ID ALA_ALAS-2013-250.NASL Type nessus Reporter Tenable Modified 2018-04-18T00:00:00
Description
Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for example, an application running as root that is updating files in a directory owned by a non-root service user) could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack. (CVE-2012-0786 , CVE-2012-0787)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2013-250.
#
include("compat.inc");
if (description)
{
script_id(71267);
script_version("1.4");
script_cvs_date("Date: 2018/04/18 15:09:35");
script_cve_id("CVE-2012-0786", "CVE-2012-0787");
script_xref(name:"ALAS", value:"2013-250");
script_xref(name:"RHSA", value:"2013:1537");
script_name(english:"Amazon Linux AMI : augeas (ALAS-2013-250)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Amazon Linux AMI host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Multiple flaws were found in the way Augeas handled configuration
files when updating them. An application using Augeas to update
configuration files in a directory that is writable to by a different
user (for example, an application running as root that is updating
files in a directory owned by a non-root service user) could have been
tricked into overwriting arbitrary files or leaking information via a
symbolic link or mount point attack. (CVE-2012-0786 , CVE-2012-0787)"
);
script_set_attribute(
attribute:"see_also",
value:"https://alas.aws.amazon.com/ALAS-2013-250.html"
);
script_set_attribute(
attribute:"solution",
value:"Run 'yum update augeas' to update your system."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:augeas");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:augeas-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:augeas-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:augeas-libs");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
script_set_attribute(attribute:"patch_publication_date", value:"2013/12/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/10");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
script_family(english:"Amazon Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (rpm_check(release:"ALA", reference:"augeas-1.0.0-5.5.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"augeas-debuginfo-1.0.0-5.5.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"augeas-devel-1.0.0-5.5.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"augeas-libs-1.0.0-5.5.amzn1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
else security_note(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "augeas / augeas-debuginfo / augeas-devel / augeas-libs");
}
{"published": "2013-12-10T00:00:00", "id": "ALA_ALAS-2013-250.NASL", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "history": [{"differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:37:48", "bulletin": {"enchantments": {"score": {"value": 2.7, "modified": "2017-10-29T13:37:48", "vector": "AV:L/AC:M/Au:M/C:P/I:P/A:N/"}}, "published": "2013-12-10T00:00:00", "id": "ALA_ALAS-2013-250.NASL", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "history": [], "cpe": ["p-cpe:/a:amazon:linux:augeas-devel", "p-cpe:/a:amazon:linux:augeas-debuginfo", "p-cpe:/a:amazon:linux:augeas", "p-cpe:/a:amazon:linux:augeas-libs", "cpe:/o:amazon:linux"], "hash": "c2b20fcf426db345f64bc730fe0244e7e2c01039f59aa12718174e646af2b79e", "description": "Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for example, an application running as root that is updating files in a directory owned by a non-root service user) could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack. (CVE-2012-0786 , CVE-2012-0787)", "type": "nessus", "pluginID": "71267", "lastseen": "2017-10-29T13:37:48", "edition": 2, "title": "Amazon Linux AMI : augeas (ALAS-2013-250)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=71267", "modified": "2015-01-30T00:00:00", "bulletinFamily": "scanner", "viewCount": 0, "cvelist": ["CVE-2012-0787", "CVE-2012-0786"], "references": ["https://alas.aws.amazon.com/ALAS-2013-250.html"], "naslFamily": "Amazon Linux Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-250.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71267);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/01/30 14:48:47 $\");\n\n script_cve_id(\"CVE-2012-0786\", \"CVE-2012-0787\");\n script_xref(name:\"ALAS\", value:\"2013-250\");\n script_xref(name:\"RHSA\", value:\"2013:1537\");\n\n script_name(english:\"Amazon Linux AMI : augeas (ALAS-2013-250)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws were found in the way Augeas handled configuration\nfiles when updating them. An application using Augeas to update\nconfiguration files in a directory that is writable to by a different\nuser (for example, an application running as root that is updating\nfiles in a directory owned by a non-root service user) could have been\ntricked into overwriting arbitrary files or leaking information via a\nsymbolic link or mount point attack. (CVE-2012-0786 , CVE-2012-0787)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-250.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update augeas' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:augeas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:augeas-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:augeas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:augeas-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/AmazonLinux/release\")) audit(AUDIT_OS_NOT, \"Amazon Linux AMI\");\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"augeas-1.0.0-5.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"augeas-debuginfo-1.0.0-5.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"augeas-devel-1.0.0-5.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"augeas-libs-1.0.0-5.5.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"augeas / augeas-debuginfo / augeas-devel / augeas-libs\");\n}\n", "hashmap": [{"hash": "a1a51a3f50f25c29f823139f49eceeca", "key": "cpe"}, {"hash": "eb9fc9aa65037c0166525de33b9c38a9", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "79cc3da18f810f1d346720cf319a596e", "key": "pluginID"}, {"hash": "dec20086c84ddb93ee24665aba52253b", "key": "references"}, {"hash": "d777f76efaa9d3121e259283a3395a2c", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "df5cd238ab6ba820ee0b13c493f1bcd6", "key": "naslFamily"}, {"hash": "9002720e4d3f8bc517327ed9d187e5e7", "key": "href"}, {"hash": "e1ea69401573196143944423a8fb5ac3", "key": "sourceData"}, {"hash": "4d445541cac31f15c7878c3d1df5579a", "key": "cvelist"}, {"hash": "953188e6f812ff64dfbb546f22d3eaf8", "key": "modified"}, {"hash": "c306a62a6624d073fa0f285006558cae", "key": "cvss"}, {"hash": "c9fd39f9f2c4ab82d6f167239ba3541a", "key": "description"}], "objectVersion": "1.3"}}, {"differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:30", "bulletin": {"enchantments": {}, "published": "2013-12-10T00:00:00", "id": "ALA_ALAS-2013-250.NASL", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "history": [], "cpe": [], "hash": "915fa37a5241b94af21569d9fcc202e924441d305a03e7b930347a81372aac2b", "description": "Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for example, an application running as root that is updating files in a directory owned by a non-root service user) could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack. (CVE-2012-0786 , CVE-2012-0787)", "type": "nessus", "pluginID": "71267", "lastseen": "2016-09-26T17:24:30", "edition": 1, "title": "Amazon Linux AMI : augeas (ALAS-2013-250)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=71267", "modified": "2015-01-30T00:00:00", "bulletinFamily": "scanner", "viewCount": 0, "cvelist": ["CVE-2012-0787", "CVE-2012-0786"], "references": ["https://alas.aws.amazon.com/ALAS-2013-250.html"], "naslFamily": "Amazon Linux Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-250.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71267);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/01/30 14:48:47 $\");\n\n script_cve_id(\"CVE-2012-0786\", \"CVE-2012-0787\");\n script_xref(name:\"ALAS\", value:\"2013-250\");\n script_xref(name:\"RHSA\", value:\"2013:1537\");\n\n script_name(english:\"Amazon Linux AMI : augeas (ALAS-2013-250)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws were found in the way Augeas handled configuration\nfiles when updating them. An application using Augeas to update\nconfiguration files in a directory that is writable to by a different\nuser (for example, an application running as root that is updating\nfiles in a directory owned by a non-root service user) could have been\ntricked into overwriting arbitrary files or leaking information via a\nsymbolic link or mount point attack. (CVE-2012-0786 , CVE-2012-0787)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-250.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update augeas' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:augeas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:augeas-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:augeas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:augeas-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/AmazonLinux/release\")) audit(AUDIT_OS_NOT, \"Amazon Linux AMI\");\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"augeas-1.0.0-5.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"augeas-debuginfo-1.0.0-5.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"augeas-devel-1.0.0-5.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"augeas-libs-1.0.0-5.5.