Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.NEWSTART_CGSL_NS-SA-2019-0224_PACEMAKER.NASL
HistoryDec 02, 2019 - 12:00 a.m.

NewStart CGSL CORE 5.04 / MAIN 5.04 : pacemaker Multiple Vulnerabilities (NS-SA-2019-0224)

2019-12-0200:00:00
This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
JSON

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pacemaker packages installed that are affected by multiple vulnerabilities:

  • A flaw was found in the way pacemaker’s client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation. (CVE-2018-16877)

  • A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.
    (CVE-2019-3885)

  • A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

# The descriptive text and package checks in this plugin were
# extracted from ZTE advisory NS-SA-2019-0224. The text
# itself is copyright (C) ZTE, Inc.

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(131424);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/18");

  script_cve_id("CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885");
  script_bugtraq_id(108036, 108039, 108042);

  script_name(english:"NewStart CGSL CORE 5.04 / MAIN 5.04 : pacemaker Multiple Vulnerabilities (NS-SA-2019-0224)");

  script_set_attribute(attribute:"synopsis", value:
"The remote machine is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pacemaker packages installed that are affected
by multiple vulnerabilities:

  - A flaw was found in the way pacemaker's client-server
    authentication was implemented in versions up to and
    including 2.0.0. A local attacker could use this flaw,
    and combine it with other IPC weaknesses, to achieve
    local privilege escalation. (CVE-2018-16877)

  - A use-after-free flaw was found in pacemaker up to and
    including version 2.0.1 which could result in certain
    sensitive information to be leaked via the system logs.
    (CVE-2019-3885)

  - A flaw was found in pacemaker up to and including
    version 2.0.1. An insufficient verification inflicted
    preference of uncontrolled processes can lead to DoS
    (CVE-2018-16878)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"http://security.gd-linux.com/notice/NS-SA-2019-0224");
  script_set_attribute(attribute:"solution", value:
"Upgrade the vulnerable CGSL pacemaker packages. Note that updated packages may not be available yet. Please contact ZTE
for more information.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3885");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2018-16877");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/11/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/02");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"NewStart CGSL Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/ZTE-CGSL/release");
if (isnull(release) || release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, "NewStart Carrier Grade Server Linux");

if (release !~ "CGSL CORE 5.04" &&
    release !~ "CGSL MAIN 5.04")
  audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');

if (!get_kb_item("Host/ZTE-CGSL/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "NewStart Carrier Grade Server Linux", cpu);

flag = 0;

pkgs = {
  "CGSL CORE 5.04": [
    "pacemaker-1.1.20-5.el7_7.1",
    "pacemaker-cli-1.1.20-5.el7_7.1",
    "pacemaker-cluster-libs-1.1.20-5.el7_7.1",
    "pacemaker-cts-1.1.20-5.el7_7.1",
    "pacemaker-debuginfo-1.1.20-5.el7_7.1",
    "pacemaker-doc-1.1.20-5.el7_7.1",
    "pacemaker-libs-1.1.20-5.el7_7.1",
    "pacemaker-libs-devel-1.1.20-5.el7_7.1",
    "pacemaker-nagios-plugins-metadata-1.1.20-5.el7_7.1",
    "pacemaker-remote-1.1.20-5.el7_7.1"
  ],
  "CGSL MAIN 5.04": [
    "pacemaker-1.1.20-5.el7_7.1",
    "pacemaker-cli-1.1.20-5.el7_7.1",
    "pacemaker-cluster-libs-1.1.20-5.el7_7.1",
    "pacemaker-cts-1.1.20-5.el7_7.1",
    "pacemaker-debuginfo-1.1.20-5.el7_7.1",
    "pacemaker-doc-1.1.20-5.el7_7.1",
    "pacemaker-libs-1.1.20-5.el7_7.1",
    "pacemaker-libs-devel-1.1.20-5.el7_7.1",
    "pacemaker-nagios-plugins-metadata-1.1.20-5.el7_7.1",
    "pacemaker-remote-1.1.20-5.el7_7.1"
  ]
};
pkg_list = pkgs[release];

foreach (pkg in pkg_list)
  if (rpm_check(release:"ZTE " + release, reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "pacemaker");
}

