{"id": "FEDORA_2018-4F0089C995.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "Fedora 28 : yum-utils (2018-4f0089c995)", "description": "Security fix for CVE-2018-10897\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2019-01-03T00:00:00", "modified": "2021-01-06T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/120412", "reporter": "This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f0089c995", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10897"], "cvelist": ["CVE-2018-10897"], "immutableFields": [], "lastseen": "2021-09-26T00:55:02", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1057", "ALAS2-2018-1063"]}, {"type": "centos", "idList": ["CESA-2018:2284", "CESA-2018:2285"]}, {"type": "cve", "idList": ["CVE-2018-10897"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-10897"]}, {"type": "f5", "idList": ["F5:K23200408"]}, {"type": "fedora", "idList": ["FEDORA:07330600627B", "FEDORA:1CD3F60CCF0B", "FEDORA:47BF560CCF04", "FEDORA:49A4560A6175", "FEDORA:54940602DC0C", "FEDORA:54E526098827", "FEDORA:91EC760CCF29", "FEDORA:9480860CCF12", "FEDORA:C6DFD60CCF2A", "FEDORA:D60E460CCF20"]}, {"type": "ibm", "idList": ["1B0ED4A3526A4957AFA5966EC1D954AC93826AA8F95F1EF2E8A3A6657E73F691"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1063.NASL", "ALA_ALAS-2018-1057.NASL", "CENTOS_RHSA-2018-2284.NASL", "CENTOS_RHSA-2018-2285.NASL", "EULEROS_SA-2018-1319.NASL", "EULEROS_SA-2018-1320.NASL", "EULEROS_SA-2018-1327.NASL", "EULEROS_SA-2018-1349.NASL", "EULEROS_SA-2019-1080.NASL", "EULEROS_SA-2019-1160.NASL", "EULEROS_SA-2019-1415.NASL", "FEDORA_2018-357E8E07CE.NASL", "FEDORA_2019-1FCCEDE810.NASL", "JUNIPER_SPACE_JSA10917_184R1.NASL", "NEWSTART_CGSL_NS-SA-2019-0024_YUM-UTILS.NASL", "NEWSTART_CGSL_NS-SA-2019-0133_YUM-UTILS.NASL", "ORACLELINUX_ELSA-2018-2284.NASL", "ORACLELINUX_ELSA-2018-2285.NASL", "REDHAT-RHSA-2018-2284.NASL", "REDHAT-RHSA-2018-2285.NASL", "REDHAT-RHSA-2018-2626.NASL", "SL_20180730_YUM_UTILS_ON_SL6_X.NASL", "SL_20180730_YUM_UTILS_ON_SL7_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310875109", "OPENVAS:1361412562310875113", "OPENVAS:1361412562310875632", "OPENVAS:1361412562310875731", "OPENVAS:1361412562310875757", "OPENVAS:1361412562310875861", "OPENVAS:1361412562310875957", "OPENVAS:1361412562310876033", "OPENVAS:1361412562310876153", "OPENVAS:1361412562310882933", "OPENVAS:1361412562310882934", "OPENVAS:1361412562311220181319", "OPENVAS:1361412562311220181320", "OPENVAS:1361412562311220181327", "OPENVAS:1361412562311220181349", "OPENVAS:1361412562311220191080", "OPENVAS:1361412562311220191160", "OPENVAS:1361412562311220191415"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-2284", "ELSA-2018-2285"]}, {"type": "redhat", "idList": ["RHSA-2018:2284", "RHSA-2018:2285", "RHSA-2018:2626"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-10897"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-10897"]}], "rev": 4}, "score": {"value": 6.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1057"]}, {"type": "centos", "idList": ["CESA-2018:2284", "CESA-2018:2285"]}, {"type": "cve", "idList": ["CVE-2018-10897"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-10897"]}, {"type": "f5", "idList": ["F5:K23200408"]}, {"type": "fedora", "idList": ["FEDORA:07330600627B", "FEDORA:1CD3F60CCF0B", "FEDORA:47BF560CCF04", "FEDORA:49A4560A6175", "FEDORA:54940602DC0C", "FEDORA:54E526098827", "FEDORA:91EC760CCF29", "FEDORA:9480860CCF12", "FEDORA:C6DFD60CCF2A", "FEDORA:D60E460CCF20"]}, {"type": "ibm", "idList": ["1B0ED4A3526A4957AFA5966EC1D954AC93826AA8F95F1EF2E8A3A6657E73F691"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1063.NASL", "ALA_ALAS-2018-1057.NASL", "CENTOS_RHSA-2018-2284.NASL", "CENTOS_RHSA-2018-2285.NASL", "EULEROS_SA-2018-1319.NASL", "EULEROS_SA-2018-1320.NASL", "ORACLELINUX_ELSA-2018-2284.NASL", "ORACLELINUX_ELSA-2018-2285.NASL", "REDHAT-RHSA-2018-2284.NASL", "REDHAT-RHSA-2018-2285.NASL", "SL_20180730_YUM_UTILS_ON_SL6_X.NASL", "SL_20180730_YUM_UTILS_ON_SL7_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310875109", "OPENVAS:1361412562310875113", "OPENVAS:1361412562310882933", "OPENVAS:1361412562310882934"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-2284", "ELSA-2018-2285"]}, {"type": "redhat", "idList": ["RHSA-2018:2284", "RHSA-2018:2285"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-10897"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-10897"]}]}, "exploitation": null, "vulnersScore": 6.4}, "pluginID": "120412", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-4f0089c995.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120412);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"FEDORA\", value:\"2018-4f0089c995\");\n\n script_name(english:\"Fedora 28 : yum-utils (2018-4f0089c995)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2018-10897\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f0089c995\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected yum-utils package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"yum-utils-1.1.31-515.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "naslFamily": "Fedora Local Security Checks", "cpe": ["p-cpe:/a:fedoraproject:fedora:yum-utils", "cpe:/o:fedoraproject:fedora:28"], "solution": "Update the affected yum-utils package.", "nessusSeverity": "High", "cvssScoreSource": "", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2018-09-27T00:00:00", "vulnerabilityPublicationDate": "2018-08-01T00:00:00", "exploitableWith": [], "_state": {"dependencies": 1645738505}}

{"openvas": [{"lastseen": "2019-05-29T18:33:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-09-28T00:00:00", "type": "openvas", "title": "Fedora Update for yum-utils FEDORA-2018-4f0089c995", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875113", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875113", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_4f0089c995_yum-utils_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for yum-utils FEDORA-2018-4f0089c995\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875113\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-09-28 13:35:42 +0200 (Fri, 28 Sep 2018)\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for yum-utils FEDORA-2018-4f0089c995\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'yum-utils'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"yum-utils on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-4f0089c995\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIJSDH2IJCF5PQXVAMDP4ZDMYSDSHRPT\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~515.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:33:59", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2018-1319)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181319", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181319", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1319\");\n script_version(\"2020-01-23T11:21:39+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:21:39 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:21:39 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2018-1319)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1319\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1319\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'yum-utils' package(s) announced via the EulerOS-SA-2018-1319 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\");\n\n script_tag(name:\"affected\", value:\"'yum-utils' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-aliases\", rpm:\"yum-plugin-aliases~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-changelog\", rpm:\"yum-plugin-changelog~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-priorities\", rpm:\"yum-plugin-priorities~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-tmprepo\", rpm:\"yum-plugin-tmprepo~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-verify\", rpm:\"yum-plugin-verify~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-versionlock\", rpm:\"yum-plugin-versionlock~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:37:53", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2018-1320)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181320", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181320", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1320\");\n script_version(\"2020-01-23T11:21:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:21:40 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:21:40 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2018-1320)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1320\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1320\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'yum-utils' package(s) announced via the EulerOS-SA-2018-1320 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\");\n\n script_tag(name:\"affected\", value:\"'yum-utils' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-aliases\", rpm:\"yum-plugin-aliases~1.1.31~34.h1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-changelog\", rpm:\"yum-plugin-changelog~1.1.31~34.h1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-priorities\", rpm:\"yum-plugin-priorities~1.1.31~34.h1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-tmprepo\", rpm:\"yum-plugin-tmprepo~1.1.31~34.h1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-verify\", rpm:\"yum-plugin-verify~1.1.31~34.h1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-versionlock\", rpm:\"yum-plugin-versionlock~1.1.31~34.h1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~34.h1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:25", "description": "Check the version of yum-NetworkManager-dispatcher", "cvss3": {}, "published": "2018-08-10T00:00:00", "type": "openvas", "title": "CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2285 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882934", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882934", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2018_2285_yum-NetworkManager-dispatcher_centos7.nasl 14058 2019-03-08 13:25:52Z cfischer $\n#\n# CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2285 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882934\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-10 05:59:57 +0200 (Fri, 10 Aug 2018)\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2285 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of yum-NetworkManager-dispatcher\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The yum-utils packages provide a collection of utilities and examples for\nthe yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es):\n\n * yum-utils: reposync: improper path validation may lead to directory\ntraversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy\n(Clover Network) for reporting this issue.\");\n script_tag(name:\"affected\", value:\"yum-NetworkManager-dispatcher on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"CESA\", value:\"2018:2285\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2018-August/022981.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"yum-NetworkManager-dispatcher\", rpm:\"yum-NetworkManager-dispatcher~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-aliases\", rpm:\"yum-plugin-aliases~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-auto-update-debug-info\", rpm:\"yum-plugin-auto-update-debug-info~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-changelog\", rpm:\"yum-plugin-changelog~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-copr\", rpm:\"yum-plugin-copr~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-fastestmirror\", rpm:\"yum-plugin-fastestmirror~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-filter-data\", rpm:\"yum-plugin-filter-data~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-fs-snapshot\", rpm:\"yum-plugin-fs-snapshot~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-keys\", rpm:\"yum-plugin-keys~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-list-data\", rpm:\"yum-plugin-list-data~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-local\", rpm:\"yum-plugin-local~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-merge-conf\", rpm:\"yum-plugin-merge-conf~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-ovl\", rpm:\"yum-plugin-ovl~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-post-transaction-actions\", rpm:\"yum-plugin-post-transaction-actions~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-pre-transaction-actions\", rpm:\"yum-plugin-pre-transaction-actions~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-priorities\", rpm:\"yum-plugin-priorities~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-protectbase\", rpm:\"yum-plugin-protectbase~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-ps\", rpm:\"yum-plugin-ps~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-remove-with-leaves\", rpm:\"yum-plugin-remove-with-leaves~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-rpm-warm-cache\", rpm:\"yum-plugin-rpm-warm-cache~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-show-leaves\", rpm:\"yum-plugin-show-leaves~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-tmprepo\", rpm:\"yum-plugin-tmprepo~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-tsflags\", rpm:\"yum-plugin-tsflags~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-upgrade-helper\", rpm:\"yum-plugin-upgrade-helper~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-verify\", rpm:\"yum-plugin-verify~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-versionlock\", rpm:\"yum-plugin-versionlock~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-updateonboot\", rpm:\"yum-updateonboot~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~46.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:39:47", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2018-1349)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181349", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181349", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1349\");\n script_version(\"2020-01-23T11:23:01+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:23:01 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:23:01 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2018-1349)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1349\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1349\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'yum-utils' package(s) announced via the EulerOS-SA-2018-1349 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\");\n\n script_tag(name:\"affected\", value:\"'yum-utils' package(s) on Huawei EulerOS Virtualization 2.5.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~29.h1\", rls:\"EULEROSVIRT-2.5.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:37:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2019-1080)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191080", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191080", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1080\");\n script_version(\"2020-01-23T11:30:38+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:30:38 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:30:38 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2019-1080)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1080\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1080\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'yum-utils' package(s) announced via the EulerOS-SA-2019-1080 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.(CVE-2018-10897)\");\n\n script_tag(name:\"affected\", value:\"'yum-utils' package(s) on Huawei EulerOS Virtualization 2.5.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~42.h1\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:37:18", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2018-1327)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181327", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181327", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1327\");\n script_version(\"2020-01-23T11:21:50+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:21:50 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:21:50 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2018-1327)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1327\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1327\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'yum-utils' package(s) announced via the EulerOS-SA-2018-1327 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\");\n\n script_tag(name:\"affected\", value:\"'yum-utils' package(s) on Huawei EulerOS Virtualization 2.5.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~29.h1\", rls:\"EULEROSVIRT-2.5.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:27", "description": "Check the version of yum-NetworkManager-dispatcher", "cvss3": {}, "published": "2018-08-10T00:00:00", "type": "openvas", "title": "CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2284 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882933", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882933", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2018_2284_yum-NetworkManager-dispatcher_centos6.nasl 14058 2019-03-08 13:25:52Z cfischer $\n#\n# CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2284 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882933\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-10 05:59:54 +0200 (Fri, 10 Aug 2018)\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2284 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of yum-NetworkManager-dispatcher\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The yum-utils packages provide a collection of utilities and examples for\nthe yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es):\n\n * yum-utils: reposync: improper path validation may lead to directory\ntraversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy\n(Clover Network) for reporting this issue.