Lucene search
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLEVM_OVMSA-2015-0106.NASLHistoryJul 31, 2015 - 12:00 a.m.
OracleVM 3.3 : libuser (OVMSA-2015-0106)
2015-07-3100:00:00
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
The remote OracleVM system is missing necessary patches to address critical security updates :
-
Update CVE-2015-3246 patch based on review comments Resolves: #1235518
-
Don&rsquo t use 512-bit RSA private keys in tests Related: #1235518
-
Fix testsuite failures if more than one architecture is building concurrently Related: #1235518
-
Fix (CVE-2015-3246) Resolves: #1235518
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from OracleVM
# Security Advisory OVMSA-2015-0106.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(85147);
script_version("2.15");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2015-3246");
script_bugtraq_id(76022);
script_xref(name:"IAVA", value:"2015-A-0179");
script_name(english:"OracleVM 3.3 : libuser (OVMSA-2015-0106)");
script_summary(english:"Checks the RPM output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote OracleVM host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"The remote OracleVM system is missing necessary patches to address
critical security updates :
- Update CVE-2015-3246 patch based on review comments
Resolves: #1235518
- Don&rsquo t use 512-bit RSA private keys in tests
Related: #1235518
- Fix testsuite failures if more than one architecture is
building concurrently Related: #1235518
- Fix (CVE-2015-3246) Resolves: #1235518"
);
script_set_attribute(
attribute:"see_also",
value:"https://oss.oracle.com/pipermail/oraclevm-errata/2015-July/000354.html"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected libuser package."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Libuser roothelper Privilege Escalation');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:libuser");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.3");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/08/11");
script_set_attribute(attribute:"patch_publication_date", value:"2015/07/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/07/31");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"OracleVM Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/OracleVM/release");
if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM");
if (! preg(pattern:"^OVS" + "3\.3" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 3.3", "OracleVM " + release);
if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
flag = 0;
if (rpm_check(release:"OVS3.3", reference:"libuser-0.56.13-8.el6_7")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libuser");
}
Related
suse
suse
Security update for libuser (important)
2015-08-03 10:08:33
veracode
veracode
Privilege Escalation
2019-05-02 05:41:12
openvas
openvas
openSUSE: Security Advisory for libuser (openSUSE-SU-2015:1332-1)
2015-09-18 00:00:00
RedHat Update for libuser RHSA-2015:1483-01
2015-08-03 00:00:00
Fedora Update for libuser FEDORA-2015-12301
2015-07-31 00:00:00
nessus
nessus
openSUSE Security Update : libuser (openSUSE-2015-529)
2015-08-04 00:00:00
Scientific Linux Security Update : libuser on SL6.x i386/x86_64 (20150723)
2015-08-04 00:00:00
CentOS 7 : libuser (CESA-2015:1483)
2015-07-27 00:00:00
packetstorm
packetstorm
Qualys Security Advisory - userhelper / libuser
2015-07-23 00:00:00
Libuser roothelper Privilege Escalation
2018-05-13 00:00:00
ibm
ibm
fedora
fedora
[SECURITY] Fedora 21 Update: libuser-0.62-1.fc21
2015-08-03 04:31:00
[SECURITY] Fedora 22 Update: libuser-0.62-1.fc22
2015-07-30 13:55:19
oraclelinux
oraclelinux
libuser security update
2015-07-29 00:00:00
libuser security update
2015-07-23 00:00:00
securityvulns
securityvulns
libuser / userhelper security vulnerabilities
2015-07-27 00:00:00
Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser
2015-07-27 00:00:00
centos
centos
libuser security update
2015-07-26 14:24:03
libuser security update
2015-07-24 11:44:59
redhat
redhat
(RHSA-2015:1483) Important: libuser security update
2015-07-23 00:00:00
(RHSA-2015:1482) Important: libuser security update
2015-07-23 00:00:00
exploitpack
exploitpack
Libuser Library - Multiple Vulnerabilities
2015-07-27 00:00:00
mageia
mageia
Updated libuser package fixes security vulnerabilities
2015-07-24 19:36:06
ubuntucve
ubuntucve
CVE-2015-3246
2015-08-11 00:00:00
archlinux
archlinux
libuser: multiple issues
2015-07-24 00:00:00
zdt
zdt
Libuser Library - Multiple Vulnerabilities
2015-07-27 00:00:00
Libuser roothelper Privilege Escalation Exploit
2018-05-15 00:00:00
debiancve
debiancve
CVE-2015-3246
2015-08-11 14:59:07
amazon
amazon
Important: usermode, libuser
2015-07-23 10:50:00
nvd
nvd
CVE-2015-3246
2015-08-11 14:59:07
f5
f5
SOL05770600 - Linux libuser vulnerability CVE-2015-3246
2015-12-02 00:00:00
K05770600 : Linux libuser vulnerability CVE-2015-3246
2015-12-02 00:00:00
cve
cve
CVE-2015-3246
2015-08-11 14:59:07
prion
prion
Code injection
2015-08-11 14:59:00
osv
osv
libuser - security update
2016-05-12 00:00:00
debian
debian
[SECURITY] [DLA 468-1] libuser security update
2016-05-12 18:07:40
cvelist
cvelist
CVE-2015-3246
2015-08-11 14:00:00
exploitdb
exploitdb
Libuser Library - Multiple Vulnerabilities
2015-07-27 00:00:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
Related for ORACLEVM_OVMSA-2015-0106.NASL