Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2016-1020.NASL
HistoryMay 01, 2017 - 12:00 a.m.

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1020)

2017-05-0100:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
25
JSON

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  • A race condition flaw was found in the way the Linux kernel’s SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service.(CVE-2015-8767)

  • The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.(CVE-2015-8660)

  • Several Moderate and Low impact security issues were found in the Linux kernel. Space precludes documenting each of these issues in this advisory. Refer to the CVE links in the References section for a description of each of these vulnerabilities. (CVE-2015-8746, CVE-2015-8812, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(99783);
  script_version("1.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id(
    "CVE-2015-8660",
    "CVE-2015-8746",
    "CVE-2015-8767",
    "CVE-2015-8812",
    "CVE-2016-2069",
    "CVE-2016-2117",
    "CVE-2016-2384",
    "CVE-2016-2847"
  );

  script_name(english:"EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1020)");
  script_summary(english:"Checks the rpm output for the updated packages.");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the kernel packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

  - A race condition flaw was found in the way the Linux
    kernel's SCTP implementation handled sctp_accept()
    during the processing of heartbeat timeout events. A
    remote attacker could use this flaw to prevent further
    connections to be accepted by the SCTP server running
    on the system, resulting in a denial of
    service.(CVE-2015-8767)

  - The ovl_setattr function in fs/overlayfs/inode.c in the
    Linux kernel through 4.3.3 attempts to merge distinct
    setattr operations, which allows local users to bypass
    intended access restrictions and modify the attributes
    of arbitrary overlay files via a crafted
    application.(CVE-2015-8660)

  - Several Moderate and Low impact security issues were
    found in the Linux kernel. Space precludes documenting
    each of these issues in this advisory. Refer to the CVE
    links in the References section for a description of
    each of these vulnerabilities. (CVE-2015-8746,
    CVE-2015-8812, CVE-2016-2069, CVE-2016-2117,
    CVE-2016-2384, CVE-2016-2847)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1020
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?71b1ff6c");
  script_set_attribute(attribute:"solution", value:
"Update the affected kernel packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Overlayfs Privilege Escalation');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');

  script_set_attribute(attribute:"patch_publication_date", value:"2016/05/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-debuginfo-common-x86_64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-perf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(1)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["kernel-3.10.0-229.30.1.57",
        "kernel-debug-3.10.0-229.30.1.57",
        "kernel-debuginfo-3.10.0-229.30.1.57",
        "kernel-debuginfo-common-x86_64-3.10.0-229.30.1.57",
        "kernel-devel-3.10.0-229.30.1.57",
        "kernel-headers-3.10.0-229.30.1.57",
        "kernel-tools-3.10.0-229.30.1.57",
        "kernel-tools-libs-3.10.0-229.30.1.57",
        "perf-3.10.0-229.30.1.57",
        "python-perf-3.10.0-229.30.1.57"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"1", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
VendorProductVersionCPE
huaweieuleroskernelp-cpe:/a:huawei:euleros:kernel
huaweieuleroskernel-debugp-cpe:/a:huawei:euleros:kernel-debug
huaweieuleroskernel-debuginfop-cpe:/a:huawei:euleros:kernel-debuginfo
huaweieuleroskernel-debuginfo-common-x86_64p-cpe:/a:huawei:euleros:kernel-debuginfo-common-x86_64
huaweieuleroskernel-develp-cpe:/a:huawei:euleros:kernel-devel
huaweieuleroskernel-headersp-cpe:/a:huawei:euleros:kernel-headers
huaweieuleroskernel-toolsp-cpe:/a:huawei:euleros:kernel-tools
huaweieuleroskernel-tools-libsp-cpe:/a:huawei:euleros:kernel-tools-libs
huaweieulerosperfp-cpe:/a:huawei:euleros:perf
huaweieulerospython-perfp-cpe:/a:huawei:euleros:python-perf
Rows per page:
1-10 of 111

