Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2023-C92BE0DFA0.NASLHistoryJul 26, 2023 - 12:00 a.m.
Fedora 38 : 389-ds-base (2023-c92be0dfa0)
2023-07-2600:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
4
fedora 38
389-ds-base
vulnerability
sensitive information leakage
data confidentiality
rhds 11
rhds 12
ldap
userpassword
usercertificate
hashed passwords
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
9.2%
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-c92be0dfa0 advisory.
- A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality. (CVE-2023-1055)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2023-c92be0dfa0
#
include('compat.inc');
if (description)
{
script_id(178791);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/26");
script_cve_id("CVE-2023-1055");
script_xref(name:"FEDORA", value:"2023-c92be0dfa0");
script_name(english:"Fedora 38 : 389-ds-base (2023-c92be0dfa0)");
script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the
FEDORA-2023-c92be0dfa0 advisory.
- A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword
attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An
attacker with a local account where the cockpit-389-ds is running can list the processes and display the
hashed passwords. The highest threat from this vulnerability is to data confidentiality. (CVE-2023-1055)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2023-c92be0dfa0");
script_set_attribute(attribute:"solution", value:
"Update the affected 389-ds-base package.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-1055");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/02/27");
script_set_attribute(attribute:"patch_publication_date", value:"2023/07/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/07/26");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:38");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:389-ds-base");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Fedora Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');
var os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');
os_ver = os_ver[1];
if (! preg(pattern:"^38([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 38', 'Fedora ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);
var pkgs = [
{'reference':'389-ds-base-2.3.5-1.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (reference && _release) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, '389-ds-base');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fedoraproject | fedora | 38 | cpe:/o:fedoraproject:fedora:38 |
| fedoraproject | fedora | 389-ds-base | p-cpe:/a:fedoraproject:fedora:389-ds-base |
Related
nessus
nessus
RHEL 9 : redhat-ds:12 (RHSA-2023:3489)
2024-04-28 00:00:00
RHEL 8 : redhat-ds:11 (RHSA-2023:4655)
2024-04-28 00:00:00
debiancve
debiancve
CVE-2023-1055
2023-02-27 22:15:09
prion
prion
Cross site request forgery (csrf)
2023-02-27 22:15:00
cvelist
cvelist
CVE-2023-1055
2023-02-27 00:00:00
redhatcve
redhatcve
CVE-2023-1055
2023-02-27 10:59:31
cve
cve
CVE-2023-1055
2023-02-27 22:15:09
nvd
nvd
CVE-2023-1055
2023-02-27 22:15:09
fedora
fedora
[SECURITY] Fedora 38 Update: 389-ds-base-2.3.5-1.fc38
2023-07-26 00:35:39
redhat
redhat
veracode
veracode
Information Exposure
2024-01-13 05:37:51
openvas
openvas
Fedora: Security Advisory for 389-ds-base (FEDORA-2023-c92be0dfa0)
2023-07-26 00:00:00
ubuntucve
ubuntucve
CVE-2023-1055
2023-02-27 00:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
9.2%
Related for FEDORA_2023-C92BE0DFA0.NASL