{"id": "FEDORA_2015-11039.NASL", "bulletinFamily": "scanner", "title": "Fedora 22 : rsyslog-8.8.0-3.fc22 (2015-11039)", "description": "Besides other changes, this update mitigates this vulnerability:\nhttps://access.redhat.com/security/cve/CVE-2015-3243\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2015-07-16T00:00:00", "modified": "2015-07-16T00:00:00", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/84777", "reporter": "This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?cce968c0", "https://access.redhat.com/security/cve/cve-2015-3243", "https://bugzilla.redhat.com/show_bug.cgi?id=1224538", "https://bugzilla.redhat.com/show_bug.cgi?id=1224972"], "cvelist": ["CVE-2015-3243"], "type": "nessus", "lastseen": "2021-01-12T10:13:14", "edition": 16, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-3243"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:2166-1", "OPENSUSE-SU-2018:2019-1"]}, {"type": "fedora", "idList": ["FEDORA:12C39608752C"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852085", "OPENVAS:1361412562310851829", "OPENVAS:1361412562310869758"]}, {"type": "nessus", "idList": ["SUSE_SU-2018-1937-1.NASL", "OPENSUSE-2019-523.NASL", "OPENSUSE-2018-738.NASL", "SUSE_SU-2018-2038-1.NASL", "SUSE_SU-2018-1937-2.NASL", "OPENSUSE-2018-789.NASL"]}], "modified": "2021-01-12T10:13:14", "rev": 2}, "score": {"value": 3.4, "vector": "NONE", "modified": "2021-01-12T10:13:14", "rev": 2}, "vulnersScore": 3.4}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-11039.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84777);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2015-11039\");\n\n script_name(english:\"Fedora 22 : rsyslog-8.8.0-3.fc22 (2015-11039)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Besides other changes, this update mitigates this vulnerability:\nhttps://access.redhat.com/security/cve/CVE-2015-3243\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://access.redhat.com/security/cve/CVE-2015-3243\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3243\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1224538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1224972\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-July/161996.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cce968c0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rsyslog package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rsyslog\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"rsyslog-8.8.0-3.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rsyslog\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "84777", "cpe": ["p-cpe:/a:fedoraproject:fedora:rsyslog", "cpe:/o:fedoraproject:fedora:22"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T12:49:50", "description": "rsyslog uses weak permissions for generating log files, which allows local users to obtain sensitive information by reading files in /var/log/cron.", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-07-25T18:29:00", "title": "CVE-2015-3243", "type": "cve", "cwe": ["CWE-532"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3243"], "modified": "2017-07-31T19:07:00", "cpe": ["cpe:/a:rsyslog:rsyslog:-"], "id": "CVE-2015-3243", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3243", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:rsyslog:rsyslog:-:*:*:*:*:*:*:*"]}], "suse": [{"lastseen": "2018-08-01T19:53:51", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3243"], "description": "This update for rsyslog fixes the following issues:\n\n The following security vulnerability was addressed:\n\n CVE-2015-3243: Make sure that log files are not created world-readable\n (bsc#935393)\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n", "edition": 1, "modified": "2018-08-01T18:13:50", "published": "2018-08-01T18:13:50", "id": "OPENSUSE-SU-2018:2166-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-08/msg00001.html", "title": "Security update for rsyslog (moderate)", "type": "suse", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-07-20T05:36:35", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3243"], "description": "This update for rsyslog fixes the following security issue:\n\n - CVE-2015-3243: Prevent weak permissions for generated log files, which\n allowed local users to obtain sensitive information (bsc#935393).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2018-07-20T03:13:08", "published": "2018-07-20T03:13:08", "id": "OPENSUSE-SU-2018:2019-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-07/msg00028.html", "title": "Security update for rsyslog (moderate)", "type": "suse", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "openvas": [{"lastseen": "2020-01-31T17:38:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3243"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310852085", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852085", "type": "openvas", "title": "openSUSE: Security Advisory for rsyslog (openSUSE-SU-2018:2019-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852085\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2015-3243\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:43:07 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for rsyslog (openSUSE-SU-2018:2019-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:2019-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-07/msg00028.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rsyslog'\n package(s) announced via the openSUSE-SU-2018:2019-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for rsyslog fixes the following security issue:\n\n - CVE-2015-3243: Prevent weak permissions for generated log files, which\n allowed local users to obtain sensitive information (bsc#935393).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-738=1\");\n\n script_tag(name:\"affected\", value:\"rsyslog on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog\", rpm:\"rsyslog~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-debuginfo\", rpm:\"rsyslog-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-debugsource\", rpm:\"rsyslog-debugsource~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-diag-tools\", rpm:\"rsyslog-diag-tools~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-diag-tools-debuginfo\", rpm:\"rsyslog-diag-tools-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-doc\", rpm:\"rsyslog-doc~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-dbi\", rpm:\"rsyslog-module-dbi~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-dbi-debuginfo\", rpm:\"rsyslog-module-dbi-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-elasticsearch\", rpm:\"rsyslog-module-elasticsearch~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-elasticsearch-debuginfo\", rpm:\"rsyslog-module-elasticsearch-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-gcrypt\", rpm:\"rsyslog-module-gcrypt~