\");\n script_tag(name:\"affected\", value:\"yum-NetworkManager-dispatcher on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"CESA\", value:\"2018:2284\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2018-August/022976.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"yum-NetworkManager-dispatcher\", rpm:\"yum-NetworkManager-dispatcher~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-aliases\", rpm:\"yum-plugin-aliases~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-auto-update-debug-info\", rpm:\"yum-plugin-auto-update-debug-info~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-changelog\", rpm:\"yum-plugin-changelog~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-fastestmirror\", rpm:\"yum-plugin-fastestmirror~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-filter-data\", rpm:\"yum-plugin-filter-data~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-fs-snapshot\", rpm:\"yum-plugin-fs-snapshot~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-keys\", rpm:\"yum-plugin-keys~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-list-data\", rpm:\"yum-plugin-list-data~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-local\", rpm:\"yum-plugin-local~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-merge-conf\", rpm:\"yum-plugin-merge-conf~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-ovl\", rpm:\"yum-plugin-ovl~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-post-transaction-actions\", rpm:\"yum-plugin-post-transaction-actions~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-priorities\", rpm:\"yum-plugin-priorities~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-protectbase\", rpm:\"yum-plugin-protectbase~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-ps\", rpm:\"yum-plugin-ps~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-remove-with-leaves\", rpm:\"yum-plugin-remove-with-leaves~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-rpm-warm-cache\", rpm:\"yum-plugin-rpm-warm-cache~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-security\", rpm:\"yum-plugin-security~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-show-leaves\", rpm:\"yum-plugin-show-leaves~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-tmprepo\", rpm:\"yum-plugin-tmprepo~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-tsflags\", rpm:\"yum-plugin-tsflags~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-upgrade-helper\", rpm:\"yum-plugin-upgrade-helper~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-verify\", rpm:\"yum-plugin-verify~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-versionlock\", rpm:\"yum-plugin-versionlock~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-updateonboot\", rpm:\"yum-updateonboot~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for createrepo_c FEDORA-2019-1fccede810", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876153", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876153", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876153\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:36:51 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for createrepo_c FEDORA-2019-1fccede810\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I46RNELZN6U4JCPZ5C5VIE5GLRRBQNYR\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'createrepo_c'\n package(s) announced via the FEDORA-2019-1fccede810 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"C implementation of Createrepo.\nA set of utilities (createrepo_c, mergerepo_c, modifyrepo_c)\nfor generating a common metadata repository from a directory of\nrpm packages and maintaining it.\");\n\n script_tag(name:\"affected\", value:\"'createrepo_c' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"createrepo_c\", rpm:\"createrepo_c~0.12.1~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for librepo FEDORA-2019-1fccede810", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876033", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876033", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876033\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:32:40 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for librepo FEDORA-2019-1fccede810\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W4OZYE7TAWZHYNTPNZAF2L34STALGF2K\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'librepo'\n package(s) announced via the FEDORA-2019-1fccede810 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A library providing C and Python (libcURL like) API to downloading repository\nmetadata.\");\n\n script_tag(name:\"affected\", value:\"'librepo' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"librepo\", rpm:\"librepo~1.9.4~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:34:18", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2019-1160)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191160", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191160", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1160\");\n script_version(\"2020-01-23T11:33:20+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:33:20 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:33:20 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2019-1160)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1160\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1160\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'yum-utils' package(s) announced via the EulerOS-SA-2019-1160 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.CVE-2018-10897\");\n\n script_tag(name:\"affected\", value:\"'yum-utils' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~42.h1\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for dnf FEDORA-2019-1fccede810", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875731", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875731", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875731\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:18:11 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for dnf FEDORA-2019-1fccede810\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGU2BDBWTERBZORLF56FQPGLJE4WGCFJ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dnf'\n package(s) announced via the FEDORA-2019-1fccede810 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Utility that allows users to manage packages on their systems.\nIt supports RPMs, modules and comps groups & environments.\");\n\n script_tag(name:\"affected\", value:\"'dnf' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dnf\", rpm:\"dnf~4.1.0~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for libcomps FEDORA-2019-1fccede810", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875632", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875632", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875632\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:13:48 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for libcomps FEDORA-2019-1fccede810\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJS6HJ7MYCPHDEWBWUNY5SVUZ2HOGT2G\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libcomps'\n package(s) announced via the FEDORA-2019-1fccede810 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Libcomps is library for structure-like manipulation with content of\ncomps XML files. Supports read/write XML file, structure(s) modification.\");\n\n script_tag(name:\"affected\", value:\"'libcomps' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libcomps\", rpm:\"libcomps~0.1.10~2.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:36:48", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2019-1415)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191415", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191415", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1415\");\n script_version(\"2020-01-23T11:43:19+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:43:19 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:43:19 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2019-1415)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1415\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1415\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'yum-utils' package(s) announced via the EulerOS-SA-2019-1415 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.(CVE-2018-10897)\");\n\n script_tag(name:\"affected\", value:\"'yum-utils' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-fastestmirror\", rpm:\"yum-plugin-fastestmirror~1.1.31~46\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~46\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for dnf-plugins-extras FEDORA-2019-1fccede810", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875757", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875757", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875757\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:19:31 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for dnf-plugins-extras FEDORA-2019-1fccede810\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWU5VSDZ7HMTTRQABT46KDUVTFV4HCYM\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dnf-plugins-extras'\n package(s) announced via the FEDORA-2019-1fccede810 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Extras Plugins for DNF.\");\n\n script_tag(name:\"affected\", value:\"'dnf-plugins-extras' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dnf-plugins-extras\", rpm:\"dnf-plugins-extras~4.0.2~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for dnf-plugins-core FEDORA-2019-1fccede810", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875861", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875861", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875861\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:24:34 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for dnf-plugins-core FEDORA-2019-1fccede810\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKVE7N7VZH2T7GY65VZKWNNDACGZQRPQ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dnf-plugins-core'\n package(s) announced via the FEDORA-2019-1fccede810 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Core Plugins for DNF. This package enhances DNF with builddep, config-manager,\ncopr, debug, debuginfo-install, download, needs-restarting, repoclosure,\nrepograph, repomanage, reposync, changelog and repodiff commands. Additionally\nprovides generate_completion_cache passive plugin.\");\n\n script_tag(name:\"affected\", value:\"'dnf-plugins-core' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dnf-plugins-core\", rpm:\"dnf-plugins-core~4.0.4~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-09-28T00:00:00", "type": "openvas", "title": "Fedora Update for yum-utils FEDORA-2018-3aafb854a9", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875109", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875109", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_3aafb854a9_yum-utils_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for yum-utils FEDORA-2018-3aafb854a9\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875109\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-09-28 13:34:55 +0200 (Fri, 28 Sep 2018)\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for yum-utils FEDORA-2018-3aafb854a9\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'yum-utils'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"yum-utils on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-3aafb854a9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6YI7EHWQR75S5AV7RAV4VGWO535PTZAO\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~514.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for libdnf FEDORA-2019-1fccede810", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875957", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875957", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875957\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:29:40 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for libdnf FEDORA-2019-1fccede810\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQPC3CGOUDVZPBP7MHBEWGTYREJBYK2L\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libdnf'\n package(s) announced via the FEDORA-2019-1fccede810 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A Library providing simplified C and Python API to libsolv.\");\n\n script_tag(name:\"affected\", value:\"'libdnf' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libdnf\", rpm:\"libdnf~0.26.0~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2021-11-27T10:47:48", "description": "Libcomps is library for structure-like manipulation with content of comps XML files. Supports read/write XML file, structure(s) modification. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-02-21T02:58:54", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: libcomps-0.1.10-2.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2019-02-21T02:58:54", "id": "FEDORA:54940602DC0C", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-27T10:47:48", "description": "Utility that allows users to manage packages on their systems. It supports RPMs, modules and comps groups & environments. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-02-21T02:58:52", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: dnf-4.1.0-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2019-02-21T02:58:52", "id": "FEDORA:9480860CCF12", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-27T10:47:48", "description": "A Library providing simplified C and Python API to libsolv. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-02-21T02:58:54", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: libdnf-0.26.0-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2019-02-21T02:58:54", "id": "FEDORA:91EC760CCF29", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-27T10:47:48", "description": "A library providing C and Python (libcURL like) API to downloading reposito ry metadata. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-02-21T02:58:54", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: librepo-1.9.4-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2019-02-21T02:58:54", "id": "FEDORA:C6DFD60CCF2A", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-27T10:47:48", "description": "Core Plugins for DNF. This package enhances DNF with builddep, config-manag er, copr, debug, debuginfo-install, download, needs-restarting, repoclosure, repograph, repomanage, reposync, changelog and repodiff commands. Additiona lly provides generate_completion_cache passive plugin. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-02-21T02:58:53", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: dnf-plugins-core-4.0.4-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2019-02-21T02:58:53", "id": "FEDORA:D60E460CCF20", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "yum-utils is a collection of utilities and examples for the yum package manager. It includes utilities by different authors that make yum easier and more powerful to use. These tools include: debuginfo-install, find-repos-of-install, needs-restarting, package-cleanup, repoclosure, repodiff, repo-graph, repomanage, repoquery, repo-rss, reposync, repotrack, show-installed, show-changed-rco, verifytree, yumdownloader, yum-builddep, yum-complete-transaction, yum-config-manager, yum-debug-dump, yum-debug-restore and yum-groups-manager. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-27T17:29:34", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: yum-utils-1.1.31-515.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-09-27T17:29:34", "id": "FEDORA:49A4560A6175", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-27T10:47:48", "description": "Extras Plugins for DNF. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-02-21T02:58:54", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: dnf-plugins-extras-4.0.2-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2019-02-21T02:58:54", "id": "FEDORA:1CD3F60CCF0B", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "yum-utils is a collection of utilities and examples for the yum package manager. It includes utilities by different authors that make yum easier and more powerful to use. These tools include: debuginfo-install, find-repos-of-install, needs-restarting, package-cleanup, repoclosure, repodiff, repo-graph, repomanage, repoquery, repo-rss, reposync, repotrack, show-installed, show-changed-rco, verifytree, yumdownloader, yum-builddep, yum-complete-transaction, yum-config-manager, yum-debug-dump, yum-debug-restore and yum-groups-manager. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-27T16:18:02", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: yum-utils-1.1.31-514.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-09-27T16:18:02", "id": "FEDORA:54E526098827", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-27T10:47:48", "description": "C implementation of Createrepo. A set of utilities (createrepo_c, mergerepo_c, modifyrepo_c) for generating a common metadata repository from a directory of rpm packages and maintaining it. