Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 Tenable Network Security, Inc.OPENSUSE-2016-588.NASL
HistoryMay 18, 2016 - 12:00 a.m.

openSUSE Security Update : varnish (openSUSE-2016-588)

2016-05-1800:00:00
This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.
www.tenable.com
8
JSON

This varnish update to version 3.0.7 fixes the following issues :

Security issues fixed :

  • CVE-2015-8852: Vulnerable to HTTP Smuggling issues:
    Double Content Length and bad EOL. (boo#976097)

Bugs fixed :

  • Stop recognizing a single CR (\r) as a HTTP line separator.

  • Improved error detection on master-child process communication, leading to faster recovery (child restart) if communication loses sync.

  • Fix a corner-case where Content-Length was wrong for HTTP 1.0 clients, when using gzip and streaming.

  • More robust handling of hop-by-hop headers.

  • Avoid memory leak when adding bans.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2016-588.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(91205);
  script_version("2.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2015-8852");

  script_name(english:"openSUSE Security Update : varnish (openSUSE-2016-588)");
  script_summary(english:"Check for the openSUSE-2016-588 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This varnish update to version 3.0.7 fixes the following issues :

Security issues fixed :

  - CVE-2015-8852: Vulnerable to HTTP Smuggling issues:
    Double Content Length and bad EOL. (boo#976097)

Bugs fixed :

  - Stop recognizing a single CR (\r) as a HTTP line
    separator.

  - Improved error detection on master-child process
    communication, leading to faster recovery (child
    restart) if communication loses sync.

  - Fix a corner-case where Content-Length was wrong for
    HTTP 1.0 clients, when using gzip and streaming.

  - More robust handling of hop-by-hop headers.

  - Avoid memory leak when adding bans."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=976097"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected varnish packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvarnishapi1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvarnishapi1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:varnish");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:varnish-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:varnish-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:varnish-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/05/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/05/18");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE13.2", reference:"libvarnishapi1-3.0.7-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"libvarnishapi1-debuginfo-3.0.7-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"varnish-3.0.7-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"varnish-debuginfo-3.0.7-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"varnish-debugsource-3.0.7-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"varnish-devel-3.0.7-2.3.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvarnishapi1 / libvarnishapi1-debuginfo / varnish / etc");
}
VendorProductVersionCPE
novellopensuselibvarnishapi1p-cpe:/a:novell:opensuse:libvarnishapi1
novellopensuselibvarnishapi1-debuginfop-cpe:/a:novell:opensuse:libvarnishapi1-debuginfo
novellopensusevarnishp-cpe:/a:novell:opensuse:varnish
novellopensusevarnish-debuginfop-cpe:/a:novell:opensuse:varnish-debuginfo
novellopensusevarnish-debugsourcep-cpe:/a:novell:opensuse:varnish-debugsource
novellopensusevarnish-develp-cpe:/a:novell:opensuse:varnish-devel
novellopensuse13.2cpe:/o:novell:opensuse:13.2

Related

nessus 3
openvas 4
amazon 1
cve 1
ubuntucve 1
prion 1
debian 2
gentoo 1
osv 1
mageia 1
debiancve 1
hackerone 2
nessus
nessus
Debian DSA-3553-1 : varnish - security update
2016-04-25 00:00:00
GLSA-201607-10 : Varnish: Multiple vulnerabilities
2016-07-21 00:00:00
Amazon Linux AMI : varnish (ALAS-2016-721)
2016-07-15 00:00:00
openvas
openvas
Debian Security Advisory DSA 3553-1 (varnish - security update)
2016-04-22 00:00:00
Debian Security Advisory DSA 3553-1 (varnish - security update)
2016-04-22 00:00:00
Amazon Linux: Security Advisory (ALAS-2016-721)
2016-10-26 00:00:00
amazon
amazon
Important: varnish
2016-07-14 16:30:00
cve
cve
CVE-2015-8852
2016-04-25 14:59:00
ubuntucve
ubuntucve
CVE-2015-8852
2016-04-25 00:00:00
prion
prion
Cross site request forgery (csrf)
2016-04-25 14:59:00
debian
debian
[SECURITY] [DSA 3553-1] varnish security update
2016-04-22 07:34:25
[SECURITY] [DSA 3553-1] varnish security update
2016-04-22 07:34:25
gentoo
gentoo
Varnish: Multiple vulnerabilities
2016-07-20 00:00:00
osv
osv
varnish - security update
2016-04-22 00:00:00
mageia
mageia
Updated varnish packages fix CVE-2015-8852
2016-04-25 10:57:21
debiancve
debiancve
CVE-2015-8852
2016-04-25 14:59:00
hackerone
hackerone
Internet Bug Bounty: Apache HTTP Request Parsing Whitespace Defects
2017-06-29 17:41:22
Internet Bug Bounty: Multiple HTTP Smuggling reports
2019-07-17 22:47:10
JSON
Related for OPENSUSE-2016-588.NASL
nessus3openvas4amazon1cve1ubuntucve1prion1debian2gentoo1osv1mageia1debiancve1hackerone2