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-gcrypt-debuginfo\", rpm:\"rsyslog-module-gcrypt-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-gssapi\", rpm:\"rsyslog-module-gssapi~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-gssapi-debuginfo\", rpm:\"rsyslog-module-gssapi-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-gtls\", rpm:\"rsyslog-module-gtls~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-gtls-debuginfo\", rpm:\"rsyslog-module-gtls-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-mmnormalize\", rpm:\"rsyslog-module-mmnormalize~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-mmnormalize-debuginfo\", rpm:\"rsyslog-module-mmnormalize-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-mysql\", rpm:\"rsyslog-module-mysql~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-mysql-debuginfo\", rpm:\"rsyslog-module-mysql-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-omamqp1\", rpm:\"rsyslog-module-omamqp1~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-omamqp1-debuginfo\", rpm:\"rsyslog-module-omamqp1-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-omhttpfs\", rpm:\"rsyslog-module-omhttpfs~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-omhttpfs-debuginfo\", rpm:\"rsyslog-module-omhttpfs-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-omtcl\", rpm:\"rsyslog-module-omtcl~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-omtcl-debuginfo\", rpm:\"rsyslog-module-omtcl-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-pgsql\", rpm:\"rsyslog-module-pgsql~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-pgsql-debuginfo\", rpm:\"rsyslog-module-pgsql-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-relp\", rpm:\"rsyslog-module-relp~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-relp-debuginfo\", rpm:\"rsyslog-module-relp-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-snmp\", rpm:\"rsyslog-module-snmp~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-snmp-debuginfo\", rpm:\"rsyslog-module-snmp-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-udpspoof\", rpm:\"rsyslog-module-udpspoof~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"syslog-module-udpspoof-debuginfo\", rpm:\"syslog-module-udpspoof-debuginfo~8.33.1~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3243"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-07-16T00:00:00", "id": "OPENVAS:1361412562310869758", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869758", "type": "openvas", "title": "Fedora Update for rsyslog FEDORA-2015-11039", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rsyslog FEDORA-2015-11039\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869758\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-16 06:15:17 +0200 (Thu, 16 Jul 2015)\");\n script_cve_id(\"CVE-2015-3243\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for rsyslog FEDORA-2015-11039\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rsyslog'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"rsyslog on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-11039\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-July/161996.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"rsyslog\", rpm:\"rsyslog~8.8.0~3.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-31T17:38:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3243"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2018-08-02T00:00:00", "id": "OPENVAS:1361412562310851829", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851829", "type": "openvas", "title": "openSUSE: Security Advisory for rsyslog (openSUSE-SU-2018:2166-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851829\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-02 05:48:43 +0200 (Thu, 02 Aug 2018)\");\n script_cve_id(\"CVE-2015-3243\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for rsyslog (openSUSE-SU-2018:2166-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rsyslog'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for rsyslog fixes the following issues:\n\n The following security vulnerability was addressed:\n\n CVE-2015-3243: Make sure that log files are not created world-readable\n (bsc#935393)\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-789=1\");\n\n script_tag(name:\"affected\", value:\"rsyslog on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:2166-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-08/msg00001.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog\", rpm:\"rsyslog~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-debuginfo\", rpm:\"rsyslog-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-debugsource\", rpm:\"rsyslog-debugsource~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-diag-tools\", rpm:\"rsyslog-diag-tools~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-diag-tools-debuginfo\", rpm:\"rsyslog-diag-tools-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-doc\", rpm:\"rsyslog-doc~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-dbi\", rpm:\"rsyslog-module-dbi~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-dbi-debuginfo\", rpm:\"rsyslog-module-dbi-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-elasticsearch\", rpm:\"rsyslog-module-elasticsearch~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-elasticsearch-debuginfo\", rpm:\"rsyslog-module-elasticsearch-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-gcrypt\", rpm:\"rsyslog-module-gcrypt~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-gcrypt-debuginfo\", rpm:\"rsyslog-module-gcrypt-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-gssapi\", rpm:\"rsyslog-module-gssapi~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-gssapi-debuginfo\", rpm:\"rsyslog-module-gssapi-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-gtls\", rpm:\"rsyslog-module-gtls~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-gtls-debuginfo\", rpm:\"rsyslog-module-gtls-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-guardtime\", rpm:\"rsyslog-module-guardtime~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-guardtime-debuginfo\", rpm:\"rsyslog-module-guardtime-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-mmnormalize\", rpm:\"rsyslog-module-mmnormalize~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-mmnormalize-debuginfo\", rpm:\"rsyslog-module-mmnormalize-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-mysql\", rpm:\"rsyslog-module-mysql~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-mysql-debuginfo\", rpm:\"rsyslog-module-mysql-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-omamqp1\", rpm:\"rsyslog-module-omamqp1~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-omamqp1-debuginfo\", rpm:\"rsyslog-module-omamqp1-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-omhttpfs\", rpm:\"rsyslog-module-omhttpfs~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