Lucene search
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2018-4E660226E7.NASLHistoryJan 03, 2019 - 12:00 a.m.
Fedora 28 : glusterfs (2018-4e660226e7)
2019-01-0300:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7
4.1.4 GA Security Fix for CVE-2018-10904 Security Fix for CVE-2018-10907 Security Fix for CVE-2018-10911 Security Fix for CVE-2018-10913 Security Fix for CVE-2018-10914 Security Fix for CVE-2018-10923 Security Fix for CVE-2018-10926 Security Fix for CVE-2018-10927 Security Fix for CVE-2018-10928 Security Fix for CVE-2018-10929 Security Fix for CVE-2018-10930
missing /run/gluster/metrics, see bz#1624006
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2018-4e660226e7.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(120410);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2018-10904", "CVE-2018-10907", "CVE-2018-10911", "CVE-2018-10913", "CVE-2018-10914", "CVE-2018-10923", "CVE-2018-10926", "CVE-2018-10927", "CVE-2018-10928", "CVE-2018-10929", "CVE-2018-10930");
script_xref(name:"FEDORA", value:"2018-4e660226e7");
script_name(english:"Fedora 28 : glusterfs (2018-4e660226e7)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"4.1.4 GA Security Fix for CVE-2018-10904 Security Fix for
CVE-2018-10907 Security Fix for CVE-2018-10911 Security Fix for
CVE-2018-10913 Security Fix for CVE-2018-10914 Security Fix for
CVE-2018-10923 Security Fix for CVE-2018-10926 Security Fix for
CVE-2018-10927 Security Fix for CVE-2018-10928 Security Fix for
CVE-2018-10929 Security Fix for CVE-2018-10930
----
missing /run/gluster/metrics, see bz#1624006
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-4e660226e7"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected glusterfs package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glusterfs");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:28");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/04");
script_set_attribute(attribute:"patch_publication_date", value:"2018/09/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/03");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^28([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 28", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC28", reference:"glusterfs-4.1.4-1.fc28")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glusterfs");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fedoraproject | fedora | glusterfs | p-cpe:/a:fedoraproject:fedora:glusterfs |
| fedoraproject | fedora | 28 | cpe:/o:fedoraproject:fedora:28 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10904
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10907
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10911
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10913
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10914
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10923
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10926
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10927
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10928
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10929
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10930
bodhi.fedoraproject.org/updates/FEDORA-2018-4e660226e7
Related
nessus
nessus
Fedora 29 : glusterfs (2018-a54270a213)
2019-01-03 00:00:00
Debian DLA-1510-1 : glusterfs security update
2018-09-21 00:00:00
RHEL 6 : Gluster Storage (RHSA-2018:2608) (deprecated)
2018-09-06 00:00:00
debian
debian
[SECURITY] [DLA 1510-1] glusterfs security update
2018-09-20 10:16:27
[SECURITY] [DLA 2806-1] glusterfs security update
2021-11-01 23:25:14
[SECURITY] [DLA 1565-1] glusterfs security update
2018-11-05 18:02:25
openvas
openvas
Fedora Update for glusterfs FEDORA-2018-4e660226e7
2018-09-12 00:00:00
Fedora Update for glusterfs FEDORA-2018-9a4d7ec61e
2018-10-03 00:00:00
Debian: Security Advisory (DLA-1510-1)
2018-09-19 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in glusterfs affect PowerKVM
2018-12-17 14:30:02
redhat
redhat
centos
centos
glusterfs, python2 security update
2018-11-15 18:45:47
glusterfs, python2 security update
2018-10-09 20:21:55
fedora
fedora
[SECURITY] Fedora 28 Update: glusterfs-4.1.4-1.fc28
2018-09-11 17:04:27
[SECURITY] Fedora 27 Update: glusterfs-3.12.14-1.fc27
2018-09-28 17:14:10
[SECURITY] Fedora 29 Update: glusterfs-4.1.5-1.fc29
2018-10-02 19:35:20
osv
osv
glusterfs - security update
2018-09-20 00:00:00
CVE-2018-14651
2018-10-31 22:29:00
glusterfs - security update
2021-11-01 00:00:00
suse
suse
Security update for glusterfs (moderate)
2020-01-20 00:00:00
prion
prion
Code injection
2018-10-31 22:29:00
Design/Logic Flaw
2018-09-04 15:29:00
Path traversal
2018-09-04 15:29:00
cve
cve
veracode
veracode
Symlink Attack
2018-11-01 08:59:27
Symlink Attack
2019-01-15 09:25:31
Remote Code Execution (RCE)
2018-10-01 09:52:31
ubuntucve
ubuntucve
redhatcve
redhatcve
debiancve
debiancve
gentoo
gentoo
GlusterFS: Multiple Vulnerabilities
2019-04-02 00:00:00
ubuntu
ubuntu
GlusterFS vulnerabilities
2021-03-15 00:00:00
oraclelinux
oraclelinux
glusterfs security, bug fix, and enhancement update
2018-10-09 00:00:00
glusterfs security, bug fix, and enhancement update
2018-11-05 00:00:00
amazon
amazon
Medium: glusterfs
2018-12-13 20:16:00
Related for FEDORA_2018-4E660226E7.NASL