Related

ibm 3
oraclelinux 1
fedora 3
nessus 15
suse 2
openvas 5
redhat 2
ubuntu 1
mageia 1
amazon 1
gentoo 1
osv 4
debian 1
ubuntucve 3
redhatcve 3
prion 3
veracode 3
debiancve 3
cve 3
ibm
ibm
Security Bulletin: IBM MQ Appliance is affected by Pacemaker vulnerabilities (CVE-2018-16878, CVE-2018-16877, CVE-2019-3885)
2020-12-18 18:18:11
Security Bulletin: IBM MQ is affected by multiple vulnerabilities in Pacemaker
2020-12-18 14:09:33
Security Bulletin: WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in Pacemaker, ImageMagick, gd-libgd, libxslt, cURL libcurl , Ghostscript.
2022-02-21 04:39:05
oraclelinux
oraclelinux
pacemaker security and bug fix update
2019-07-30 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: pacemaker-2.0.1-2.fc30
2019-04-23 23:44:10
[SECURITY] Fedora 29 Update: pacemaker-2.0.0-5.fc29
2019-05-05 02:44:11
[SECURITY] Fedora 28 Update: pacemaker-1.1.18-3.fc28
2019-05-04 01:17:47
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : Pacemaker vulnerabilities (USN-3952-1)
2019-04-24 00:00:00
RHEL 8 : pacemaker (RHSA-2019:1279)
2019-05-28 00:00:00
RHEL 7 : pacemaker (RHSA-2019:1278)
2019-05-28 00:00:00
suse
suse
Security update for pacemaker (important)
2019-05-15 00:00:00
Security update for pacemaker (important)
2019-05-08 00:00:00
openvas
openvas
Ubuntu Update for pacemaker USN-3952-1
2019-04-24 00:00:00
Fedora Update for pacemaker FEDORA-2019-e71f6f36ac
2019-05-04 00:00:00
Fedora Update for pacemaker FEDORA-2019-b502250ba4
2019-05-07 00:00:00
redhat
redhat
(RHSA-2019:1279) Important: pacemaker security and bug fix update
2019-05-27 15:45:19
(RHSA-2019:1278) Important: pacemaker security update
2019-05-27 15:45:15
ubuntu
ubuntu
Pacemaker vulnerabilities
2019-04-23 00:00:00
mageia
mageia
Updated pacemaker packages fix security vulnerabilities
2019-12-19 16:44:26
amazon
amazon
Important: pacemaker
2019-08-23 03:37:00
gentoo
gentoo
Pacemaker: Multiple Vulnerabilities
2023-09-29 00:00:00
osv
osv
pacemaker - security update
2021-01-06 00:00:00
CVE-2018-16877
2019-04-18 18:29:00
CVE-2018-16878
2019-04-18 18:29:00
debian
debian
[SECURITY] [DLA 2519-1] pacemaker security update
2021-01-06 22:25:21
ubuntucve
ubuntucve
CVE-2018-16878
2019-04-17 00:00:00
CVE-2018-16877
2019-04-17 00:00:00
CVE-2019-3885
2019-04-17 00:00:00
redhatcve
redhatcve
CVE-2018-16878
2019-04-17 10:20:11
CVE-2018-16877
2019-04-17 09:50:40
CVE-2019-3885
2019-04-17 10:20:39
prion
prion
Design/Logic Flaw
2019-04-18 18:29:00
Privilege escalation
2019-04-18 18:29:00
Design/Logic Flaw
2019-04-18 18:29:00
veracode
veracode
Denial Of Service (DoS)
2019-06-03 00:24:53
Privilege Escalation
2019-06-03 00:24:53
Information Disclosure
2019-06-03 00:24:53
debiancve
debiancve
CVE-2018-16877
2019-04-18 18:29:00
CVE-2018-16878
2019-04-18 18:29:00
CVE-2019-3885
2019-04-18 18:29:00
cve
cve
CVE-2018-16877
2019-04-18 18:29:00
CVE-2018-16878
2019-04-18 18:29:00
CVE-2019-3885
2019-04-18 18:29:00
JSON
Related for NEWSTART_CGSL_NS-SA-2019-0224_PACEMAKER.NASL
ibm3oraclelinux1fedora3nessus15suse2openvas5redhat2ubuntu1mageia1amazon1gentoo1osv4debian1ubuntucve3redhatcve3prion3veracode3debiancve3cve3