnc#774467) - Fall back to localhost if no nameserver defined (bnc#818630) - Fix incomplete results from nscd. [bnc #753756] - Fix a deadlock in dlsym in case the symbol isn
    last seen2020-06-05
    modified2015-05-20
    plugin id83597
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83597
    titleSUSE SLES10 Security Update : glibc (SUSE-SU-2013:1287-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2012-1207.NASL
    descriptionFrom Red Hat Security Advisory 2012:1207 : Updated glibc packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc
    last seen2020-06-01
    modified2020-06-02
    plugin id68605
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68605
    titleOracle Linux 5 : glibc (ELSA-2012-1207)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20120827_GLIBC_ON_SL6_X.NASL
    descriptionThe glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc
    last seen2020-03-18
    modified2012-08-28
    plugin id61693
    published2012-08-28
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61693
    titleScientific Linux Security Update : glibc on SL6.x i386/x86_64 (20120827)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-165.NASL
    descriptionSeveral vulnerabilities have been fixed in eglibc, Debian
    last seen2020-03-17
    modified2015-03-26
    plugin id82149
    published2015-03-26
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82149
    titleDebian DLA-165-1 : eglibc security update
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1262.NASL
    descriptionAn updated rhev-hypervisor5 package that fixes multiple security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way QEMU handled VT100 terminal escape sequences when emulating certain character devices. A guest user with privileges to write to a character device that is emulated on the host using a virtual console back-end could use this flaw to crash the qemu-kvm process on the host or, possibly, escalate their privileges on the host. (CVE-2012-3515) Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc
    last seen2020-06-01
    modified2020-06-02
    plugin id78933
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78933
    titleRHEL 5 : rhev-hypervisor5 (RHSA-2012:1262)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_GLIBC-8387.NASL
    descriptionThis update for GNU C library (glibc) fixes multiple integer overflows in strtod and related functions.
    last seen2020-06-05
    modified2012-12-19
    plugin id63295
    published2012-12-19
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63295
    titleSuSE 10 Security Update : glibc (ZYPP Patch Number 8387)

Redhat

advisories
  • bugzilla
    id847715
    titleCVE-2012-3480 glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 5 is installed
        ovaloval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • commentglibc-utils is earlier than 0:2.5-81.el5_8.7
            ovaloval:com.redhat.rhsa:tst:20121207001
          • commentglibc-utils is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20130022002
        • AND
          • commentglibc-common is earlier than 0:2.5-81.el5_8.7
            ovaloval:com.redhat.rhsa:tst:20121207003
          • commentglibc-common is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20130022004
        • AND
          • commentnscd is earlier than 0:2.5-81.el5_8.7
            ovaloval:com.redhat.rhsa:tst:20121207005
          • commentnscd is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20130022008
        • AND
          • commentglibc is earlier than 0:2.5-81.el5_8.7
            ovaloval:com.redhat.rhsa:tst:20121207007
          • commentglibc is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20130022006
        • AND
          • commentglibc-devel is earlier than 0:2.5-81.el5_8.7
            ovaloval:com.redhat.rhsa:tst:20121207009
          • commentglibc-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20130022010
        • AND
          • commentglibc-headers is earlier than 0:2.5-81.el5_8.7
            ovaloval:com.redhat.rhsa:tst:20121207011
          • commentglibc-headers is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20130022012
    rhsa
    idRHSA-2012:1207
    released2012-08-27
    severityModerate
    titleRHSA-2012:1207: glibc security and bug fix update (Moderate)
  • bugzilla
    id847715
    titleCVE-2012-3480 glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commentglibc is earlier than 0:2.12-1.80.el6_3.5
            ovaloval:com.redhat.rhsa:tst:20121208001
          • commentglibc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20120763004
        • AND
          • commentglibc-headers is earlier than 0:2.12-1.80.el6_3.5
            ovaloval:com.redhat.rhsa:tst:20121208003
          • commentglibc-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20120763010
        • AND
          • commentglibc-common is earlier than 0:2.12-1.80.el6_3.5
            ovaloval:com.redhat.rhsa:tst:20121208005
          • commentglibc-common is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20120763008
        • AND
          • commentglibc-utils is earlier than 0:2.12-1.80.el6_3.5
            ovaloval:com.redhat.rhsa:tst:20121208007
          • commentglibc-utils is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20120763012
        • AND
          • commentnscd is earlier than 0:2.12-1.80.el6_3.5
            ovaloval:com.redhat.rhsa:tst:20121208009
          • commentnscd is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20120763014
        • AND
          • commentglibc-devel is earlier than 0:2.12-1.80.el6_3.5
            ovaloval:com.redhat.rhsa:tst:20121208011
          • commentglibc-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20120763006
        • AND
          • commentglibc-static is earlier than 0:2.12-1.80.el6_3.5
            ovaloval:com.redhat.rhsa:tst:20121208013
          • commentglibc-static is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20120763002
    rhsa
    idRHSA-2012:1208
    released2012-08-27
    severityModerate
    titleRHSA-2012:1208: glibc security update (Moderate)
  • rhsa
    idRHSA-2012:1262
  • rhsa
    idRHSA-2012:1325
rpms
  • glibc-0:2.5-81.el5_8.7
  • glibc-common-0:2.5-81.el5_8.7
  • glibc-debuginfo-0:2.5-81.el5_8.7
  • glibc-debuginfo-common-0:2.5-81.el5_8.7
  • glibc-devel-0:2.5-81.el5_8.7
  • glibc-headers-0:2.5-81.el5_8.7
  • glibc-utils-0:2.5-81.el5_8.7
  • nscd-0:2.5-81.el5_8.7
  • glibc-0:2.12-1.80.el6_3.5
  • glibc-common-0:2.12-1.80.el6_3.5
  • glibc-debuginfo-0:2.12-1.80.el6_3.5
  • glibc-debuginfo-common-0:2.12-1.80.el6_3.5
  • glibc-devel-0:2.12-1.80.el6_3.5
  • glibc-headers-0:2.12-1.80.el6_3.5
  • glibc-static-0:2.12-1.80.el6_3.5
  • glibc-utils-0:2.12-1.80.el6_3.5
  • nscd-0:2.12-1.80.el6_3.5
  • rhev-hypervisor6-0:6.3-20120926.0.el6_3