-omhttpfs-debuginfo\", rpm:\"rsyslog-module-omhttpfs-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-omtcl\", rpm:\"rsyslog-module-omtcl~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-omtcl-debuginfo\", rpm:\"rsyslog-module-omtcl-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-pgsql\", rpm:\"rsyslog-module-pgsql~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-pgsql-debuginfo\", rpm:\"rsyslog-module-pgsql-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-relp\", rpm:\"rsyslog-module-relp~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-relp-debuginfo\", rpm:\"rsyslog-module-relp-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-snmp\", rpm:\"rsyslog-module-snmp~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-snmp-debuginfo\", rpm:\"rsyslog-module-snmp-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rsyslog-module-udpspoof\", rpm:\"rsyslog-module-udpspoof~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"syslog-module-udpspoof-debuginfo\", rpm:\"syslog-module-udpspoof-debuginfo~8.24.0~2.3.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2020-06-05T11:21:59", "description": "This update for rsyslog fixes the following issues :\n\nThe following security vulnerability was addressed :\n\nCVE-2015-3243: Make sure that log files are not created world-readable\n(bsc#935393)\n\nThis update was imported from the SUSE:SLE-12-SP3:Update update\nproject.", "edition": 16, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-08-02T00:00:00", "title": "openSUSE Security Update : rsyslog (openSUSE-2018-789)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3243"], "modified": "2018-08-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:rsyslog-debugsource", "p-cpe:/a:novell:opensuse:rsyslog-module-omhttpfs", "p-cpe:/a:novell:opensuse:rsyslog-module-omamqp1-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-udpspoof-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-diag-tools-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-snmp-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-omamqp1", "p-cpe:/a:novell:opensuse:rsyslog", "p-cpe:/a:novell:opensuse:rsyslog-module-mysql-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-omtcl-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-gtls", "p-cpe:/a:novell:opensuse:rsyslog-module-dbi", "p-cpe:/a:novell:opensuse:rsyslog-module-udpspoof", "p-cpe:/a:novell:opensuse:rsyslog-module-guardtime-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-omhttpfs-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-snmp", "p-cpe:/a:novell:opensuse:rsyslog-module-relp", "p-cpe:/a:novell:opensuse:rsyslog-diag-tools", "p-cpe:/a:novell:opensuse:rsyslog-module-elasticsearch-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-omtcl", "p-cpe:/a:novell:opensuse:rsyslog-module-gcrypt", "p-cpe:/a:novell:opensuse:rsyslog-module-gssapi", "p-cpe:/a:novell:opensuse:rsyslog-debuginfo", "cpe:/o:novell:opensuse:42.3", "p-cpe:/a:novell:opensuse:rsyslog-module-relp-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-gssapi-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-mmnormalize-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-dbi-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-guardtime", "p-cpe:/a:novell:opensuse:rsyslog-module-pgsql", "p-cpe:/a:novell:opensuse:rsyslog-module-mmnormalize", "p-cpe:/a:novell:opensuse:rsyslog-module-gcrypt-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-gtls-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-elasticsearch", "p-cpe:/a:novell:opensuse:rsyslog-module-mysql"], "id": "OPENSUSE-2018-789.NASL", "href": "https://www.tenable.com/plugins/nessus/111502", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-789.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111502);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2015-3243\");\n\n script_name(english:\"openSUSE Security Update : rsyslog (openSUSE-2018-789)\");\n script_summary(english:\"Check for the openSUSE-2018-789 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for rsyslog fixes the following issues :\n\nThe following security vulnerability was addressed :\n\nCVE-2015-3243: Make sure that log files are not created world-readable\n(bsc#935393)\n\nThis update was imported from the SUSE:SLE-12-SP3:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=935393\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rsyslog packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-diag-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-diag-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-dbi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-dbi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-elasticsearch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-elasticsearch-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gssapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gssapi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gtls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gtls-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-guardtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-guardtime-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-mmnormalize\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-mmnormalize-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omamqp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omamqp1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omhttpfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omhttpfs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omtcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omtcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-relp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-relp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-udpspoof\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-udpspoof-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-debugsource-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-diag-tools-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-diag-tools-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-dbi-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-dbi-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-elasticsearch-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-elasticsearch-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-gcrypt-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-gcrypt-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-gssapi-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-gssapi-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-gtls-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-gtls-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-guardtime-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-guardtime-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-mmnormalize-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-mmnormalize-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-mysql-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-mysql-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-omamqp1-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-omamqp1-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-omhttpfs-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-omhttpfs-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-omtcl-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-omtcl-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-pgsql-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-pgsql-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-relp-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-relp-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-snmp-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-snmp-debuginfo-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-udpspoof-8.24.