Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLEVM_OVMSA-2017-0051.NASL
HistoryMar 30, 2017 - 12:00 a.m.

OracleVM 3.3 / 3.4 : glibc (OVMSA-2017-0051)

2017-03-3000:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
31
JSON

The remote OracleVM system is missing necessary patches to address critical security updates :

  • Update newmode size to fix a possible corruption

  • Fix AF_INET6 getaddrinfo with nscd (#1416496)

  • Update tests for struct sockaddr_storage changes (#1338673)

  • Use FL_CLOEXEC in internal calls to fopen (#1012343).

  • Fix CVE-2015-8779 glibc: Unbounded stack allocation in catopen function (#1358015).

  • Make padding in struct sockaddr_storage explicit (#1338673)

  • Fix detection of Intel FMA hardware (#1384281).

  • Add support for, ur_IN, and wal_ET locales (#1101858).

  • Change malloc/tst-malloc-thread-exit.c to use fewer threads and avoid timeout (#1318380).

  • df can fail on some systems (#1307029).

  • Log uname, cpuinfo, meminfo during build (#1307029).

  • Draw graphs for heap and stack only if MAXSIZE_HEAP and MAXSIZE_STACK are non-zero (#1331304).

  • Avoid unneeded calls to __check_pf in getadddrinfo (#1270950)

  • Fix CVE-2015-8778 glibc: Integer overflow in hcreate and hcreate_r (#1358013).

  • Fix CVE-2015-8776 glibc: Segmentation fault caused by passing out-of-range data to strftime (#1358011).

  • tzdata-update: Ignore umask setting (#1373646)

  • CVE-2014-9761: Fix unbounded stack allocation in nan* (#1358014)

  • Avoid using uninitialized data in getaddrinfo (#1223095)

  • Update fix for CVE-2015-7547 (#1296029).

  • Create helper threads with enough stack for POSIX AIO and timers (#1299319).

  • Fix CVE-2015-7547: getaddrinfo stack-based buffer overflow (#1296029).

  • Update malloc free_list cyclic fix (#1264189).

  • Update tzdata-update changes (#1200555).

  • Avoid redundant shift character in iconv output at block boundary (#1293914).

  • Clean up testsuite results when testing with newer kernels (#1293464).

  • Do not rewrite /etc/localtime if it is a symbolic link.
    (#1200555)

  • Support long lines in /etc/hosts (#1020263).

  • Avoid aliasing warning in tst-rec-dlopen (#1291444)

  • Don’t touch user-controlled stdio locks in forked child (#1275384).

  • Increase the limit of shared libraries that can use static TLS (#1198802).

  • Avoid PLT in libm for feupdateenv (#1186104).

  • Allow PLT entry in libc for _Unwind_Find_FDE on s390/s390x (#1186104).

  • Provide /etc/gai.conf only in the glibc package.
    (#1223818)

  • Change first day of the week to Monday for the ca_ES locale. (#1011900)

  • Update BIG5-HKSCS charmap to HKSCS-2008. (#1211748)

  • Rename Oriya locale to Odia. (#1091334)

  • Avoid hang in gethostbyname_r due to missing mutex unlocking (#1192621)

  • Avoid ld.so crash when audit modules provide path (#1211098)

  • Suppress expected backtrace in tst-malloc-backtrace (#1276633)

  • Avoid PLT for memmem (#1186104).

  • Fix up a missing dependency in the Makefile (#1219627).

  • Reduce lock contention in __tz_convert (#1244585).

  • Prevent the malloc arena free list from becoming cyclic (#1264189)

  • Remove legacy IA64 support (#1246145).

  • Check for NULL arena pointer in _int_pvalloc (#1246656).

  • Don’t change no_dyn_threshold on mallopt failure (#1246660).

  • Unlock main arena after allocation in calloc (#1245731).

  • Enable robust malloc change again (#1245731).

  • Fix perturbing in malloc on free and simply perturb_byte (#1245731).

  • Don’t fall back to mmap prematurely (#1245731).

  • The malloc deadlock avoidance support has been temporarily removed since it triggers deadlocks in certain applications (#1243824).