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"augeas / augeas-debuginfo / augeas-devel / augeas-libs\");\n}\n", "hashmap": [{"hash": "eb9fc9aa65037c0166525de33b9c38a9", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "79cc3da18f810f1d346720cf319a596e", "key": "pluginID"}, {"hash": "dec20086c84ddb93ee24665aba52253b", "key": "references"}, {"hash": "d777f76efaa9d3121e259283a3395a2c", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "df5cd238ab6ba820ee0b13c493f1bcd6", "key": "naslFamily"}, {"hash": "9002720e4d3f8bc517327ed9d187e5e7", "key": "href"}, {"hash": "e1ea69401573196143944423a8fb5ac3", "key": "sourceData"}, {"hash": "4d445541cac31f15c7878c3d1df5579a", "key": "cvelist"}, {"hash": "953188e6f812ff64dfbb546f22d3eaf8", "key": "modified"}, {"hash": "c306a62a6624d073fa0f285006558cae", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "c9fd39f9f2c4ab82d6f167239ba3541a", "key": "description"}], "objectVersion": "1.2"}}], "description": "Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for example, an application running as root that is updating files in a directory owned by a non-root service user) could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack. (CVE-2012-0786 , CVE-2012-0787)", "hash": "218e59a6e1f52e784831d00e22c316f5161d5c9b54d2acf08ca2213a42910e5c", "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "type": "nessus", "pluginID": "71267", "lastseen": "2018-04-19T07:42:21", "edition": 3, "cpe": ["p-cpe:/a:amazon:linux:augeas-devel", "p-cpe:/a:amazon:linux:augeas-debuginfo", "p-cpe:/a:amazon:linux:augeas", "p-cpe:/a:amazon:linux:augeas-libs", "cpe:/o:amazon:linux"], "title": "Amazon Linux AMI : augeas (ALAS-2013-250)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=71267", "modified": "2018-04-18T00:00:00", "bulletinFamily": "scanner", "viewCount": 0, "cvelist": ["CVE-2012-0787", "CVE-2012-0786"], "references": ["https://alas.aws.amazon.com/ALAS-2013-250.html"], "naslFamily": "Amazon Linux Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-250.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71267);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2012-0786\", \"CVE-2012-0787\");\n script_xref(name:\"ALAS\", value:\"2013-250\");\n script_xref(name:\"RHSA\", value:\"2013:1537\");\n\n script_name(english:\"Amazon Linux AMI : augeas (ALAS-2013-250)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws were found in the way Augeas handled configuration\nfiles when updating them. An application using Augeas to update\nconfiguration files in a directory that is writable to by a different\nuser (for example, an application running as root that is updating\nfiles in a directory owned by a non-root service user) could have been\ntricked into overwriting arbitrary files or leaking information via a\nsymbolic link or mount point attack. (CVE-2012-0786 , CVE-2012-0787)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-250.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update augeas' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:augeas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:augeas-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:augeas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:augeas-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"augeas-1.0.0-5.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"augeas-debuginfo-1.0.0-5.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"augeas-devel-1.0.0-5.5.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"augeas-libs-1.0.0-5.5.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"augeas / augeas-debuginfo / augeas-devel / augeas-libs\");\n}\n", "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "a1a51a3f50f25c29f823139f49eceeca", "key": "cpe"}, {"hash": "4d445541cac31f15c7878c3d1df5579a", "key": "cvelist"}, {"hash": "c306a62a6624d073fa0f285006558cae", "key": "cvss"}, {"hash": "c9fd39f9f2c4ab82d6f167239ba3541a", "key": "description"}, {"hash": "9002720e4d3f8bc517327ed9d187e5e7", "key": "href"}, {"hash": "5ba3c9d875bfe1d4088cbfd233ef0c85", "key": "modified"}, {"hash": "df5cd238ab6ba820ee0b13c493f1bcd6", "key": "naslFamily"}, {"hash": "79cc3da18f810f1d346720cf319a596e", "key": "pluginID"}, {"hash": "eb9fc9aa65037c0166525de33b9c38a9", "key": "published"}, {"hash": "dec20086c84ddb93ee24665aba52253b", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "3d4082ed94ad06daa2ba6e4ff6257ca8", "key": "sourceData"}, {"hash": "d777f76efaa9d3121e259283a3395a2c", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "objectVersion": "1.3"}
{"result": {"cve": [{"lastseen": "2016-09-03T16:15:44", "references": ["https://github.com/hercules-team/augeas/commit/b8de6a8c", "http://rhn.redhat.com/errata/RHSA-2013-1537.html", "https://bugzilla.redhat.com/show_bug.cgi?id=772261", "http://augeas.net/news.html"], "description": "The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the (1) .augsave or (2) destination file when using the backup save option, or (3) .augnew file when using the newfile save option.", "edition": 1, "reporter": "NVD", "published": "2013-11-23T13:55:04", "title": "CVE-2012-0787", "type": "cve", "enchantments": {"score": {"modified": "2016-09-03T16:15:44", "vector": "NONE", "value": 2.1}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-0787"], "scanner": [], "cpe": ["cpe:/a:augeas:augeas:0.0.2", "cpe:/a:augeas:augeas:0.0.3", "cpe:/a:augeas:augeas:0.9.0", "cpe:/a:augeas:augeas:0.3.6", "cpe:/a:augeas:augeas:0.5.2", "cpe:/a:augeas:augeas:0.2.1", "cpe:/a:augeas:augeas:0.7.2", "cpe:/a:augeas:augeas:0.3.2", "cpe:/a:augeas:augeas:0.2.2", "cpe:/a:augeas:augeas:0.0.4", "cpe:/a:augeas:augeas:0.0.8", "cpe:/a:augeas:augeas:0.2.0", "cpe:/a:augeas:augeas:0.7.1", "cpe:/a:augeas:augeas:0.7.4", "cpe:/a:augeas:augeas:0.7.3", "cpe:/a:augeas:augeas:0.8.1", "cpe:/a:augeas:augeas:0.7.0", "cpe:/a:augeas:augeas:0.4.1", "cpe:/a:augeas:augeas:0.8.0", "cpe:/a:augeas:augeas:0.1.0", "cpe:/a:augeas:augeas:0.5.0", "cpe:/a:augeas:augeas:0.6.0", "cpe:/a:augeas:augeas:0.0.6", "cpe:/a:augeas:augeas:0.3.5", "cpe:/a:augeas:augeas:0.0.5", "cpe:/a:augeas:augeas:0.3.3", "cpe:/a:augeas:augeas:0.0.7", "cpe:/a:augeas:augeas:0.4.2", "cpe:/a:augeas:augeas:0.3.1", "cpe:/o:redhat:enterprise_linux:6", "cpe:/a:augeas:augeas:0.5.1", "cpe:/a:augeas:augeas:0.3.4", "cpe:/a:augeas:augeas:0.1.1", "cpe:/a:augeas:augeas:0.5.3", "cpe:/a:augeas:augeas:0.4.0", "cpe:/a:augeas:augeas:0.0.1", "cpe:/a:augeas:augeas:0.10.0", "cpe:/a:augeas:augeas:0.3.0"], "modified": "2014-02-27T18:10:46", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0787", "id": "CVE-2012-0787", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-03T16:15:42", "references": ["http://rhn.redhat.com/errata/RHSA-2013-1537.html", "https://bugzilla.redhat.com/show_bug.cgi?id=772257", "https://github.com/hercules-team/augeas/commit/16387744", "http://augeas.net/news.html"], "description": "The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.", "edition": 1, "reporter": "NVD", "published": "2013-11-23T13:55:04", "title": "CVE-2012-0786", "type": "cve", "enchantments": {"score": {"modified": "2016-09-03T16:15:42", "vector": "NONE", "value": 2.1}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-0786"], "scanner": [], "cpe": ["cpe:/a:augeas:augeas:0.0.2", "cpe:/a:augeas:augeas:0.0.3", "cpe:/a:augeas:augeas:0.9.0", "cpe:/a:augeas:augeas:0.3.6", "cpe:/a:augeas:augeas:0.5.2", "cpe:/a:augeas:augeas:0.2.1", "cpe:/a:augeas:augeas:0.7.2", "cpe:/a:augeas:augeas:0.3.2", "cpe:/a:augeas:augeas:0.2.2", "cpe:/a:augeas:augeas:0.0.4", "cpe:/a:augeas:augeas:0.0.8", "cpe:/a:augeas:augeas:0.2.0", "cpe:/a:augeas:augeas:0.7.1", "cpe:/a:augeas:augeas:0.7.4", "cpe:/a:augeas:augeas:0.7.3", "cpe:/a:augeas:augeas:0.8.1", "cpe:/a:augeas:augeas:0.7.0", "cpe:/a:augeas:augeas:0.4.1", "cpe:/a:augeas:augeas:0.8.0", "cpe:/a:augeas:augeas:0.1.0", "cpe:/a:augeas:augeas:0.5.0", "cpe:/a:augeas:augeas:0.6.0", "cpe:/a:augeas:augeas:0.0.6", "cpe:/a:augeas:augeas:0.3.5", "cpe:/a:augeas:augeas:0.0.5", "cpe:/a:augeas:augeas:0.3.3", "cpe:/a:augeas:augeas:0.0.7", "cpe:/a:augeas:augeas:0.4.2", "cpe:/a:augeas:augeas:0.3.1", "cpe:/a:augeas:augeas:0.5.1", "cpe:/a:augeas:augeas:0.3.4", "cpe:/a:augeas:augeas:0.1.1", "cpe:/a:augeas:augeas:0.5.3", "cpe:/a:augeas:augeas:0.4.0", "cpe:/a:augeas:augeas:0.0.1", "cpe:/a:augeas:augeas:0.10.0", "cpe:/a:augeas:augeas:0.3.0"], "modified": "2014-01-23T23:24:33", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0786", "id": "CVE-2012-0786", "cvss": {"score": 3.3, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2017-07-24T12:53:26", "references": ["http://linux.oracle.com/errata/ELSA-2013-1537.html"], "pluginID": "1361412562310123524", "description": "Oracle Linux Local Security Checks ELSA-2013-1537", "edition": 3, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2013-1537", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0787", "CVE-2012-0786"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123524", "id": "OPENVAS:1361412562310123524", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2013-1537.nasl 6558 2017-07-06 11:56:55Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.123524\");\nscript_version(\"$Revision: 6558 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:05:02 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:56:55 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2013-1537\");\nscript_tag(name: \"insight\", value: \"ELSA-2013-1537 - augeas security, bug fix, and enhancement update - [1.0.0-5] - Don't package lenses in tests/ subdirectory. related: rhbz#817753 [1.0.0-4] - Rebase to Augeas 1.0.0 resolves: rhbz#817753 - Add dependency on libxml2-devel. - Remove all patches (all upstream and included in 1.0.0). - Print tests/test-suite.log when the tests fail. - Add fix for regression added in 1.0.0 (RHBZ#920609). - Fix tests/test-run.