Oracle Linux 8 : pacemaker (ELSA-2019-1279)

2019-08-12T00:00:00

Description

From Red Hat Security Advisory 2019:1279 : An update for pacemaker is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Security Fix(es) : * pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc (CVE-2018-16877) * pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878) * pacemaker: Information disclosure through use-after-free (CVE-2019-3885) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * Interrupted live migration will get full start rather than completed migration (BZ#1695247)

{"id": "ORACLELINUX_ELSA-2019-1279.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Oracle Linux 8 : pacemaker (ELSA-2019-1279)", "description": "From Red Hat Security Advisory 2019:1279 :\n\nAn update for pacemaker is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures.\n\nSecurity Fix(es) :\n\n* pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc (CVE-2018-16877)\n\n* pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878)\n\n* pacemaker: Information disclosure through use-after-free (CVE-2019-3885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Interrupted live migration will get full start rather than completed migration (BZ#1695247)", "published": "2019-08-12T00:00:00", "modified": "2022-05-19T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/127588", "reporter": "This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16877", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3885", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16878", "https://oss.oracle.com/pipermail/el-errata/2019-August/008976.html"], "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "immutableFields": [], "lastseen": "2023-05-24T14:28:14", "viewCount": 14, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS2-2019-1275"]}, {"type": "cve", "idList": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2519-1:F4EAF"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-16877", "DEBIANCVE:CVE-2018-16878", "DEBIANCVE:CVE-2019-3885"]}, {"type": "fedora", "idList": ["FEDORA:97BCC60200CC", "FEDORA:A98D3604EC00", "FEDORA:AFEEB60608E3"]}, {"type": "ibm", "idList": ["4E73E30F75AED2360643FD48F176E48FEDE9AF562A5E051D96379F78DEE7AB27", "9EAED1F5FB3762874ED935AF686A504F1630ADB20AA5EBFAE97EAEEEA4C0DAF8", "D8676400C4D14B2D1B5F94F57536D6B43C6BF15DED8668D5B115B832F4F08E63"]}, {"type": "mageia", "idList": ["MGASA-2019-0394"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1275.NASL", "CENTOS8_RHSA-2019-1279.NASL", "DEBIAN_DLA-2519.NASL", "FEDORA_2019-B502250BA4.NASL", "FEDORA_2019-E4C8DE3FB7.NASL", "FEDORA_2019-E71F6F36AC.NASL", "NEWSTART_CGSL_NS-SA-2019-0224_PACEMAKER.NASL", "NEWSTART_CGSL_NS-SA-2019-0258_PACEMAKER.NASL", "OPENSUSE-2019-1342.NASL", "OPENSUSE-2019-1400.NASL", "REDHAT-RHSA-2019-1278.NASL", "REDHAT-RHSA-2019-1279.NASL", "SL_20190528_PACEMAKER_ON_SL7_X.NASL", "UBUNTU_USN-3952-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310843983", "OPENVAS:1361412562310852482", "OPENVAS:1361412562310852499", "OPENVAS:1361412562310875590", "OPENVAS:1361412562310875750"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-1279"]}, {"type": "osv", "idList": ["OSV:DLA-2519-1"]}, {"type": "redhat", "idList": ["RHSA-2019:1278", "RHSA-2019:1279"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-16877", "RH:CVE-2018-16878", "RH:CVE-2019-3885"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1342-1", "OPENSUSE-SU-2019:1400-1"]}, {"type": "ubuntu", "idList": ["USN-3952-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-16877", "UB:CVE-2018-16878", "UB:CVE-2019-3885"]}, {"type": "veracode", "idList": ["VERACODE:20409", "VERACODE:20410", "VERACODE:20411"]}]}, "score": {"value": -0.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS2-2019-1275"]}, {"type": "cve", "idList": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2519-1:F4EAF"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-16877", "DEBIANCVE:CVE-2018-16878", "DEBIANCVE:CVE-2019-3885"]}, {"type": "fedora", "idList": ["FEDORA:97BCC60200CC", "FEDORA:A98D3604EC00", "FEDORA:AFEEB60608E3"]}, {"type": "ibm", "idList": ["D8676400C4D14B2D1B5F94F57536D6B43C6BF15DED8668D5B115B832F4F08E63"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1275.NASL", "CENTOS8_RHSA-2019-1279.NASL", "DEBIAN_DLA-2519.NASL", "FEDORA_2019-B502250BA4.NASL", "FEDORA_2019-E4C8DE3FB7.NASL", "FEDORA_2019-E71F6F36AC.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310843983", "OPENVAS:1361412562310852482", "OPENVAS:1361412562310875590", "OPENVAS:1361412562310875750"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-1279"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-16877", "RH:CVE-2018-16878", "RH:CVE-2019-3885"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1342-1", "OPENSUSE-SU-2019:1400-1"]}, {"type": "ubuntu", "idList": ["USN-3952-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-16877", "UB:CVE-2018-16878", "UB:CVE-2019-3885"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2018-16877", "epss": 0.00042, "percentile": 0.05667, "modified": "2023-05-06"}, {"cve": "CVE-2018-16878", "epss": 0.00045, "percentile": 0.1211, "modified": "2023-05-06"}, {"cve": "CVE-2019-3885", "epss": 0.00679, "percentile": 0.77, "modified": "2023-05-06"}], "vulnersScore": -0.1}, "_state": {"dependencies": 1685049388, "score": 1684938513, "epss": 0}, "_internal": {"score_hash": "7192026003de11ed20f9b9de1a8dce8f"}, "pluginID": "127588", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:1279 and \n# Oracle Linux Security Advisory ELSA-2019-1279 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127588);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_xref(name:\"RHSA\", value:\"2019:1279\");\n\n script_name(english:\"Oracle Linux 8 : pacemaker (ELSA-2019-1279)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2019:1279 :\n\nAn update for pacemaker is now available for Red Hat Enterprise Linux\n8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Pacemaker cluster resource manager is a collection of technologies\nworking together to maintain data integrity and application\navailability in the event of failures.\n\nSecurity Fix(es) :\n\n* pacemaker: Insufficient local IPC client-server authentication on\nthe client's side can lead to local privesc (CVE-2018-16877)\n\n* pacemaker: Insufficient verification inflicted preference of\nuncontrolled processes can lead to DoS (CVE-2018-16878)\n\n* pacemaker: Information disclosure through use-after-free\n(CVE-2019-3885)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Interrupted live migration will get full start rather than completed\nmigration (BZ#1695247)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2019-August/008976.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected pacemaker packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16877\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pacemaker-cluster-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pacemaker-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pacemaker-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"pacemaker-cluster-libs-2.0.1-4.el8_0.3\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"pacemaker-libs-2.0.1-4.el8_0.3\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"pacemaker-schemas-2.0.1-4.el8_0.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pacemaker-cluster-libs / pacemaker-libs / pacemaker-schemas\");\n}\n", "naslFamily": "Oracle Linux Local Security Checks", "cpe": ["p-cpe:/a:oracle:linux:pacemaker-cluster-libs", "p-cpe:/a:oracle:linux:pacemaker-libs", "p-cpe:/a:oracle:linux:pacemaker-schemas", "cpe:/o:oracle:linux:8"], "solution": "Update the affected pacemaker packages.", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2019-3885", "vendor_cvss2": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "vendor_cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2019-08-01T00:00:00", "vulnerabilityPublicationDate": "2019-04-18T00:00:00", "exploitableWith": []}

{"oraclelinux": [{"lastseen": "2021-07-30T06:24:34", "description": "[2.0.1-4.3]\n- New build with fixed test in gating.yaml\n- Resolves: rhbz#1694557\n- Resolves: rhbz#1695247\n- Resolves: rhbz#1697264\n- Resolves: rhbz#1697265\n[2.0.1-4.2]\n- New build to apply z-stream tag\n- Resolves: rhbz#1694557\n- Resolves: rhbz#1695247\n- Resolves: rhbz#1697264\n- Resolves: rhbz#1697265\n[2.0.1-4.1]\n- Improve clients' authentication of IPC servers (CVE-2018-16877)\n- Fix use-after-free with potential information disclosure (CVE-2019-3885)\n- Improve pacemakerd authentication of running subdaemons (CVE-2018-16878)\n- Restore correct behavior when live migration is interrupted\n- Resolves: rhbz#1694557\n- Resolves: rhbz#1695247\n- Resolves: rhbz#1697264\n- Resolves: rhbz#1697265", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-30T00:00:00", "type": "oraclelinux", "title": "pacemaker security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-07-30T00:00:00", "id": "ELSA-2019-1279", "href": "http://linux.oracle.com/errata/ELSA-2019-1279.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "ibm": [{"lastseen": "2023-02-27T21:47:53", "description": "## Summary\n\nIBM MQ Appliance has resolved Pacemaker vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2018-16878](<https://vulners.com/cve/CVE-2018-16878>) \n**DESCRIPTION: **Pacemaker is vulnerable to a denial of service, caused by an insufficient verification inflicted preference of uncontrolled processes. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2018-16877](<https://vulners.com/cve/CVE-2018-16877>) \n**DESCRIPTION: **Pacemaker could allow a local attacker to gain elevated privileges on the system, caused by a flaw in the authentication in the client server. An attacker could exploit this vulnerability to escalate privileges. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159859](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159859>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2019-3885](<https://vulners.com/cve/CVE-2019-3885>) \n**DESCRIPTION: **Pacemaker could allow a remote attacker to obtain sensitive information, caused by a use-after-free flaw. A remote attacker could exploit this vulnerability to obtain sensitive information from the system logs. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159857](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159857>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM MQ Appliance | 9.1 LTS \nIBM MQ Appliance | 9.1 CD \n \n## Remediation/Fixes\n\n**IBM MQ Appliance 9.1 LTS**\n\nApply fixpack [9.1.0.6](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+MQ+Appliance+M2000&release=All&function=fixId&fixids=9.1.0.6-IBM-MQ-Appliance-U0000&includeSupersedes=1> \"9.1.0.6\" ), or later maintenance\n\n**IBM MQ Appliance 9.1 CD**\n\nUpgrade to [9.2.1](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+MQ+Appliance+M2000&release=All&function=fixId&fixids=9.2.1-IBM-MQ-Appliance-U0000&includeSupersedes=1> \"9.2.1\" ), or later maintenance\n\n## Workarounds and Mitigations\n\nOnly affects IBM MQ Appliances configured as part of a Highly Available group, where the appliances are not directly connected.\n\n## ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-18T18:18:11", "type": "ibm", "title": "Security Bulletin: IBM MQ Appliance is affected by Pacemaker vulnerabilities (CVE-2018-16878, CVE-2018-16877, CVE-2019-3885)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2020-12-18T18:18:11", "id": "4E73E30F75AED2360643FD48F176E48FEDE9AF562A5E051D96379F78DEE7AB27", "href": "https://www.ibm.com/support/pages/node/6388650", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T21:47:55", "description": "## Summary\n\nMultiple vulnerabilities were identified in the Pacemaker component that is bundled with IBM MQ Advanced for use by replicated data queue managers (RDQM).\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2018-16878](<https://vulners.com/cve/CVE-2018-16878>) \n**DESCRIPTION: **Pacemaker is vulnerable to a denial of service, caused by an insufficient verification inflicted preference of uncontrolled processes. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2018-16877](<https://vulners.com/cve/CVE-2018-16877>) \n**DESCRIPTION: **Pacemaker could allow a local attacker to gain elevated privileges on the system, caused by a flaw in the authentication in the client server. An attacker could exploit this vulnerability to escalate privileges. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159859](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159859>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2019-3885](<https://vulners.com/cve/CVE-2019-3885>) \n**DESCRIPTION: **Pacemaker could allow a remote attacker to obtain sensitive information, caused by a use-after-free flaw. A remote attacker could exploit this vulnerability to obtain sensitive information from the system logs. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159857](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159857>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM MQ | 9.1 LTS \nIBM MQ | 9.1 CD \nIBM MQ | 9.2 CD \nIBM MQ | 9.2 LTS \n \n## Remediation/Fixes\n\n**IBM MQ 9.1 LTS**\n\n[Apply Fixpack 9.1.0.7](<https://www.ibm.com/support/pages/downloading-ibm-mq-9107> \"Apply Fixpack 9.1.0.7\" )\n\n**IBM MQ 9.2 LTS**\n\n[Apply Fixpack 9.2.0.1](<https://www.ibm.com/support/pages/downloading-ibm-mq-version-9201> \"Apply Fixpack 9.2.0.1\" )\n\n**IBM MQ 9.1 CD and IBM MQ 9.2 CD**\n\n[Upgrade to IBM MQ 9.2.1](<https://www.ibm.com/support/pages/downloading-ibm-mq-921-continuous-delivery> \"Upgrade to IBM MQ 9.2.1\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-18T14:09:33", "type": "ibm", "title": "Security Bulletin: IBM MQ is affected by multiple vulnerabilities in Pacemaker", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2020-12-18T14:09:33", "id": "D8676400C4D14B2D1B5F94F57536D6B43C6BF15DED8668D5B115B832F4F08E63", "href": "https://www.ibm.com/support/pages/node/6382912", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-24T06:09:11", "description": "## Summary\n\nWebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in Pacemaker, ImageMagick, gd-libgd, libxslt, cURL libcurl , Ghostscript. These vulnerabilities are addressed in App connect professional v7.5.4.0 and v7.5.5.0, customer can migrate to these versions without incurring any additional cost. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-11472](<https://vulners.com/cve/CVE-2019-11472>) \n** DESCRIPTION: **ImageMagick is vulnerable to a denial of service, caused by a divide-by-zero error in the ReadXWDImage function in coders/xwd.c. By persuading a victim to open a specially-crafted XWD image file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160054](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160054>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-11470](<https://vulners.com/cve/CVE-2019-11470>) \n** DESCRIPTION: **ImageMagick is vulnerable to a denial of service, caused by uncontrolled resource consumption in the ReadXWDImage function in coders/xwd.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160055](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160055>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-11597](<https://vulners.com/cve/CVE-2019-11597>) \n** DESCRIPTION: **ImageMagick is vulnerable to a denial of service, caused by a heap-based buffer over-read in the WritePNMImage function in coders/pnm.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service or possibly obtain sensitive information. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160255](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160255>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2014-9709](<https://vulners.com/cve/CVE-2014-9709>) \n** DESCRIPTION: **gd-libgd is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by gd_gif_in.c. By sending a specially-crafted GIF file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/101757](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101757>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2019-11479](<https://vulners.com/cve/CVE-2019-11479>) \n** DESCRIPTION: **Linux Kernel is vulnerable to a denial of service, caused by a flaw when processing minimum segment size (MSS). By sending specially-crafted MSS traffic, a remote attacker could exploit this vulnerability to cause excess usage of system resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162665](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162665>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-11477](<https://vulners.com/cve/CVE-2019-11477>) \n** DESCRIPTION: **Linux Kernel is vulnerable to a denial of service, caused by an integer overflow when processing TCP Selective Acknowledgement (SACK) capabilities. By sending specially-crafted SACKs requests, a remote attacker could exploit this vulnerability to cause a kernel panic condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162662](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162662>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-11598](<https://vulners.com/cve/CVE-2019-11598>) \n** DESCRIPTION: **ImageMagick is vulnerable to a denial of service, caused by a heap-based buffer over-read in the WritePNMImage function in coders/pnm.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service or possibly obtain sensitive information. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160252](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160252>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2019-11478](<https://vulners.com/cve/CVE-2019-11478>) \n** DESCRIPTION: **Linux Kernel is vulnerable to a denial of service, caused by an issue with fragmenting the TCP retransmission queue when processing TCP Selective Acknowledgement (SACK) capabilities. By sending specially-crafted SACKs requests, a remote attacker could exploit this vulnerability to cause an excess of system resource usage. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162664](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162664>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-11599](<https://vulners.com/cve/CVE-2019-11599>) \n** DESCRIPTION: **Linux Kernel is vulnerable to a denial of service, caused by a race condition in the coredump implementation. By using a specially-crafted system call, a local attacker could exploit this vulnerability to cause the application to crash or obtain sensitive information. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160262](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160262>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2019-3885](<https://vulners.com/cve/CVE-2019-3885>) \n** DESCRIPTION: **Pacemaker could allow a remote attacker to obtain sensitive information, caused by a use-after-free flaw. A remote attacker could exploit this vulnerability to obtain sensitive information from the system logs. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159857](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159857>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2016-2774](<https://vulners.com/cve/CVE-2016-2774>) \n** DESCRIPTION: **ISC DHCP is vulnerable to a denial of service, caused by the failure to limit the number of open TCP connections to the ports for inter-process communications and control. By opening a large number of TCP connections, a remote attacker from within the local network could exploit this vulnerability to become unresponsive or consume all available sockets. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/111319](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111319>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-11068](<https://vulners.com/cve/CVE-2019-11068>) \n** DESCRIPTION: **libxslt could allow a remote attacker to bypass security restrictions, caused by a flaw in the xsltCheckRead and xsltCheckWrite routines. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159898](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159898>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-10131](<https://vulners.com/cve/CVE-2019-10131>) \n** DESCRIPTION: **ImageMagick is vulnerable to a denial of service, caused by an off-by-one read flaw in the formatIPTCfromBuffer function in coders/meta.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160672](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160672>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-1120](<https://vulners.com/cve/CVE-2018-1120>) \n** DESCRIPTION: **procps-ng procps is vulnerable to a denial of service, caused by improper validation of user-supplied request. By mmaping a FUSE file to the process command-line arguments, a remote attacker could exploit this vulnerability to block read access to the files under /proc/PID/. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/143450](<https://exchange.xforce.ibmcloud.com/vulnerabilities/143450>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-10650](<https://vulners.com/cve/CVE-2019-10650>) \n** DESCRIPTION: **ImageMagick is vulnerable to a denial of service, caused by a heap-based buffer over-read in the WriteTIFFImage function in coders/tiff.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160121](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160121>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-5436](<https://vulners.com/cve/CVE-2019-5436>) \n** DESCRIPTION: **cURL libcurl is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the tftp_receive_packet() function. By sending overly long data, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-3838](<https://vulners.com/cve/CVE-2019-3838>) \n** DESCRIPTION: **Ghostscript could allow a remote attacker to bypass security restrictions, caused by improper usage of forceput operator. By persuading a victim to open a specially-crafted PostScript file, a remote attacker could exploit this vulnerability to gain access to the file system outside of the constraints imposed by -dSAFER. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158503](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158503>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2018-16877](<https://vulners.com/cve/CVE-2018-16877>) \n** DESCRIPTION: **Pacemaker could allow a local attacker to gain elevated privileges on the system, caused by a flaw in the authentication in the client server. An attacker could exploit this vulnerability to escalate privileges. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159859](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159859>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2018-16878](<https://vulners.com/cve/CVE-2018-16878>) \n** DESCRIPTION: **Pacemaker is vulnerable to a denial of service, caused by insufficient verification inflicted preference of uncontrolled processes. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWebSphere Cast Iron | 7.5.1.0 \nApp Connect Professional| 7.5.2.0 \nApp Connect Professional| 7.5.4.0 \nApp Connect Professional| 7.5.5.0 \n \n\n\n## Remediation/Fixes\n\nAffected Product(s)| Version(s)| Remediation \n---|---|--- \nApp Connect Professional| 7.5.4.0| [7540 Fixcentral link](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm%2FWebSphere%2FApp+Connect+Professional&release=7.5.4.0&platform=All&function=fixId&fixids=7.5.4.0-WS-ACP-20211208-2245_H28_64-CUMUIFIX-026.vcrypt2,&includeSupersedes=0> \"7540 Fixcentral link\" ) \nApp Connect Professional| 7.5.5.0| [7550 Fixcentral link](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm%2FWebSphere%2FApp+Connect+Professional&release=7.5.5.0&platform=All&function=fixId&fixids=7.5.5.0-WS-ACP-20220208-0829_H31_64-CUMUIFIX-008.builtDockerImage,7.5.5.0-WS-ACP-20220208-0829_H31_64-CUMUIFIX-008.docker,7.5.5.0-WS-ACP-20220208-0829_H31_64-CUMUIFIX-008.vcrypt2,7.5.5.0-WS-ACP-20220208-0829_H31_64-CUMUIFIX-008.sc-linux,7.5.5.0-WS-ACP-20220208-0829_H31_64-CUMUIFIX-008.32bit.sc-linux,7.5.5.0-WS-ACP-20220208-0829_H31_64-CUMUIFIX-008.32bit.sc-win,7.5.5.0-WS-ACP-20220208-0829_H31_64-CUMUIFIX-008.sc-win&includeSupersedes=0> \"7550 Fixcentral link\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-21T04:39:05", "type": "ibm", "title": "Security Bulletin: WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in Pacemaker, ImageMagick, gd-libgd, libxslt, cURL libcurl , Ghostscript.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9709", "CVE-2016-2774", "CVE-2018-1120", "CVE-2018-16877", "CVE-2018-16878", "CVE-2019-10131", "CVE-2019-10650", "CVE-2019-11068", "CVE-2019-11470", "CVE-2019-11472", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479", "CVE-2019-11597", "CVE-2019-11598", "CVE-2019-11599", "CVE-2019-3838", "CVE-2019-3885", "CVE-2019-5436"], "modified": "2022-02-21T04:39:05", "id": "9EAED1F5FB3762874ED935AF686A504F1630ADB20AA5EBFAE97EAEEEA4C0DAF8", "href": "https://www.ibm.com/support/pages/node/6558082", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "fedora": [{"lastseen": "2021-07-28T18:41:38", "description": "Pacemaker is an advanced, scalable High-Availability cluster resource manager. It supports more than 16 node clusters with significant capabilities for managing resources and dependencies. It will run scripts at initialization, when machines go up or down, when related resources fail and can be configured to periodically check resource health. Available rpmbuild rebuild options: --with(out) : coverage doc hardening pre_release profiling ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-04-23T23:44:10", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: pacemaker-2.0.1-2.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-04-23T23:44:10", "id": "FEDORA:AFEEB60608E3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HR6QUYGML735EI3HEEHYRDW7EG73BUH2/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Pacemaker is an advanced, scalable High-Availability cluster resource manager. It supports more than 16 node clusters with significant capabilities for managing resources and dependencies. It will run scripts at initialization, when machines go up or down, when related resources fail and can be configured to periodically check resource health. Available rpmbuild rebuild options: --with(out) : coverage doc hardening pre_release profiling ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-05T02:44:11", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: pacemaker-2.0.0-5.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-05-05T02:44:11", "id": "FEDORA:97BCC60200CC", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FY4M4RMIG2POKC6OOFQODGKPRYXHET2F/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Pacemaker is an advanced, scalable High-Availability cluster resource manager for Corosync, CMAN and/or Linux-HA. It supports more than 16 node clusters with significant capabilities for managing resources and dependencies. It will run scripts at initialization, when machines go up or down, when related resources fail and can be configured to periodically check resource health. Available rpmbuild rebuild options: --with(out) : coverage doc hardening pre_release profiling ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-04T01:17:47", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: pacemaker-1.1.18-3.