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from OracleVM
# Security Advisory OVMSA-2017-0051.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(99078);
  script_version("3.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2014-9761", "CVE-2015-7547", "CVE-2015-8776", "CVE-2015-8778", "CVE-2015-8779");
  script_xref(name:"TRA", value:"TRA-2017-08");

  script_name(english:"OracleVM 3.3 / 3.4 : glibc (OVMSA-2017-0051)");
  script_summary(english:"Checks the RPM output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote OracleVM host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote OracleVM system is missing necessary patches to address
critical security updates :

  - Update newmode size to fix a possible corruption

  - Fix AF_INET6 getaddrinfo with nscd (#1416496)

  - Update tests for struct sockaddr_storage changes
    (#1338673)

  - Use FL_CLOEXEC in internal calls to fopen (#1012343).

  - Fix CVE-2015-8779 glibc: Unbounded stack allocation in
    catopen function (#1358015).

  - Make padding in struct sockaddr_storage explicit
    (#1338673)

  - Fix detection of Intel FMA hardware (#1384281).

  - Add support for, ur_IN, and wal_ET locales (#1101858).

  - Change malloc/tst-malloc-thread-exit.c to use fewer
    threads and avoid timeout (#1318380).

  - df can fail on some systems (#1307029).

  - Log uname, cpuinfo, meminfo during build (#1307029).

  - Draw graphs for heap and stack only if MAXSIZE_HEAP and
    MAXSIZE_STACK are non-zero (#1331304).

  - Avoid unneeded calls to __check_pf in getadddrinfo
    (#1270950)

  - Fix CVE-2015-8778 glibc: Integer overflow in hcreate and
    hcreate_r (#1358013).

  - Fix CVE-2015-8776 glibc: Segmentation fault caused by
    passing out-of-range data to strftime (#1358011).

  - tzdata-update: Ignore umask setting (#1373646)

  - CVE-2014-9761: Fix unbounded stack allocation in nan*
    (#1358014)

  - Avoid using uninitialized data in getaddrinfo (#1223095)

  - Update fix for CVE-2015-7547 (#1296029).

  - Create helper threads with enough stack for POSIX AIO
    and timers (#1299319).

  - Fix CVE-2015-7547: getaddrinfo stack-based buffer
    overflow (#1296029).

  - Update malloc free_list cyclic fix (#1264189).

  - Update tzdata-update changes (#1200555).

  - Avoid redundant shift character in iconv output at block
    boundary (#1293914).

  - Clean up testsuite results when testing with newer
    kernels (#1293464).

  - Do not rewrite /etc/localtime if it is a symbolic link.
    (#1200555)

  - Support long lines in /etc/hosts (#1020263).

  - Avoid aliasing warning in tst-rec-dlopen (#1291444)

  - Don't touch user-controlled stdio locks in forked child
    (#1275384).

  - Increase the limit of shared libraries that can use
    static TLS (#1198802).

  - Avoid PLT in libm for feupdateenv (#1186104).

  - Allow PLT entry in libc for _Unwind_Find_FDE on
    s390/s390x (#1186104).

  - Provide /etc/gai.conf only in the glibc package.
    (#1223818)

  - Change first day of the week to Monday for the ca_ES
    locale. (#1011900)

  - Update BIG5-HKSCS charmap to HKSCS-2008. (#1211748)

  - Rename Oriya locale to Odia. (#1091334)

  - Avoid hang in gethostbyname_r due to missing mutex
    unlocking (#1192621)

  - Avoid ld.so crash when audit modules provide path
    (#1211098)

  - Suppress expected backtrace in tst-malloc-backtrace
    (#1276633)

  - Avoid PLT for memmem (#1186104).

  - Fix up a missing dependency in the Makefile (#1219627).

  - Reduce lock contention in __tz_convert (#1244585).

  - Prevent the malloc arena free list from becoming cyclic
    (#1264189)

  - Remove legacy IA64 support (#1246145).

  - Check for NULL arena pointer in _int_pvalloc (#1246656).

  - Don't change no_dyn_threshold on mallopt failure
    (#1246660).

  - Unlock main arena after allocation in calloc (#1245731).

  - Enable robust malloc change again (#1245731).

  - Fix perturbing in malloc on free and simply perturb_byte
    (#1245731).

  - Don't fall back to mmap prematurely (#1245731).