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-02-21T02:58:50", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: createrepo_c-0.12.1-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2019-02-21T02:58:50", "id": "FEDORA:47BF560CCF04", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "yum-utils is a collection of utilities and examples for the yum package manager. It includes utilities by different authors that make yum easier and more powerful to use. These tools include: debuginfo-install, find-repos-of-install, needs-restarting, package-cleanup, repoclosure, repodiff, repo-graph, repomanage, repoquery, repo-rss, reposync, repotrack, show-installed, show-changed-rco, verifytree, yumdownloader, yum-builddep, yum-complete-transaction, yum-config-manager, yum-debug-dump, yum-debug-restore and yum-groups-manager. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-10-04T14:10:15", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: yum-utils-1.1.31-517.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-10-04T14:10:15", "id": "FEDORA:07330600627B", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-09-27T00:52:07", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has yum-utils packages installed that are affected by a vulnerability:\n\n - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.\n (CVE-2018-10897)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : yum-utils Vulnerability (NS-SA-2019-0024)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0024_YUM-UTILS.NASL", "href": "https://www.tenable.com/plugins/nessus/127184", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0024. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127184);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-10897\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : yum-utils Vulnerability (NS-SA-2019-0024)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has yum-utils packages installed that are affected\nby a vulnerability:\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to copy\n files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted system,\n this flaw could potentially result in system compromise\n via the overwriting of critical system files.\n (CVE-2018-10897)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0024\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL yum-utils packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10897\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"yum-NetworkManager-dispatcher-1.1.31-46.el7_5\",\n \"yum-plugin-aliases-1.1.31-46.el7_5\",\n \"yum-plugin-auto-update-debug-info-1.1.31-46.el7_5\",\n \"yum-plugin-changelog-1.1.31-46.el7_5\",\n \"yum-plugin-copr-1.1.31-46.el7_5\",\n \"yum-plugin-fastestmirror-1.1.31-46.el7_5\",\n \"yum-plugin-filter-data-1.1.31-46.el7_5\",\n \"yum-plugin-fs-snapshot-1.1.31-46.el7_5\",\n \"yum-plugin-keys-1.1.31-46.el7_5\",\n \"yum-plugin-list-data-1.1.31-46.el7_5\",\n \"yum-plugin-local-1.1.31-46.el7_5\",\n \"yum-plugin-merge-conf-1.1.31-46.el7_5\",\n \"yum-plugin-ovl-1.1.31-46.el7_5\",\n \"yum-plugin-post-transaction-actions-1.1.31-46.el7_5\",\n \"yum-plugin-pre-transaction-actions-1.1.31-46.el7_5\",\n \"yum-plugin-priorities-1.1.31-46.el7_5\",\n \"yum-plugin-protectbase-1.1.31-46.el7_5\",\n \"yum-plugin-ps-1.1.31-46.el7_5\",\n \"yum-plugin-remove-with-leaves-1.1.31-46.el7_5\",\n \"yum-plugin-rpm-warm-cache-1.1.31-46.el7_5\",\n \"yum-plugin-show-leaves-1.1.31-46.el7_5\",\n \"yum-plugin-tmprepo-1.1.31-46.el7_5\",\n \"yum-plugin-tsflags-1.1.31-46.el7_5\",\n \"yum-plugin-upgrade-helper-1.1.31-46.el7_5\",\n \"yum-plugin-verify-1.1.31-46.el7_5\",\n \"yum-plugin-versionlock-1.1.31-46.el7_5\",\n \"yum-updateonboot-1.1.31-46.el7_5\",\n \"yum-utils-1.1.31-46.el7_5\"\n ],\n \"CGSL MAIN 5.04\": [\n \"yum-NetworkManager-dispatcher-1.1.31-46.el7_5\",\n \"yum-plugin-aliases-1.1.31-46.el7_5\",\n \"yum-plugin-auto-update-debug-info-1.1.31-46.el7_5\",\n \"yum-plugin-changelog-1.1.31-46.el7_5\",\n \"yum-plugin-copr-1.1.31-46.el7_5\",\n \"yum-plugin-fastestmirror-1.1.31-46.el7_5\",\n \"yum-plugin-filter-data-1.1.31-46.el7_5\",\n \"yum-plugin-fs-snapshot-1.1.31-46.el7_5\",\n \"yum-plugin-keys-1.1.31-46.el7_5\",\n \"yum-plugin-list-data-1.1.31-46.el7_5\",\n \"yum-plugin-local-1.1.31-46.el7_5\",\n \"yum-plugin-merge-conf-1.1.31-46.el7_5\",\n \"yum-plugin-ovl-1.1.31-46.el7_5\",\n \"yum-plugin-post-transaction-actions-1.1.31-46.el7_5\",\n \"yum-plugin-pre-transaction-actions-1.1.31-46.el7_5\",\n \"yum-plugin-priorities-1.1.31-46.el7_5\",\n \"yum-plugin-protectbase-1.1.31-46.el7_5\",\n \"yum-plugin-ps-1.1.31-46.el7_5\",\n \"yum-plugin-remove-with-leaves-1.1.31-46.el7_5\",\n \"yum-plugin-rpm-warm-cache-1.1.31-46.el7_5\",\n \"yum-plugin-show-leaves-1.1.31-46.el7_5\",\n \"yum-plugin-tmprepo-1.1.31-46.el7_5\",\n \"yum-plugin-tsflags-1.1.31-46.el7_5\",\n \"yum-plugin-upgrade-helper-1.1.31-46.el7_5\",\n \"yum-plugin-verify-1.1.31-46.el7_5\",\n \"yum-plugin-versionlock-1.1.31-46.el7_5\",\n \"yum-updateonboot-1.1.31-46.el7_5\",\n \"yum-utils-1.1.31-46.el7_5\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T01:00:59", "description": "An update for yum-utils is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-02T00:00:00", "type": "nessus", "title": "RHEL 7 : yum-utils (RHSA-2018:2285)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:yum-NetworkManager-dispatcher", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-aliases", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-auto-update-debug-info", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-changelog", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-copr", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-fastestmirror", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-filter-data", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-fs-snapshot", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-keys", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-list-data", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-local", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-merge-conf", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-ovl", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-post-transaction-actions", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-pre-transaction-actions", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-priorities", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-protectbase", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-ps", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-remove-with-leaves", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-rpm-warm-cache", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-show-leaves", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-tmprepo", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-tsflags", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-upgrade-helper", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-verify", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-versionlock", "p-cpe:/a:redhat:enterprise_linux:yum-updateonboot", "p-cpe:/a:redhat:enterprise_linux:yum-utils", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2018-2285.NASL", "href": "https://www.tenable.com/plugins/nessus/111490", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2285. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111490);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"RHSA\", value:\"2018:2285\");\n\n script_name(english:\"RHEL 7 : yum-utils (RHSA-2018:2285)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for yum-utils is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples\nfor the yum package manager to make yum easier and more powerful to\nuse.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory\ntraversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron\nLevy (Clover Network) for reporting this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:2285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10897\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-copr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-pre-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2285\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"yum-NetworkManager-dispatcher-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-aliases-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-auto-update-debug-info-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-changelog-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-copr-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-fastestmirror-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-filter-data-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-fs-snapshot-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-keys-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-list-data-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-local-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-merge-conf-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-ovl-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-post-transaction-actions-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-pre-transaction-actions-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-priorities-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-protectbase-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-ps-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-remove-with-leaves-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-rpm-warm-cache-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-show-leaves-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-tmprepo-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-tsflags-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-upgrade-helper-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-verify-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-versionlock-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-updateonboot-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-utils-1.1.31-46.el7_5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T00:54:14", "description": "Security fix for CVE-2018-10897\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 29 : yum-utils (2018-357e8e07ce)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:yum-utils", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2018-357E8E07CE.NASL", "href": "https://www.tenable.com/plugins/nessus/120345", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-357e8e07ce.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120345);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"FEDORA\", value:\"2018-357e8e07ce\");\n\n script_name(english:\"Fedora 29 : yum-utils (2018-357e8e07ce)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2018-10897\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-357e8e07ce\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected yum-utils package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"yum-utils-1.1.31-517.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T01:00:50", "description": "From Red Hat Security Advisory 2018:2285 :\n\nAn update for yum-utils is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-02T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : yum-utils (ELSA-2018-2285)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-09-27T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:yum-NetworkManager-dispatcher", "p-cpe:/a:oracle:linux:yum-plugin-aliases", "p-cpe:/a:oracle:linux:yum-plugin-auto-update-debug-info", "p-cpe:/a:oracle:linux:yum-plugin-changelog", "p-cpe:/a:oracle:linux:yum-plugin-copr", "p-cpe:/a:oracle:linux:yum-plugin-fastestmirror", "p-cpe:/a:oracle:linux:yum-plugin-filter-data", "p-cpe:/a:oracle:linux:yum-plugin-fs-snapshot", "p-cpe:/a:oracle:linux:yum-plugin-keys", "p-cpe:/a:oracle:linux:yum-plugin-list-data", "p-cpe:/a:oracle:linux:yum-plugin-local", "p-cpe:/a:oracle:linux:yum-plugin-merge-conf", "p-cpe:/a:oracle:linux:yum-plugin-ovl", "p-cpe:/a:oracle:linux:yum-plugin-post-transaction-actions", "p-cpe:/a:oracle:linux:yum-plugin-pre-transaction-actions", "p-cpe:/a:oracle:linux:yum-plugin-priorities", "p-cpe:/a:oracle:linux:yum-plugin-protectbase", "p-cpe:/a:oracle:linux:yum-plugin-ps", "p-cpe:/a:oracle:linux:yum-plugin-remove-with-leaves", "p-cpe:/a:oracle:linux:yum-plugin-rpm-warm-cache", "p-cpe:/a:oracle:linux:yum-plugin-show-leaves", "p-cpe:/a:oracle:linux:yum-plugin-tmprepo", "p-cpe:/a:oracle:linux:yum-plugin-tsflags", "p-cpe:/a:oracle:linux:yum-plugin-upgrade-helper", "p-cpe:/a:oracle:linux:yum-plugin-verify", "p-cpe:/a:oracle:linux:yum-plugin-versionlock", "p-cpe:/a:oracle:linux:yum-updateonboot", "p-cpe:/a:oracle:linux:yum-utils", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2018-2285.NASL", "href": "https://www.tenable.com/plugins/nessus/111483", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:2285 and \n# Oracle Linux Security Advisory ELSA-2018-2285 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111483);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/09/27 13:00:38\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"RHSA\", value:\"2018:2285\");\n\n script_name(english:\"Oracle Linux 7 : yum-utils (ELSA-2018-2285)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2018:2285 :\n\nAn update for yum-utils is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples\nfor the yum package manager to make yum easier and more powerful to\nuse.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory\ntraversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron\nLevy (Clover Network) for reporting this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-July/007913.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected yum-utils packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-copr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-pre-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-NetworkManager-dispatcher-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-aliases-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-auto-update-debug-info-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-changelog-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-copr-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-fastestmirror-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-filter-data-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-fs-snapshot-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-keys-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-list-data-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-local-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-merge-conf-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-ovl-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-post-transaction-actions-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-pre-transaction-actions-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-priorities-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-protectbase-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-ps-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-remove-with-leaves-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-rpm-warm-cache-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-show-leaves-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-tmprepo-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-tsflags-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-upgrade-helper-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-verify-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-plugin-versionlock-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-updateonboot-1.1.31-46.0.1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"yum-utils-1.1.31-46.0.1.el7_5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T01:00:39", "description": "Security Fix(es) :\n\n - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-02T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : yum-utils on SL7.x (noarch) (20180730)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:yum-NetworkManager-dispatcher", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-aliases", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-auto-update-debug-info", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-changelog", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-copr", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-fastestmirror", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-filter-data", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-fs-snapshot", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-keys", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-list-data", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-local", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-merge-conf", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-ovl", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-post-transaction-actions", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-pre-transaction-actions", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-priorities", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-protectbase", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-ps", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-remove-with-leaves", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-rpm-warm-cache", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-show-leaves", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-tmprepo", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-tsflags", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-upgrade-helper", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-verify", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-versionlock", "p-cpe:/a:fermilab:scientific_linux:yum-updateonboot", "p-cpe:/a:fermilab:scientific_linux:yum-utils", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20180730_YUM_UTILS_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/111497", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111497);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-10897\");\n\n