\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2013-1537\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2013-1537.html\");\nscript_cve_id(\"CVE-2012-0786\",\"CVE-2012-0787\");\nscript_tag(name:\"cvss_base\", value:\"3.7\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"augeas\", rpm:\"augeas~1.0.0~5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"augeas-devel\", rpm:\"augeas-devel~1.0.0~5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"augeas-libs\", rpm:\"augeas-libs~1.0.0~5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:51:34", "references": ["https://alas.aws.amazon.com/ALAS-2013-250.html"], "pluginID": "1361412562310120545", "description": "Amazon Linux Local Security Checks", "edition": 2, "reporter": "Eero Volotinen", "published": "2015-09-08T00:00:00", "title": "Amazon Linux Local Check: ALAS-2013-250", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0787", "CVE-2012-0786"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120545", "id": "OPENVAS:1361412562310120545", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Amazon Linux security check \n# $Id: alas-2013-250.nasl 6577 2017-07-06 13:43:46Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@iki.fi> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org \n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.120545\");\nscript_version(\"$Revision: 6577 $\");\nscript_tag(name:\"creation_date\", value:\"2015-09-08 13:29:18 +0200 (Tue, 08 Sep 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:43:46 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Amazon Linux Local Check: ALAS-2013-250\");\nscript_tag(name: \"insight\", value: \"Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for example, an application running as root that is updating files in a directory owned by a non-root service user) could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack. (CVE-2012-0786 , CVE-2012-0787 )\"); \nscript_tag(name : \"solution\", value : \"Run yum update augeas to update your system.\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://alas.aws.amazon.com/ALAS-2013-250.html\");\nscript_cve_id(\"CVE-2012-0787\", \"CVE-2012-0786\");\nscript_tag(name:\"cvss_base\", value:\"3.7\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Amazon Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"augeas-libs\", rpm:\"augeas-libs~1.0.0~5.5.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"augeas-debuginfo\", rpm:\"augeas-debuginfo~1.0.0~5.5.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"augeas\", rpm:\"augeas~1.0.0~5.5.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"augeas-devel\", rpm:\"augeas-devel~1.0.0~5.5.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-23T13:09:40", "references": ["https://www.redhat.com/archives/rhsa-announce/2013-November/msg00017.html", "2013:1537-02"], "pluginID": "871079", "description": "Check for the Version of augeas", "edition": 3, "reporter": "Copyright (C) 2013 Greenbone Networks GmbH", "published": "2013-11-21T00:00:00", "title": "RedHat Update for augeas RHSA-2013:1537-02", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0787", "CVE-2012-0786"], "modified": "2018-01-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=871079", "id": "OPENVAS:871079", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for augeas RHSA-2013:1537-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(871079);\n script_version(\"$Revision: 8494 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 07:57:55 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-11-21 10:44:11 +0530 (Thu, 21 Nov 2013)\");\n script_cve_id(\"CVE-2012-0786\", \"CVE-2012-0787\");\n script_tag(name:\"cvss_base\", value:\"3.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for augeas RHSA-2013:1537-02\");\n\n tag_insight = \"Augeas is a utility for editing configuration. Augeas parses configuration\nfiles in their native formats and transforms them into a tree.\nConfiguration changes are made by manipulating this tree and saving it back\ninto native configuration files. Augeas also uses 'lenses' as basic\nbuilding blocks for establishing the mapping from files into the Augeas\ntree and back.\n\nMultiple flaws were found in the way Augeas handled configuration files\nwhen updating them. An application using Augeas to update configuration\nfiles in a directory that is writable to by a different user (for example,\nan application running as root that is updating files in a directory owned\nby a non-root service user) could have been tricked into overwriting\narbitrary files or leaking information via a symbolic link or mount point\nattack. (CVE-2012-0786, CVE-2012-0787)\n\nThe augeas package has been upgraded to upstream version 1.0.0, which\nprovides a number of bug fixes and enhancements over the previous version.\n(BZ#817753)\n\nThis update also fixes the following bugs:\n\n* Previously, when single quotes were used in an XML attribute, Augeas was\nunable to parse the file with the XML lens. An upstream patch has been\nprovided ensuring that single quotes are handled as valid characters and\nparsing no longer fails. (BZ#799885)\n\n* Prior to this update, Augeas was unable to set up the 'require_ssl_reuse'\noption in the vsftpd.conf file. The updated patch fixes the vsftpd lens to\nproperly recognize this option, thus fixing this bug. (BZ#855022)\n\n* Previously, the XML lens did not support non-Unix line endings.\nConsequently, Augeas was unable to load any files containing such line\nendings. The XML lens has been fixed to handle files with CRLF line\nendings, thus fixing this bug. (BZ#799879)\n\n* Previously, Augeas was unable to parse modprobe.conf files with spaces\naround '=' characters in option directives. The modprobe lens has been\nupdated and parsing no longer fails. (BZ#826752)\n\nAll Augeas users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.\n\";\n\n tag_affected = \"augeas on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"RHSA\", value: \"2013:1537-02\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2013-November/msg00017.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of augeas\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"augeas-debuginfo\", rpm:\"augeas-debuginfo~1.0.0~5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"augeas-libs\", rpm:\"augeas-libs~1.0.0~5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:21:26", "references": ["https://www.redhat.com/archives/rhsa-announce/2013-November/msg00017.html", "2013:1537-02"], "pluginID": "1361412562310871079", "description": "Check for the Version of augeas", "edition": 1, "reporter": "Copyright (C) 2013 Greenbone Networks GmbH", "published": "2013-11-21T00:00:00", "type": "openvas", "title": "RedHat Update for augeas RHSA-2013:1537-02", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0787", "CVE-2012-0786"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871079", "id": "OPENVAS:1361412562310871079", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for augeas RHSA-2013:1537-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871079\");\n script_version(\"$Revision: 9353 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:14:20 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-11-21 10:44:11 +0530 (Thu, 21 Nov 2013)\");\n script_cve_id(\"CVE-2012-0786\", \"CVE-2012-0787\");\n script_tag(name:\"cvss_base\", value:\"3.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for augeas RHSA-2013:1537-02\");\n\n tag_insight = \"Augeas is a utility for editing configuration. Augeas parses configuration\nfiles in their native formats and transforms them into a tree.\nConfiguration changes are made by manipulating this tree and saving it back\ninto native configuration files. Augeas also uses 'lenses' as basic\nbuilding blocks for establishing the mapping from files into the Augeas\ntree and back.\n\nMultiple flaws were found in the way Augeas handled configuration files\nwhen updating them. An application using Augeas to update configuration\nfiles in a directory that is writable to by a different user (for example,\nan application running as root that is updating files in a directory owned\nby a non-root service user) could have been tricked into overwriting\narbitrary files or leaking information via a symbolic link or mount point\nattack. (CVE-2012-0786, CVE-2012-0787)\n\nThe augeas package has been upgraded to upstream version 1.0.0, which\nprovides a number of bug fixes and enhancements over the previous version.\n(BZ#817753)\n\nThis update also fixes the following bugs:\n\n* Previously, when single quotes were used in an XML attribute, Augeas was\nunable to parse the file with the XML lens. An upstream patch has been\nprovided ensuring that single quotes are handled as valid characters and\nparsing no longer fails. (BZ#799885)\n\n* Prior to this update, Augeas was unable to set up the 'require_ssl_reuse'\noption in the vsftpd.conf file. The updated patch fixes the vsftpd lens to\nproperly recognize this option, thus fixing this bug. (BZ#855022)\n\n* Previously, the XML lens did not support non-Unix line endings.\nConsequently, Augeas was unable to load any files containing such line\nendings. The XML lens has been fixed to handle files with CRLF line\nendings, thus fixing this bug. (BZ#799879)\n\n* Previously, Augeas was unable to parse modprobe.conf files with spaces\naround '=' characters in option directives. The modprobe lens has been\nupdated and parsing no longer fails. (BZ#826752)\n\nAll Augeas users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.\n\";\n\n tag_affected = \"augeas on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"RHSA\", value: \"2013:1537-02\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2013-November/msg00017.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of augeas\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"augeas-debuginfo\", rpm:\"augeas-debuginfo~1.0.0~5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"augeas-libs\", rpm:\"augeas-libs~1.0.0~5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2016-09-04T11:16:39", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "x86_64", "packageFilename": "augeas-libs-1.0.0-5.el6.x86_64.rpm", "packageName": "augeas-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "x86_64", "packageFilename": "augeas-devel-1.0.0-5.el6.x86_64.rpm", "packageName": "augeas-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageFilename": "augeas-devel-1.0.0-5.el6.i686.rpm", "packageName": "augeas-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageFilename": "augeas-devel-1.0.0-5.el6.i686.rpm", "packageName": "augeas-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "src", "packageFilename": "augeas-1.0.0-5.el6.src.rpm", "packageName": "augeas", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "src", "packageFilename": "augeas-1.0.0-5.el6.src.rpm", "packageName": "augeas", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageFilename": "augeas-1.0.0-5.el6.i686.rpm", "packageName": "augeas", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageFilename": "augeas-libs-1.0.0-5.el6.i686.rpm", "packageName": "augeas-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageFilename": "augeas-libs-1.0.0-5.el6.i686.rpm", "packageName": "augeas-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "x86_64", "packageFilename": "augeas-1.0.0-5.el6.x86_64.rpm", "packageName": "augeas", "operator": "lt"}], "description": "[1.0.0-5]\r\n- Don't package lenses in tests/ subdirectory.