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-05-04T01:17:47", "id": "FEDORA:A98D3604EC00", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3GCWFO7GL6MBU6C4BGFO3P6L77DIBBF3/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2023-05-24T14:10:51", "description": "Jan Pokorny discovered that Pacemaker incorrectly handled client-server authentication. A local attacker could possibly use this issue to escalate privileges. (CVE-2018-16877)\n\nJan Pokorny discovered that Pacemaker incorrectly handled certain verifications. A local attacker could possibly use this issue to cause a denial of service. (CVE-2018-16878)\n\nJan Pokorny discovered that Pacemaker incorrectly handled certain memory operations. A local attacker could possibly use this issue to obtain sensitive information in log outputs. This issue only applied to Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. (CVE-2019-3885).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-04-24T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : Pacemaker vulnerabilities (USN-3952-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:pacemaker", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-3952-1.NASL", "href": "https://www.tenable.com/plugins/nessus/124274", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3952-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124274);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_xref(name:\"USN\", value:\"3952-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : Pacemaker vulnerabilities (USN-3952-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Jan Pokorny discovered that Pacemaker incorrectly handled\nclient-server authentication. A local attacker could possibly use this\nissue to escalate privileges. (CVE-2018-16877)\n\nJan Pokorny discovered that Pacemaker incorrectly handled certain\nverifications. A local attacker could possibly use this issue to cause\na denial of service. (CVE-2018-16878)\n\nJan Pokorny discovered that Pacemaker incorrectly handled certain\nmemory operations. A local attacker could possibly use this issue to\nobtain sensitive information in log outputs. This issue only applied\nto Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. (CVE-2019-3885).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3952-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected pacemaker package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:pacemaker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|18\\.10|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 18.10 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"pacemaker\", pkgver:\"1.1.14-2ubuntu1.6\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"pacemaker\", pkgver:\"1.1.18-0ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"pacemaker\", pkgver:\"1.1.18-2ubuntu1.18.10.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"pacemaker\", pkgver:\"1.1.18-2ubuntu1.19.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pacemaker\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-08-19T12:27:22", "description": "Security fix for CVE-2019-3885, CVE-2018-16877, CVE-2018-16878\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-02T00:00:00", "type": "nessus", "title": "Fedora 30 : pacemaker (2019-e4c8de3fb7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2020-01-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pacemaker", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-E4C8DE3FB7.NASL", "href": "https://www.tenable.com/plugins/nessus/124549", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-e4c8de3fb7.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124549);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/21\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_xref(name:\"FEDORA\", value:\"2019-e4c8de3fb7\");\n\n script_name(english:\"Fedora 30 : pacemaker (2019-e4c8de3fb7)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2019-3885, CVE-2018-16877, CVE-2018-16878\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-e4c8de3fb7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pacemaker package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pacemaker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"pacemaker-2.0.1-2.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pacemaker\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:22:58", "description": "Security Fix(es) :\n\n - pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc (CVE-2018-16877)\n\n - pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878)\n\n - pacemaker: Information disclosure through use-after-free (CVE-2019-3885)", "cvss3": {}, "published": "2019-05-29T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : pacemaker on SL7.x x86_64 (20190528)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:pacemaker", "p-cpe:/a:fermilab:scientific_linux:pacemaker-cli", "p-cpe:/a:fermilab:scientific_linux:pacemaker-cluster-libs", "p-cpe:/a:fermilab:scientific_linux:pacemaker-cts", "p-cpe:/a:fermilab:scientific_linux:pacemaker-debuginfo", "p-cpe:/a:fermilab:scientific_linux:pacemaker-doc", "p-cpe:/a:fermilab:scientific_linux:pacemaker-libs", "p-cpe:/a:fermilab:scientific_linux:pacemaker-libs-devel", "p-cpe:/a:fermilab:scientific_linux:pacemaker-nagios-plugins-metadata", "p-cpe:/a:fermilab:scientific_linux:pacemaker-remote", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20190528_PACEMAKER_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/125531", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125531);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n\n script_name(english:\"Scientific Linux Security Update : pacemaker on SL7.x x86_64 (20190528)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - pacemaker: Insufficient local IPC client-server\n authentication on the client's side can lead to local\n privesc (CVE-2018-16877)\n\n - pacemaker: Insufficient verification inflicted\n preference of uncontrolled processes can lead to DoS\n (CVE-2018-16878)\n\n - pacemaker: Information disclosure through use-after-free\n (CVE-2019-3885)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1905&L=SCIENTIFIC-LINUX-ERRATA&P=6805\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e9a86cfa\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pacemaker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pacemaker-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pacemaker-cluster-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pacemaker-cts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pacemaker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pacemaker-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pacemaker-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pacemaker-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pacemaker-nagios-plugins-metadata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:pacemaker-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"pacemaker-1.1.19-8.el7_6.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"pacemaker-cli-1.1.19-8.el7_6.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"pacemaker-cluster-libs-1.1.19-8.el7_6.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"pacemaker-cts-1.1.19-8.el7_6.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"pacemaker-debuginfo-1.1.19-8.el7_6.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"pacemaker-doc-1.1.19-8.el7_6.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"pacemaker-libs-1.1.19-8.el7_6.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"pacemaker-libs-devel-1.1.19-8.el7_6.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"pacemaker-nagios-plugins-metadata-1.1.19-8.el7_6.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"pacemaker-remote-1.1.19-8.el7_6.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pacemaker / pacemaker-cli / pacemaker-cluster-libs / pacemaker-cts / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:27:06", "description": "Security fix for CVE-2019-3885, CVE-2018-16877, CVE-2018-16878\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-06T00:00:00", "type": "nessus", "title": "Fedora 29 : pacemaker (2019-b502250ba4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2020-01-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pacemaker", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-B502250BA4.NASL", "href": "https://www.tenable.com/plugins/nessus/124604", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-b502250ba4.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124604);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/21\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_xref(name:\"FEDORA\", value:\"2019-b502250ba4\");\n\n script_name(english:\"Fedora 29 : pacemaker (2019-b502250ba4)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2019-3885, CVE-2018-16877, CVE-2018-16878\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-b502250ba4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pacemaker package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pacemaker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"pacemaker-2.0.0-5.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pacemaker\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-24T14:27:34", "description": "A flaw was found in pacemaker. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS. (CVE-2018-16878)\n\nA use-after-free flaw was found in pacemaker which could result in certain sensitive information to be leaked via the system logs.\n(CVE-2019-3885)\n\nA flaw was found in the way pacemaker's client-server authentication was implemented. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.\n(CVE-2018-16877)", "cvss3": {}, "published": "2019-08-28T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : pacemaker (ALAS-2019-1275)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:pacemaker", "p-cpe:/a:amazon:linux:pacemaker-cli", "p-cpe:/a:amazon:linux:pacemaker-cluster-libs", "p-cpe:/a:amazon:linux:pacemaker-cts", "p-cpe:/a:amazon:linux:pacemaker-debuginfo", "p-cpe:/a:amazon:linux:pacemaker-doc", "p-cpe:/a:amazon:linux:pacemaker-libs", "p-cpe:/a:amazon:linux:pacemaker-libs-devel", "p-cpe:/a:amazon:linux:pacemaker-nagios-plugins-metadata", "p-cpe:/a:amazon:linux:pacemaker-remote", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1275.NASL", "href": "https://www.tenable.com/plugins/nessus/128289", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1275.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128289);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_xref(name:\"ALAS\", value:\"2019-1275\");\n\n script_name(english:\"Amazon Linux 2 : pacemaker (ALAS-2019-1275)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A flaw was found in pacemaker. An insufficient verification inflicted\npreference of uncontrolled processes can lead to DoS. (CVE-2018-16878)\n\nA use-after-free flaw was found in pacemaker which could result in\ncertain sensitive information to be leaked via the system logs.\n(CVE-2019-3885)\n\nA flaw was found in the way pacemaker's client-server authentication\nwas implemented. A local attacker could use this flaw, and combine it\nwith other IPC weaknesses, to achieve local privilege escalation.\n(CVE-2018-16877)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1275.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update pacemaker' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:pacemaker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:pacemaker-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:pacemaker-cluster-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:pacemaker-cts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:pacemaker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:pacemaker-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:pacemaker-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:pacemaker-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:pacemaker-nagios-plugins-metadata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:pacemaker-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"pacemaker-1.1.20-5.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"pacemaker-cli-1.1.20-5.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"pacemaker-cluster-libs-1.1.20-5.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"pacemaker-cts-1.1.20-5.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"pacemaker-debuginfo-1.1.20-5.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"pacemaker-doc-1.1.20-5.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"pacemaker-libs-1.1.20-5.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"pacemaker-libs-devel-1.1.20-5.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"pacemaker-nagios-plugins-metadata-1.1.20-5.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"pacemaker-remote-1.1.20-5.amzn2.0.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pacemaker / pacemaker-cli / pacemaker-cluster-libs / pacemaker-cts / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:33", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has pacemaker packages installed that are affected by multiple vulnerabilities:\n\n - A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation. (CVE-2018-16877)\n\n - A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.