Fedora 20 : openstack-glance-2013.2.3-3.fc20 (2014-5198)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2014-5198.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(73972);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2014-0162");
  script_bugtraq_id(65507, 66774);
  script_xref(name:"FEDORA", value:"2014-5198");

  script_name(english:"Fedora 20 : openstack-glance-2013.2.3-3.fc20 (2014-5198)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"OpenStack Security Advisory: 2014-012 CVE: CVE-2014-0162 Date: April
10, 2014 Title: Remote code execution in Glance Sheepdog backend
Reporter: Paul McMillan (Nebula) Products: Glance Versions: from
2013.2 to 2013.2.3

Description: Paul McMillan from Nebula reported a vulnerability in
Glance Sheepdog backend. By using a specially crafted location, a user
allowed to insert or modify Glance image metadata may trigger code
execution on the Glance host as the user the Glance service runs
under. This may result in Glance host unauthorized access and further
compromise of the Glance service. All setups using Glance server with
the (enabled by default) sheepdog backend are affected.

Juno (development branch) fix: https://review.openstack.org/86622

Icehouse (milestone-proposed branch) fix:
https://review.openstack.org/86625

Havana fix: https://review.openstack.org/86626

Notes: This fix will be included in the icehouse-rc2 development
milestone and in a future 2013.2.4 release.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  # https://launchpad.net/bugs/1298698
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugs.launchpad.net/glance/+bug/1298698"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2014-May/133224.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?98b7b111"
  );
  # https://review.openstack.org/86622
  script_set_attribute(
    attribute:"see_also",
    value:"https://review.openstack.org/#/c/86622/"
  );
  # https://review.openstack.org/86625
  script_set_attribute(
    attribute:"see_also",
    value:"https://review.openstack.org/#/c/86625/"
  );
  # https://review.openstack.org/86626
  script_set_attribute(
    attribute:"see_also",
    value:"https://review.openstack.org/#/c/86626/"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected openstack-glance package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openstack-glance");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/04/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC20", reference:"openstack-glance-2013.2.3-3.fc20")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openstack-glance");
}