script_name(english:\"Scientific Linux Security Update : yum-utils on SL7.x (noarch) (20180730)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1807&L=scientific-linux-errata&F=&S=&P=11881\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?17b5c2c8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-copr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-pre-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", reference:\"yum-NetworkManager-dispatcher-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-aliases-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-auto-update-debug-info-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-changelog-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-copr-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-fastestmirror-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-filter-data-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-fs-snapshot-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-keys-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-list-data-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-local-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-merge-conf-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-ovl-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-post-transaction-actions-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-pre-transaction-actions-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-priorities-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-protectbase-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-ps-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-remove-with-leaves-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-rpm-warm-cache-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-show-leaves-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-tmprepo-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-tsflags-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-upgrade-helper-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-verify-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-versionlock-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-updateonboot-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-utils-1.1.31-46.el7_5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T12:34:36", "description": "According to the version of the yum-utils packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :\n\n - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.(CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.1.0 : yum-utils (EulerOS-SA-2019-1415)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:yum-plugin-fastestmirror", "p-cpe:/a:huawei:euleros:yum-utils", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1415.NASL", "href": "https://www.tenable.com/plugins/nessus/124918", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124918);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10897\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.1.0 : yum-utils (EulerOS-SA-2019-1415)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the yum-utils packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to\n copy files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted\n system, this flaw could potentially result in system\n compromise via the overwriting of critical system\n files. Version 1.1.31 and older are believed to be\n affected.(CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1415\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?21ebddb7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected yum-utils package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"yum-plugin-fastestmirror-1.1.31-46\",\n \"yum-utils-1.1.31-46\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T13:04:51", "description": "**createrepo_c**\n\n - Include file timestamp in repomd.xml to allow reproducing exact metadata as produced in the past\n\n - Support of zchunk\n\n**libcomps**\n\n**librepo**\n\n - Add zchunk support\n\n**libdnf**\n\n - Enhance modular solver to handle enabled and default module streams differently (RhBug:1648839)\n\n - Add support of wild cards for modules (RhBug:1644588)\n\n - Revert commit that adds best as default behavior\n\n**dnf**\n\n - Updated difference YUM vs. DNF for yum-updateonboot\n\n - Added new command ``dnf alias [options] [list|add|delete] [<name>...]`` to allow the user to define and manage a list of aliases\n\n - Enhanced documentation\n\n - Unifying return codes for remove operations\n\n - [transaction] Make transaction content available for commands\n\n - Triggering transaction hooks if no transaction (RhBug:1650157)\n\n - Add hotfix packages to install pool (RhBug:1654738)\n\n - Report group operation in transaction table\n\n - [sack] Change algorithm to calculate rpmdb_version\n\n - Allow to enable modules that break default modules (RhBug:1648839)\n\n - Enhance documentation - API examples\n\n - Add --nobest option\n\n - Revert commit that adds best as default behavior\n\n**dnf-plugins-core**\n\n - [download] Do not download src without ``--source`` (RhBug:1666648)\n\n**dnf-plugins-extras**\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-02-21T00:00:00", "type": "nessus", "title": "Fedora 29 : createrepo_c / dnf / dnf-plugins-core / dnf-plugins-extras / etc (2019-1fccede810)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2020-02-10T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:createrepo_c", "p-cpe:/a:fedoraproject:fedora:dnf", "p-cpe:/a:fedoraproject:fedora:dnf-plugins-core", "p-cpe:/a:fedoraproject:fedora:dnf-plugins-extras", "p-cpe:/a:fedoraproject:fedora:libcomps", "p-cpe:/a:fedoraproject:fedora:libdnf", "p-cpe:/a:fedoraproject:fedora:librepo", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-1FCCEDE810.NASL", "href": "https://www.tenable.com/plugins/nessus/122354", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-1fccede810.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122354);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/10\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n\n script_name(english:\"Fedora 29 : createrepo_c / dnf / dnf-plugins-core / dnf-plugins-extras / etc (2019-1fccede810)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"**createrepo_c**\n\n - Include file timestamp in repomd.xml to allow\n reproducing exact metadata as produced in the past\n\n - Support of zchunk\n\n**libcomps**\n\n**librepo**\n\n - Add zchunk support\n\n**libdnf**\n\n - Enhance modular solver to handle enabled and default\n module streams differently (RhBug:1648839)\n\n - Add support of wild cards for modules (RhBug:1644588)\n\n - Revert commit that adds best as default behavior\n\n**dnf**\n\n - Updated difference YUM vs. DNF for yum-updateonboot\n\n - Added new command ``dnf alias [options]\n [list|add|delete] [<name>...]`` to allow the user to\n define and manage a list of aliases\n\n - Enhanced documentation\n\n - Unifying return codes for remove operations\n\n - [transaction] Make transaction content available for\n commands\n\n - Triggering transaction hooks if no transaction\n (RhBug:1650157)\n\n - Add hotfix packages to install pool (RhBug:1654738)\n\n - Report group operation in transaction table\n\n - [sack] Change algorithm to calculate rpmdb_version\n\n - Allow to enable modules that break default modules\n (RhBug:1648839)\n\n - Enhance documentation - API examples\n\n - Add --nobest option\n\n - Revert commit that adds best as default behavior\n\n**dnf-plugins-core**\n\n - [download] Do not download src without ``--source``\n (RhBug:1666648)\n\n**dnf-plugins-extras**\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-1fccede810\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:createrepo_c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dnf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dnf-plugins-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dnf-plugins-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libcomps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libdnf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:librepo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"createrepo_c-0.12.1-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"dnf-4.1.0-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"dnf-plugins-core-4.0.4-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"dnf-plugins-extras-4.0.2-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"libcomps-0.1.10-2.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"libdnf-0.26.0-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"librepo-1.9.4-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"createrepo_c / dnf / dnf-plugins-core / dnf-plugins-extras / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T00:59:48", "description": "An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor.\nRed Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nThe ovirt-node-ng packages provide the Red Hat Virtualization Host.\nThese packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.\n\nBug fix :\n\n* This update rebases imgbased to version 1.0.24. This update fixes the issue with removing broken symlinks when synchronizing layers.\n(BZ#1598781) (BZ# 1622025)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-09-06T00:00:00", "type": "nessus", "title": "RHEL 7 : Virtualization (RHSA-2018:2626)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:imgbased", "p-cpe:/a:redhat:enterprise_linux:python-imgbased", "p-cpe:/a:redhat:enterprise_linux:redhat-release-virtualization-host", "p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update", "p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update-placeholder", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2018-2626.NASL", "href": "https://www.tenable.com/plugins/nessus/117323", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2626. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117323);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"RHSA\", value:\"2018:2626\");\n\n script_name(english:\"RHEL 7 : Virtualization (RHSA-2018:2626)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for redhat-virtualization-host is now available for Red Hat\nVirtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe redhat-virtualization-host packages provide the Red Hat\nVirtualization Host. These packages include\nredhat-release-virtualization-host, ovirt-node, and rhev-hypervisor.\nRed Hat Virtualization Hosts (RHVH) are installed using a special\nbuild of Red Hat Enterprise Linux with only the packages required to\nhost virtual machines. RHVH features a Cockpit user interface for\nmonitoring the host's resources and performing administrative tasks.\n\nThe ovirt-node-ng packages provide the Red Hat Virtualization Host.\nThese packages include redhat-release-virtualization-host, ovirt-node,\nand rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed\nusing a special build of Red Hat Enterprise Linux with only the\npackages required to host virtual machines. RHVH features a Cockpit\nuser interface for monitoring the host's resources and performing\nadministrative tasks.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory\ntraversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron\nLevy (Clover Network) for reporting this issue.\n\nBug fix :\n\n* This update rebases imgbased to version 1.0.24. This update fixes\nthe issue with removing broken symlinks when synchronizing layers.\n(BZ#1598781) (BZ# 1622025)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:2626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10897\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:imgbased\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-imgbased\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-release-virtualization-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update-placeholder\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2626\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"redhat-release-virtualization-host-4.2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Virtualization\");\n\n if (rpm_check(release:\"RHEL7\", reference:\"imgbased-1.0.24-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"python-imgbased-1.0.24-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"redhat-release-virtualization-host-4.2-6.0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"redhat-virtualization-host-image-update-4.2-20180828.2.el7_5\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"redhat-virtualization-host-image-update-placeholder-4.2-6.0.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"imgbased / python-imgbased / redhat-release-virtualization-host / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T01:00:39", "description": "From Red Hat Security Advisory 2018:2284 :\n\nAn update for yum-utils is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-02T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : yum-utils (ELSA-2018-2284)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-09-27T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:yum-NetworkManager-dispatcher", "p-cpe:/a:oracle:linux:yum-plugin-aliases", "p-cpe:/a:oracle:linux:yum-plugin-auto-update-debug-info", "p-cpe:/a:oracle:linux:yum-plugin-changelog", "p-cpe:/a:oracle:linux:yum-plugin-fastestmirror", "p-cpe:/a:oracle:linux:yum-plugin-filter-data", "p-cpe:/a:oracle:linux:yum-plugin-fs-snapshot", "p-cpe:/a:oracle:linux:yum-plugin-keys", "p-cpe:/a:oracle:linux:yum-plugin-list-data", "p-cpe:/a:oracle:linux:yum-plugin-local", "p-cpe:/a:oracle:linux:yum-plugin-merge-conf", "p-cpe:/a:oracle:linux:yum-plugin-ovl", "p-cpe:/a:oracle:linux:yum-plugin-post-transaction-actions", "p-cpe:/a:oracle:linux:yum-plugin-priorities", "p-cpe:/a:oracle:linux:yum-plugin-protectbase", "p-cpe:/a:oracle:linux:yum-plugin-ps", "p-cpe:/a:oracle:linux:yum-plugin-remove-with-leaves", "p-cpe:/a:oracle:linux:yum-plugin-rpm-warm-cache", "p-cpe:/a:oracle:linux:yum-plugin-security", "p-cpe:/a:oracle:linux:yum-plugin-show-leaves", "p-cpe:/a:oracle:linux:yum-plugin-tmprepo", "p-cpe:/a:oracle:linux:yum-plugin-tsflags", "p-cpe:/a:oracle:linux:yum-plugin-upgrade-helper", "p-cpe:/a:oracle:linux:yum-plugin-verify", "p-cpe:/a:oracle:linux:yum-plugin-versionlock", "p-cpe:/a:oracle:linux:yum-updateonboot", "p-cpe:/a:oracle:linux:yum-utils", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2018-2284.NASL", "href": "https://www.tenable.com/plugins/nessus/111482", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:2284 and \n# Oracle Linux Security Advisory ELSA-2018-2284 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111482);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/09/27 13:00:38\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"RHSA\", value:\"2018:2284\");\n\n script_name(english:\"Oracle Linux 6 : yum-utils (ELSA-2018-2284)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2018:2284 :\n\nAn update for yum-utils is now available for Red Hat Enterprise Linux\n6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples\nfor the yum package manager to make yum easier and more powerful to\nuse.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory\ntraversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron\nLevy (Clover Network) for reporting this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-July/007915.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected yum-utils packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"yum-NetworkManager-dispatcher-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-aliases-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-auto-update-debug-info-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-changelog-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-fastestmirror-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-filter-data-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-fs-snapshot-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-keys-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-list-data-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-local-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-merge-conf-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-ovl-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-post-transaction-actions-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-priorities-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-protectbase-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-ps-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-remove-with-leaves-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-rpm-warm-cache-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-security-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-show-leaves-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-tmprepo-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-tsflags-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-upgrade-helper-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-verify-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-plugin-versionlock-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-updateonboot-1.1.30-42.0.1.