MiracleLinux 4 : pacemaker-1.1.10-14.AXS4.2 (AXSA:2014-039:01)

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2014-039:01.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(289451);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/16");

  script_cve_id("CVE-2013-0281");

  script_name(english:"MiracleLinux 4 : pacemaker-1.1.10-14.AXS4.2 (AXSA:2014-039:01)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the
AXSA:2014-039:01 advisory.

    Pacemaker is an advanced, scalable High-Availability cluster resource manager for Linux-HA (Heartbeat)
    and/or Corosync.
    It supports n-node clusters with significant capabilities for managing resources and dependencies.
    It will run scripts at initialization, when machines go up or down, when related resources fail and can be
    configured to periodically check resource health.
    Available rpmbuild rebuild options: --with(out) : heartbeat cman corosync doc publican snmp esmtp
    pre_release
    Security issues fixed with this release:
     CVE-2013-0281
    Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is
    enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers
    to cause a denial of service (connection blocking).
    Fixed bugs:
     Upgraded to upstream version 1.1.10.
     Pacemaker no longer assumes unknown cman nodes are safely stopped.
     The core dump file now converts all exit codes into positive 'errno' values.
     Pacemaker ensures a return to a stable state after too many fencing failures, and initiates a shut-down
    if a node claimed to be fenced is still active.
     The crm_error tool now supports listing and printing error symbols.
     The crm_resource command allows individual resources to be re-probed, and implements the --ban option
    for moving resources away from nodes. The --clear option has replaced the --unmove option. Also,
    crm_resource now supports OCF tracing when using the --force option.
     The IPC mechanism restores the ability for members of the haclient group to connect to the cluster.
     The Policy Engine daemon allows active nodes in the current membership to be fenced without quorum.
     Policy Engine now suppresses meaningless IDs when displaying anonymous clone status, supports maintenance
    mode for a single node, and correctly handles the recovered resources before they are operated on.
     XML configuration files are now checked for non-printing characters and replaced with their octal
    equivalent when exporting XML text. Also, a more reliable buffer allocation strategy has been implemented
    to prevent lock-ups.
     Previously, lsb scripts managed by Pacemaker did not cancel their recurring monitor operations correctly
    when stopping. Consequently, monitor operations failed after resources had successfully stopped. This bug
    has been fixed, and recurring monitor operations are now correctly cancelled before the lsb resource is
    stopped.
    Enhancements:
     Added the --ban and --clear options to the crm_resource command so that clone, master, and slave
    resources can now be navigated within the cluster as expected. This allows crm_resource to move a resource
    as designed.
     Previously, the hacluster did not have a UID or GID reserved. Number 189, already reserved for hacluster,
    is now used for all installation.
     Previously, the default node name used by the crm_standby and crm_failcount commands did not always match
    the host names (uname -n) of certain cluster nodes leading to the cluster ignoring updates. Scripts now
    use the crm_node command instead of uname.
     Fixed the handling of return code: recovery of an expected error state is now transparent.
     Automated unfencing in Pacemaker has been added: cman's automatic unfencing does not fail any longer when
    combined with Pacemaker.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/4498");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-0281");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/02/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/03/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pacemaker");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pacemaker-cli");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pacemaker-cluster-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pacemaker-cts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pacemaker-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pacemaker-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pacemaker-libs-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:4");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 4.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '4',
    'pkgs': [
      {'reference':'pacemaker-1.1.10-14.AXS4.2', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-1.1.10-14.AXS4.2', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-cli-1.1.10-14.AXS4.2', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-cli-1.1.10-14.AXS4.2', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-cluster-libs-1.1.10-14.AXS4.2', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-cluster-libs-1.1.10-14.AXS4.2', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-cts-1.1.10-14.AXS4.2', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-cts-1.1.10-14.AXS4.2', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-doc-1.1.10-14.AXS4.2', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-doc-1.1.10-14.AXS4.2', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-libs-1.1.10-14.AXS4.2', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-libs-1.1.10-14.AXS4.2', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-libs-devel-1.1.10-14.AXS4.2', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pacemaker-libs-devel-1.1.10-14.AXS4.2', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pacemaker / pacemaker-cli / pacemaker-cluster-libs / pacemaker-cts / etc');
}