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"rsyslog-module-udpspoof-debuginfo-8.24.0-2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rsyslog / rsyslog-debuginfo / rsyslog-debugsource / etc\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-06-05T11:21:26", "description": "This update for rsyslog fixes the following security issue :\n\n - CVE-2015-3243: Prevent weak permissions for generated\n log files, which allowed local users to obtain sensitive\n information (bsc#935393).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 16, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-07-20T00:00:00", "title": "openSUSE Security Update : rsyslog (openSUSE-2018-738)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3243"], "modified": "2018-07-20T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:rsyslog-debugsource", "p-cpe:/a:novell:opensuse:rsyslog-module-omhttpfs", "p-cpe:/a:novell:opensuse:rsyslog-module-omamqp1-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-udpspoof-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-diag-tools-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-snmp-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-omamqp1", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:rsyslog", "p-cpe:/a:novell:opensuse:rsyslog-module-mysql-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-omtcl-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-gtls", "p-cpe:/a:novell:opensuse:rsyslog-module-dbi", "p-cpe:/a:novell:opensuse:rsyslog-module-udpspoof", "p-cpe:/a:novell:opensuse:rsyslog-module-omhttpfs-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-snmp", "p-cpe:/a:novell:opensuse:rsyslog-module-relp", "p-cpe:/a:novell:opensuse:rsyslog-diag-tools", "p-cpe:/a:novell:opensuse:rsyslog-module-elasticsearch-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-omtcl", "p-cpe:/a:novell:opensuse:rsyslog-module-gcrypt", "p-cpe:/a:novell:opensuse:rsyslog-module-gssapi", "p-cpe:/a:novell:opensuse:rsyslog-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-relp-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-gssapi-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-mmnormalize-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-dbi-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-pgsql", "p-cpe:/a:novell:opensuse:rsyslog-module-mmnormalize", "p-cpe:/a:novell:opensuse:rsyslog-module-gcrypt-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-gtls-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-elasticsearch", "p-cpe:/a:novell:opensuse:rsyslog-module-mysql"], "id": "OPENSUSE-2018-738.NASL", "href": "https://www.tenable.com/plugins/nessus/111195", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-738.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111195);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2015-3243\");\n\n script_name(english:\"openSUSE Security Update : rsyslog (openSUSE-2018-738)\");\n script_summary(english:\"Check for the openSUSE-2018-738 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for rsyslog fixes the following security issue :\n\n - CVE-2015-3243: Prevent weak permissions for generated\n log files, which allowed local users to obtain sensitive\n information (bsc#935393).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=935393\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rsyslog packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-diag-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-diag-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-dbi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-dbi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-elasticsearch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-elasticsearch-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gssapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gssapi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gtls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gtls-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-mmnormalize\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-mmnormalize-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omamqp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omamqp1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omhttpfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omhttpfs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omtcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omtcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-relp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-relp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-udpspoof\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-udpspoof-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-debugsource-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-diag-tools-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-diag-tools-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-dbi-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-dbi-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-elasticsearch-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-elasticsearch-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-gcrypt-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-gcrypt-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-gssapi-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-gssapi-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-gtls-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-gtls-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-mmnormalize-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-mmnormalize-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-mysql-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-mysql-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-omamqp1-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-omamqp1-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-omhttpfs-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-omhttpfs-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-omtcl-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-omtcl-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-pgsql-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-pgsql-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-relp-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-relp-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-snmp-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-snmp-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-udpspoof-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-udpspoof-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rsyslog / rsyslog-debuginfo / rsyslog-debugsource / etc\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-09-23T16:46:04", "description": "This update for rsyslog fixes the following security issue :\n\n - CVE-2015-3243: Prevent weak permissions for generated\n log files, which allowed local users to obtain sensitive\n information (bsc#935393).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 14, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-03-27T00:00:00", "title": "openSUSE Security Update : rsyslog (openSUSE-2019-523)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3243"], "modified": "2019-03-27T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:rsyslog-debugsource", "p-cpe:/a:novell:opensuse:rsyslog-module-omhttpfs", "p-cpe:/a:novell:opensuse:rsyslog-module-omamqp1-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-udpspoof-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-diag-tools-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-snmp-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-omamqp1", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:rsyslog", "p-cpe:/a:novell:opensuse:rsyslog-module-mysql-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-omtcl-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-gtls", "p-cpe:/a:novell:opensuse:rsyslog-module-dbi", "p-cpe:/a:novell:opensuse:rsyslog-module-udpspoof", "p-cpe:/a:novell:opensuse:rsyslog-module-omhttpfs-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-snmp", "p-cpe:/a:novell:opensuse:rsyslog-module-relp", "p-cpe:/a:novell:opensuse:rsyslog-diag-tools", "p-cpe:/a:novell:opensuse:rsyslog-module-elasticsearch-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-omtcl", "p-cpe:/a:novell:opensuse:rsyslog-module-gcrypt", "p-cpe:/a:novell:opensuse:rsyslog-module-gssapi", "p-cpe:/a:novell:opensuse:rsyslog-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-relp-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-gssapi-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-mmnormalize-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-dbi-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-pgsql", "p-cpe:/a:novell:opensuse:rsyslog-module-mmnormalize", "p-cpe:/a:novell:opensuse:rsyslog-module-gcrypt-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-gtls-debuginfo", "p-cpe:/a:novell:opensuse:rsyslog-module-elasticsearch", "p-cpe:/a:novell:opensuse:rsyslog-module-mysql"], "id": "OPENSUSE-2019-523.NASL", "href": "https://www.tenable.com/plugins/nessus/123221", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-523.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123221);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2015-3243\");\n\n script_name(english:\"openSUSE Security Update : rsyslog (openSUSE-2019-523)\");\n script_summary(english:\"Check for the openSUSE-2019-523 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for rsyslog fixes the following security issue :\n\n - CVE-2015-3243: Prevent weak permissions for generated\n log files, which allowed local users to obtain sensitive\n information (bsc#935393).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=935393\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rsyslog packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-diag-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-diag-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-dbi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-dbi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-elasticsearch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-elasticsearch-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gssapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gssapi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gtls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-gtls-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-mmnormalize\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-mmnormalize-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omamqp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omamqp1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omhttpfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omhttpfs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omtcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-omtcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-relp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-relp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-udpspoof\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rsyslog-module-udpspoof-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-debugsource-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-diag-tools-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-diag-tools-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-dbi-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-dbi-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-elasticsearch-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-elasticsearch-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-gcrypt-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-gcrypt-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-gssapi-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-gssapi-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-gtls-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-gtls-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-mmnormalize-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-mmnormalize-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-mysql-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-mysql-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-omamqp1-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-omamqp1-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-omhttpfs-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-omhttpfs-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-omtcl-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-omtcl-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-pgsql-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-pgsql-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-relp-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-relp-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-snmp-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-snmp-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-udpspoof-8.33.1-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"rsyslog-module-udpspoof-debuginfo-8.33.1-lp150.2.3.