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"yum-utils-1.1.30-42.0.1.el6_10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T15:54:52", "description": "According to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-10-26T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.0 : yum-utils (EulerOS-SA-2018-1349)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2022-02-01T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:yum-utils", "cpe:/o:huawei:euleros:uvp:2.5.0"], "id": "EULEROS_SA-2018-1349.NASL", "href": "https://www.tenable.com/plugins/nessus/118437", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118437);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/01\");\n\n script_cve_id(\"CVE-2018-10897\");\n\n script_name(english:\"EulerOS Virtualization 2.5.0 : yum-utils (EulerOS-SA-2018-1349)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the yum-utils package installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1349\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?96a5bb35\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected yum-utils package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10897\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"yum-utils-1.1.31-29.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T15:56:03", "description": "According to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-10-26T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.1 : yum-utils (EulerOS-SA-2018-1327)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2022-02-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:yum-utils", "cpe:/o:huawei:euleros:uvp:2.5.1"], "id": "EULEROS_SA-2018-1327.NASL", "href": "https://www.tenable.com/plugins/nessus/118415", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118415);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/03\");\n\n script_cve_id(\"CVE-2018-10897\");\n\n script_name(english:\"EulerOS Virtualization 2.5.1 : yum-utils (EulerOS-SA-2018-1327)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the yum-utils package installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1327\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7ea9634b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected yum-utils package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10897\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"yum-utils-1.1.31-29.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T15:52:12", "description": "According to the version of the yum-utils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-09-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : yum-utils (EulerOS-SA-2018-1320)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2022-03-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:yum-plugin-aliases", "p-cpe:/a:huawei:euleros:yum-plugin-changelog", "p-cpe:/a:huawei:euleros:yum-plugin-priorities", "p-cpe:/a:huawei:euleros:yum-plugin-tmprepo", "p-cpe:/a:huawei:euleros:yum-plugin-verify", "p-cpe:/a:huawei:euleros:yum-plugin-versionlock", "p-cpe:/a:huawei:euleros:yum-utils", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1320.NASL", "href": "https://www.tenable.com/plugins/nessus/117763", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117763);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/03\");\n\n script_cve_id(\"CVE-2018-10897\");\n\n script_name(english:\"EulerOS 2.0 SP3 : yum-utils (EulerOS-SA-2018-1320)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the yum-utils packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1320\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1d053134\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected yum-utils package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10897\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"yum-plugin-aliases-1.1.31-34.h1\",\n \"yum-plugin-changelog-1.1.31-34.h1\",\n \"yum-plugin-priorities-1.1.31-34.h1\",\n \"yum-plugin-tmprepo-1.1.31-34.h1\",\n \"yum-plugin-verify-1.1.31-34.h1\",\n \"yum-plugin-versionlock-1.1.31-34.h1\",\n \"yum-utils-1.1.31-34.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T01:00:14", "description": "Security Fix(es) :\n\n - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-02T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : yum-utils on SL6.x (noarch) (20180730)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:yum-NetworkManager-dispatcher", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-aliases", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-auto-update-debug-info", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-changelog", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-fastestmirror", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-filter-data", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-fs-snapshot", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-keys", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-list-data", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-local", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-merge-conf", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-ovl", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-post-transaction-actions", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-priorities", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-protectbase", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-ps", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-remove-with-leaves", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-rpm-warm-cache", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-security", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-show-leaves", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-tmprepo", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-tsflags", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-upgrade-helper", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-verify", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-versionlock", "p-cpe:/a:fermilab:scientific_linux:yum-updateonboot", "p-cpe:/a:fermilab:scientific_linux:yum-utils", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20180730_YUM_UTILS_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/111496", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111496);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-10897\");\n\n script_name(english:\"Scientific Linux Security Update : yum-utils on SL6.x (noarch) (20180730)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1807&L=scientific-linux-errata&F=&S=&P=12557\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5fa40177\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"yum-NetworkManager-dispatcher-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-aliases-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-auto-update-debug-info-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-changelog-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-fastestmirror-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-filter-data-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-fs-snapshot-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-keys-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-list-data-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-local-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-merge-conf-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-ovl-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-post-transaction-actions-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-priorities-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-protectbase-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-ps-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-remove-with-leaves-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-rpm-warm-cache-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-security-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-show-leaves-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-tmprepo-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-tsflags-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-upgrade-helper-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-verify-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-versionlock-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-updateonboot-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-utils-1.1.30-42.el6_10\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T15:52:12", "description": "According to the version of the yum-utils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-09-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : yum-utils (EulerOS-SA-2018-1319)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2022-03-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:yum-plugin-aliases", "p-cpe:/a:huawei:euleros:yum-plugin-changelog", "p-cpe:/a:huawei:euleros:yum-plugin-priorities", "p-cpe:/a:huawei:euleros:yum-plugin-tmprepo", "p-cpe:/a:huawei:euleros:yum-plugin-verify", "p-cpe:/a:huawei:euleros:yum-plugin-versionlock", "p-cpe:/a:huawei:euleros:yum-utils", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1319.NASL", "href": "https://www.tenable.com/plugins/nessus/117762", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117762);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/03\");\n\n script_cve_id(\"CVE-2018-10897\");\n\n script_name(english:\"EulerOS 2.0 SP2 : yum-utils (EulerOS-SA-2018-1319)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the yum-utils packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1319\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?031de15a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected yum-utils package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10897\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"yum-plugin-aliases-1.1.31-34.h1\",\n \"yum-plugin-changelog-1.1.31-34.h1\",\n \"yum-plugin-priorities-1.1.31-34.h1\",\n \"yum-plugin-tmprepo-1.1.31-34.h1\",\n \"yum-plugin-verify-1.1.31-34.h1\",\n \"yum-plugin-versionlock-1.1.31-34.h1\",\n \"yum-utils-1.1.31-34.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T00:59:03", "description": "A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. (CVE-2018-10897)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-24T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : yum-utils (ALAS-2018-1063)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2018-10-17T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:yum-NetworkManager-dispatcher", "p-cpe:/a:amazon:linux:yum-plugin-aliases", "p-cpe:/a:amazon:linux:yum-plugin-auto-update-debug-info", "p-cpe:/a:amazon:linux:yum-plugin-changelog", "p-cpe:/a:amazon:linux:yum-plugin-copr", "p-cpe:/a:amazon:linux:yum-plugin-fastestmirror", "p-cpe:/a:amazon:linux:yum-plugin-filter-data", "p-cpe:/a:amazon:linux:yum-plugin-fs-snapshot", "p-cpe:/a:amazon:linux:yum-plugin-keys", "p-cpe:/a:amazon:linux:yum-plugin-list-data", "p-cpe:/a:amazon:linux:yum-plugin-local", "p-cpe:/a:amazon:linux:yum-plugin-merge-conf", "p-cpe:/a:amazon:linux:yum-plugin-ovl", "p-cpe:/a:amazon:linux:yum-plugin-post-transaction-actions", "p-cpe:/a:amazon:linux:yum-plugin-pre-transaction-actions", "p-cpe:/a:amazon:linux:yum-plugin-priorities", "p-cpe:/a:amazon:linux:yum-plugin-protectbase", "p-cpe:/a:amazon:linux:yum-plugin-ps", "p-cpe:/a:amazon:linux:yum-plugin-remove-with-leaves", "p-cpe:/a:amazon:linux:yum-plugin-rpm-warm-cache", "p-cpe:/a:amazon:linux:yum-plugin-show-leaves", "p-cpe:/a:amazon:linux:yum-plugin-tmprepo", "p-cpe:/a:amazon:linux:yum-plugin-tsflags", "p-cpe:/a:amazon:linux:yum-plugin-upgrade-helper", "p-cpe:/a:amazon:linux:yum-plugin-verify", "p-cpe:/a:amazon:linux:yum-plugin-versionlock", "p-cpe:/a:amazon:linux:yum-updateonboot", "p-cpe:/a:amazon:linux:yum-utils", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2018-1063.NASL", "href": "https://www.tenable.com/plugins/nessus/112088", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2018-1063.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(112088);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/10/17 12:00:17\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"ALAS\", value:\"2018-1063\");\n\n script_name(english:\"Amazon Linux 2 : yum-utils (ALAS-2018-1063)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A directory traversal issue was found in reposync, a part of\nyum-utils, where reposync fails to sanitize paths in remote repository\nconfiguration files. If an attacker controls a repository, they may be\nable to copy files outside of the destination directory on the\ntargeted system via path traversal. If reposync is running with\nheightened privileges on a targeted system, this flaw could\npotentially result in system compromise via the overwriting of\ncritical system files. (CVE-2018-10897)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2018-1063.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update yum-utils' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-copr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-pre-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"yum-NetworkManager-dispatcher-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-aliases-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-auto-update-debug-info-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-changelog-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-copr-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-fastestmirror-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-filter-data-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-fs-snapshot-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-keys-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-list-data-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-local-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-merge-conf-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-ovl-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-post-transaction-actions-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-pre-transaction-actions-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-priorities-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-protectbase-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-ps-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-remove-with-leaves-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-rpm-warm-cache-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-show-leaves-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-tmprepo-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-tsflags-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-upgrade-helper-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-verify-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-plugin-versionlock-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-updateonboot-1.1.31-46.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"yum-utils-1.1.31-46.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T00:59:34", "description": "A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.(CVE-2018-10897)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-10T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : yum-utils (ALAS-2018-1057)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2018-10-17T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:yum-NetworkManager-dispatcher", "p-cpe:/a:amazon:linux:yum-plugin-aliases", "p-cpe:/a:amazon:linux:yum-plugin-auto-update-debug-info", "p-cpe:/a:amazon:linux:yum-plugin-changelog", "p-cpe:/a:amazon:linux:yum-plugin-copr", "p-cpe:/a:amazon:linux:yum-plugin-fastestmirror", "p-cpe:/a:amazon:linux:yum-plugin-filter-data", "p-cpe:/a:amazon:linux:yum-plugin-fs-snapshot", "p-cpe:/a:amazon:linux:yum-plugin-keys", "p-cpe:/a:amazon:linux:yum-plugin-list-data", "p-cpe:/a:amazon:linux:yum-plugin-local", "p-cpe:/a:amazon:linux:yum-plugin-merge-conf", "p-cpe:/a:amazon:linux:yum-plugin-ovl", "p-cpe:/a:amazon:linux:yum-plugin-post-transaction-actions", "p-cpe:/a:amazon:linux:yum-plugin-pre-transaction-actions", "p-cpe:/a:amazon:linux:yum-plugin-priorities", "p-cpe:/a:amazon:linux:yum-plugin-protectbase", "p-cpe:/a:amazon:linux:yum-plugin-ps", "p-cpe:/a:amazon:linux:yum-plugin-puppetverify", "p-cpe:/a:amazon:linux:yum-plugin-refresh-updatesd", "p-cpe:/a:amazon:linux:yum-plugin-remove-with-leaves", "p-cpe:/a:amazon:linux:yum-plugin-rpm-warm-cache", "p-cpe:/a:amazon:linux:yum-plugin-show-leaves", "p-cpe:/a:amazon:linux:yum-plugin-tmprepo", "p-cpe:/a:amazon:linux:yum-plugin-tsflags", "p-cpe:/a:amazon:linux:yum-plugin-upgrade-helper", "p-cpe:/a:amazon:linux:yum-plugin-verify", "p-cpe:/a:amazon:linux:yum-plugin-versionlock", "p-cpe:/a:amazon:linux:yum-updateonboot", "p-cpe:/a:amazon:linux:yum-utils", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1057.NASL", "href": "https://www.tenable.com/plugins/nessus/111612", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1057.