\r\n related: rhbz#817753\r\n \n[1.0.0-4]\r\n- Rebase to Augeas 1.0.0\r\n resolves: rhbz#817753\r\n- Add dependency on libxml2-devel.\r\n- Remove all patches (all upstream and included in 1.0.0).\r\n- Print tests/test-suite.log when the tests fail.\r\n- Add fix for regression added in 1.0.0 (RHBZ#920609).\r\n- Fix tests/test-run.", "edition": 1, "reporter": "Oracle", "published": "2013-11-25T00:00:00", "title": "augeas security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "oraclelinux", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0787", "CVE-2012-0786"], "modified": "2013-11-25T00:00:00", "id": "ELSA-2013-1537", "href": "http://linux.oracle.com/errata/ELSA-2013-1537.html", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2017-10-29T13:40:35", "references": ["http://www.nessus.org/u?70d790e3"], "pluginID": "71192", "edition": 2, "description": "Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for example, an application running as root that is updating files in a directory owned by a non-root service user) could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack. (CVE-2012-0786, CVE-2012-0787)\n\nThe augeas package has been upgraded to upstream version 1.0.0, which provides a number of bug fixes and enhancements over the previous version.\n\nThis update also fixes the following bugs :\n\n - Previously, when single quotes were used in an XML attribute, Augeas was unable to parse the file with the XML lens. An upstream patch has been provided ensuring that single quotes are handled as valid characters and parsing no longer fails.\n\n - Prior to this update, Augeas was unable to set up the 'require_ssl_reuse' option in the vsftpd.conf file. The updated patch fixes the vsftpd lens to properly recognize this option, thus fixing this bug.\n\n - Previously, the XML lens did not support non-Unix line endings. Consequently, Augeas was unable to load any files containing such line endings. The XML lens has been fixed to handle files with CRLF line endings, thus fixing this bug.\n\n - Previously, Augeas was unable to parse modprobe.conf files with spaces around '=' characters in option directives. The modprobe lens has been updated and parsing no longer fails.", "reporter": "Tenable", "published": "2013-12-04T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "nessus", "title": "Scientific Linux Security Update : augeas on SL6.x i386/x86_64", "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0787", "CVE-2012-0786"], "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "modified": "2013-12-04T00:00:00", "id": "SL_20131121_AUGEAS_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=71192", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71192);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2013/12/04 15:28:01 $\");\n\n script_cve_id(\"CVE-2012-0786\", \"CVE-2012-0787\");\n\n script_name(english:\"Scientific Linux Security Update : augeas on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws were found in the way Augeas handled configuration\nfiles when updating them. An application using Augeas to update\nconfiguration files in a directory that is writable to by a different\nuser (for example, an application running as root that is updating\nfiles in a directory owned by a non-root service user) could have been\ntricked into overwriting arbitrary files or leaking information via a\nsymbolic link or mount point attack. (CVE-2012-0786, CVE-2012-0787)\n\nThe augeas package has been upgraded to upstream version 1.0.0, which\nprovides a number of bug fixes and enhancements over the previous\nversion.\n\nThis update also fixes the following bugs :\n\n - Previously, when single quotes were used in an XML\n attribute, Augeas was unable to parse the file with the\n XML lens. An upstream patch has been provided ensuring\n that single quotes are handled as valid characters and\n parsing no longer fails.\n\n - Prior to this update, Augeas was unable to set up the\n 'require_ssl_reuse' option in the vsftpd.conf file. The\n updated patch fixes the vsftpd lens to properly\n recognize this option, thus fixing this bug.\n\n - Previously, the XML lens did not support non-Unix line\n endings. Consequently, Augeas was unable to load any\n files containing such line endings. The XML lens has\n been fixed to handle files with CRLF line endings, thus\n fixing this bug.\n\n - Previously, Augeas was unable to parse modprobe.conf\n files with spaces around '=' characters in option\n directives. The modprobe lens has been updated and\n parsing no longer fails.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1312&L=scientific-linux-errata&T=0&P=79\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?70d790e3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"augeas-1.0.0-5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"augeas-debuginfo-1.0.0-5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"augeas-devel-1.0.0-5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"augeas-libs-1.0.0-5.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-07-30T14:13:07", "references": ["https://www.redhat.com/security/data/cve/CVE-2012-0787.html", "http://rhn.redhat.com/errata/RHSA-2013-1537.html", "https://www.redhat.com/security/data/cve/CVE-2012-0786.html"], "pluginID": "71000", "description": "Updated augeas packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nAugeas is a utility for editing configuration. Augeas parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native configuration files. Augeas also uses 'lenses' as basic building blocks for establishing the mapping from files into the Augeas tree and back.\n\nMultiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for example, an application running as root that is updating files in a directory owned by a non-root service user) could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack. (CVE-2012-0786, CVE-2012-0787)\n\nThe augeas package has been upgraded to upstream version 1.0.0, which provides a number of bug fixes and enhancements over the previous version. (BZ#817753)\n\nThis update also fixes the following bugs :\n\n* Previously, when single quotes were used in an XML attribute, Augeas was unable to parse the file with the XML lens. An upstream patch has been provided ensuring that single quotes are handled as valid characters and parsing no longer fails. (BZ#799885)\n\n* Prior to this update, Augeas was unable to set up the 'require_ssl_reuse' option in the vsftpd.conf file. The updated patch fixes the vsftpd lens to properly recognize this option, thus fixing this bug. (BZ#855022)\n\n* Previously, the XML lens did not support non-Unix line endings.\nConsequently, Augeas was unable to load any files containing such line endings. The XML lens has been fixed to handle files with CRLF line endings, thus fixing this bug. (BZ#799879)\n\n* Previously, Augeas was unable to parse modprobe.conf files with spaces around '=' characters in option directives. The modprobe lens has been updated and parsing no longer fails. (BZ#826752)\n\nAll Augeas users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.", "edition": 4, "reporter": "Tenable", "published": "2013-11-21T00:00:00", "title": "RHEL 6 : augeas (RHSA-2013:1537)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6607", "CVE-2012-0787", "CVE-2012-0786"], "modified": "2018-07-26T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:augeas-libs", "p-cpe:/a:redhat:enterprise_linux:augeas-devel", "p-cpe:/a:redhat:enterprise_linux:augeas", "p-cpe:/a:redhat:enterprise_linux:augeas-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-1537.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=71000", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1537. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71000);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/07/26 18:45:28\");\n\n script_cve_id(\"CVE-2012-0786\", \"CVE-2012-0787\", \"CVE-2012-6607\");\n script_xref(name:\"RHSA\", value:\"2013:1537\");\n\n script_name(english:\"RHEL 6 : augeas (RHSA-2013:1537)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated augeas packages that fix two security issues, several bugs,\nand add various enhancements are now available for Red Hat Enterprise\nLinux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nAugeas is a utility for editing configuration. Augeas parses\nconfiguration files in their native formats and transforms them into a\ntree. Configuration changes are made by manipulating this tree and\nsaving it back into native configuration files. Augeas also uses\n'lenses' as basic building blocks for establishing the mapping from\nfiles into the Augeas tree and back.\n\nMultiple flaws were found in the way Augeas handled configuration\nfiles when updating them. An application using Augeas to update\nconfiguration files in a directory that is writable to by a different\nuser (for example, an application running as root that is updating\nfiles in a directory owned by a non-root service user) could have been\ntricked into overwriting arbitrary files or leaking information via a\nsymbolic link or mount point attack. (CVE-2012-0786, CVE-2012-0787)\n\nThe augeas package has been upgraded to upstream version 1.0.0, which\nprovides a number of bug fixes and enhancements over the previous\nversion. (BZ#817753)\n\nThis update also fixes the following bugs :\n\n* Previously, when single quotes were used in an XML attribute, Augeas\nwas unable to parse the file with the XML lens. An upstream patch has\nbeen provided ensuring that single quotes are handled as valid\ncharacters and parsing no longer fails. (BZ#799885)\n\n* Prior to this update, Augeas was unable to set up the\n'require_ssl_reuse' option in the vsftpd.conf file. The updated patch\nfixes the vsftpd lens to properly recognize this option, thus fixing\nthis bug. (BZ#855022)\n\n* Previously, the XML lens did not support non-Unix line endings.