Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2019-2395.NASL
HistoryOct 29, 2019 - 12:00 a.m.

openSUSE Security Update : sysstat (openSUSE-2019-2395)

2019-10-2900:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
JSON

This update for sysstat fixes the following issue :

  • CVE-2019-16167: Fixed a memory corruption due to an integer overflow. (bsc#1150114)

This update was imported from the SUSE:SLE-15:Update update project.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2019-2395.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(130356);
  script_version("1.3");
  script_cvs_date("Date: 2019/12/17");

  script_cve_id("CVE-2019-16167");

  script_name(english:"openSUSE Security Update : sysstat (openSUSE-2019-2395)");
  script_summary(english:"Check for the openSUSE-2019-2395 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for sysstat fixes the following issue :

  - CVE-2019-16167: Fixed a memory corruption due to an
    integer overflow. (bsc#1150114)

This update was imported from the SUSE:SLE-15:Update update project."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1150114"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected sysstat packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:sysstat");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:sysstat-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:sysstat-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:sysstat-isag");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/10/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/29");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE15.1", reference:"sysstat-12.0.2-lp151.3.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"sysstat-debuginfo-12.0.2-lp151.3.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"sysstat-debugsource-12.0.2-lp151.3.9.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"sysstat-isag-12.0.2-lp151.3.9.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "sysstat / sysstat-debuginfo / sysstat-debugsource / sysstat-isag");
}
VendorProductVersionCPE
novellopensusesysstatp-cpe:/a:novell:opensuse:sysstat
novellopensusesysstat-debuginfop-cpe:/a:novell:opensuse:sysstat-debuginfo
novellopensusesysstat-debugsourcep-cpe:/a:novell:opensuse:sysstat-debugsource
novellopensusesysstat-isagp-cpe:/a:novell:opensuse:sysstat-isag
novellopensuse15.1cpe:/o:novell:opensuse:15.1

Related

openvas 6
osv 3
mageia 1
nessus 17
oraclelinux 1
suse 2
fedora 1
almalinux 1
debiancve 1
ubuntucve 1
prion 1
cve 1
redhat 3
veracode 1
redhatcve 1
rocky 1
rosalinux 1
ubuntu 1
cloudfoundry 1
debian 1
photon 6
openvas
openvas
Fedora: Security Advisory for sysstat (FEDORA-2020-9ced76e631)
2020-02-03 00:00:00
openSUSE: Security Advisory for sysstat (openSUSE-SU-2019:2395-1)
2020-01-09 00:00:00
Huawei EulerOS: Security Advisory for sysstat (EulerOS-SA-2020-1067)
2020-01-23 00:00:00
osv
osv
Low: sysstat security update
2020-11-03 12:22:41
CVE-2019-16167
2019-09-09 17:15:13
sysstat - security update
2022-11-14 00:00:00
mageia
mageia
Updated sysstat packages fix security vulnerability
2019-12-06 17:15:42
nessus
nessus
RHEL 8 : sysstat (RHSA-2022:0633)
2022-02-23 00:00:00
CentOS 9 : sysstat-12.5.4-2.el9
2024-02-29 00:00:00
EulerOS 2.0 SP8 : sysstat (EulerOS-SA-2019-2120)
2019-11-12 00:00:00
oraclelinux
oraclelinux
sysstat security update
2020-11-10 00:00:00
suse
suse
Security update for sysstat (moderate)
2019-10-28 00:00:00
Security update for sysstat (moderate)
2019-10-28 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: sysstat-12.3.1-1.fc31
2020-02-03 01:22:14
almalinux
almalinux
Low: sysstat security update
2020-11-03 12:22:41
debiancve
debiancve
CVE-2019-16167
2019-09-09 17:15:00
ubuntucve
ubuntucve
CVE-2019-16167
2019-09-09 00:00:00
prion
prion
Integer overflow
2019-09-09 17:15:00
cve
cve
CVE-2019-16167
2019-09-09 17:15:00
redhat
redhat
(RHSA-2022:0633) Low: sysstat security update
2022-02-22 14:34:16
(RHSA-2020:4638) Low: sysstat security update
2020-11-03 12:22:41
(RHSA-2020:5633) Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update
2021-02-24 14:49:26
veracode
veracode
Denial Of Service (DoS)
2020-11-05 03:18:25
redhatcve
redhatcve
CVE-2019-16167
2019-11-05 17:26:16
rocky
rocky
sysstat security update
2020-11-03 12:22:41
rosalinux
rosalinux
Advisory ROSA-SA-2021-1981
2021-07-02 18:12:04
ubuntu
ubuntu
Sysstat vulnerabilities
2020-01-20 00:00:00
cloudfoundry
cloudfoundry
USN-4242-1: Sysstat vulnerabilities | Cloud Foundry
2020-02-05 00:00:00
debian
debian
[SECURITY] [DLA 3188-1] sysstat security update
2022-11-13 21:55:28
photon
photon
Important Photon OS Security Update - PHSA-2019-0259
2019-11-22 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0184
2019-10-23 00:00:00
Critical Photon OS Security Update - PHSA-2019-0184
2019-10-23 00:00:00
JSON
Related for OPENSUSE-2019-2395.NASL
openvas6osv3mageia1nessus17oraclelinux1suse2fedora1almalinux1debiancve1ubuntucve1prion1cve1redhat3veracode1redhatcve1rocky1rosalinux1ubuntu1cloudfoundry1debian1photon6