\n (CVE-2019-3885)\n\n - A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-12-31T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : pacemaker Multiple Vulnerabilities (NS-SA-2019-0258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2022-05-18T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0258_PACEMAKER.NASL", "href": "https://www.tenable.com/plugins/nessus/132469", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0258. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132469);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_bugtraq_id(108036, 108039, 108042);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : pacemaker Multiple Vulnerabilities (NS-SA-2019-0258)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has pacemaker packages installed that are affected\nby multiple vulnerabilities:\n\n - A flaw was found in the way pacemaker's client-server\n authentication was implemented in versions up to and\n including 2.0.0. A local attacker could use this flaw,\n and combine it with other IPC weaknesses, to achieve\n local privilege escalation. (CVE-2018-16877)\n\n - A use-after-free flaw was found in pacemaker up to and\n including version 2.0.1 which could result in certain\n sensitive information to be leaked via the system logs.\n (CVE-2019-3885)\n\n - A flaw was found in pacemaker up to and including\n version 2.0.1. An insufficient verification inflicted\n preference of uncontrolled processes can lead to DoS\n (CVE-2018-16878)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0258\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL pacemaker packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16877\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.05\": [\n \"pacemaker-1.1.20-5.el7_7.1\",\n \"pacemaker-cli-1.1.20-5.el7_7.1\",\n \"pacemaker-cluster-libs-1.1.20-5.el7_7.1\",\n \"pacemaker-cts-1.1.20-5.el7_7.1\",\n \"pacemaker-debuginfo-1.1.20-5.el7_7.1\",\n \"pacemaker-doc-1.1.20-5.el7_7.1\",\n \"pacemaker-libs-1.1.20-5.el7_7.1\",\n \"pacemaker-libs-devel-1.1.20-5.el7_7.1\",\n \"pacemaker-nagios-plugins-metadata-1.1.20-5.el7_7.1\",\n \"pacemaker-remote-1.1.20-5.el7_7.1\"\n ],\n \"CGSL MAIN 5.05\": [\n \"pacemaker-1.1.20-5.el7_7.1\",\n \"pacemaker-cli-1.1.20-5.el7_7.1\",\n \"pacemaker-cluster-libs-1.1.20-5.el7_7.1\",\n \"pacemaker-cts-1.1.20-5.el7_7.1\",\n \"pacemaker-debuginfo-1.1.20-5.el7_7.1\",\n \"pacemaker-doc-1.1.20-5.el7_7.1\",\n \"pacemaker-libs-1.1.20-5.el7_7.1\",\n \"pacemaker-libs-devel-1.1.20-5.el7_7.1\",\n \"pacemaker-nagios-plugins-metadata-1.1.20-5.el7_7.1\",\n \"pacemaker-remote-1.1.20-5.el7_7.1\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pacemaker\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-08-19T12:27:06", "description": "Security fix for CVE-2019-3885, CVE-2018-16877, CVE-2018-16878\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-06T00:00:00", "type": "nessus", "title": "Fedora 28 : pacemaker (2019-e71f6f36ac)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2020-01-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pacemaker", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-E71F6F36AC.NASL", "href": "https://www.tenable.com/plugins/nessus/124606", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-e71f6f36ac.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124606);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/21\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_xref(name:\"FEDORA\", value:\"2019-e71f6f36ac\");\n\n script_name(english:\"Fedora 28 : pacemaker (2019-e71f6f36ac)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2019-3885, CVE-2018-16877, CVE-2018-16878\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-e71f6f36ac\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pacemaker package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pacemaker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"pacemaker-1.1.18-3.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pacemaker\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-24T14:33:07", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pacemaker packages installed that are affected by multiple vulnerabilities:\n\n - A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation. (CVE-2018-16877)\n\n - A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.\n (CVE-2019-3885)\n\n - A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-12-02T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : pacemaker Multiple Vulnerabilities (NS-SA-2019-0224)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2022-05-18T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0224_PACEMAKER.NASL", "href": "https://www.tenable.com/plugins/nessus/131424", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0224. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131424);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_bugtraq_id(108036, 108039, 108042);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : pacemaker Multiple Vulnerabilities (NS-SA-2019-0224)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pacemaker packages installed that are affected\nby multiple vulnerabilities:\n\n - A flaw was found in the way pacemaker's client-server\n authentication was implemented in versions up to and\n including 2.0.0. A local attacker could use this flaw,\n and combine it with other IPC weaknesses, to achieve\n local privilege escalation. (CVE-2018-16877)\n\n - A use-after-free flaw was found in pacemaker up to and\n including version 2.0.1 which could result in certain\n sensitive information to be leaked via the system logs.\n (CVE-2019-3885)\n\n - A flaw was found in pacemaker up to and including\n version 2.0.1. An insufficient verification inflicted\n preference of uncontrolled processes can lead to DoS\n (CVE-2018-16878)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0224\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL pacemaker packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16877\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"pacemaker-1.1.20-5.el7_7.1\",\n \"pacemaker-cli-1.1.20-5.el7_7.1\",\n \"pacemaker-cluster-libs-1.1.20-5.el7_7.1\",\n \"pacemaker-cts-1.1.20-5.el7_7.1\",\n \"pacemaker-debuginfo-1.1.20-5.el7_7.1\",\n \"pacemaker-doc-1.1.20-5.el7_7.1\",\n \"pacemaker-libs-1.1.20-5.el7_7.1\",\n \"pacemaker-libs-devel-1.1.20-5.el7_7.1\",\n \"pacemaker-nagios-plugins-metadata-1.1.20-5.el7_7.1\",\n \"pacemaker-remote-1.1.20-5.el7_7.1\"\n ],\n \"CGSL MAIN 5.04\": [\n \"pacemaker-1.1.20-5.el7_7.1\",\n \"pacemaker-cli-1.1.20-5.el7_7.1\",\n \"pacemaker-cluster-libs-1.1.20-5.el7_7.1\",\n \"pacemaker-cts-1.1.20-5.el7_7.1\",\n \"pacemaker-debuginfo-1.1.20-5.el7_7.1\",\n \"pacemaker-doc-1.1.20-5.el7_7.1\",\n \"pacemaker-libs-1.1.20-5.el7_7.1\",\n \"pacemaker-libs-devel-1.1.20-5.el7_7.1\",\n \"pacemaker-nagios-plugins-metadata-1.1.20-5.el7_7.1\",\n \"pacemaker-remote-1.1.20-5.el7_7.1\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pacemaker\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:22:40", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1279 advisory.\n\n - pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc (CVE-2018-16877)\n\n - pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878)\n\n - pacemaker: Information disclosure through use-after-free (CVE-2019-3885)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : pacemaker (CESA-2019:1279)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2022-05-11T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:pacemaker-cluster-libs", "p-cpe:/a:centos:centos:pacemaker-libs", "p-cpe:/a:centos:centos:pacemaker-schemas"], "id": "CENTOS8_RHSA-2019-1279.NASL", "href": "https://www.tenable.com/plugins/nessus/145674", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:1279. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145674);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_bugtraq_id(108036, 108039, 108042);\n script_xref(name:\"RHSA\", value:\"2019:1279\");\n\n script_name(english:\"CentOS 8 : pacemaker (CESA-2019:1279)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:1279 advisory.\n\n - pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local\n privesc (CVE-2018-16877)\n\n - pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS\n (CVE-2018-16878)\n\n - pacemaker: Information disclosure through use-after-free (CVE-2019-3885)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:1279\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected pacemaker-cluster-libs, pacemaker-libs and / or pacemaker-schemas packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16877\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pacemaker-cluster-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pacemaker-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pacemaker-schemas\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'pacemaker-cluster-libs-2.0.1-4.el8_0.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pacemaker-cluster-libs-2.0.1-4.el8_0.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pacemaker-libs-2.0.1-4.el8_0.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pacemaker-libs-2.0.1-4.el8_0.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pacemaker-schemas-2.0.1-4.el8_0.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pacemaker-schemas-2.0.1-4.el8_0.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pacemaker-cluster-libs / pacemaker-libs / pacemaker-schemas');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-08-19T12:22:43", "description": "An update for pacemaker is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures.\n\nSecurity Fix(es) :\n\n* pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc (CVE-2018-16877)\n\n* pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878)\n\n* pacemaker: Information disclosure through use-after-free (CVE-2019-3885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-05-28T00:00:00", "type": "nessus", "title": "RHEL 7 : pacemaker (RHSA-2019:1278)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:pacemaker", "p-cpe:/a:redhat:enterprise_linux:pacemaker-cli", "p-cpe:/a:redhat:enterprise_linux:pacemaker-cluster-libs", "p-cpe:/a:redhat:enterprise_linux:pacemaker-cts", "p-cpe:/a:redhat:enterprise_linux:pacemaker-debuginfo", "p-cpe:/a:redhat:enterprise_linux:pacemaker-doc", "p-cpe:/a:redhat:enterprise_linux:pacemaker-libs", "p-cpe:/a:redhat:enterprise_linux:pacemaker-libs-devel", "p-cpe:/a:redhat:enterprise_linux:pacemaker-nagios-plugins-metadata", "p-cpe:/a:redhat:enterprise_linux:pacemaker-remote", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-1278.NASL", "href": "https://www.tenable.com/plugins/nessus/125445", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:1278. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125445);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_xref(name:\"RHSA\", value:\"2019:1278\");\n\n script_name(english:\"RHEL 7 : pacemaker (RHSA-2019:1278)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for pacemaker is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Pacemaker cluster resource manager is a collection of technologies\nworking together to maintain data integrity and application\navailability in the event of failures.\n\nSecurity Fix(es) :\n\n* pacemaker: Insufficient local IPC client-server authentication on\nthe client's side can lead to local privesc (CVE-2018-16877)\n\n* pacemaker: Insufficient verification inflicted preference of\nuncontrolled processes can lead to DoS (CVE-2018-16878)\n\n* pacemaker: Information disclosure through use-after-free\n(CVE-2019-3885)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:1278\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-3885\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-cluster-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-cts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-nagios-plugins-metadata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:1278\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"pacemaker-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pacemaker-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"pacemaker-cli-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pacemaker-cli-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"pacemaker-cluster-libs-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"pacemaker-cluster-libs-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pacemaker-cluster-libs-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"pacemaker-cts-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pacemaker-cts-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"pacemaker-debuginfo-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"pacemaker-debuginfo-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pacemaker-debuginfo-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"pacemaker-doc-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pacemaker-doc-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"pacemaker-libs-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"pacemaker-libs-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pacemaker-libs-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"pacemaker-libs-devel-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"pacemaker-libs-devel-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pacemaker-libs-devel-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"pacemaker-nagios-plugins-metadata-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pacemaker-nagios-plugins-metadata-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"pacemaker-remote-1.1.19-8.el7_6.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"pacemaker-remote-1.1.19-8.el7_6.5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pacemaker / pacemaker-cli / pacemaker-cluster-libs / pacemaker-cts / etc\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:22:32", "description": "An update for pacemaker is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures.\n\nSecurity Fix(es) :\n\n* pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc (CVE-2018-16877)\n\n* pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878)\n\n* pacemaker: Information disclosure through use-after-free (CVE-2019-3885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Interrupted live migration will get full start rather than completed migration (BZ#1695247)", "cvss3": {}, "published": "2019-05-28T00:00:00", "type": "nessus", "title": "RHEL 8 : pacemaker (RHSA-2019:1279)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2020-01-30T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:pacemaker", "p-cpe:/a:redhat:enterprise_linux:pacemaker-cli", "p-cpe:/a:redhat:enterprise_linux:pacemaker-cli-debuginfo", "p-cpe:/a:redhat:enterprise_linux:pacemaker-cluster-libs", "p-cpe:/a:redhat:enterprise_linux:pacemaker-cluster-libs-debuginfo", "p-cpe:/a:redhat:enterprise_linux:pacemaker-cts", "p-cpe:/a:redhat:enterprise_linux:pacemaker-debuginfo", "p-cpe:/a:redhat:enterprise_linux:pacemaker-debugsource", "p-cpe:/a:redhat:enterprise_linux:pacemaker-doc", "p-cpe:/a:redhat:enterprise_linux:pacemaker-libs", "p-cpe:/a:redhat:enterprise_linux:pacemaker-libs-debuginfo", "p-cpe:/a:redhat:enterprise_linux:pacemaker-libs-devel", "p-cpe:/a:redhat:enterprise_linux:pacemaker-nagios-plugins-metadata", "p-cpe:/a:redhat:enterprise_linux:pacemaker-remote", "p-cpe:/a:redhat:enterprise_linux:pacemaker-remote-debuginfo", "p-cpe:/a:redhat:enterprise_linux:pacemaker-schemas", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:enterprise_linux:8.0"], "id": "REDHAT-RHSA-2019-1279.NASL", "href": "https://www.tenable.com/plugins/nessus/125446", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:1279. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125446);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2020/01/30\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_xref(name:\"RHSA\", value:\"2019:1279\");\n\n script_name(english:\"RHEL 8 : pacemaker (RHSA-2019:1279)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for pacemaker is now available for Red Hat Enterprise Linux\n8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Pacemaker cluster resource manager is a collection of technologies\nworking together to maintain data integrity and application\navailability in the event of failures.\n\nSecurity Fix(es) :\n\n* pacemaker: Insufficient local IPC client-server authentication on\nthe client's side can lead to local privesc (CVE-2018-16877)\n\n* pacemaker: Insufficient verification inflicted preference of\nuncontrolled processes can lead to DoS (CVE-2018-16878)\n\n* pacemaker: Information disclosure through use-after-free\n(CVE-2019-3885)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Interrupted live migration will get full start rather than completed\nmigration (BZ#1695247)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:1279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-3885\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-cli-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-cluster-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-cluster-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-cts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-nagios-plugins-metadata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-remote-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pacemaker-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:1279\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"pacemaker-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pacemaker-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"pacemaker-cli-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pacemaker-cli-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"pacemaker-cli-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"pacemaker-cli-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pacemaker-cli-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"pacemaker-cluster-libs-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"pacemaker-cluster-libs-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pacemaker-cluster-libs-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"pacemaker-cluster-libs-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"pacemaker-cluster-libs-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pacemaker-cluster-libs-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"pacemaker-cts-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"pacemaker-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"pacemaker-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pacemaker-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"pacemaker-debugsource-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"pacemaker-debugsource-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pacemaker-debugsource-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"pacemaker-doc-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"pacemaker-libs-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"pacemaker-libs-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pacemaker-libs-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"pacemaker-libs-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"pacemaker-libs-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pacemaker-libs-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"pacemaker-libs-devel-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"pacemaker-libs-devel-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pacemaker-libs-devel-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"pacemaker-nagios-plugins-metadata-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"pacemaker-remote-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pacemaker-remote-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"pacemaker-remote-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"pacemaker-remote-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"pacemaker-remote-debuginfo-2.0.1-4.el8_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"pacemaker-schemas-2.0.1-4.el8_0.3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pacemaker / pacemaker-cli / pacemaker-cli-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-02-19T13:49:48", "description": "This update for pacemaker fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-3885: Fixed an information disclosure in log output. (bsc#1131357)\n\n - CVE-2018-16877: Fixed a local privilege escalation through insufficient IPC client-server authentication.\n (bsc#1131356)\n\n - CVE-2018-16878: Fixed a denial of service through insufficient verification inflicted preference of uncontrolled processes. (bsc#1131353)\n\nNon-security issue fixed :\n\n - crmd: delete resource from lrmd when appropriate to avoid timeouts with crmsh (bsc#1117381).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : pacemaker (openSUSE-2019-1400)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpacemaker-devel", "p-cpe:/a:novell:opensuse:libpacemaker3", "p-cpe:/a:novell:opensuse:libpacemaker3-debuginfo", "p-cpe:/a:novell:opensuse:pacemaker", "p-cpe:/a:novell:opensuse:pacemaker-cli", "p-cpe:/a:novell:opensuse:pacemaker-cli-debuginfo", "p-cpe:/a:novell:opensuse:pacemaker-cts", "p-cpe:/a:novell:opensuse:pacemaker-debuginfo", "p-cpe:/a:novell:opensuse:pacemaker-debugsource", "p-cpe:/a:novell:opensuse:pacemaker-remote", "p-cpe:/a:novell:opensuse:pacemaker-remote-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-1400.NASL", "href": "https://www.tenable.com/plugins/nessus/125213", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1400.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125213);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n\n script_name(english:\"openSUSE Security Update : pacemaker (openSUSE-2019-1400)\");\n script_summary(english:\"Check for the openSUSE-2019-1400 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for pacemaker fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-3885: Fixed an information disclosure in log\n output. (bsc#1131357)\n\n - CVE-2018-16877: Fixed a local privilege escalation\n through insufficient IPC client-server authentication.\n (bsc#1131356)\n\n - CVE-2018-16878: Fixed a denial of service through\n insufficient verification inflicted preference of\n uncontrolled processes. (bsc#1131353)\n\nNon-security issue fixed :\n\n - crmd: delete resource from lrmd when appropriate to\n avoid timeouts with crmsh (bsc#1117381).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131357\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pacemaker packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3885\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpacemaker-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpacemaker3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpacemaker3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-cli-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-cts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-remote-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpacemaker-devel-1.1.18+20180430.b12c320f5-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpacemaker3-1.1.18+20180430.b12c320f5-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpacemaker3-debuginfo-1.1.18+20180430.b12c320f5-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"pacemaker-1.1.18+20180430.b12c320f5-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"pacemaker-cli-1.1.18+20180430.b12c320f5-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"pacemaker-cli-debuginfo-1.1.18+20180430.b12c320f5-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"pacemaker-cts-1.1.18+20180430.b12c320f5-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"pacemaker-debuginfo-1.1.18+20180430.b12c320f5-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"pacemaker-debugsource-1.1.18+20180430.b12c320f5-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"pacemaker-remote-1.1.18+20180430.b12c320f5-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"pacemaker-remote-debuginfo-1.1.18+20180430.b12c320f5-lp150.2.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpacemaker-devel / libpacemaker3 / libpacemaker3-debuginfo / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-02-19T13:51:04", "description": "This update for pacemaker fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-16877: Fixed a local privilege escalation through insufficient IPC client-server authentication.\n (bsc#1131356)\n\n - CVE-2018-16878: Fixed a denial of service through insufficient verification inflicted preference of uncontrolled processes. (bsc#1131353)\n\nThis update was imported from the SUSE:SLE-12-SP3:Update update project.", "cvss3": {}, "published": "2019-05-09T00:00:00", "type": "nessus", "title": "openSUSE Security Update : pacemaker (openSUSE-2019-1342)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpacemaker-devel", "p-cpe:/a:novell:opensuse:libpacemaker3", "p-cpe:/a:novell:opensuse:libpacemaker3-debuginfo", "p-cpe:/a:novell:opensuse:pacemaker", "p-cpe:/a:novell:opensuse:pacemaker-cli", "p-cpe:/a:novell:opensuse:pacemaker-cli-debuginfo", "p-cpe:/a:novell:opensuse:pacemaker-cts", "p-cpe:/a:novell:opensuse:pacemaker-cts-debuginfo", "p-cpe:/a:novell:opensuse:pacemaker-debuginfo", "p-cpe:/a:novell:opensuse:pacemaker-debugsource", "p-cpe:/a:novell:opensuse:pacemaker-remote", "p-cpe:/a:novell:opensuse:pacemaker-remote-debuginfo", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-1342.NASL", "href": "https://www.tenable.com/plugins/nessus/124707", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1342.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124707);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\");\n\n script_name(english:\"openSUSE Security Update : pacemaker (openSUSE-2019-1342)\");\n script_summary(english:\"Check for the openSUSE-2019-1342 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for pacemaker fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-16877: Fixed a local privilege escalation\n through insufficient IPC client-server authentication.\n (bsc#1131356)\n\n - CVE-2018-16878: Fixed a denial of service through\n insufficient verification inflicted preference of\n uncontrolled processes. (bsc#1131353)\n\nThis update was imported from the SUSE:SLE-12-SP3:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131356\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pacemaker packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpacemaker-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpacemaker3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpacemaker3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-cli-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-cts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-cts-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pacemaker-remote-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libpacemaker-devel-1.1.16-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libpacemaker3-1.1.16-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libpacemaker3-debuginfo-1.1.16-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"pacemaker-1.1.16-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"pacemaker-cli-1.1.16-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"pacemaker-cli-debuginfo-1.1.16-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"pacemaker-cts-1.1.16-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"pacemaker-cts-debuginfo-1.1.16-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"pacemaker-debuginfo-1.1.16-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"pacemaker-debugsource-1.1.16-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"pacemaker-remote-1.1.16-4.