MiracleLinux 7 : libguestfs-1.32.7-3.0.1.el7.AXS7, virt-p2v-1.32.7-2.el7 (AXSA:2016-1143:01)

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2016-1143:01.
##

include('compat.inc');

if (description)
{
  script_id(291578);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/19");

  script_cve_id("CVE-2015-8869");

  script_name(english:"MiracleLinux 7 : libguestfs-1.32.7-3.0.1.el7.AXS7, virt-p2v-1.32.7-2.el7 (AXSA:2016-1143:01)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the
AXSA:2016-1143:01 advisory.

    libguestfs
    Libguestfs is a library for accessing and modifying virtual machine
    disk images.  http://libguestfs.org
    It can be used to make batch configuration changes to guests, get
    disk used/free statistics (virt-df), migrate between hypervisors
    (virt-p2v, virt-v2v), perform backups and guest clones, change
    registry/UUID/hostname info, build guests from scratch (virt-builder)
    and much more.
    Libguestfs uses Linux kernel and qemu code, and can access any type of
    guest filesystem that Linux and qemu can, including but not limited
    to: ext2/3/4, btrfs, FAT and NTFS, LVM, many different disk partition
    schemes, qcow, qcow2, vmdk.
    Libguestfs for Red Hat Enterprise Linux is split into several subpackages.
    The basic subpackages are:
                   libguestfs  C library
             libguestfs-tools  virt-* tools, guestfish and guestmount (FUSE)
           libguestfs-tools-c  only the subset of virt tools written in C
                                 (for reduced dependencies)
                     virt-dib  safe and secure diskimage-builder replacement
                     virt-v2v  convert virtual or physical machines to run
                                 on KVM (also known as V2V and P2V)
    For enhanced features, install:
              libguestfs-gfs2  adds Global Filesystem (GFS2) support
     libguestfs-inspect-icons  adds support for inspecting guest icons
            libguestfs-rescue  enhances virt-rescue shell with more tools
             libguestfs-rsync  rsync to/from guest filesystems
               libguestfs-xfs  adds XFS support
    Language bindings:
             libguestfs-devel  C/C   header files and library
     libguestfs-gobject-devel  GObject bindings and GObject Introspection
        libguestfs-java-devel  Java bindings
                  lua-guestfs  Lua bindings
       ocaml-libguestfs-devel  OCaml bindings
             perl-Sys-Guestfs  Perl bindings
            python-libguestfs  Python bindings
              ruby-libguestfs  Ruby bindings
    virt-p2v
    Virt-p2v is a tool that converts physical machines to run under KVM.
    Security issues fixed with this release:
    CVE-2015-8869
    OCaml before 4.03.0 does not properly handle sign extensions, which
    allows remote attackers to conduct buffer overflow attacks or obtain
    sensitive information as demonstrated by a long string to the
    String.copy function.
    The following packages have been upgraded to a newer upstream version: libguestfs (1.32.7), virt-p2v
    (1.32.7).
    Additional Changes:

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/7575");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-8869");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_severity", value:"Moderate");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/05/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/12/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/19");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:libguestfs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:libguestfs-java");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:libguestfs-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:libguestfs-tools-c");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:libguestfs-xfs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:perl-Sys-Guestfs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:python-libguestfs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:virt-p2v");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:virt-v2v");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:7");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^7([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 7.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '7',
    'pkgs': [
      {'reference':'libguestfs-1.32.7-3.0.1.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'libguestfs-java-1.32.7-3.0.1.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'libguestfs-tools-1.32.7-3.0.1.el7.AXS7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'libguestfs-tools-c-1.32.7-3.0.1.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'libguestfs-xfs-1.32.7-3.0.1.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'perl-Sys-Guestfs-1.32.7-3.0.1.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'python-libguestfs-1.32.7-3.0.1.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'virt-p2v-1.32.7-2.el7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'virt-v2v-1.32.7-3.0.1.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libguestfs / libguestfs-java / libguestfs-tools / etc');
}