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rsyslog / rsyslog-debuginfo / rsyslog-debugsource / etc\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T06:12:06", "description": "This update for rsyslog fixes the following issues: The following\nsecurity vulnerability was addressed :\n\n - CVE-2015-3243: Make sure that log files are not created\n world-readable (bsc#935393)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-07-24T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : rsyslog (SUSE-SU-2018:2038-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3243"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:rsyslog-module-pgsql", "p-cpe:/a:novell:suse_linux:rsyslog-module-udpspoof-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-module-pgsql-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-debugsource", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:rsyslog", "p-cpe:/a:novell:suse_linux:rsyslog-module-udpspoof", "p-cpe:/a:novell:suse_linux:rsyslog-module-gtls-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-module-snmp", "p-cpe:/a:novell:suse_linux:rsyslog-module-gssapi", "p-cpe:/a:novell:suse_linux:rsyslog-module-snmp-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-doc", "p-cpe:/a:novell:suse_linux:rsyslog-module-gssapi-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-module-mysql", "p-cpe:/a:novell:suse_linux:rsyslog-module-gtls", "p-cpe:/a:novell:suse_linux:rsyslog-module-relp", "p-cpe:/a:novell:suse_linux:rsyslog-module-relp-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-diag-tools", "p-cpe:/a:novell:suse_linux:rsyslog-module-mysql-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-diag-tools-debuginfo"], "id": "SUSE_SU-2018-2038-1.NASL", "href": "https://www.tenable.com/plugins/nessus/111262", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2038-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111262);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/09/10 13:51:48\");\n\n script_cve_id(\"CVE-2015-3243\");\n script_bugtraq_id(75298);\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : rsyslog (SUSE-SU-2018:2038-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for rsyslog fixes the following issues: The following\nsecurity vulnerability was addressed :\n\n - CVE-2015-3243: Make sure that log files are not created\n world-readable (bsc#935393)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3243/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182038-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8dc292ff\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-1375=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-1375=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:U/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:U/RC:X\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-diag-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-diag-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-gssapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-gssapi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-gtls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-gtls-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-relp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-relp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-udpspoof\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-udpspoof-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-debuginfo-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-debugsource-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-diag-tools-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-diag-tools-debuginfo-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-doc-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-gssapi-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-gssapi-debuginfo-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-gtls-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-gtls-debuginfo-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-mysql-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-mysql-debuginfo-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-pgsql-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-pgsql-debuginfo-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-relp-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-relp-debuginfo-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-snmp-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-snmp-debuginfo-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-udpspoof-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"rsyslog-module-udpspoof-debuginfo-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"rsyslog-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"rsyslog-debuginfo-8.24.0-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"rsyslog-debugsource-8.24.0-3.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rsyslog\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-14T06:13:25", "description": "This update for rsyslog fixes the following security issue :\n\n - CVE-2015-3243: Prevent weak permissions for generated\n log files, which allowed local users to obtain sensitive\n information (bsc#935393).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-01-02T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : rsyslog (SUSE-SU-2018:1937-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3243"], "modified": "2019-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:rsyslog-module-pgsql", "p-cpe:/a:novell:suse_linux:rsyslog-module-udpspoof-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-module-pgsql-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-debugsource", "p-cpe:/a:novell:suse_linux:rsyslog", "p-cpe:/a:novell:suse_linux:rsyslog-module-udpspoof", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:rsyslog-module-snmp", "p-cpe:/a:novell:suse_linux:rsyslog-module-gssapi", "p-cpe:/a:novell:suse_linux:rsyslog-module-snmp-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-module-gssapi-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-module-mysql", "p-cpe:/a:novell:suse_linux:rsyslog-module-relp", "p-cpe:/a:novell:suse_linux:rsyslog-module-relp-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-module-mysql-debuginfo"], "id": "SUSE_SU-2018-1937-2.NASL", "href": "https://www.tenable.com/plugins/nessus/120044", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1937-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120044);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2015-3243\");\n script_bugtraq_id(75298);\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : rsyslog (SUSE-SU-2018:1937-2)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for rsyslog fixes the following security issue :\n\n - CVE-2015-3243: Prevent weak permissions for generated\n log files, which allowed local users to obtain sensitive\n information (bsc#935393).