MiracleLinux 7 : pcs-0.9.143-15.el7 (AXSA:2015-718:02)

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2015-718:02.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(289173);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/16");

  script_cve_id("CVE-2015-3225");

  script_name(english:"MiracleLinux 7 : pcs-0.9.143-15.el7 (AXSA:2015-718:02)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the
AXSA:2015-718:02 advisory.

    pcs is a corosync and pacemaker configuration tool.  It permits users to
    easily view, modify and created pacemaker based clusters.
    Security issues fixed with this release:
    CVE-2015-3225
    lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used
    with Ruby on Rails 3.x and 4.x and other products, allows remote
    attackers to cause a denial of service (SystemStackError) via a
    request with a large parameter depth.
    Enhancements:
    * The pcs resource move and pcs resource ban commands now display a warning message to clarify the
    commands' behavior
    * New command to move a Pacemaker resource to its preferred node
    Fixed bugs:
    * Before this update, a bug caused location, ordering, and colocation constraints related to a resource
    group to be removed when removing any resource from that group. This bug has been fixed, and the
    constraints are now preserved until the group has no resources left, and is removed.
    * Previously, when a user disabled a resource clone or multi-state resource, and then later enabled a
    primitive resource within it, the clone or multi-state resource remained disabled. With this update,
    enabling a resource within a disabled clone or multi-state resource enables it.
    * When the web UI displayed a list of resource attributes, a bug caused the list to be truncated at the
    first = character. This update fixes the bug and now the web UI displays lists of resource attributes
    correctly.
    * The documentation for the pcs stonith confirm command was not clear. This could lead to incorrect
    usage of the command, which could in turn cause data corruption. With this update, the documentation has
    been improved and the pcs stonith confirm command is now more clearly explained.
    * Previously, if there were any unauthenticated nodes, creating a new cluster, adding a node to an
    existing cluster, or adding a cluster to the web UI failed with the message Node is not authenticated.
    With this update, when the web UI detects a problem with authentication, the web UI displays a dialog to
    authenticate nodes as necessary.
    * Previously, the web UI displayed only primitive resources. Thus there was no way to set attributes,
    constraints and other properties separately for a parent resource and a child resource. This has now been
    fixed, and resources are displayed in a tree structure, meaning all resource elements can be viewed and
    edited independently.
    Enhancements:
    * A dashboard has been added which shows the status of clusters in the web UI. Previously, it was not
    possible to view all important information about clusters in one place. Now, a dashboard showing the
    status of clusters has been added to the main page of the web UI.
    * With this update, the pcsd daemon automatically synchronizes pcsd configuration across a cluster. This
    enables the web UI to be run from any node, allowing management even if any particular node is down.
    * The web UI can now be used to set permissions for users and groups on a cluster. This allows users and
    groups to have their access restricted to certain operations on certain clusters.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/6104");
  script_set_attribute(attribute:"solution", value:
"Update the affected pcs package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-3225");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_severity", value:"Moderate");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/06/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/11/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pcs");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:7");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^7([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 7.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '7',
    'pkgs': [
      {'reference':'pcs-0.9.143-15.el7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pcs');
}