The remote Fedora host is missing a security update. Ensure we don't boot oversized images, Require ipmitool for baremetal driver, and Remove cert and scheduler hard dependency on cinderclient
Reporter | Title | Published | Views | Family All 64 |
---|---|---|---|---|
UbuntuCve | CVE-2013-4463 | 6 Feb 201400:00 | – | ubuntucve |
UbuntuCve | CVE-2013-4469 | 2 Nov 201300:00 | – | ubuntucve |
UbuntuCve | CVE-2013-2096 | 16 May 201300:00 | – | ubuntucve |
Tenable Nessus | Fedora 19 : openstack-nova-2013.1.4-3.fc19 (2013-22693) | 12 Dec 201300:00 | – | nessus |
Tenable Nessus | Ubuntu 12.04 LTS / 12.10 / 13.04 : nova vulnerability (USN-1831-1) | 17 May 201300:00 | – | nessus |
Tenable Nessus | Fedora 19 : novnc-0.4-7.fc19 / openstack-nova-2013.1.2-4.fc19 (2013-13244) | 29 Jul 201300:00 | – | nessus |
Tenable Nessus | Ubuntu 14.04 LTS : OpenStack Nova vulnerabilities (USN-2247-1) | 18 Jun 201400:00 | – | nessus |
Fedora | [SECURITY] Fedora 20 Update: openstack-nova-2013.2-4.fc20 | 14 Dec 201303:44 | – | fedora |
Fedora | [SECURITY] Fedora 19 Update: openstack-nova-2013.1.4-3.fc19 | 12 Dec 201302:57 | – | fedora |
Fedora | [SECURITY] Fedora 20 Update: openstack-nova-2013.2.1-2.fc20 | 7 Jan 201409:34 | – | fedora |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2013-22667.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(71418);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2013-2096", "CVE-2013-4463", "CVE-2013-4469");
script_bugtraq_id(59924, 63467, 63468);
script_xref(name:"FEDORA", value:"2013-22667");
script_name(english:"Fedora 20 : openstack-nova-2013.2-4.fc20 (2013-22667)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
" - Ensure we don't boot oversized images (CVE-2013-4463 and
CVE-2013-2096)
- Require ipmitool for baremetal driver (#1022243)
- Remove cert and scheduler hard dependency on
cinderclient (#1031679)
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1023239"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1023581"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2013-December/123913.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?9162d35b"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected openstack-nova package."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openstack-nova");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20");
script_set_attribute(attribute:"patch_publication_date", value:"2013/12/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/14");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC20", reference:"openstack-nova-2013.2-4.fc20")) flag++;
if (flag)
{
if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
else security_note(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openstack-nova");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo