Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2016-2573.NASL
HistoryNov 11, 2016 - 12:00 a.m.

Oracle Linux 7 : glibc (ELSA-2016-2573)

2016-11-1100:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
JSON

From Red Hat Security Advisory 2016:2573 :

An update for glibc is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

Security Fix(es) :

  • A stack overflow vulnerability was found in _nss_dns_getnetbyname_r.
    On systems with nsswitch configured to include ‘networks: dns’ with a privileged or network-facing service that would attempt to resolve user-provided network names, an attacker could provide an excessively long network name, resulting in stack corruption and code execution.
    (CVE-2016-3075)

This issue was discovered by Florian Weimer (Red Hat).

Additional Changes :

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2016:2573 and 
# Oracle Linux Security Advisory ELSA-2016-2573 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(94696);
  script_version("2.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2016-3075");
  script_xref(name:"RHSA", value:"2016:2573");

  script_name(english:"Oracle Linux 7 : glibc (ELSA-2016-2573)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Oracle Linux host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"From Red Hat Security Advisory 2016:2573 :

An update for glibc is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security
impact of Low. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link (s) in the References section.

The glibc packages provide the standard C libraries (libc), POSIX
thread libraries (libpthread), standard math libraries (libm), and the
name service cache daemon (nscd) used by multiple programs on the
system. Without these libraries, the Linux system cannot function
correctly.

Security Fix(es) :

* A stack overflow vulnerability was found in _nss_dns_getnetbyname_r.
On systems with nsswitch configured to include 'networks: dns' with a
privileged or network-facing service that would attempt to resolve
user-provided network names, an attacker could provide an excessively
long network name, resulting in stack corruption and code execution.
(CVE-2016-3075)

This issue was discovered by Florian Weimer (Red Hat).

Additional Changes :

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.3 Release Notes linked from the References section."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/el-errata/2016-November/006465.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected glibc packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:glibc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:glibc-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:glibc-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:glibc-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:glibc-static");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:glibc-utils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:nscd");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/11/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/11");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Oracle Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 7", "Oracle Linux " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);

flag = 0;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"glibc-2.17-157.el7")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"glibc-common-2.17-157.el7")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"glibc-devel-2.17-157.el7")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"glibc-headers-2.17-157.el7")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"glibc-static-2.17-157.el7")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"glibc-utils-2.17-157.el7")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"nscd-2.17-157.el7")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-devel / glibc-headers / glibc-static / etc");
}
VendorProductVersionCPE
oraclelinuxglibcp-cpe:/a:oracle:linux:glibc
oraclelinuxglibc-commonp-cpe:/a:oracle:linux:glibc-common
oraclelinuxglibc-develp-cpe:/a:oracle:linux:glibc-devel
oraclelinuxglibc-headersp-cpe:/a:oracle:linux:glibc-headers
oraclelinuxglibc-staticp-cpe:/a:oracle:linux:glibc-static
oraclelinuxglibc-utilsp-cpe:/a:oracle:linux:glibc-utils
oraclelinuxnscdp-cpe:/a:oracle:linux:nscd
oraclelinux7cpe:/o:oracle:linux:7

Related

nessus 21
ibm 3
ubuntucve 1
prion 1
openvas 14
debiancve 1
redhat 1
f5 2
cve 1
centos 1
amazon 1
archlinux 2
fedora 2
oraclelinux 2
altlinux 1
osv 1
mageia 1
debian 1
photon 2
gentoo 1
ubuntu 2
cloudfoundry 1
suse 2
nessus
nessus
Oracle Linux 7 : glibc (ELSA-2016-3638)
2023-09-07 00:00:00
CentOS 7 : glibc (CESA-2016:2573)
2016-11-28 00:00:00
EulerOS 2.0 SP1 : glibc (EulerOS-SA-2016-1073)
2017-05-01 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in GNU C Library (glibc) affects IBM Flex System FC5022 16Gb SAN Scalable Switch (CVE-2016-3075)
2019-01-31 02:25:02
Security Bulletin: Vulnerability in glibc affects Power Hardware Management Console (CVE-2016-3075)
2021-09-23 01:31:39
Security Bulletin: A vulnerability in glibc affects PowerKVM
2018-06-18 01:34:56
ubuntucve
ubuntucve
CVE-2016-3075
2016-03-31 00:00:00
prion
prion
Stack overflow
2016-06-01 20:59:00
openvas
openvas
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2016-1073)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2018-1344)
2020-01-23 00:00:00
RedHat Update for glibc RHSA-2016:2573-02
2016-11-04 00:00:00
debiancve
debiancve
CVE-2016-3075
2016-06-01 20:59:00
redhat
redhat
(RHSA-2016:2573) Low: glibc security, bug fix, and enhancement update
2016-11-03 06:07:14
f5
f5
SOL15439022 - glibc vulnerability CVE-2016-3075
2016-05-23 00:00:00
K15439022 : glibc vulnerability CVE-2016-3075
2016-05-23 00:00:00
cve
cve
CVE-2016-3075
2016-06-01 20:59:00
centos
centos
glibc, nscd security update
2016-11-25 15:25:38
amazon
amazon
Low: glibc
2017-02-06 18:00:00
archlinux
archlinux
glibc: denial of service
2016-08-08 00:00:00
lib32-glibc: denial of service
2016-08-08 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: glibc-2.23.1-7.fc24
2016-05-14 23:42:24
[SECURITY] Fedora 23 Update: glibc-2.22-15.fc23
2016-05-10 18:01:37
oraclelinux
oraclelinux
glibc security update
2016-11-09 00:00:00
glibc security, bug fix, and enhancement update
2016-11-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package glibc version 6:2.23-alt2
2016-05-10 00:00:00
osv
osv
eglibc - security update
2016-05-30 00:00:00
mageia
mageia
Updated glibc packages fix security vulnerabilities
2016-05-24 01:00:58
debian
debian
[SECURITY] [DLA 494-1] eglibc security update
2016-05-30 04:24:49
photon
photon
Important Photon OS Security Update - PHSA-2017-0037
2017-04-24 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0013
2017-04-24 00:00:00
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2017-02-19 00:00:00
ubuntu
ubuntu
GNU C Library regression
2016-05-26 00:00:00
GNU C Library vulnerabilities
2016-05-25 00:00:00
cloudfoundry
cloudfoundry
USN-2985-2 GNU C Library regression | Cloud Foundry
2016-06-13 00:00:00
suse
suse
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53
JSON
Related for ORACLELINUX_ELSA-2016-2573.NASL
nessus21ibm3ubuntucve1prion1openvas14debiancve1redhat1f52cve1centos1amazon1archlinux2fedora2oraclelinux2altlinux1osv1mageia1debian1photon2gentoo1ubuntu2cloudfoundry1suse2