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3243/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181937-2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b19c5686\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15:zypper in -t\npatch SUSE-SLE-Module-Server-Applications-15-2018-1318=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-1318=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:U/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:U/RC:X\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-gssapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-gssapi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-relp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-relp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-udpspoof\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-udpspoof-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-debugsource-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-module-gssapi-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-module-gssapi-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-module-mysql-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-module-mysql-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-module-pgsql-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-module-pgsql-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-module-relp-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-module-relp-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-module-snmp-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-module-snmp-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-module-udpspoof-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-module-udpspoof-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"rsyslog-debugsource-8.33.1-3.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rsyslog\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-14T06:13:25", "description": "This update for rsyslog fixes the following security issue :\n\n - CVE-2015-3243: Prevent weak permissions for generated\n log files, which allowed local users to obtain sensitive\n information (bsc#935393).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-01-02T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : rsyslog (SUSE-SU-2018:1937-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3243"], "modified": "2019-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:rsyslog-module-pgsql", "p-cpe:/a:novell:suse_linux:rsyslog-module-udpspoof-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-module-pgsql-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-debugsource", "p-cpe:/a:novell:suse_linux:rsyslog", "p-cpe:/a:novell:suse_linux:rsyslog-module-udpspoof", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:rsyslog-module-snmp", "p-cpe:/a:novell:suse_linux:rsyslog-module-gssapi", "p-cpe:/a:novell:suse_linux:rsyslog-module-snmp-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-module-gssapi-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-module-mysql", "p-cpe:/a:novell:suse_linux:rsyslog-module-relp", "p-cpe:/a:novell:suse_linux:rsyslog-module-relp-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-debuginfo", "p-cpe:/a:novell:suse_linux:rsyslog-module-mysql-debuginfo"], "id": "SUSE_SU-2018-1937-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120043", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1937-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120043);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2015-3243\");\n script_bugtraq_id(75298);\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : rsyslog (SUSE-SU-2018:1937-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for rsyslog fixes the following security issue :\n\n - CVE-2015-3243: Prevent weak permissions for generated\n log files, which allowed local users to obtain sensitive\n information (bsc#935393).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3243/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181937-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2b5ddc24\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15:zypper in -t\npatch SUSE-SLE-Module-Server-Applications-15-2018-1318=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-1318=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:U/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:U/RC:X\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-gssapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-gssapi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-relp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-relp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-udpspoof\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rsyslog-module-udpspoof-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"s390x\") audit(AUDIT_ARCH_NOT, \"s390x\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-debugsource-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-module-gssapi-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-module-gssapi-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-module-mysql-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-module-mysql-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-module-pgsql-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-module-pgsql-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-module-relp-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-module-relp-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-module-snmp-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-module-snmp-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-module-udpspoof-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-module-udpspoof-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-debuginfo-8.33.1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"s390x\", reference:\"rsyslog-debugsource-8.33.1-3.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rsyslog\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3243"], "description": "Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is compatible with stock sysklogd and can be used as a drop-in replacement. Rsyslog is simple to set up, with advanced features suitable for enterprise-class, encryption-protected syslog relay chains. ", "modified": "2015-07-16T02:33:22", "published": "2015-07-16T02:33:22", "id": "FEDORA:12C39608752C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: rsyslog-8.8.0-3.fc22", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}]}