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111612);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/10/17 12:00:17\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"ALAS\", value:\"2018-1057\");\n\n script_name(english:\"Amazon Linux AMI : yum-utils (ALAS-2018-1057)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A directory traversal issue was found in reposync, a part of\nyum-utils, where reposync fails to sanitize paths in remote repository\nconfiguration files. If an attacker controls a repository, they may be\nable to copy files outside of the destination directory on the\ntargeted system via path traversal. If reposync is running with\nheightened privileges on a targeted system, this flaw could\npotentially result in system compromise via the overwriting of\ncritical system files.(CVE-2018-10897)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1057.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update yum-utils' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-copr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-pre-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-puppetverify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-refresh-updatesd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"yum-NetworkManager-dispatcher-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-aliases-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-auto-update-debug-info-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-changelog-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-copr-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-fastestmirror-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-filter-data-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-fs-snapshot-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-keys-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-list-data-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-local-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-merge-conf-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-ovl-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-post-transaction-actions-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-pre-transaction-actions-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-priorities-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-protectbase-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-ps-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-puppetverify-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-refresh-updatesd-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-remove-with-leaves-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-rpm-warm-cache-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-show-leaves-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-tmprepo-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-tsflags-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-upgrade-helper-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-verify-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-plugin-versionlock-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-updateonboot-1.1.31-46.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"yum-utils-1.1.31-46.30.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T13:00:14", "description": "According to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.i1/4^CVE-2018-10897i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-09T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.3 : yum-utils (EulerOS-SA-2019-1160)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:yum-utils", "cpe:/o:huawei:euleros:uvp:2.5.3"], "id": "EULEROS_SA-2019-1160.NASL", "href": "https://www.tenable.com/plugins/nessus/123846", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123846);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10897\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.3 : yum-utils (EulerOS-SA-2019-1160)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the yum-utils package installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to\n copy files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted\n system, this flaw could potentially result in system\n compromise via the overwriting of critical system\n files.i1/4^CVE-2018-10897i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1160\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?eed9ea55\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected yum-utils package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.3\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.3\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"yum-utils-1.1.31-42.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-27T00:50:54", "description": "The remote NewStart CGSL host, running version MAIN 4.05, has yum-utils packages installed that are affected by a vulnerability:\n\n - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.\n (CVE-2018-10897)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 4.05 : yum-utils Vulnerability (NS-SA-2019-0133)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0133_YUM-UTILS.NASL", "href": "https://www.tenable.com/plugins/nessus/127390", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0133. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127390);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-10897\");\n\n script_name(english:\"NewStart CGSL MAIN 4.05 : yum-utils Vulnerability (NS-SA-2019-0133)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 4.05, has yum-utils packages installed that are affected by a\nvulnerability:\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to copy\n files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted system,\n this flaw could potentially result in system compromise\n via the overwriting of critical system files.\n (CVE-2018-10897)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0133\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL yum-utils packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10897\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 4.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 4.05\": [\n \"yum-NetworkManager-dispatcher-1.1.30-42.el6_10\",\n \"yum-plugin-aliases-1.1.30-42.el6_10\",\n \"yum-plugin-auto-update-debug-info-1.1.30-42.el6_10\",\n \"yum-plugin-changelog-1.1.30-42.el6_10\",\n \"yum-plugin-fastestmirror-1.1.30-42.el6_10\",\n \"yum-plugin-filter-data-1.1.30-42.el6_10\",\n \"yum-plugin-fs-snapshot-1.1.30-42.el6_10\",\n \"yum-plugin-keys-1.1.30-42.el6_10\",\n \"yum-plugin-list-data-1.1.30-42.el6_10\",\n \"yum-plugin-local-1.1.30-42.el6_10\",\n \"yum-plugin-merge-conf-1.1.30-42.el6_10\",\n \"yum-plugin-ovl-1.1.30-42.el6_10\",\n \"yum-plugin-post-transaction-actions-1.1.30-42.el6_10\",\n \"yum-plugin-priorities-1.1.30-42.el6_10\",\n \"yum-plugin-protectbase-1.1.30-42.el6_10\",\n \"yum-plugin-ps-1.1.30-42.el6_10\",\n \"yum-plugin-remove-with-leaves-1.1.30-42.el6_10\",\n \"yum-plugin-rpm-warm-cache-1.1.30-42.el6_10\",\n \"yum-plugin-security-1.1.30-42.el6_10\",\n \"yum-plugin-show-leaves-1.1.30-42.el6_10\",\n \"yum-plugin-tmprepo-1.1.30-42.el6_10\",\n \"yum-plugin-tsflags-1.1.30-42.el6_10\",\n \"yum-plugin-upgrade-helper-1.1.30-42.el6_10\",\n \"yum-plugin-verify-1.1.30-42.el6_10\",\n \"yum-plugin-versionlock-1.1.30-42.el6_10\",\n \"yum-updateonboot-1.1.30-42.el6_10\",\n \"yum-utils-1.1.30-42.el6_10\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T13:04:30", "description": "According to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.(CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-03-08T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.2 : yum-utils (EulerOS-SA-2019-1080)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:yum-utils", "cpe:/o:huawei:euleros:uvp:2.5.2"], "id": "EULEROS_SA-2019-1080.NASL", "href": "https://www.tenable.com/plugins/nessus/122702", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122702);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10897\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.2 : yum-utils (EulerOS-SA-2019-1080)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the yum-utils package installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to\n copy files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted\n system, this flaw could potentially result in system\n compromise via the overwriting of critical system\n files. Version 1.1.31 and older are believed to be\n affected.(CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1080\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7daee26\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected yum-utils package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"yum-utils-1.1.31-42.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T15:48:15", "description": "An update for yum-utils is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-02T00:00:00", "type": "nessus", "title": "RHEL 6 : yum-utils (RHSA-2018:2284)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2022-01-28T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:yum-NetworkManager-dispatcher", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-aliases", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-auto-update-debug-info", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-changelog", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-fastestmirror", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-filter-data", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-fs-snapshot", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-keys", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-list-data", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-local", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-merge-conf", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-ovl", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-post-transaction-actions", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-priorities", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-protectbase", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-ps", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-remove-with-leaves", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-rpm-warm-cache", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-security", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-show-leaves", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-tmprepo", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-tsflags", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-upgrade-helper", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-verify", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-versionlock", "p-cpe:/a:redhat:enterprise_linux:yum-updateonboot", "p-cpe:/a:redhat:enterprise_linux:yum-utils", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2018-2284.NASL", "href": "https://www.tenable.com/plugins/nessus/111489", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2284. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111489);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/28\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"RHSA\", value:\"2018:2284\");\n\n script_name(english:\"RHEL 6 : yum-utils (RHSA-2018:2284)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for yum-utils is now available for Red Hat Enterprise Linux\n6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples\nfor the yum package manager to make yum easier and more powerful to\nuse.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory\ntraversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron\nLevy (Clover Network) for reporting this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:2284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10897\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2284\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-NetworkManager-dispatcher-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-aliases-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-auto-update-debug-info-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-changelog-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-fastestmirror-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-filter-data-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-fs-snapshot-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-keys-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-list-data-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-local-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-merge-conf-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-ovl-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-post-transaction-actions-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-priorities-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-protectbase-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-ps-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-remove-with-leaves-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-rpm-warm-cache-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-security-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-show-leaves-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-tmprepo-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-tsflags-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-upgrade-helper-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-verify-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-plugin-versionlock-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-updateonboot-1.1.30-42.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"yum-utils-1.1.30-42.el6_10\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T01:00:02", "description": "An update for yum-utils is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-10T00:00:00", "type": "nessus", "title": "CentOS 6 : yum-utils (CESA-2018:2284)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:yum-NetworkManager-dispatcher", "p-cpe:/a:centos:centos:yum-plugin-aliases", "p-cpe:/a:centos:centos:yum-plugin-auto-update-debug-info", "p-cpe:/a:centos:centos:yum-plugin-changelog", "p-cpe:/a:centos:centos:yum-plugin-fastestmirror", "p-cpe:/a:centos:centos:yum-plugin-filter-data", "p-cpe:/a:centos:centos:yum-plugin-fs-snapshot", "p-cpe:/a:centos:centos:yum-plugin-keys", "p-cpe:/a:centos:centos:yum-plugin-list-data", "p-cpe:/a:centos:centos:yum-plugin-local", "p-cpe:/a:centos:centos:yum-plugin-merge-conf", "p-cpe:/a:centos:centos:yum-plugin-ovl", "p-cpe:/a:centos:centos:yum-plugin-post-transaction-actions", "p-cpe:/a:centos:centos:yum-plugin-priorities", "p-cpe:/a:centos:centos:yum-plugin-protectbase", "p-cpe:/a:centos:centos:yum-plugin-ps", "p-cpe:/a:centos:centos:yum-plugin-remove-with-leaves", "p-cpe:/a:centos:centos:yum-plugin-rpm-warm-cache", "p-cpe:/a:centos:centos:yum-plugin-security", "p-cpe:/a:centos:centos:yum-plugin-show-leaves", "p-cpe:/a:centos:centos:yum-plugin-tmprepo", "p-cpe:/a:centos:centos:yum-plugin-tsflags", "p-cpe:/a:centos:centos:yum-plugin-upgrade-helper", "p-cpe:/a:centos:centos:yum-plugin-verify", "p-cpe:/a:centos:centos:yum-plugin-versionlock", "p-cpe:/a:centos:centos:yum-updateonboot", "p-cpe:/a:centos:centos:yum-utils", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2018-2284.NASL", "href": "https://www.tenable.com/plugins/nessus/111614", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2284 and \n# CentOS Errata and Security Advisory 2018:2284 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111614);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"RHSA\", value:\"2018:2284\");\n\n script_name(english:\"CentOS 6 : yum-utils (CESA-2018:2284)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for yum-utils is now available for Red Hat Enterprise Linux\n6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples\nfor the yum package manager to make yum easier and more powerful to\nuse.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory\ntraversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron\nLevy (Clover Network) for reporting this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2018-August/022976.