\nConsequently, Augeas was unable to load any files containing such line\nendings. The XML lens has been fixed to handle files with CRLF line\nendings, thus fixing this bug. (BZ#799879)\n\n* Previously, Augeas was unable to parse modprobe.conf files with\nspaces around '=' characters in option directives. The modprobe lens\nhas been updated and parsing no longer fails. (BZ#826752)\n\nAll Augeas users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add these\nenhancements.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-0786.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-0787.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2013-1537.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:augeas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:augeas-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:augeas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:augeas-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:1537\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"augeas-1.0.0-5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"augeas-1.0.0-5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"augeas-1.0.0-5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"augeas-debuginfo-1.0.0-5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"augeas-devel-1.0.0-5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"augeas-libs-1.0.0-5.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"augeas / augeas-debuginfo / augeas-devel / augeas-libs\");\n }\n}\n", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-02T07:38:44", "references": ["https://rhn.redhat.com/errata/RHSA-2013-1537.html", "https://rhn.redhat.com/errata/RHSA-2014-0044.html"], "pluginID": "72134", "description": "Updated augeas packages fix security vulnerabilities :\n\nMultiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for example, an application running as root that is updating files in a directory owned by a non-root service user) could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack (CVE-2012-0786, CVE-2012-0787).\n\nA flaw was found in the way Augeas handled certain umask settings when creating new configuration files. This flaw could result in configuration files being created as world-writable, allowing unprivileged local users to modify their content (CVE-2013-6412).", "edition": 3, "reporter": "Tenable", "published": "2014-01-27T00:00:00", "title": "Mandriva Linux Security Advisory : augeas (MDVSA-2014:022)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-6412", "CVE-2012-0787", "CVE-2012-0786"], "modified": "2018-07-19T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:lib64fa1", "p-cpe:/a:mandriva:linux:augeas", "p-cpe:/a:mandriva:linux:lib64augeas-devel", "p-cpe:/a:mandriva:linux:lib64augeas0", "p-cpe:/a:mandriva:linux:augeas-lenses"], "id": "MANDRIVA_MDVSA-2014-022.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=72134", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:022. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72134);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/19 20:59:18\");\n\n script_cve_id(\"CVE-2012-0786\", \"CVE-2012-0787\", \"CVE-2013-6412\");\n script_bugtraq_id(63861);\n script_xref(name:\"MDVSA\", value:\"2014:022\");\n\n script_name(english:\"Mandriva Linux Security Advisory : augeas (MDVSA-2014:022)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated augeas packages fix security vulnerabilities :\n\nMultiple flaws were found in the way Augeas handled configuration\nfiles when updating them. An application using Augeas to update\nconfiguration files in a directory that is writable to by a different\nuser (for example, an application running as root that is updating\nfiles in a directory owned by a non-root service user) could have been\ntricked into overwriting arbitrary files or leaking information via a\nsymbolic link or mount point attack (CVE-2012-0786, CVE-2012-0787).\n\nA flaw was found in the way Augeas handled certain umask settings when\ncreating new configuration files. This flaw could result in\nconfiguration files being created as world-writable, allowing\nunprivileged local users to modify their content (CVE-2013-6412).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rhn.redhat.com/errata/RHSA-2013-1537.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rhn.redhat.com/errata/RHSA-2014-0044.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:augeas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:augeas-lenses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64augeas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64augeas0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64fa1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"augeas-1.1.0-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"augeas-lenses-1.1.0-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64augeas-devel-1.1.0-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64augeas0-1.1.0-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64fa1-1.1.0-1.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-07-03T09:47:46", "references": ["http://www.nessus.org/u?3fe0617f"], "pluginID": "79157", "description": "Updated augeas packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nAugeas is a utility for editing configuration. Augeas parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native configuration files. Augeas also uses 'lenses' as basic building blocks for establishing the mapping from files into the Augeas tree and back.\n\nMultiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for example, an application running as root that is updating files in a directory owned by a non-root service user) could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack. (CVE-2012-0786, CVE-2012-0787)\n\nThe augeas package has been upgraded to upstream version 1.0.0, which provides a number of bug fixes and enhancements over the previous version. (BZ#817753)\n\nThis update also fixes the following bugs :\n\n* Previously, when single quotes were used in an XML attribute, Augeas was unable to parse the file with the XML lens. An upstream patch has been provided ensuring that single quotes are handled as valid characters and parsing no longer fails. (BZ#799885)\n\n* Prior to this update, Augeas was unable to set up the 'require_ssl_reuse' option in the vsftpd.conf file. The updated patch fixes the vsftpd lens to properly recognize this option, thus fixing this bug. (BZ#855022)\n\n* Previously, the XML lens did not support non-Unix line endings.\nConsequently, Augeas was unable to load any files containing such line endings. The XML lens has been fixed to handle files with CRLF line endings, thus fixing this bug. (BZ#799879)\n\n* Previously, Augeas was unable to parse modprobe.conf files with spaces around '=' characters in option directives. The modprobe lens has been updated and parsing no longer fails. (BZ#826752)\n\nAll Augeas users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.", "edition": 3, "reporter": "Tenable", "published": "2014-11-12T00:00:00", "title": "CentOS 6 : augeas (CESA-2013:1537)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6607", "CVE-2012-0787", "CVE-2012-0786"], "modified": "2018-07-02T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:augeas", "p-cpe:/a:centos:centos:augeas-devel", "p-cpe:/a:centos:centos:augeas-libs"], "id": "CENTOS_RHSA-2013-1537.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79157", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1537 and \n# CentOS Errata and Security Advisory 2013:1537 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79157);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/02 18:48:53\");\n\n script_cve_id(\"CVE-2012-0786\", \"CVE-2012-0787\", \"CVE-2012-6607\");\n script_xref(name:\"RHSA\", value:\"2013:1537\");\n\n script_name(english:\"CentOS 6 : augeas (CESA-2013:1537)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated augeas packages that fix two security issues, several bugs,\nand add various enhancements are now available for Red Hat Enterprise\nLinux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nAugeas is a utility for editing configuration. Augeas parses\nconfiguration files in their native formats and transforms them into a\ntree. Configuration changes are made by manipulating this tree and\nsaving it back into native configuration files. Augeas also uses\n'lenses' as basic building blocks for establishing the mapping from\nfiles into the Augeas tree and back.\n\nMultiple flaws were found in the way Augeas handled configuration\nfiles when updating them. An application using Augeas to update\nconfiguration files in a directory that is writable to by a different\nuser (for example, an application running as root that is updating\nfiles in a directory owned by a non-root service user) could have been\ntricked into overwriting arbitrary files or leaking information via a\nsymbolic link or mount point attack. (CVE-2012-0786, CVE-2012-0787)\n\nThe augeas package has been upgraded to upstream version 1.0.0, which\nprovides a number of bug fixes and enhancements over the previous\nversion. (BZ#817753)\n\nThis update also fixes the following bugs :\n\n* Previously, when single quotes were used in an XML attribute, Augeas\nwas unable to parse the file with the XML lens. An upstream patch has\nbeen provided ensuring that single quotes are handled as valid\ncharacters and parsing no longer fails. (BZ#799885)\n\n* Prior to this update, Augeas was unable to set up the\n'require_ssl_reuse' option in the vsftpd.conf file. The updated patch\nfixes the vsftpd lens to properly recognize this option, thus fixing\nthis bug. (BZ#855022)\n\n* Previously, the XML lens did not support non-Unix line endings.