Related

openvas 33
nessus 49
suse 14
f5 7
cloudfoundry 2
fedora 5
debian 2
osv 3
ubuntu 16
prion 8
ubuntucve 8
cve 8
debiancve 8
oraclelinux 8
zdt 5
veracode 5
canvas 1
packetstorm 3
exploitpack 2
seebug 1
exploitdb 1
redhat 5
centos 2
metasploit 1
ibm 2
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2016-1020)
2020-01-23 00:00:00
SUSE: Security Advisory for kernel (SUSE-SU-2016:0785-1)
2016-03-17 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:0785-1)
2021-04-19 00:00:00
nessus
nessus
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:0785-1)
2016-03-17 00:00:00
Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2946-2)
2016-04-07 00:00:00
Fedora 23 : kernel-4.4.2-301.fc23 (2016-7e12ae5359)
2016-03-04 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2016-03-16 15:12:30
Security update for Linux Kernel Live Patch 9 (important)
2016-04-14 20:09:35
Security update for Linux Kernel Live Patch 1 for SP 1 (important)
2016-04-14 17:09:06
f5
f5
K72225092 : Linux kernel vulnerability CVE-2015-8746
2016-01-28 00:00:00
SOL72225092 - Linux kernel vulnerability CVE-2015-8746
2016-01-28 00:00:00
SOL80758444 - Linux kernel vulnerability CVE-2015-8812
2016-06-17 00:00:00
cloudfoundry
cloudfoundry
USN-2949-1 Linux kernel (Vivid HWE) vulnerabilities | Cloud Foundry
2016-05-06 00:00:00
USN-3083-1 Linux kernel vulnerabilities | Cloud Foundry
2016-09-28 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: kernel-4.3.6-201.fc22
2016-02-28 08:29:55
[SECURITY] Fedora 22 Update: kernel-4.4.3-201.fc22
2016-03-05 01:20:44
[SECURITY] Fedora 23 Update: kernel-4.4.2-301.fc23
2016-02-28 12:28:05
debian
debian
[SECURITY] [DLA 439-1] linux-2.6 security update
2016-02-29 18:43:11
[SECURITY] [DLA 412-1] linux-2.6 security update
2016-02-06 15:28:06
osv
osv
linux-2.6 - security update
2016-02-29 00:00:00
linux-2.6 - security update
2016-02-06 00:00:00
linux - security update
2016-03-03 00:00:00
ubuntu
ubuntu
Linux kernel (Vivid HWE) vulnerabilities
2016-04-06 00:00:00
Linux kernel vulnerabilities
2016-04-06 00:00:00
Linux kernel (Trusty HWE) vulnerabilities
2016-04-06 00:00:00
prion
prion
Null pointer dereference
2016-05-02 10:59:00
Design/Logic Flaw
2015-12-28 11:59:00
Code injection
2016-02-08 03:59:00
ubuntucve
ubuntucve
CVE-2015-8746
2016-05-02 00:00:00
CVE-2015-8660
2015-12-28 00:00:00
CVE-2016-2117
2016-05-02 00:00:00
cve
cve
CVE-2015-8746
2016-05-02 10:59:00
CVE-2015-8660
2015-12-28 11:59:00
CVE-2016-2117
2016-05-02 10:59:00
debiancve
debiancve
CVE-2015-8746
2016-05-02 10:59:00
CVE-2015-8660
2015-12-28 11:59:00
CVE-2016-2117
2016-05-02 10:59:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2016-05-05 00:00:00
Unbreakable Enterprise kernel security update
2016-07-29 00:00:00
Unbreakable Enterprise kernel security update
2016-08-01 00:00:00
zdt
zdt
Linux Kernel 4.3.3 (Ubuntu 14.04/15.10) - 'overlayfs' Privilege Escalation (1)
2016-01-05 00:00:00
Linux Kernel 4.3.3 - 'overlayfs' Privilege Escalation (2)
2016-01-12 00:00:00
Linux Kernel 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) - Double-free usb-midi SMEP Local Privilege
2017-05-14 00:00:00
veracode
veracode
Authorization Bypass
2019-01-15 09:12:37
Denial Of Service (DoS)
2019-01-15 09:12:31
Privilege Escalation
2019-05-02 05:51:58
canvas
canvas
Immunity Canvas: OVERLAYFS_SETATTR
2015-12-28 11:59:00
packetstorm
packetstorm
Ubuntu 14.04 LTS / 15.10 overlayfs Local Root
2016-01-06 00:00:00
Linux Kernel 3.x usb-midi Local Privilege Escalation
2017-05-12 00:00:00
Overlayfs Privilege Escalation
2016-11-01 00:00:00
exploitpack
exploitpack
Linux Kernel 4.3.3 (Ubuntu 14.0415.10) - overlayfs Local Privilege Escalation (1)
2016-01-05 00:00:00
Linux Kernel 3.x (Ubuntu 14.04 Mint 17.3 Fedora 22) - Double-free usb-midi SMEP Privilege Escalation
2016-02-22 00:00:00
seebug
seebug
Ubuntu 14.04 LTS, 15.10 overlayfs - Local Root Exploit
2016-01-18 00:00:00
exploitdb
exploitdb
Linux Kernel 4.3.3 (Ubuntu 14.04/15.10) - &#039;overlayfs&#039; Local Privilege Escalation (1)
2016-01-05 00:00:00
redhat
redhat
(RHSA-2016:1277) Important: kernel security and bug fix update
2016-06-23 14:50:06
(RHSA-2016:0715) Moderate: kernel security, bug fix, and enhancement update
2016-05-03 20:45:28
(RHSA-2016:1532) Important: kernel-rt security and bug fix update
2016-08-02 13:34:07
centos
centos
kernel, perf, python security update
2016-06-23 23:41:38
kernel, perf, python security update
2016-05-04 03:07:19
metasploit
metasploit
Overlayfs Privilege Escalation
2016-10-05 03:21:53
ibm
ibm
Security Bulletin: IBM Security Access Manager version 9.0.3.0 appliances are affected by multiple kernel vulnerabilities
2018-06-16 22:03:41
Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities in Linux Kernel
2018-06-16 22:00:56
JSON
Related for EULEROS_SA-2016-1020.NASL
openvas33nessus49suse14f57cloudfoundry2fedora5debian2osv3ubuntu16prion8ubuntucve8cve8debiancve8oraclelinux8zdt5veracode5canvas1packetstorm3exploitpack2seebug1exploitdb1redhat5centos2metasploit1ibm2