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b73bb976\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected yum-utils packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10897\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-NetworkManager-dispatcher-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-aliases-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-auto-update-debug-info-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-changelog-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-fastestmirror-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-filter-data-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-fs-snapshot-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-keys-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-list-data-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-local-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-merge-conf-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-ovl-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-post-transaction-actions-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-priorities-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-protectbase-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-ps-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-remove-with-leaves-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-rpm-warm-cache-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-security-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-show-leaves-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-tmprepo-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-tsflags-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-upgrade-helper-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-verify-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-plugin-versionlock-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-updateonboot-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"yum-utils-1.1.30-42.el6_10\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-26T00:59:01", "description": "An update for yum-utils is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-10T00:00:00", "type": "nessus", "title": "CentOS 7 : yum-utils (CESA-2018:2285)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10897"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:yum-NetworkManager-dispatcher", "p-cpe:/a:centos:centos:yum-plugin-aliases", "p-cpe:/a:centos:centos:yum-plugin-auto-update-debug-info", "p-cpe:/a:centos:centos:yum-plugin-changelog", "p-cpe:/a:centos:centos:yum-plugin-copr", "p-cpe:/a:centos:centos:yum-plugin-fastestmirror", "p-cpe:/a:centos:centos:yum-plugin-filter-data", "p-cpe:/a:centos:centos:yum-plugin-fs-snapshot", "p-cpe:/a:centos:centos:yum-plugin-keys", "p-cpe:/a:centos:centos:yum-plugin-list-data", "p-cpe:/a:centos:centos:yum-plugin-local", "p-cpe:/a:centos:centos:yum-plugin-merge-conf", "p-cpe:/a:centos:centos:yum-plugin-ovl", "p-cpe:/a:centos:centos:yum-plugin-post-transaction-actions", "p-cpe:/a:centos:centos:yum-plugin-pre-transaction-actions", "p-cpe:/a:centos:centos:yum-plugin-priorities", "p-cpe:/a:centos:centos:yum-plugin-protectbase", "p-cpe:/a:centos:centos:yum-plugin-ps", "p-cpe:/a:centos:centos:yum-plugin-remove-with-leaves", "p-cpe:/a:centos:centos:yum-plugin-rpm-warm-cache", "p-cpe:/a:centos:centos:yum-plugin-show-leaves", "p-cpe:/a:centos:centos:yum-plugin-tmprepo", "p-cpe:/a:centos:centos:yum-plugin-tsflags", "p-cpe:/a:centos:centos:yum-plugin-upgrade-helper", "p-cpe:/a:centos:centos:yum-plugin-verify", "p-cpe:/a:centos:centos:yum-plugin-versionlock", "p-cpe:/a:centos:centos:yum-updateonboot", "p-cpe:/a:centos:centos:yum-utils", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2018-2285.NASL", "href": "https://www.tenable.com/plugins/nessus/111615", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2285 and \n# CentOS Errata and Security Advisory 2018:2285 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111615);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"RHSA\", value:\"2018:2285\");\n\n script_name(english:\"CentOS 7 : yum-utils (CESA-2018:2285)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for yum-utils is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples\nfor the yum package manager to make yum easier and more powerful to\nuse.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory\ntraversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron\nLevy (Clover Network) for reporting this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2018-August/022981.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6703a2ed\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected yum-utils packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10897\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-copr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-pre-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-NetworkManager-dispatcher-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-aliases-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-auto-update-debug-info-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-changelog-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-copr-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-fastestmirror-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-filter-data-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-fs-snapshot-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-keys-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-list-data-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-local-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-merge-conf-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-ovl-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-post-transaction-actions-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-pre-transaction-actions-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-priorities-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-protectbase-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-ps-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-remove-with-leaves-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-rpm-warm-cache-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-show-leaves-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-tmprepo-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-tsflags-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-upgrade-helper-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-verify-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-plugin-versionlock-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-updateonboot-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"yum-utils-1.1.31-46.el7_5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-25T17:18:17", "description": "According to its self-reported version number, the remote Junos Space version is 18.4.x prior to 18.4R1. It is, therefore, affected by multiple vulnerabilities : \n\n - An integer overflow issue exists in procps-ng. This is related to CVE-2018-1124. (CVE-2018-1126)\n\n - A directory traversal issue exits in reposync, a part of yum-utils.tory configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. (CVE-2018-10897)\n\n - An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID binary could use this flaw to escalate their privileges on the system.\n (CVE-2018-14634)\n\nAdditionally, Junos Space is affected by several other vulnerabilities exist as noted in the vendor advisory.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-10T00:00:00", "type": "nessus", "title": "Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-0861", "CVE-2017-1000364", "CVE-2017-1000366", "CVE-2017-1000379", "CVE-2017-15265", "CVE-2017-2619", "CVE-2017-3136", "CVE-2017-3137", "CVE-2017-3142", "CVE-2017-3143", "CVE-2017-3145", "CVE-2018-1000004", "CVE-2018-10301", "CVE-2018-1050", "CVE-2018-1064", "CVE-2018-10897", "CVE-2018-10901", "CVE-2018-10911", "CVE-2018-1124", "CVE-2018-1126", "CVE-2018-12020", "CVE-2018-12384", "CVE-2018-14634", "CVE-2018-3620", "CVE-2018-3693", "CVE-2018-5390", "CVE-2018-5391", "CVE-2018-5740", "CVE-2018-5748", "CVE-2018-7566"], "modified": "2022-05-24T00:00:00", "cpe": ["cpe:/a:juniper:junos_space"], "id": "JUNIPER_SPACE_JSA10917_184R1.NASL", "href": "https://www.tenable.com/plugins/nessus/121068", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121068);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/24\");\n\n script_cve_id(\n \"CVE-2017-0861\",\n \"CVE-2017-2619\",\n \"CVE-2017-3136\",\n \"CVE-2017-3137\",\n \"CVE-2017-3142\",\n \"CVE-2017-3143\",\n \"CVE-2017-3145\",\n \"CVE-2017-15265\",\n \"CVE-2017-1000364\",\n \"CVE-2017-1000366\",\n \"CVE-2017-1000379\",\n \"CVE-2018-1050\",\n \"CVE-2018-1064\",\n \"CVE-2018-1124\",\n \"CVE-2018-1126\",\n \"CVE-2018-3620\",\n \"CVE-2018-3693\",\n \"CVE-2018-5390\",\n \"CVE-2018-5391\",\n \"CVE-2018-5740\",\n \"CVE-2018-5748\",\n \"CVE-2018-7566\",\n \"CVE-2018-10301\",\n \"CVE-2018-10897\",\n \"CVE-2018-10901\",\n \"CVE-2018-10911\",\n \"CVE-2018-12020\",\n \"CVE-2018-12384\",\n \"CVE-2018-14634\",\n \"CVE-2018-1000004\"\n );\n\n script_name(english:\"Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the remote Junos Space\nversion is 18.4.x prior to 18.4R1. It is, therefore, affected by\nmultiple vulnerabilities : \n\n - An integer overflow issue exists in procps-ng. This is\n related to CVE-2018-1124. (CVE-2018-1126)\n\n - A directory traversal issue exits in reposync, a part\n of yum-utils.tory configuration files. If an attacker\n controls a repository, they may be able to copy files\n outside of the destination directory on the targeted\n system via path traversal. (CVE-2018-10897)\n\n - An integer overflow flaw was found in the Linux \n kernel's create_elf_tables() function. An unprivileged\n local user with access to SUID binary could use this\n flaw to escalate their privileges on the system.\n (CVE-2018-14634)\n\nAdditionally, Junos Space is affected by several other\nvulnerabilities exist as noted in the vendor advisory.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10917\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Junos Space 18.4R1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10897\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-1126\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Solaris RSH Stack Clash Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:juniper:junos_space\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Junos Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Junos_Space/version\");\n\n exit(0);\n}\n\ninclude(\"junos.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit('Host/Junos_Space/version');\n\n# since 18.3R1 was released in the same advisory, we are just\n# checking 18.4.x here\ncheck_junos_space(ver:ver, min:'18.4', fix:'18.4R1', severity:SECURITY_HOLE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2021-11-27T21:35:35", "description": "A directory traversal issue was found in reposync, a part of yum-utils,\nwhere reposync fails to sanitize paths in remote repository configuration\nfiles. If an attacker controls a repository, they may be able to copy files\noutside of the destination directory on the targeted system via path\ntraversal. If reposync is running with heightened privileges on a targeted\nsystem, this flaw could potentially result in system compromise via the\noverwriting of critical system files. Version 1.1.31 and older are believed\nto be affected.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-08-01T00:00:00", "type": "ubuntucve", "title": "CVE-2018-10897", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-08-01T00:00:00", "id": "UB:CVE-2018-10897", "href": "https://ubuntu.com/security/CVE-2018-10897", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-11-27T02:46:53", "description": "The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es):\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-07-30T13:27:37", "type": "redhat", "title": "(RHSA-2018:2284) Important: yum-utils security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-08-16T20:53:56", "id": "RHSA-2018:2284", "href": "https://access.redhat.com/errata/RHSA-2018:2284", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-27T02:43:39", "description": "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nThe ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nSecurity Fix(es):\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.\n\nBug fix:\n\n* This update rebases imgbased to version 1.0.24. This update fixes the issue with removing broken symlinks when synchronizing layers. (BZ#1598781) (BZ#1622025)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-09-04T13:15:19", "type": "redhat", "title": "(RHSA-2018:2626) Important: Red Hat Virtualization security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-09-04T13:22:03", "id": "RHSA-2018:2626", "href": "https://access.redhat.com/errata/RHSA-2018:2626", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-27T02:44:22", "description": "The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es):\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-07-30T13:28:01", "type": "redhat", "title": "(RHSA-2018:2285) Important: yum-utils security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-07-30T13:33:54", "id": "RHSA-2018:2285", "href": "https://access.redhat.com/errata/RHSA-2018:2285", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2021-12-14T17:54:19", "description": "A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-08-01T17:29:00", "type": "debiancve", "title": "CVE-2018-10897", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-08-01T17:29:00", "id": "DEBIANCVE:CVE-2018-10897", "href": "https://security-tracker.debian.org/tracker/CVE-2018-10897", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "f5": [{"lastseen": "2020-04-06T22:40:23", "description": "\nF5 Product Development has assigned ID CPF-25005 (Traffix SDC) to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 14.x | None | Not applicable | Not vulnerable | None | None \n13.x | None | Not applicable \n12.x | None | Not applicable \n11.x | None | Not applicable \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable | None | None \nBIG-IQ Centralized Management | 6.x | None | Not applicable | Not vulnerable | None | None \n5.x | None | Not applicable \n4.x | None | Not applicable \nBIG-IQ Cloud and Orchestration | 1.x | None | Not applicable | Not vulnerable | None | None \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | 5.0.0 | 5.1.0 | High | [8.8](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H>) | **reposync** utility \n4.x | 4.4.0 | None \n \n1 The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-10-30T17:33:00", "type": "f5", "title": "reposync vulnerability CVE-2018-10897", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-10-30T17:33:00", "id": "F5:K23200408", "href": "https://support.f5.com/csp/article/K23200408", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2021-11-27T06:01:46", "description": "**Issue Overview:**\n\nA directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. (CVE-2018-10897)\n\n \n**Affected Packages:** \n\n\nyum-utils\n\n \n**Issue Correction:** \nRun _yum update yum-utils_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n noarch: \n \u00a0\u00a0\u00a0 yum-utils-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-updateonboot-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-changelog-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-fastestmirror-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-protectbase-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-versionlock-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-tsflags-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-priorities-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-merge-conf-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-upgrade-helper-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-aliases-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-list-data-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-filter-data-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-tmprepo-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-verify-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-keys-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-remove-with-leaves-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-pre-transaction-actions-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-post-transaction-actions-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-NetworkManager-dispatcher-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-rpm-warm-cache-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-auto-update-debug-info-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-show-leaves-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-local-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-fs-snapshot-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-ps-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-copr-1.1.31-46.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-ovl-1.1.31-46.amzn2.0.1.noarch \n \n src: \n \u00a0\u00a0\u00a0 yum-utils-1.1.31-46.amzn2.0.1.src \n \n \n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-08-21T17:18:00", "type": "amazon", "title": "Important: yum-utils", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-08-21T23:39:00", "id": "ALAS2-2018-1063", "href": "https://alas.aws.amazon.com/AL2/ALAS-2018-1063.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-27T05:04:08", "description": "**Issue Overview:**\n\nA directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.(CVE-2018-10897)\n\n \n**Affected Packages:** \n\n\nyum-utils\n\n \n**Issue Correction:** \nRun _yum update yum-utils_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n noarch: \n \u00a0\u00a0\u00a0 yum-updateonboot-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-ps-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-rpm-warm-cache-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-tmprepo-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-ovl-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-fastestmirror-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-auto-update-debug-info-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-filter-data-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-versionlock-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-remove-with-leaves-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-pre-transaction-actions-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-show-leaves-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-tsflags-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-utils-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-local-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-upgrade-helper-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-refresh-updatesd-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-changelog-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-protectbase-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-copr-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-aliases-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-merge-conf-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-keys-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-post-transaction-actions-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-priorities-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-verify-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-puppetverify-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-list-data-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-NetworkManager-dispatcher-1.1.31-46.30.amzn1.noarch \n \u00a0\u00a0\u00a0 yum-plugin-fs-snapshot-1.1.31-46.30.