\nConsequently, Augeas was unable to load any files containing such line\nendings. The XML lens has been fixed to handle files with CRLF line\nendings, thus fixing this bug. (BZ#799879)\n\n* Previously, Augeas was unable to parse modprobe.conf files with\nspaces around '=' characters in option directives. The modprobe lens\nhas been updated and parsing no longer fails. (BZ#826752)\n\nAll Augeas users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add these\nenhancements.\"\n );\n # http://lists.centos.org/pipermail/centos-cr-announce/2013-November/000897.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3fe0617f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected augeas packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:augeas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:augeas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:augeas-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"augeas-1.0.0-5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"augeas-devel-1.0.0-5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"augeas-libs-1.0.0-5.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-07-07T01:56:55", "references": ["https://lists.debian.org/debian-lts-announce/2014/08/msg00001.html", "https://packages.debian.org/source/squeeze-lts/augeas"], "pluginID": "82176", "description": "Multiple race conditions were discovered in augeas when saving configuration files which expose it to symlink attacks. Write access to the directory where the configuration file is located is required by the attacker.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "reporter": "Tenable", "published": "2015-03-26T00:00:00", "title": "Debian DLA-28-1 : augeas security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-6412", "CVE-2012-0787", "CVE-2012-0786"], "modified": "2018-07-06T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:libaugeas0", "p-cpe:/a:debian:debian_linux:augeas-lenses", "p-cpe:/a:debian:debian_linux:libaugeas-dev", "p-cpe:/a:debian:debian_linux:augeas-tools", "p-cpe:/a:debian:debian_linux:augeas-dbg"], "id": "DEBIAN_DLA-28.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82176", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-28-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82176);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/07/06 11:26:06\");\n\n script_cve_id(\"CVE-2012-0786\", \"CVE-2012-0787\", \"CVE-2013-6412\");\n script_bugtraq_id(63861, 65165);\n\n script_name(english:\"Debian DLA-28-1 : augeas security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple race conditions were discovered in augeas when saving\nconfiguration files which expose it to symlink attacks. Write access\nto the directory where the configuration file is located is required\nby the attacker.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/08/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/augeas\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:augeas-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:augeas-lenses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:augeas-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libaugeas-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libaugeas0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"augeas-dbg\", reference:\"0.7.2-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"augeas-lenses\", reference:\"0.7.2-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"augeas-tools\", reference:\"0.7.2-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libaugeas-dev\", reference:\"0.7.2-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libaugeas0\", reference:\"0.7.2-1+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-07-21T08:21:57", "references": ["https://oss.oracle.com/pipermail/el-errata/2013-November/003803.html"], "pluginID": "71102", "description": "From Red Hat Security Advisory 2013:1537 :\n\nUpdated augeas packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nAugeas is a utility for editing configuration. Augeas parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native configuration files. Augeas also uses 'lenses' as basic building blocks for establishing the mapping from files into the Augeas tree and back.\n\nMultiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for example, an application running as root that is updating files in a directory owned by a non-root service user) could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack. (CVE-2012-0786, CVE-2012-0787)\n\nThe augeas package has been upgraded to upstream version 1.0.0, which provides a number of bug fixes and enhancements over the previous version. (BZ#817753)\n\nThis update also fixes the following bugs :\n\n* Previously, when single quotes were used in an XML attribute, Augeas was unable to parse the file with the XML lens. An upstream patch has been provided ensuring that single quotes are handled as valid characters and parsing no longer fails. (BZ#799885)\n\n* Prior to this update, Augeas was unable to set up the 'require_ssl_reuse' option in the vsftpd.conf file. The updated patch fixes the vsftpd lens to properly recognize this option, thus fixing this bug. (BZ#855022)\n\n* Previously, the XML lens did not support non-Unix line endings.\nConsequently, Augeas was unable to load any files containing such line endings. The XML lens has been fixed to handle files with CRLF line endings, thus fixing this bug. (BZ#799879)\n\n* Previously, Augeas was unable to parse modprobe.conf files with spaces around '=' characters in option directives. The modprobe lens has been updated and parsing no longer fails. (BZ#826752)\n\nAll Augeas users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.", "edition": 3, "reporter": "Tenable", "published": "2013-11-27T00:00:00", "title": "Oracle Linux 6 : augeas (ELSA-2013-1537)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6607", "CVE-2012-0787", "CVE-2012-0786"], "modified": "2018-07-18T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:augeas-libs", "p-cpe:/a:oracle:linux:augeas", "p-cpe:/a:oracle:linux:augeas-devel"], "id": "ORACLELINUX_ELSA-2013-1537.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=71102", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:1537 and \n# Oracle Linux Security Advisory ELSA-2013-1537 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71102);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2012-0786\", \"CVE-2012-0787\", \"CVE-2012-6607\");\n script_bugtraq_id(63861);\n script_xref(name:\"RHSA\", value:\"2013:1537\");\n\n script_name(english:\"Oracle Linux 6 : augeas (ELSA-2013-1537)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:1537 :\n\nUpdated augeas packages that fix two security issues, several bugs,\nand add various enhancements are now available for Red Hat Enterprise\nLinux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nAugeas is a utility for editing configuration. Augeas parses\nconfiguration files in their native formats and transforms them into a\ntree. Configuration changes are made by manipulating this tree and\nsaving it back into native configuration files. Augeas also uses\n'lenses' as basic building blocks for establishing the mapping from\nfiles into the Augeas tree and back.\n\nMultiple flaws were found in the way Augeas handled configuration\nfiles when updating them. An application using Augeas to update\nconfiguration files in a directory that is writable to by a different\nuser (for example, an application running as root that is updating\nfiles in a directory owned by a non-root service user) could have been\ntricked into overwriting arbitrary files or leaking information via a\nsymbolic link or mount point attack. (CVE-2012-0786, CVE-2012-0787)\n\nThe augeas package has been upgraded to upstream version 1.0.0, which\nprovides a number of bug fixes and enhancements over the previous\nversion. (BZ#817753)\n\nThis update also fixes the following bugs :\n\n* Previously, when single quotes were used in an XML attribute, Augeas\nwas unable to parse the file with the XML lens. An upstream patch has\nbeen provided ensuring that single quotes are handled as valid\ncharacters and parsing no longer fails. (BZ#799885)\n\n* Prior to this update, Augeas was unable to set up the\n'require_ssl_reuse' option in the vsftpd.conf file. The updated patch\nfixes the vsftpd lens to properly recognize this option, thus fixing\nthis bug. (BZ#855022)\n\n* Previously, the XML lens did not support non-Unix line endings.\nConsequently, Augeas was unable to load any files containing such line\nendings. The XML lens has been fixed to handle files with CRLF line\nendings, thus fixing this bug. (BZ#799879)\n\n* Previously, Augeas was unable to parse modprobe.conf files with\nspaces around '=' characters in option directives. The modprobe lens\nhas been updated and parsing no longer fails. (BZ#826752)\n\nAll Augeas users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add these\nenhancements.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-November/003803.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected augeas packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:augeas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:augeas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:augeas-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"augeas-1.0.0-5.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"augeas-devel-1.0.0-5.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"augeas-libs-1.0.0-5.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"augeas / augeas-devel / augeas-libs\");\n}\n", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-10-29T13:35:58", "references": ["http://support.novell.com/security/cve/CVE-2013-6412.html", "https://bugzilla.novell.com/show_bug.cgi?id=876044", "https://bugzilla.novell.com/show_bug.cgi?id=885003", "https://bugzilla.novell.com/show_bug.cgi?id=871323", "https://bugzilla.novell.com/show_bug.cgi?id=853044", "http://support.novell.com/security/cve/CVE-2012-0786.html"], "pluginID": "77196", "edition": 2, "description": "Augeas has been updated to fix a symlink overwrite problem.