Overview of pkg-lib-slack.inc

Public Function Summary

Public functions are intended to be called by the code that imports this library.

Name Summary
isslkpkgvuln

Public Function Details

isslkpkgvuln

Named Parameters

pkg
rls
ver

Code

function isslkpkgvuln(pkg, ver, rls) {
    local_var kbrls, pkgs, narrowed, list, rc;
    # Check that we have the data for this release.
    kbrls = get_kb_item("ssh/login/release");
    if(kbrls!=rls) {
	return(0);
    }
    pkgs = get_kb_item("ssh/login/slackpack");
    if(!pkgs) return(0);
    narrowed = egrep(pattern:"^" + pkg + "-[0-9]", string:pkgs);
    if(!narrowed) return(0);
    list = split(narrowed, sep:'\n', keep:0);

    __pkg_match = TRUE; # Package was installed.
    
    foreach package (list) {
	# security_message(0, data: "Comparing "+package+" against "+pkg+"-"+ver);
	rc = revcomp(a:package, b:pkg + "-" + ver);
	if(rc<0) {
	    security_message(0, data: "Package " + package + 
		    " is installed which is known to be vulnerable.");
	    return(1);
	}
    }

    return(0);
}


		
top