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"pacemaker-remote-debuginfo-1.1.16-4.12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpacemaker-devel / libpacemaker3 / libpacemaker3-debuginfo / etc\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-18T15:22:58", "description": "Several security vulnerabilities were addressed in pacemaker, a cluster resource manager.\n\nCVE-2018-16877\n\nA flaw was found in the way pacemaker's client-server authentication was implemented. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.\n\nCVE-2018-16878\n\nAn insufficient verification inflicted preference of uncontrolled processes can lead to denial of service.\n\nCVE-2020-25654\n\nAn ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration.\n\nFor Debian 9 stretch, these problems have been fixed in version 1.1.24-0+deb9u1.\n\nWe recommend that you upgrade your pacemaker packages.\n\nFor the detailed security status of pacemaker please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/pacemaker\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-01-11T00:00:00", "type": "nessus", "title": "Debian DLA-2519-1 : pacemaker security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2020-25654"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libcib-dev", "p-cpe:/a:debian:debian_linux:libcib4", "p-cpe:/a:debian:debian_linux:libcrmcluster-dev", "p-cpe:/a:debian:debian_linux:libcrmcluster4", "p-cpe:/a:debian:debian_linux:libcrmcommon-dev", "p-cpe:/a:debian:debian_linux:libcrmcommon3", "p-cpe:/a:debian:debian_linux:libcrmservice-dev", "p-cpe:/a:debian:debian_linux:libcrmservice3", "p-cpe:/a:debian:debian_linux:liblrmd-dev", "p-cpe:/a:debian:debian_linux:liblrmd1", "p-cpe:/a:debian:debian_linux:libpe-rules2", "p-cpe:/a:debian:debian_linux:libpe-status10", "p-cpe:/a:debian:debian_linux:libpengine-dev", "p-cpe:/a:debian:debian_linux:libpengine10", "p-cpe:/a:debian:debian_linux:libstonithd-dev", "p-cpe:/a:debian:debian_linux:libstonithd2", "p-cpe:/a:debian:debian_linux:libtransitioner2", "p-cpe:/a:debian:debian_linux:pacemaker", "p-cpe:/a:debian:debian_linux:pacemaker-cli-utils", "p-cpe:/a:debian:debian_linux:pacemaker-common", "p-cpe:/a:debian:debian_linux:pacemaker-doc", "p-cpe:/a:debian:debian_linux:pacemaker-remote", "p-cpe:/a:debian:debian_linux:pacemaker-resource-agents", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2519.NASL", "href": "https://www.tenable.com/plugins/nessus/144814", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2519-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(144814);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2020-25654\");\n\n script_name(english:\"Debian DLA-2519-1 : pacemaker security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several security vulnerabilities were addressed in pacemaker, a\ncluster resource manager.\n\nCVE-2018-16877\n\nA flaw was found in the way pacemaker's client-server authentication\nwas implemented. A local attacker could use this flaw, and combine it\nwith other IPC weaknesses, to achieve local privilege escalation.\n\nCVE-2018-16878\n\nAn insufficient verification inflicted preference of uncontrolled\nprocesses can lead to denial of service.\n\nCVE-2020-25654\n\nAn ACL bypass flaw was found in pacemaker. An attacker having a local\naccount on the cluster and in the haclient group could use IPC\ncommunication with various daemons directly to perform certain tasks\nthat they would be prevented by ACLs from doing if they went through\nthe configuration.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1.1.24-0+deb9u1.\n\nWe recommend that you upgrade your pacemaker packages.\n\nFor the detailed security status of pacemaker please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/pacemaker\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/pacemaker\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/pacemaker\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25654\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcib-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcib4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcrmcluster-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcrmcluster4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcrmcommon-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcrmcommon3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcrmservice-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcrmservice3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblrmd-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblrmd1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpe-rules2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpe-status10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpengine-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpengine10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libstonithd-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libstonithd2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtransitioner2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pacemaker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pacemaker-cli-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pacemaker-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pacemaker-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pacemaker-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pacemaker-resource-agents\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libcib-dev\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcib4\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcrmcluster-dev\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcrmcluster4\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcrmcommon-dev\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcrmcommon3\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcrmservice-dev\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcrmservice3\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"liblrmd-dev\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"liblrmd1\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpe-rules2\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpe-status10\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpengine-dev\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpengine10\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libstonithd-dev\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libstonithd2\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libtransitioner2\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"pacemaker\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"pacemaker-cli-utils\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"pacemaker-common\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"pacemaker-doc\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"pacemaker-remote\", reference:\"1.1.24-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"pacemaker-resource-agents\", reference:\"1.1.24-0+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntu": [{"lastseen": "2023-06-23T15:45:47", "description": "## Releases\n\n * Ubuntu 19.04 \n * Ubuntu 18.10 \n * Ubuntu 18.04 ESM\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * pacemaker \\- Cluster resource manager\n\nJan Pokorn\u00fd discovered that Pacemaker incorrectly handled client-server \nauthentication. A local attacker could possibly use this issue to escalate \nprivileges. (CVE-2018-16877)\n\nJan Pokorn\u00fd discovered that Pacemaker incorrectly handled certain \nverifications. A local attacker could possibly use this issue to cause a \ndenial of service. (CVE-2018-16878)\n\nJan Pokorn\u00fd discovered that Pacemaker incorrectly handled certain memory \noperations. A local attacker could possibly use this issue to obtain \nsensitive information in log outputs. This issue only applied to Ubuntu \n18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. (CVE-2019-3885)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-23T00:00:00", "type": "ubuntu", "title": "Pacemaker vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-04-23T00:00:00", "id": "USN-3952-1", "href": "https://ubuntu.com/security/notices/USN-3952-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "redhat": [{"lastseen": "2023-08-04T12:28:59", "description": "The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. \n\nSecurity Fix(es):\n\n* pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc (CVE-2018-16877)\n\n* pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878)\n\n* pacemaker: Information disclosure through use-after-free (CVE-2019-3885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Interrupted live migration will get full start rather than completed migration (BZ#1695247)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-05-27T15:45:19", "type": "redhat", "title": "(RHSA-2019:1279) Important: pacemaker security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-05-27T15:55:46", "id": "RHSA-2019:1279", "href": "https://access.redhat.com/errata/RHSA-2019:1279", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-04T12:28:59", "description": "The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. \n\nSecurity Fix(es):\n\n* pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc (CVE-2018-16877)\n\n* pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS (CVE-2018-16878)\n\n* pacemaker: Information disclosure through use-after-free (CVE-2019-3885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-05-27T15:45:15", "type": "redhat", "title": "(RHSA-2019:1278) Important: pacemaker security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-05-27T15:55:46", "id": "RHSA-2019:1278", "href": "https://access.redhat.com/errata/RHSA-2019:1278", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2020-01-31T16:54:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for pacemaker (openSUSE-SU-2019:1400-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852499", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852499", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852499\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 02:01:30 +0000 (Thu, 16 May 2019)\");\n script_name(\"openSUSE: Security Advisory for pacemaker (openSUSE-SU-2019:1400-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1400-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00034.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pacemaker'\n package(s) announced via the openSUSE-SU-2019:1400-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for pacemaker fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-3885: Fixed an information disclosure in log output.\n (bsc#1131357)\n\n - CVE-2018-16877: Fixed a local privilege escalation through insufficient\n IPC client-server authentication. (bsc#1131356)\n\n - CVE-2018-16878: Fixed a denial of service through insufficient\n verification inflicted preference of uncontrolled processes.\n (bsc#1131353)\n\n Non-security issue fixed:\n\n - crmd: delete resource from lrmd when appropriate to avoid timeouts with\n crmsh (bsc#1117381).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1400=1\");\n\n script_tag(name:\"affected\", value:\"'pacemaker' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libpacemaker-devel\", rpm:\"libpacemaker-devel~1.1.18+20180430.b12c320f5~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpacemaker3\", rpm:\"libpacemaker3~1.1.18+20180430.b12c320f5~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpacemaker3-debuginfo\", rpm:\"libpacemaker3-debuginfo~1.1.18+20180430.b12c320f5~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker\", rpm:\"pacemaker~1.1.18+20180430.b12c320f5~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-cli\", rpm:\"pacemaker-cli~1.1.18+20180430.b12c320f5~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-cli-debuginfo\", rpm:\"pacemaker-cli-debuginfo~1.1.18+20180430.b12c320f5~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-debuginfo\", rpm:\"pacemaker-debuginfo~1.1.18+20180430.b12c320f5~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-debugsource\", rpm:\"pacemaker-debugsource~1.1.18+20180430.b12c320f5~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-remote\", rpm:\"pacemaker-remote~1.1.18+20180430.b12c320f5~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-remote-debuginfo\", rpm:\"pacemaker-remote-debuginfo~1.1.18+20180430.b12c320f5~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-cts\", rpm:\"pacemaker-cts~1.1.18+20180430.b12c320f5~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for pacemaker FEDORA-2019-b502250ba4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875750", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875750", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875750\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-3885\", \"CVE-2018-16877\", \"CVE-2018-16878\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:19:12 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for pacemaker FEDORA-2019-b502250ba4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-b502250ba4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY4M4RMIG2POKC6OOFQODGKPRYXHET2F\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pacemaker'\n package(s) announced via the FEDORA-2019-b502250ba4 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Pacemaker is an advanced, scalable High-Availability cluster resource\nmanager.