\n(CVE-2012-0786 / CVE-2013-6412)\n\nAlso a bug has been fixed where 'augtool -s set was failing'.\n(bnc#876044)\n\nAdditionally parsing the multipath configuration has been fixed.\nbnc#871323", "reporter": "Tenable", "published": "2014-08-14T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "nessus", "title": "SuSE 11.3 Security Update : augeas (SAT Patch Number 9574)", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-6412", "CVE-2012-0786"], "cpe": ["p-cpe:/a:novell:suse_linux:11:libaugeas0", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:augeas-lenses", "p-cpe:/a:novell:suse_linux:11:augeas"], "modified": "2014-08-14T00:00:00", "id": "SUSE_11_AUGEAS-140730.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77196", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77196);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2014/08/14 14:27:07 $\");\n\n script_cve_id(\"CVE-2012-0786\", \"CVE-2013-6412\");\n\n script_name(english:\"SuSE 11.3 Security Update : augeas (SAT Patch Number 9574)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Augeas has been updated to fix a symlink overwrite problem.\n(CVE-2012-0786 / CVE-2013-6412)\n\nAlso a bug has been fixed where 'augtool -s set was failing'.\n(bnc#876044)\n\nAdditionally parsing the multipath configuration has been fixed.\nbnc#871323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=853044\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=871323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=876044\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=885003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0786.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-6412.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9574.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:augeas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:augeas-lenses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libaugeas0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"libaugeas0-0.9.0-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libaugeas0-0.9.0-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"augeas-0.9.0-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"augeas-lenses-0.9.0-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"libaugeas0-0.9.0-3.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:26:42", "references": ["https://rhn.redhat.com/errata/RHSA-2013-1537.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageName": "augeas-libs", "packageFilename": "augeas-libs-1.0.0-5.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageName": "augeas-libs", "packageFilename": "augeas-libs-1.0.0-5.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageName": "augeas-devel", "packageFilename": "augeas-devel-1.0.0-5.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageName": "augeas-devel", "packageFilename": "augeas-devel-1.0.0-5.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "x86_64", "packageName": "augeas", "packageFilename": "augeas-1.0.0-5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "x86_64", "packageName": "augeas-devel", "packageFilename": "augeas-devel-1.0.0-5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "any", "packageName": "augeas", "packageFilename": "augeas-1.0.0-5.el6.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "x86_64", "packageName": "augeas-libs", "packageFilename": "augeas-libs-1.0.0-5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageName": "augeas", "packageFilename": "augeas-1.0.0-5.el6.i686.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2013:1537\n\n\nAugeas is a utility for editing configuration. Augeas parses configuration\nfiles in their native formats and transforms them into a tree.\nConfiguration changes are made by manipulating this tree and saving it back\ninto native configuration files. Augeas also uses \"lenses\" as basic\nbuilding blocks for establishing the mapping from files into the Augeas\ntree and back.\n\nMultiple flaws were found in the way Augeas handled configuration files\nwhen updating them. An application using Augeas to update configuration\nfiles in a directory that is writable to by a different user (for example,\nan application running as root that is updating files in a directory owned\nby a non-root service user) could have been tricked into overwriting\narbitrary files or leaking information via a symbolic link or mount point\nattack. (CVE-2012-0786, CVE-2012-0787)\n\nThe augeas package has been upgraded to upstream version 1.0.0, which\nprovides a number of bug fixes and enhancements over the previous version.\n(BZ#817753)\n\nThis update also fixes the following bugs:\n\n* Previously, when single quotes were used in an XML attribute, Augeas was\nunable to parse the file with the XML lens. An upstream patch has been\nprovided ensuring that single quotes are handled as valid characters and\nparsing no longer fails. (BZ#799885)\n\n* Prior to this update, Augeas was unable to set up the \"require_ssl_reuse\"\noption in the vsftpd.conf file. The updated patch fixes the vsftpd lens to\nproperly recognize this option, thus fixing this bug. (BZ#855022)\n\n* Previously, the XML lens did not support non-Unix line endings.\nConsequently, Augeas was unable to load any files containing such line\nendings. The XML lens has been fixed to handle files with CRLF line\nendings, thus fixing this bug. (BZ#799879)\n\n* Previously, Augeas was unable to parse modprobe.conf files with spaces\naround \"=\" characters in option directives. The modprobe lens has been\nupdated and parsing no longer fails. (BZ#826752)\n\nAll Augeas users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-November/000897.html\n\n**Affected packages:**\naugeas\naugeas-devel\naugeas-libs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1537.html", "edition": 1, "reporter": "CentOS Project", "published": "2013-11-26T13:31:08", "title": "augeas security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2012-0787", "CVE-2012-0786"], "modified": "2013-11-26T13:31:08", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-November/000897.html", "id": "CESA-2013:1537", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-06-13T00:00:55", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageName": "augeas-debuginfo", "packageFilename": "augeas-debuginfo-1.0.0-5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "src", "packageName": "augeas", "packageFilename": "augeas-1.0.0-5.el6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "x86_64", "packageName": "augeas-debuginfo", "packageFilename": "augeas-debuginfo-1.0.0-5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageName": "augeas-devel", "packageFilename": "augeas-devel-1.0.0-5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageName": "augeas", "packageFilename": "augeas-1.0.0-5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "x86_64", "packageName": "augeas-devel", "packageFilename": "augeas-devel-1.0.0-5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "x86_64", "packageName": "augeas", "packageFilename": "augeas-1.0.0-5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "i686", "packageName": "augeas-libs", "packageFilename": "augeas-libs-1.0.0-5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "x86_64", "packageName": "augeas-libs", "packageFilename": "augeas-libs-1.0.0-5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "ppc", "packageName": "augeas-debuginfo", "packageFilename": "augeas-debuginfo-1.0.0-5.el6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "ppc64", "packageName": "augeas-debuginfo", "packageFilename": "augeas-debuginfo-1.0.0-5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "ppc", "packageName": "augeas-devel", "packageFilename": "augeas-devel-1.0.0-5.el6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "ppc64", "packageName": "augeas", "packageFilename": "augeas-1.0.0-5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "ppc64", "packageName": "augeas-devel", "packageFilename": "augeas-devel-1.0.0-5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "ppc", "packageName": "augeas-libs", "packageFilename": "augeas-libs-1.0.0-5.el6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "ppc64", "packageName": "augeas-libs", "packageFilename": "augeas-libs-1.0.0-5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "s390", "packageName": "augeas-debuginfo", "packageFilename": "augeas-debuginfo-1.0.0-5.el6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "s390x", "packageName": "augeas-debuginfo", "packageFilename": "augeas-debuginfo-1.0.0-5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "s390", "packageName": "augeas-devel", "packageFilename": "augeas-devel-1.0.0-5.el6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "s390x", "packageName": "augeas-devel", "packageFilename": "augeas-devel-1.0.0-5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "s390x", "packageName": "augeas", "packageFilename": "augeas-1.0.0-5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "s390", "packageName": "augeas-libs", "packageFilename": "augeas-libs-1.0.0-5.el6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.0-5.el6", "arch": "s390x", "packageName": "augeas-libs", "packageFilename": "augeas-libs-1.0.0-5.el6.s390x.rpm", "operator": "lt"}], "description": "Augeas is a utility for editing configuration. Augeas parses configuration\nfiles in their native formats and transforms them into a tree.\nConfiguration changes are made by manipulating this tree and saving it back\ninto native configuration files. Augeas also uses \"lenses\" as basic\nbuilding blocks for establishing the mapping from files into the Augeas\ntree and back.\n\nMultiple flaws were found in the way Augeas handled configuration files\nwhen updating them. An application using Augeas to update configuration\nfiles in a directory that is writable to by a different user (for example,\nan application running as root that is updating files in a directory owned\nby a non-root service user) could have been tricked into overwriting\narbitrary files or leaking information via a symbolic link or mount point\nattack. (CVE-2012-0786, CVE-2012-0787)\n\nThe augeas package has been upgraded to upstream version 1.0.0, which\nprovides a number of bug fixes and enhancements over the previous version.