Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 Tenable Network Security, Inc.OPENSUSE-2016-82.NASL
HistoryJan 27, 2016 - 12:00 a.m.

openSUSE Security Update : libvirt (openSUSE-2016-82)

2016-01-2700:00:00
This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.
www.tenable.com
15

2.5 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

1.9 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Maintenance update for openSUSE13.1 libvirt package.

  • Fix cve-2015-5313: directory directory traversal privilege escalation vulnerability.
    e8643ef6-cve-2015-5313.patch bsc#953110

  • qemu: Call qemuSetupHostdevCGroup later during hotplug 05e149f9-call-qemuSetupHostdevCGroup-later.patch qemu:
    hotplug: Only label hostdev after checking device conflicts ee414b5d-fix-qemu-hotplug-usb-hostdev.patch bsc#863933

  • libxl: support virtual sound devices in HVM domains c0d3f608-libxl-soundhw.patch bsc#875216

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2016-82.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(88395);
  script_version("2.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2015-5313");

  script_name(english:"openSUSE Security Update : libvirt (openSUSE-2016-82)");
  script_summary(english:"Check for the openSUSE-2016-82 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Maintenance update for openSUSE13.1 libvirt package.

  - Fix cve-2015-5313: directory directory traversal
    privilege escalation vulnerability.
    e8643ef6-cve-2015-5313.patch bsc#953110

  - qemu: Call qemuSetupHostdevCGroup later during hotplug
    05e149f9-call-qemuSetupHostdevCGroup-later.patch qemu:
    hotplug: Only label hostdev after checking device
    conflicts ee414b5d-fix-qemu-hotplug-usb-hostdev.patch
    bsc#863933 

  - libxl: support virtual sound devices in HVM domains
    c0d3f608-libxl-soundhw.patch bsc#875216"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=863933"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=875216"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=953110"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected libvirt packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-client-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-client-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-client-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-config-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-config-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-uml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-uml-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-vbox");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-vbox-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-xen-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-qemu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-uml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-vbox");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-devel-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-login-shell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-login-shell-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-python-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/01/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/01/27");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE13.1", reference:"libvirt-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-client-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-client-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-config-network-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-config-nwfilter-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-interface-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-interface-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-lxc-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-lxc-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-network-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-network-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-nodedev-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-nodedev-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-nwfilter-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-nwfilter-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-qemu-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-qemu-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-secret-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-secret-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-storage-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-storage-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-uml-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-uml-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-vbox-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-driver-vbox-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-lxc-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-qemu-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-uml-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-daemon-vbox-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-debugsource-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-devel-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-lock-sanlock-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-lock-sanlock-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-login-shell-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-login-shell-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-python-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libvirt-python-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libvirt-client-32bit-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libvirt-client-debuginfo-32bit-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libvirt-daemon-driver-libxl-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libvirt-daemon-driver-libxl-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libvirt-daemon-driver-xen-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libvirt-daemon-driver-xen-debuginfo-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libvirt-daemon-xen-1.1.2-2.51.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libvirt-devel-32bit-1.1.2-2.51.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
  else security_note(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt / libvirt-client / libvirt-client-32bit / etc");
}
VendorProductVersionCPE
novellopensuselibvirtp-cpe:/a:novell:opensuse:libvirt
novellopensuselibvirt-clientp-cpe:/a:novell:opensuse:libvirt-client
novellopensuselibvirt-client-32bitp-cpe:/a:novell:opensuse:libvirt-client-32bit
novellopensuselibvirt-client-debuginfop-cpe:/a:novell:opensuse:libvirt-client-debuginfo
novellopensuselibvirt-client-debuginfo-32bitp-cpe:/a:novell:opensuse:libvirt-client-debuginfo-32bit
novellopensuselibvirt-daemonp-cpe:/a:novell:opensuse:libvirt-daemon
novellopensuselibvirt-daemon-driver-lxc-debuginfop-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc-debuginfo
novellopensuselibvirt-daemon-driver-networkp-cpe:/a:novell:opensuse:libvirt-daemon-driver-network
novellopensuselibvirt-daemon-driver-network-debuginfop-cpe:/a:novell:opensuse:libvirt-daemon-driver-network-debuginfo
novellopensuselibvirt-daemon-driver-nodedevp-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev
Rows per page:
1-10 of 481

Related

prion 1
openvas 7
nvd 1
nessus 15
gentoo 1
mageia 1
freebsd 1
altlinux 1
cve 1
fedora 2
debiancve 1
veracode 1
cvelist 1
ubuntucve 1
ibm 1
redhat 1
oraclelinux 1
centos 1
ubuntu 1
osv 15
prion
prion
Directory traversal
2016-04-11 21:59:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2016:0923-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:0931-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2016-0103)
2016-03-10 00:00:00
nvd
nvd
CVE-2015-5313
2016-04-11 21:59:04
nessus
nessus
FreeBSD : libvirt -- ACL bypass using ../ to access beyond storage pool (f714b4c9-a6c1-11e5-88d7-047d7b492d07)
2015-12-21 00:00:00
SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2016:0923-1)
2016-04-01 00:00:00
GLSA-201612-10 : libvirt: Directory traversal
2016-12-05 00:00:00
gentoo
gentoo
libvirt: Directory traversal
2016-12-04 00:00:00
mageia
mageia
Updated libvirt packages fix security vulnerability
2016-03-10 01:57:53
freebsd
freebsd
libvirt -- ACL bypass using ../ to access beyond storage pool
2015-10-30 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package libvirt version 1.3.0-alt1
2015-12-18 00:00:00
cve
cve
CVE-2015-5313
2016-04-11 21:59:04
fedora
fedora
[SECURITY] Fedora 22 Update: libvirt-1.2.13.2-1.fc22
2016-01-08 03:35:48
[SECURITY] Fedora 23 Update: libvirt-1.2.18.2-1.fc23
2015-12-28 23:01:08
debiancve
debiancve
CVE-2015-5313
2016-04-11 21:59:04
veracode
veracode
Directory Traversal
2018-07-20 08:56:18
cvelist
cvelist
CVE-2015-5313
2016-04-11 21:00:00
ubuntucve
ubuntucve
CVE-2015-5313
2015-12-18 00:00:00
ibm
ibm
Security Bulletin: Two vulnerabilities in libvirt affect PowerKVM (CVE-2015-5313, CVE-2016-5008)
2018-06-18 01:33:12
redhat
redhat
(RHSA-2016:2577) Moderate: libvirt security, bug fix, and enhancement update
2016-11-03 06:07:14
oraclelinux
oraclelinux
libvirt security, bug fix, and enhancement update
2016-11-09 00:00:00
centos
centos
libvirt security update
2016-11-25 15:59:54
ubuntu
ubuntu
libvirt vulnerabilities
2016-01-12 00:00:00
osv
osv
CVE-2020-25637
2020-10-06 14:15:12
CVE-2021-3631
2022-03-02 23:15:08
CVE-2019-10132
2019-05-22 18:29:00

2.5 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

1.9 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for OPENSUSE-2016-82.NASL
prion1openvas7nvd1nessus15gentoo1mageia1freebsd1altlinux1cve1fedora2debiancve1veracode1cvelist1ubuntucve1ibm1redhat1oraclelinux1centos1ubuntu1osv15