Hi,
I am new with OpenVAS and still testing it. So perhaps, i am asking
something silly.
I've installed OpenVAS from debian package in etch and ran my first scan
against an internal host.
Results: 4 security holes.
Two of them are on mysql and other two on CUPS.
My debian etch has mysql 5.0.32-7etch10 and cupsys 1.2.7-4etch7 (last
official etch packages)
According to OpenVAS report, i should have installed mysql 5.0.66 and
cupsys 1.3.10, but my versions also fix all these vulnerabilities.
What is wrong with this? Any idea?
Here you have OpenVAS reports
Thanks in advance
dav
. Vulnerability found on port mysql (3306/tcp) :
Overview : This host is running MySQL, which is prone to Denial of
Service Vulnerability.
Vulnerability Insight :
Issue is due to error while processing an empty bit string
literal via a specially crafted SQL statement.
Impact : Successful exploitation by remote attackers could
cause denying access to legitimate users.
Impact Level : Application
Affected Software/OS :
MySQL versions prior to 5.0.x - 5.0.66,
5.1.x - 5.1.26, and
6.0.x - 6.0.5 on all running platform.
Fix : Update to version 5.0.66 or 5.1.26 or 6.0.6 or later.
CVSS Score :
CVSS Base Score : 7.1 (AV:N/AC:M/Au:NR/C:N/I:N/A:C)
CVSS Temporal Score : 5.6
Risk factor : High
CVE : CVE-2008-3963
BID : 31081
. Vulnerability found on port mysql (3306/tcp) :
Overview: According to its version number, the remote version of
MySQL is prone to a security-bypass vulnerability.
An attacker can exploit this issue to gain access to table files
created by other users, bypassing certain security restrictions.
NOTE 1: This issue was also assigned CVE-2008-4097 because
CVE-2008-2079 was incompletely fixed, allowing symlink attacks.
NOTE 2: CVE-2008-4098 was assigned because fixes for the vector
described in CVE-2008-4097 can also be bypassed.
This issue affects versions prior to MySQL 4 (prior to 4.1.24) and
MySQL 5 (prior to 5.0.60).
Solution:
Updates are available. Update to newer Version.
See also:
http://www.securityfocus.com/bid/29106
Risk factor : Medium
CVE : CVE-2008-2079, CVE-2008-4097, CVE-2008-4098
BID : 29106
. Vulnerability found on port ipp (631/tcp) :
Overview: This host is running CUPS (Common UNIX Printing System)
Service, which is prone to Buffer Overflow and Integer Overflow
Vulnerabilities.
Vulnerability Insight:
The flaws are caused due to,
- an error in the implementation of the HP-GL/2 filter and can be
exploited to cause buffer overflows with HP-GL/2 files containing overly
large pen numbers.
- an error within the read_rle8() and read_rle16() functions when
parsing malformed Run Length Encoded(RLE) data within Silicon Graphics
Image(SGI) files and can exploited to cause heap-based buffer overflow
with a specially crafted SGI file.
- an error within the WriteProlog() function included in the
texttops utility and can be exploited to cause a heap-based buffer
overflow with specially crafted file.
Impact:
Successful exploitation allows remote attackers to execute
arbitrary code or compromise a vulnerable system.
Impact Level: System
Affected Software/OS:
CUPS versions prior to 1.3.9
Fix:
Upgrade to CUPS version 1.3.9
http://www.cups.org/software.php
References:
http://cups.org/articles.php?L575
http://secunia.com/advisories/32226/
http://www.frsirt.com/english/advisories/2008/2782/
CVSS Score:
CVSS Base Score : 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
Risk factor: High
CVE : CVE-2008-3639, CVE-2008-3640, CVE-2008-3641
BID : 31681, 31688, 31690
. Vulnerability found on port ipp (631/tcp) :
Overview: This host is running CUPS (Common UNIX Printing System)
Service, which is prone to an Integer Overflow Vulnerabilities.
Successful exploits may allow attackers to execute arbitrary code
with the privileges of a user running the utilities. Failed exploit
attempts likely cause denial-of-service conditions.
Affected Software/OS:
CUPS versions prior to 1.3.10
Solution:
Updates are available. Please see http://www.cups.org/software.php
for more information.
References:
http://www.securityfocus.com/bid/34571
http://www.cups.org/str.php?L3031
Risk factor: High
CVE : CVE-2009-0163
BID : 34571
_______________________________________________
Openvas-discuss mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