\n(BZ#817753)\n\nThis update also fixes the following bugs:\n\n* Previously, when single quotes were used in an XML attribute, Augeas was\nunable to parse the file with the XML lens. An upstream patch has been\nprovided ensuring that single quotes are handled as valid characters and\nparsing no longer fails. (BZ#799885)\n\n* Prior to this update, Augeas was unable to set up the \"require_ssl_reuse\"\noption in the vsftpd.conf file. The updated patch fixes the vsftpd lens to\nproperly recognize this option, thus fixing this bug. (BZ#855022)\n\n* Previously, the XML lens did not support non-Unix line endings.\nConsequently, Augeas was unable to load any files containing such line\nendings. The XML lens has been fixed to handle files with CRLF line\nendings, thus fixing this bug. (BZ#799879)\n\n* Previously, Augeas was unable to parse modprobe.conf files with spaces\naround \"=\" characters in option directives. The modprobe lens has been\nupdated and parsing no longer fails. (BZ#826752)\n\nAll Augeas users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.\n", "reporter": "RedHat", "published": "2013-11-21T05:00:00", "type": "redhat", "title": "(RHSA-2013:1537) Low: augeas security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2012-0786", "CVE-2012-0787"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-07T08:59:39", "id": "RHSA-2013:1537", "href": "https://access.redhat.com/errata/RHSA-2013:1537", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-06-13T00:00:49", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "6.5-20131115.0.3.2.el6_5", "arch": "noarch", "packageName": "rhev-hypervisor6", "packageFilename": "rhev-hypervisor6-6.5-20131115.0.3.2.el6_5.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "6.5-20131115.0.3.2.el6_5", "arch": "src", "packageName": "rhev-hypervisor6", "packageFilename": "rhev-hypervisor6-6.5-20131115.0.3.2.el6_5.src.rpm", "operator": "lt"}], "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nUpgrade Note: If you upgrade the Red Hat Enterprise Virtualization\nHypervisor through the 3.2 Manager administration portal, the Host may\nappear with the status of \"Install Failed\". If this happens, place the host\ninto maintenance mode, then activate it again to get the host back to an\n\"Up\" state.\n\nA buffer overflow flaw was found in the way QEMU processed the SCSI \"REPORT\nLUNS\" command when more than 256 LUNs were specified for a single SCSI\ntarget. A privileged guest user could use this flaw to corrupt QEMU process\nmemory on the host, which could potentially result in arbitrary code\nexecution on the host with the privileges of the QEMU process.\n(CVE-2013-4344)\n\nMultiple flaws were found in the way Linux kernel handled HID (Human\nInterface Device) reports. An attacker with physical access to the system\ncould use this flaw to crash the system or, potentially, escalate their\nprivileges on the system. (CVE-2013-2888, CVE-2013-2889, CVE-2013-2892)\n\nA flaw was found in the way the Python SSL module handled X.509 certificate\nfields that contain a NULL byte. An attacker could potentially exploit this\nflaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that\nto exploit this issue, an attacker would need to obtain a carefully crafted\ncertificate signed by an authority that the client trusts. (CVE-2013-4238)\n\nThe default OpenSSH configuration made it easy for remote attackers to\nexhaust unauthorized connection slots and prevent other users from being\nable to log in to a system. This flaw has been addressed by enabling random\nearly connection drops by setting MaxStartups to 10:30:100 by default.\nFor more information, refer to the sshd_config(5) man page. (CVE-2010-5107)\n\nThe CVE-2013-4344 issue was discovered by Asias He of Red Hat.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2012-0786 and CVE-2012-0787 (augeas issues)\n\nCVE-2013-1813 (busybox issue)\n\nCVE-2013-0221, CVE-2013-0222, and CVE-2013-0223 (coreutils issues)\n\nCVE-2012-4453 (dracut issue)\n\nCVE-2013-4332, CVE-2013-0242, and CVE-2013-1914 (glibc issues)\n\nCVE-2013-4387, CVE-2013-0343, CVE-2013-4345, CVE-2013-4591, CVE-2013-4592,\nCVE-2012-6542, CVE-2013-3231, CVE-2013-1929, CVE-2012-6545, CVE-2013-1928,\nCVE-2013-2164, CVE-2013-2234, and CVE-2013-2851 (kernel issues)\n\nCVE-2013-4242 (libgcrypt issue)\n\nCVE-2013-4419 (libguestfs issue)\n\nCVE-2013-1775, CVE-2013-2776, and CVE-2013-2777 (sudo issues)\n\nThis update also fixes the following bug:\n\n* A previous version of the rhev-hypervisor6 package did not contain the\nlatest vhostmd package, which provides a \"metrics communication channel\"\nbetween a host and its hosted virtual machines, allowing limited\nintrospection of host resource usage from within virtual machines. This has\nbeen fixed, and rhev-hypervisor6 now includes the latest vhostmd package.\n(BZ#1026703)\n\nThis update also contains the fixes from the following errata:\n\n* ovirt-node: https://rhn.redhat.com/errata/RHBA-2013-1528.html\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects these issues.\n", "reporter": "RedHat", "published": "2013-11-21T05:00:00", "type": "redhat", "title": "(RHSA-2013:1527) Important: rhev-hypervisor6 security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-5107", "CVE-2012-0786", "CVE-2012-0787", "CVE-2012-4453", "CVE-2012-6542", "CVE-2012-6545", "CVE-2013-0221", "CVE-2013-0222", "CVE-2013-0223", "CVE-2013-0242", "CVE-2013-0343", "CVE-2013-1775", "CVE-2013-1813", "CVE-2013-1914", "CVE-2013-1928", "CVE-2013-1929", "CVE-2013-2164", "CVE-2013-2234", "CVE-2013-2776", "CVE-2013-2777", "CVE-2013-2851", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2892", "CVE-2013-3231", "CVE-2013-4238", "CVE-2013-4242", "CVE-2013-4332", "CVE-2013-4344", "CVE-2013-4345", "CVE-2013-4387", "CVE-2013-4419", "CVE-2013-4591", "CVE-2013-4592"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-07T08:59:39", "id": "RHSA-2013:1527", "href": "https://access.redhat.com/errata/RHSA-2013:1527", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2016-09-28T21:04:15", "references": ["https://rhn.redhat.com/errata/RHSA-2013-1537.html"], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.0-5.5", "arch": "x86_64", "packageFilename": "augeas-libs-1.0.0-5.5.amzn1.x86_64", "packageName": "augeas-libs", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.0-5.5", "arch": "src", "packageFilename": "augeas-1.0.0-5.5.amzn1.src", "packageName": "augeas", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.0-5.5", "arch": "x86_64", "packageFilename": "augeas-1.0.0-5.5.amzn1.x86_64", "packageName": "augeas", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.0-5.5", "arch": "i686", "packageFilename": "augeas-1.0.0-5.5.amzn1.i686", "packageName": "augeas", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.0-5.5", "arch": "i686", "packageFilename": "augeas-devel-1.0.0-5.5.amzn1.i686", "packageName": "augeas-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.0-5.5", "arch": "i686", "packageFilename": "augeas-libs-1.0.0-5.5.amzn1.i686", "packageName": "augeas-libs", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.0-5.5", "arch": "x86_64", "packageFilename": "augeas-debuginfo-1.0.0-5.5.amzn1.x86_64", "packageName": "augeas-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.0-5.5", "arch": "i686", "packageFilename": "augeas-debuginfo-1.0.0-5.5.amzn1.i686", "packageName": "augeas-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.0-5.5", "arch": "x86_64", "packageFilename": "augeas-devel-1.0.0-5.5.amzn1.x86_64", "packageName": "augeas-devel", "operator": "lt"}], "edition": 1, "description": "**Issue Overview:**\n\nMultiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for example, an application running as root that is updating files in a directory owned by a non-root service user) could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack. ([CVE-2012-0786 __](<https://access.redhat.com/security/cve/CVE-2012-0786>), [CVE-2012-0787 __](<https://access.redhat.com/security/cve/CVE-2012-0787>))\n\n \n**Affected Packages:** \n\n\naugeas\n\n \n**Issue Correction:** \nRun _yum update augeas_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n augeas-libs-1.0.0-5.5.amzn1.i686 \n augeas-debuginfo-1.0.0-5.5.amzn1.i686 \n augeas-1.0.0-5.5.amzn1.i686 \n augeas-devel-1.0.0-5.5.amzn1.i686 \n \n src: \n augeas-1.0.0-5.5.amzn1.src \n \n x86_64: \n augeas-devel-1.0.0-5.5.amzn1.x86_64 \n augeas-1.0.0-5.5.amzn1.x86_64 \n augeas-debuginfo-1.0.0-5.5.amzn1.x86_64 \n augeas-libs-1.0.0-5.5.amzn1.x86_64 \n \n \n", "reporter": "Amazon", "published": "2013-12-02T20:28:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "amazon", "title": "Low: augeas", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0787", "CVE-2012-0786"], "modified": "2014-09-16T21:55:00", "id": "ALAS-2013-250", "href": "https://alas.aws.amazon.com/ALAS-2013-250.html", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-07-04T01:12:37", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "6", "packageVersion": "0.7.2-1+deb6u1", "arch": "all", "packageFilename": "augeas_0.7.2-1+deb6u1_all.deb", "packageName": "augeas", "operator": "lt"}], "description": "Multiple race conditions were discovered in augeas when saving configuration files which expose it to symlink attacks. Write access to the directory where the configuration file is located is required by the attacker.\n\nFor Debian 6 Squeeze, these issues have been fixed in augeas version 0.7.2-1+deb6u1", "edition": 1, "reporter": "Debian", "published": "2014-08-01T00:00:00", "title": "augeas -- LTS security update", "type": "debian", "enchantments": {"score": {"modified": "2018-07-04T01:12:37", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-6412", "CVE-2012-0787", "CVE-2012-0786"], "modified": "2014-08-01T00:00:00", "id": "DLA-28", "href": "http://www.debian.org/security/2014/dla-28", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}}