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 yum-utils-1.1.31-46.30.amzn1.src \n \n \n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-08-09T16:13:00", "type": "amazon", "title": "Important: yum-utils", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-08-09T21:46:00", "id": "ALAS-2018-1057", "href": "https://alas.aws.amazon.com/ALAS-2018-1057.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhatcve": [{"lastseen": "2022-01-20T23:54:31", "description": "A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-07-11T21:20:57", "type": "redhatcve", "title": "CVE-2018-10897", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2022-01-20T22:11:44", "id": "RH:CVE-2018-10897", "href": "https://access.redhat.com/security/cve/cve-2018-10897", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:50", "description": "[1.1.31-46.0.1]\n- needs-restarting not checking kernel-uek for reboot message [Orabug 27189714]\n- add bug27596617.patch to remove upstream URL reference\n[1.1.31-46]\n- reposync: prevent path traversal.\n- Resolves: bug#1600617", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-30T00:00:00", "type": "oraclelinux", "title": "yum-utils security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-07-30T00:00:00", "id": "ELSA-2018-2285", "href": "http://linux.oracle.com/errata/ELSA-2018-2285.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:25:01", "description": "[1.1.30-42.0.1]\n- add dependency btrfs-progs for yum-plugin-fs-snapshot (guangyu.sun@oracle.com) [bug 16285176]\n- use unified btrfs binary instead of btrfsctl (guangyu.sun@oracle.com) [bug 16285176]\n[-1.1.30-42]\n- reposync: prevent path traversal.\n- Resolves: bug#1600619", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-30T00:00:00", "type": "oraclelinux", "title": "yum-utils security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-07-30T00:00:00", "id": "ELSA-2018-2284", "href": "http://linux.oracle.com/errata/ELSA-2018-2284.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2022-02-27T11:50:57", "description": "**CentOS Errata and Security Advisory** CESA-2018:2284\n\n\nThe yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es):\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2018-August/059895.html\n\n**Affected packages:**\nyum-NetworkManager-dispatcher\nyum-plugin-aliases\nyum-plugin-auto-update-debug-info\nyum-plugin-changelog\nyum-plugin-fastestmirror\nyum-plugin-filter-data\nyum-plugin-fs-snapshot\nyum-plugin-keys\nyum-plugin-list-data\nyum-plugin-local\nyum-plugin-merge-conf\nyum-plugin-ovl\nyum-plugin-post-transaction-actions\nyum-plugin-priorities\nyum-plugin-protectbase\nyum-plugin-ps\nyum-plugin-remove-with-leaves\nyum-plugin-rpm-warm-cache\nyum-plugin-security\nyum-plugin-show-leaves\nyum-plugin-tmprepo\nyum-plugin-tsflags\nyum-plugin-upgrade-helper\nyum-plugin-verify\nyum-plugin-versionlock\nyum-updateonboot\nyum-utils\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2018:2284", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-08-09T15:06:44", "type": "centos", "title": "yum security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-08-09T15:06:44", "id": "CESA-2018:2284", "href": "https://lists.centos.org/pipermail/centos-announce/2018-August/059895.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-27T11:50:58", "description": "**CentOS Errata and Security Advisory** CESA-2018:2285\n\n\nThe yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es):\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2018-August/059900.html\n\n**Affected packages:**\nyum-NetworkManager-dispatcher\nyum-plugin-aliases\nyum-plugin-auto-update-debug-info\nyum-plugin-changelog\nyum-plugin-copr\nyum-plugin-fastestmirror\nyum-plugin-filter-data\nyum-plugin-fs-snapshot\nyum-plugin-keys\nyum-plugin-list-data\nyum-plugin-local\nyum-plugin-merge-conf\nyum-plugin-ovl\nyum-plugin-post-transaction-actions\nyum-plugin-pre-transaction-actions\nyum-plugin-priorities\nyum-plugin-protectbase\nyum-plugin-ps\nyum-plugin-remove-with-leaves\nyum-plugin-rpm-warm-cache\nyum-plugin-show-leaves\nyum-plugin-tmprepo\nyum-plugin-tsflags\nyum-plugin-upgrade-helper\nyum-plugin-verify\nyum-plugin-versionlock\nyum-updateonboot\nyum-utils\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2018:2285", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-08-09T15:12:08", "type": "centos", "title": "yum security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-08-09T15:12:08", "id": "CESA-2018:2285", "href": "https://lists.centos.org/pipermail/centos-announce/2018-August/059900.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T12:10:33", "description": "A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-01T17:29:00", "type": "cve", "title": "CVE-2018-10897", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2021-09-09T12:42:00", "cpe": ["cpe:/a:redhat:virtualization:4.0", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/a:rpm:yum-utils:1.1.31", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2018-10897", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10897", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:rpm:yum-utils:1.1.31:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"]}], "ibm": [{"lastseen": "2021-12-30T21:49:49", "description": "## Summary\n\nIBM QRadar SIEM's App Framework V1, based on CentOS 6, contains known vulnerabilities and is based on technologies that are no longer being supported. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-9636](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9636>) \n** DESCRIPTION: **Python urllib.parse.urlsplit and urllib.parse.urlparse components could allow a remote attacker to obtain sensitive information, caused by improper unicode encoding handling in NFKC normalization. By using a specially-crafted URL, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158114](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158114>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-27219](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27219>) \n** DESCRIPTION: **GNOME GLib could allow a remote attacker to cause a denial of service, caused by an integer overflow in the g_bytes_new function. An attacker could exploit this vulnerability to corrupt memory and cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196782](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196782>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-10897](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10897>) \n** DESCRIPTION: **reposync could allow a remote attacker to traverse directories on the system, caused by the improper sanitation of paths in remote repository configuration files. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability using path traversal to overwrite critical system files and compromise the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/147685](<https://exchange.xforce.ibmcloud.com/vulnerabilities/147685>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-11745](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11745>) \n** DESCRIPTION: **Mozilla Network Security Services (NSS), as used in Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write when encrypting with a block cipher. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to corrupt the heap and execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172458](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172458>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-12020](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020>) \n** DESCRIPTION: **GnuPG could allow a remote attacker to conduct spoofing attacks, caused by the improper handling of the original filename during decryption and verification actions in mainproc.c. An attacker could exploit this vulnerability to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the --status-fd 2 option. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144556](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144556>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-12749](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12749>) \n** DESCRIPTION: **D-Bus could allow a remote attacker to bypass security restrictions, caused by symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. By manipulating a ~/.dbus-keyrings symlink, an attacker could exploit this vulnerability to bypass DBUS_COOKIE_SHA1 authentication to allow a DBusServer with a different uid to read and write in arbitrary locations. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162386](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162386>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2017-15804](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15804>) \n** DESCRIPTION: **GNU C Library (aka glibc or libc6) is vulnerable to a buffer overflow, caused by improper bounds checking by glob function in glob.c. By using a specially-crafted file, a local attacker could overflow a buffer. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/133996](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133996>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-3863](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3863>) \n** DESCRIPTION: **libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in user authenticate keyboard interactive. By sending a specially crafted message, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and execute arbitrary code on the client system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158347](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158347>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-3857](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3857>) \n** DESCRIPTION: **libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow. By sending a specially crafted SSH_MSG_CHANNEL_REQUEST packet with an exit signal message, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and execute arbitrary code on the client system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158341](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158341>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-3856](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3856>) \n** DESCRIPTION: **libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in keyboard interactive handling. By sending a specially crafted request, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and execute arbitrary code on the client system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158340](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158340>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-3855](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3855>) \n** DESCRIPTION: **libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in transport read. By sending specially crafted packets, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and execute arbitrary code on the client system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158339](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158339>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-12384](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12384>) \n** DESCRIPTION: **Mozilla Network Security Services (NSS), as used in Mozilla Firefox, could allow a remote attacker to obtain sensitive information, caused by the improper handling of an SSLv2-compatible ClientHello message. By conducting a passive replay attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/150436](<https://exchange.xforce.ibmcloud.com/vulnerabilities/150436>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-1559](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1559>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. An attacker could exploit this vulnerability using a 0-byte record padding-oracle attack to decrypt traffic. \nCVSS Base score: 5.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/157514](<https://exchange.xforce.ibmcloud.com/vulnerabilities/157514>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-1971](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERAL_NAME_cmp function contain an EDIPARTYNAME, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192748](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192748>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3449](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in signature_algorithms processing. By sending a specially crafted renegotiation ClientHello message from a client, a remote attacker could exploit this vulnerability to cause the TLS server to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198752](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198752>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3450](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3450>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to bypass security restrictions, caused by a a missing check in the validation logic of X.509 certificate chains by the X509_V_FLAG_X509_STRICT flag. By using any valid certificate or certificate chain to sign a specially crafted certificate, an attacker could bypass the check that non-CA certificates must not be able to issue other certificates and override the default purpose. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198754](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198754>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H) \n \n** CVEID: **[CVE-2021-3572](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3572>) \n** DESCRIPTION: **pip package for python could allow a remote authenticated attacker to bypass security restrictions, caused by the improper handling of Unicode separators in git references. By creating a specially crafted tag, an attacker could exploit this vulnerability to install a different revision on a repository. \nCVSS Base score: 4.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208954](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208954>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2019-20916](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20916>) \n** DESCRIPTION: **pypa pip package for python could allow a remote attacker to traverse directories on the system, caused by a flaw when installing package via a specified URL. An attacker could use a specially-crafted Content-Disposition header with filename containing \"dot dot\" sequences (/../) to overwrite arbitrary files on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187855](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187855>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L) \n \n** CVEID: **[CVE-2019-12735](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12735>) \n** DESCRIPTION: **Vim and and Neovim could allow a remote attacker to execute arbitrary commands on the system, caused by improper input validation by the :source! command in a modeline. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162255](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162255>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM QRadar SIEM 7.3.0 to 7.3.3 FP 10\n\nIBM QRadar SIEM 7.4.0 to 7.4.3 FP 4\n\n## Remediation/Fixes\n\nCustomers should remove all CentOS 6 apps from their QRadar deployment or upgrade to UBI 8 versions. Apps can be uninstalled via Extension Management.\n\nTo ensure all CentOS 6 apps are removed and to prevent installation of CentOS 6 apps in the future, follow the guidelines at <http://ibm.biz/qradarcentos6> on supported QRadar versions. In a future version of QRadar, this will be the default state. \n\n## Workarounds and Mitigations\n\nUpgrade apps to UBI8 versions and manually uninstall any remaining CentOS 6 based apps from your QRadar installation. \n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n26 Nov 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSBQAC\",\"label\":\"IBM QRadar SIEM\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"7.3, 7.4\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2021-12-14T20:35:00", "type": "ibm", "title": "Security Bulletin: IBM QRadar SIEM Application Framework v1 (CentOS6) is End of Life", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15804", "CVE-2018-10897", "CVE-2018-12020", "CVE-2018-12384", "CVE-2019-11745", "CVE-2019-12735", "CVE-2019-12749", "CVE-2019-1559", "CVE-2019-20916", "CVE-2019-3855", "CVE-2019-3856", "CVE-2019-3857", "CVE-2019-3863", "CVE-2019-9636", "CVE-2020-1971", "CVE-2021-27219", "CVE-2021-3449", "CVE-2021-3450", "CVE-2021-3572"], "modified": "2021-12-14T20:35:00", "id": "1B0ED4A3526A4957AFA5966EC1D954AC93826AA8F95F1EF2E8A3A6657E73F691", "href": "https://www.ibm.com/support/pages/node/6520674", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}