\n\nIt supports more than 16 node clusters with significant capabilities\nfor managing resources and dependencies.\n\nIt will run scripts at initialization, when machines go up or down,\nwhen related resources fail and can be configured to periodically check\nresource health.\n\nAvailable rpmbuild rebuild options:\n\n - -with(out) : coverage doc hardening pre_release profiling\");\n\n script_tag(name:\"affected\", value:\"'pacemaker' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker\", rpm:\"pacemaker~2.0.0~5.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-24T00:00:00", "type": "openvas", "title": "Ubuntu Update for pacemaker USN-3952-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-04-25T00:00:00", "id": "OPENVAS:1361412562310843983", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843983", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843983\");\n script_version(\"2019-04-25T10:19:44+0000\");\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\", \"CVE-2019-3885\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-04-25 10:19:44 +0000 (Thu, 25 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-24 02:00:54 +0000 (Wed, 24 Apr 2019)\");\n script_name(\"Ubuntu Update for pacemaker USN-3952-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU18\\.10|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3952-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-April/004859.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pacemaker'\n package(s) announced via the USN-3952-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Jan Pokorn\u00fd discovered that Pacemaker incorrectly handled client-server\nauthentication. A local attacker could possibly use this issue to escalate\nprivileges. (CVE-2018-16877)\n\nJan Pokorn\u00fd discovered that Pacemaker incorrectly handled certain\nverifications. A local attacker could possibly use this issue to cause a\ndenial of service. (CVE-2018-16878)\n\nJan Pokorn\u00fd discovered that Pacemaker incorrectly handled certain memory\noperations. A local attacker could possibly use this issue to obtain\nsensitive information in log outputs. This issue only applied to Ubuntu\n18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. (CVE-2019-3885)\");\n\n script_tag(name:\"affected\", value:\"'pacemaker' package(s) on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"pacemaker\", ver:\"1.1.18-0ubuntu1.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"pacemaker\", ver:\"1.1.18-2ubuntu1.18.10.1\", rls:\"UBUNTU18.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"pacemaker\", ver:\"1.1.14-2ubuntu1.6\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for\n the ", "cvss3": {}, "published": "2019-05-04T00:00:00", "type": "openvas", "title": "Fedora Update for pacemaker FEDORA-2019-e71f6f36ac", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-05-10T00:00:00", "id": "OPENVAS:1361412562310875590", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875590", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875590\");\n script_version(\"2019-05-10T12:05:36+0000\");\n script_cve_id(\"CVE-2019-3885\", \"CVE-2018-16877\", \"CVE-2018-16878\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-10 12:05:36 +0000 (Fri, 10 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-04 02:10:45 +0000 (Sat, 04 May 2019)\");\n script_name(\"Fedora Update for pacemaker FEDORA-2019-e71f6f36ac\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-e71f6f36ac\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3GCWFO7GL6MBU6C4BGFO3P6L77DIBBF3\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for\n the 'pacemaker' package(s) announced via the FEDORA-2019-e71f6f36ac advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Pacemaker is an advanced, scalable High-Availability\n cluster resource manager for Corosync, CMAN and/or Linux-HA.\n\nIt supports more than 16 node clusters with significant capabilities\nfor managing resources and dependencies.\n\nIt will run scripts at initialization, when machines go up or down,\nwhen related resources fail and can be configured to periodically check\nresource health.\n\nAvailable rpmbuild rebuild options:\n\n - -with(out) : coverage doc hardening pre_release profiling\");\n\n script_tag(name:\"affected\", value:\"'pacemaker' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker\", rpm:\"pacemaker~1.1.18~3.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-31T16:47:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for pacemaker (openSUSE-SU-2019:1342-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852482", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852482", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852482\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-16877\", \"CVE-2018-16878\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-09 02:00:55 +0000 (Thu, 09 May 2019)\");\n script_name(\"openSUSE: Security Advisory for pacemaker (openSUSE-SU-2019:1342-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1342-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00012.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pacemaker'\n package(s) announced via the openSUSE-SU-2019:1342-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for pacemaker fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-16877: Fixed a local privilege escalation through insufficient\n IPC client-server authentication. (bsc#1131356)\n\n - CVE-2018-16878: Fixed a denial of service through insufficient\n verification inflicted preference of uncontrolled processes.\n (bsc#1131353)\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-1342=1\");\n\n script_tag(name:\"affected\", value:\"'pacemaker' package(s) on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libpacemaker-devel\", rpm:\"libpacemaker-devel~1.1.16~4.12.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpacemaker3\", rpm:\"libpacemaker3~1.1.16~4.12.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpacemaker3-debuginfo\", rpm:\"libpacemaker3-debuginfo~1.1.16~4.12.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker\", rpm:\"pacemaker~1.1.16~4.12.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-cli\", rpm:\"pacemaker-cli~1.1.16~4.12.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-cli-debuginfo\", rpm:\"pacemaker-cli-debuginfo~1.1.16~4.12.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-cts\", rpm:\"pacemaker-cts~1.1.16~4.12.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-cts-debuginfo\", rpm:\"pacemaker-cts-debuginfo~1.1.16~4.12.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-debuginfo\", rpm:\"pacemaker-debuginfo~1.1.16~4.12.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-debugsource\", rpm:\"pacemaker-debugsource~1.1.16~4.12.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-remote\", rpm:\"pacemaker-remote~1.1.16~4.12.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pacemaker-remote-debuginfo\", rpm:\"pacemaker-remote-debuginfo~1.1.16~4.12.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2023-06-23T15:33:28", "description": "**Issue Overview:**\n\nA flaw was found in pacemaker. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS. (CVE-2018-16878)\n\nA use-after-free flaw was found in pacemaker which could result in certain sensitive information to be leaked via the system logs. (CVE-2019-3885)\n\nA flaw was found in the way pacemaker's client-server authentication was implemented. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation. (CVE-2018-16877)\n\n \n**Affected Packages:** \n\n\npacemaker\n\n \n**Issue Correction:** \nRun _yum update pacemaker_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 pacemaker-1.1.20-5.amzn2.0.2.aarch64 \n \u00a0\u00a0\u00a0 pacemaker-cli-1.1.20-5.amzn2.0.2.aarch64 \n \u00a0\u00a0\u00a0 pacemaker-libs-1.1.20-5.amzn2.0.2.aarch64 \n \u00a0\u00a0\u00a0 pacemaker-cluster-libs-1.1.20-5.amzn2.0.2.aarch64 \n \u00a0\u00a0\u00a0 pacemaker-remote-1.1.20-5.amzn2.0.2.aarch64 \n \u00a0\u00a0\u00a0 pacemaker-libs-devel-1.1.20-5.amzn2.0.2.aarch64 \n \u00a0\u00a0\u00a0 pacemaker-cts-1.1.20-5.amzn2.0.2.aarch64 \n \u00a0\u00a0\u00a0 pacemaker-doc-1.1.20-5.amzn2.0.2.aarch64 \n \u00a0\u00a0\u00a0 pacemaker-nagios-plugins-metadata-1.1.20-5.amzn2.0.2.aarch64 \n \u00a0\u00a0\u00a0 pacemaker-debuginfo-1.1.20-5.amzn2.0.2.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 pacemaker-1.1.20-5.amzn2.0.2.i686 \n \u00a0\u00a0\u00a0 pacemaker-cli-1.1.20-5.amzn2.0.2.i686 \n \u00a0\u00a0\u00a0 pacemaker-libs-1.1.20-5.amzn2.0.2.i686 \n \u00a0\u00a0\u00a0 pacemaker-cluster-libs-1.1.20-5.amzn2.0.2.i686 \n \u00a0\u00a0\u00a0 pacemaker-remote-1.1.20-5.amzn2.0.2.i686 \n \u00a0\u00a0\u00a0 pacemaker-libs-devel-1.1.20-5.amzn2.0.2.i686 \n \u00a0\u00a0\u00a0 pacemaker-cts-1.1.20-5.amzn2.0.2.i686 \n \u00a0\u00a0\u00a0 pacemaker-doc-1.1.20-5.amzn2.0.2.i686 \n \u00a0\u00a0\u00a0 pacemaker-nagios-plugins-metadata-1.1.20-5.amzn2.0.2.i686 \n \u00a0\u00a0\u00a0 pacemaker-debuginfo-1.1.20-5.amzn2.0.2.i686 \n \n src: \n \u00a0\u00a0\u00a0 pacemaker-1.1.20-5.amzn2.0.2.src \n \n x86_64: \n \u00a0\u00a0\u00a0 pacemaker-1.1.20-5.amzn2.0.2.x86_64 \n \u00a0\u00a0\u00a0 pacemaker-cli-1.1.20-5.amzn2.0.2.x86_64 \n \u00a0\u00a0\u00a0 pacemaker-libs-1.1.20-5.amzn2.0.2.x86_64 \n \u00a0\u00a0\u00a0 pacemaker-cluster-libs-1.1.20-5.amzn2.0.2.x86_64 \n \u00a0\u00a0\u00a0 pacemaker-remote-1.1.20-5.amzn2.0.2.x86_64 \n \u00a0\u00a0\u00a0 pacemaker-libs-devel-1.1.20-5.amzn2.0.2.x86_64 \n \u00a0\u00a0\u00a0 pacemaker-cts-1.1.20-5.amzn2.0.2.x86_64 \n \u00a0\u00a0\u00a0 pacemaker-doc-1.1.20-5.amzn2.0.2.x86_64 \n \u00a0\u00a0\u00a0 pacemaker-nagios-plugins-metadata-1.1.20-5.amzn2.0.2.x86_64 \n \u00a0\u00a0\u00a0 pacemaker-debuginfo-1.1.20-5.amzn2.0.2.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2018-16877](<https://access.redhat.com/security/cve/CVE-2018-16877>), [CVE-2018-16878](<https://access.redhat.com/security/cve/CVE-2018-16878>), [CVE-2019-3885](<https://access.redhat.com/security/cve/CVE-2019-3885>)\n\nMitre: [CVE-2018-16877](<https://vulners.com/cve/CVE-2018-16877>), [CVE-2018-16878](<https://vulners.com/cve/CVE-2018-16878>), [CVE-2019-3885](<https://vulners.com/cve/CVE-2019-3885>)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-23T03:37:00", "type": "amazon", "title": "Important: pacemaker", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-08-27T21:25:00", "id": "ALAS2-2019-1275", "href": "https://alas.aws.amazon.com/AL2/ALAS-2019-1275.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "mageia": [{"lastseen": "2023-09-30T09:20:56", "description": "The updated packages fix security vulnerabilities: A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs. (CVE-2019-3885) A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation. (CVE-2018-16877) A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS. (CVE-2018-16878) \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-19T13:44:26", "type": "mageia", "title": "Updated pacemaker packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-12-19T13:44:26", "id": "MGASA-2019-0394", "href": "https://advisories.mageia.org/MGASA-2019-0394.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "suse": [{"lastseen": "2022-11-06T12:10:31", "description": "An update that solves three vulnerabilities and has one\n errata is now available.\n\nDescription:\n\n This update for pacemaker fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-3885: Fixed an information disclosure in log output.\n (bsc#1131357)\n - CVE-2018-16877: Fixed a local privilege escalation through insufficient\n IPC client-server authentication. (bsc#1131356)\n - CVE-2018-16878: Fixed a denial of service through insufficient\n verification inflicted preference of uncontrolled processes.\n (bsc#1131353)\n\n Non-security issue fixed:\n\n - crmd: delete resource from lrmd when appropriate to avoid timeouts with\n crmsh (bsc#1117381).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1400=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-05-15T00:00:00", "type": "suse", "title": "Security update for pacemaker (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885"], "modified": "2019-05-15T00:00:00", "id": "OPENSUSE-SU-2019:1400-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YPE4TWWC6FW57WVVOZ7ZZGIDXYSODXAF/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-10-07T06:12:12", "description": "An update that fixes two vulnerabilities is now available.\n\nDescription:\n\n This update for pacemaker fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-16877: Fixed a local privilege escalation through insufficient\n IPC client-server authentication. (bsc#1131356)\n - CVE-2018-16878: Fixed a denial of service through insufficient\n verification inflicted preference of uncontrolled processes.\n (bsc#1131353)\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-1342=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-05-08T00:00:00", "type": "suse", "title": "Security update for pacemaker (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878"], "modified": "2019-05-08T00:00:00", "id": "OPENSUSE-SU-2019:1342-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/B5Y4IGBYGCMHPZ3NSZXSQZR4KNZADUEK/", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2023-09-30T09:20:01", "description": "### Background\n\nPacemaker is an Open Source, High Availability resource manager suitable for both small and large clusters.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Pacemaker. Please review the CVE identifiers referenced below for details.\n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Pacemaker users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-cluster/pacemaker-2.0.5_rc2\"", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-09-29T00:00:00", "type": "gentoo", "title": "Pacemaker: Multiple Vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2019-3885", "CVE-2020-25654"], "modified": "2023-09-29T00:00:00", "id": "GLSA-202309-09", "href": "https://security.gentoo.org/glsa/202309-09", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-07-21T08:15:54", "description": "\nSeveral security vulnerabilities were addressed in pacemaker, a cluster\nresource manager.\n\n\n* [CVE-2018-16877](https://security-tracker.debian.org/tracker/CVE-2018-16877)\nA flaw was found in the way pacemaker's client-server authentication was\n implemented. A local attacker could use this flaw, and combine it with\n other IPC weaknesses, to achieve local privilege escalation.\n* [CVE-2018-16878](https://security-tracker.debian.org/tracker/CVE-2018-16878)\nAn insufficient verification inflicted preference of uncontrolled processes\n can lead to denial-of-service.\n* [CVE-2020-25654](https://security-tracker.debian.org/tracker/CVE-2020-25654)\nAn ACL bypass flaw was found in pacemaker. An attacker having a local\n account on the cluster and in the haclient group could use IPC\n communication with various daemons directly to perform certain tasks that\n they would be prevented by ACLs from doing if they went through the\n configuration.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n1.1.24-0+deb9u1.\n\n\nWe recommend that you upgrade your pacemaker packages.\n\n\nFor the detailed security status of pacemaker please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/pacemaker>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2021-01-06T00:00:00", "type": "osv", "title": "pacemaker - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2020-25654", "CVE-2018-16878"], "modified": "2022-07-21T05:53:33", "id": "OSV:DLA-2519-1", "href": "https://osv.dev/vulnerability/DLA-2519-1", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2022-10-07T21:25:21", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2519-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Markus Koschany\nJanuary 06, 2021 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : pacemaker\nVersion : 1.1.24-0+deb9u1\nCVE ID : CVE-2018-16877 CVE-2018-16878 CVE-2020-25654\n\nSeveral security vulnerabilities were addressed in pacemaker, a cluster\nresource manager.\n\nCVE-2018-16877\n\n A flaw was found in the way pacemaker's client-server authentication was\n implemented. A local attacker could use this flaw, and combine it with\n other IPC weaknesses, to achieve local privilege escalation.\n\nCVE-2018-16878\n\n An insufficient verification inflicted preference of uncontrolled processes\n can lead to denial-of-service.\n\nCVE-2020-25654\n\n An ACL bypass flaw was found in pacemaker. An attacker having a local\n account on the cluster and in the haclient group could use IPC\n communication with various daemons directly to perform certain tasks that\n they would be prevented by ACLs from doing if they went through the\n configuration.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1.1.24-0+deb9u1.\n\nWe recommend that you upgrade your pacemaker packages.\n\nFor the detailed security status of pacemaker please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/pacemaker\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-06T22:25:21", "type": "debian", "title": "[SECURITY] [DLA 2519-1] pacemaker security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877", "CVE-2018-16878", "CVE-2020-25654"], "modified": "2021-01-06T22:25:21", "id": "DEBIAN:DLA-2519-1:F4EAF", "href": "https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2023-09-30T18:14:20", "description": "A flaw was found in pacemaker up to and including version 2.0.1. An\ninsufficient verification inflicted preference of uncontrolled processes\ncan lead to DoS", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-17T00:00:00", "type": "ubuntucve", "title": "CVE-2018-16878", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16878"], "modified": "2019-04-17T00:00:00", "id": "UB:CVE-2018-16878", "href": "https://ubuntu.com/security/CVE-2018-16878", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-09-30T18:13:30", "description": "A flaw was found in the way pacemaker's client-server authentication was\nimplemented in versions up to and including 2.0.0. A local attacker could\nuse this flaw, and combine it with other IPC weaknesses, to achieve local\nprivilege escalation.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-17T00:00:00", "type": "ubuntucve", "title": "CVE-2018-16877", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877"], "modified": "2019-04-17T00:00:00", "id": "UB:CVE-2018-16877", "href": "https://ubuntu.com/security/CVE-2018-16877", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-30T18:14:54", "description": "A use-after-free flaw was found in pacemaker up to and including version\n2.0.1 which could result in certain sensitive information to be leaked via\nthe system logs.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-17T00:00:00", "type": "ubuntucve", "title": "CVE-2019-3885", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-3885"], "modified": "2019-04-17T00:00:00", "id": "UB:CVE-2019-3885", "href": "https://ubuntu.com/security/CVE-2019-3885", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2023-09-30T00:21:53", "description": "A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-18T18:29:00", "type": "debiancve", "title": "CVE-2018-16878", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16878"], "modified": "2019-04-18T18:29:00", "id": "DEBIANCVE:CVE-2018-16878", "href": "https://security-tracker.debian.org/tracker/CVE-2018-16878", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-09-30T00:21:53", "description": "A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-18T18:29:00", "type": "debiancve", "title": "CVE-2018-16877", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877"], "modified": "2019-04-18T18:29:00", "id": "DEBIANCVE:CVE-2018-16877", "href": "https://security-tracker.debian.org/tracker/CVE-2018-16877", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-30T00:21:53", "description": "A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-18T18:29:00", "type": "debiancve", "title": "CVE-2019-3885", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-3885"], "modified": "2019-04-18T18:29:00", "id": "DEBIANCVE:CVE-2019-3885", "href": "https://security-tracker.debian.org/tracker/CVE-2019-3885", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2023-09-30T07:37:27", "description": "A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-18T18:29:00", "type": "cve", "title": "CVE-2018-16878", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16878"], "modified": "2023-09-29T11:15:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:30", "cpe:/o:redhat:enterprise_linux_eus:8.2", "cpe:/o:redhat:enterprise_linux_tus:8.4", "cpe:/o:redhat:enterprise_linux_eus:8.1", "cpe:/o:redhat:enterprise_linux_tus:8.2", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:opensuse:leap:42.3", "cpe:/o:opensuse:leap:15.0", "cpe:/o:fedoraproject:fedora:28", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:19.04", "cpe:/o:redhat:enterprise_linux_tus:8.6", "cpe:/o:redhat:enterprise_linux_eus:8.4", "cpe:/o:redhat:enterprise_linux_aus:8.6", "cpe:/o:redhat:enterprise_linux:8.0", "cpe:/o:fedoraproject:fedora:29", "cpe:/o:redhat:enterprise_linux_aus:8.4", "cpe:/o:redhat:enterprise_linux_eus:8.6", "cpe:/a:clusterlabs:pacemaker:2.0.1", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_aus:8.2"], "id": "CVE-2018-16878", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16878", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:clusterlabs:pacemaker:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"]}, {"lastseen": "2023-09-30T00:29:10", "description": "A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-18T18:29:00", "type": "cve", "title": "CVE-2018-16877", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877"], "modified": "2023-09-29T11:15:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:opensuse:leap:42.3", "cpe:/o:redhat:enterprise_linux_eus:8.1", "cpe:/o:canonical:ubuntu_linux:19.04", "cpe:/o:redhat:enterprise_linux_server_tus:8.2", "cpe:/o:redhat:enterprise_linux_server_aus:8.4", "cpe:/o:redhat:enterprise_linux_server_aus:8.6", "cpe:/o:fedoraproject:fedora:28", "cpe:/o:fedoraproject:fedora:29", "cpe:/a:clusterlabs:pacemaker:2.0.0", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:redhat:enterprise_linux_eus:8.2", "cpe:/o:redhat:enterprise_linux_server_aus:8.2", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:redhat:enterprise_linux:8.0", "cpe:/o:opensuse:leap:15.0", "cpe:/o:redhat:enterprise_linux_server_tus:8.6", "cpe:/o:redhat:enterprise_linux_eus:8.6", "cpe:/o:redhat:enterprise_linux_server_tus:8.4", "cpe:/o:fedoraproject:fedora:30", "cpe:/o:redhat:enterprise_linux_eus:8.4"], "id": "CVE-2018-16877", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16877", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:clusterlabs:pacemaker:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2023-09-30T00:27:57", "description": "A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-18T18:29:00", "type": "cve", "title": "CVE-2019-3885", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-3885"], "modified": "2023-09-29T11:15:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:fedoraproject:fedora:30", "cpe:/o:canonical:ubuntu_linux:19.04", "cpe:/a:clusterlabs:pacemaker:2.0.1"], "id": "CVE-2019-3885", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3885", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "cpe:2.3:a:clusterlabs:pacemaker:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"]}], "veracode": [{"lastseen": "2023-04-18T14:24:14", "description": "pacemaker is vulnerable to denial of service attacks. Local unauthenticated user can cause a system hang due to insufficient verification inflicted preference of uncontrolled processes.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-03T00:24:53", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16878"], "modified": "2022-10-07T06:26:19", "id": "VERACODE:20410", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-20410/summary", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-04-18T14:01:52", "description": "pacemaker is vulnerable to privilege escalation. Insufficient verification of client-side authentication combined with other IPC weaknesses leads to local privilege escalation.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-03T00:24:53", "type": "veracode", "title": "Privilege Escalation", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877"], "modified": "2022-10-07T06:26:40", "id": "VERACODE:20409", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-20409/summary", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T13:54:52", "description": "pacemaker is vulnerable to information disclosure. A use-after-free defect was discovered in pacemaker that can possibly lead to unsolicited information disclosure in the log outputs.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-03T00:24:53", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-3885"], "modified": "2022-04-19T18:37:46", "id": "VERACODE:20411", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-20411/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "redhatcve": [{"lastseen": "2023-06-23T20:29:04", "description": "A flaw was found in the way pacemaker's client-server authentication was implemented. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-17T09:50:40", "type": "redhatcve", "title": "CVE-2018-16877", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16877"], "modified": "2023-04-06T05:11:06", "id": "RH:CVE-2018-16877", "href": "https://access.redhat.com/security/cve/cve-2018-16877", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T20:29:04", "description": "A flaw was found in pacemaker. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-17T10:20:11", "type": "redhatcve", "title": "CVE-2018-16878", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16878"], "modified": "2023-04-06T05:09:11", "id": "RH:CVE-2018-16878", "href": "https://access.redhat.com/security/cve/cve-2018-16878", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-13T17:29:23", "description": "A use-after-free flaw was found in pacemaker which could result in certain sensitive information to be leaked via the system logs.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-17T10:20:39", "type": "redhatcve", "title": "CVE-2019-3885", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-3885"], "modified": "2023-04-06T06:20:40", "id": "RH:CVE-2019-3885", "href": "https://access.redhat.com/security/cve/cve-2019-3885", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}]}

Oracle Linux 8 : pacemaker (ELSA-2019-1279)

Description

Related