  - The malloc deadlock avoidance support has been
    temporarily removed since it triggers deadlocks in
    certain applications (#1243824)."
  );
  # https://oss.oracle.com/pipermail/oraclevm-errata/2017-March/000661.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?583f14a4"
  );
  # https://oss.oracle.com/pipermail/oraclevm-errata/2017-March/000670.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?8cce5281"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.tenable.com/security/research/tra-2017-08"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:glibc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:glibc-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:glibc-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:glibc-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:nscd");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.4");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/02/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/03/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/03/30");
  script_set_attribute(attribute:"in_the_news", value:"true");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"OracleVM Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/OracleVM/release");
if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM");
if (! preg(pattern:"^OVS" + "(3\.3|3\.4)" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 3.3 / 3.4", "OracleVM " + release);
if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);

flag = 0;
if (rpm_check(release:"OVS3.3", reference:"glibc-2.12-1.209.0.1.el6")) flag++;
if (rpm_check(release:"OVS3.3", reference:"glibc-common-2.12-1.209.0.1.el6")) flag++;
if (rpm_check(release:"OVS3.3", reference:"nscd-2.12-1.209.0.1.el6")) flag++;

if (rpm_check(release:"OVS3.4", reference:"glibc-2.12-1.209.0.1.el6")) flag++;
if (rpm_check(release:"OVS3.4", reference:"glibc-common-2.12-1.209.0.1.el6")) flag++;
if (rpm_check(release:"OVS3.4", reference:"glibc-devel-2.12-1.209.0.1.el6")) flag++;
if (rpm_check(release:"OVS3.4", reference:"glibc-headers-2.12-1.209.0.1.el6")) flag++;
if (rpm_check(release:"OVS3.4", reference:"nscd-2.12-1.209.0.1.el6")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-devel / glibc-headers / nscd");
}
VendorProductVersionCPE
oraclevmglibcp-cpe:/a:oracle:vm:glibc
oraclevmglibc-commonp-cpe:/a:oracle:vm:glibc-common
oraclevmglibc-develp-cpe:/a:oracle:vm:glibc-devel
oraclevmglibc-headersp-cpe:/a:oracle:vm:glibc-headers
oraclevmnscdp-cpe:/a:oracle:vm:nscd
oraclevm_server3.3cpe:/o:oracle:vm_server:3.3
oraclevm_server3.4cpe:/o:oracle:vm_server:3.4

Related

suse 10
nessus 42
openvas 30
ibm 35
centos 2
oraclelinux 5
osv 5
debian 7
mageia 1
redhat 5
amazon 1
archlinux 4
fedora 2
gentoo 2
ubuntu 2
cloudfoundry 1
veracode 3
cve 5
f5 7
ubuntucve 3
debiancve 3
prion 3
checkpoint_advisories 1
fortinet 1
huawei 1
altlinux 2
exploitpack 2
symantec 1
threatpost 1
citrix 1
slackware 1
cert 1
cisco 1
chrome 1
zdt 1
myhack58 1
freebsd 1
arista 1
vmware 1
seebug 1
paloalto 1
suse
suse
Security update for glibc (important)
2016-02-19 00:11:49
Security update for glibc (important)
2016-02-16 20:28:46
Security update for glibc (important)
2016-02-16 20:30:43
nessus
nessus
openSUSE Security Update : glibc (openSUSE-2016-233)
2016-02-19 00:00:00
Oracle Linux 6 : glibc (ELSA-2017-0680)
2017-03-30 00:00:00
RHEL 6 : glibc (RHSA-2017:0680)
2017-03-22 00:00:00
openvas
openvas
openSUSE: Security Advisory for glibc (openSUSE-SU-2016:0510-1)
2016-03-01 00:00:00
RedHat Update for glibc RHSA-2017:0680-01
2017-03-22 00:00:00
Debian: Security Advisory (DLA-411-1)
2023-03-08 00:00:00
ibm
ibm
Security Bulletin: OpenSource GNU Glibc as used in IBM QRadar SIEM is vulnerable to multiple vulnerabilities. (CVE-2014-9761, CVE-2015-8776, CVE-2015-8778, CVE-2015-8779)
2018-06-16 22:04:36
Security Bulletin: Multiple vulnerabilities in glibc affect Power Hardware Management Console
2021-09-23 01:31:39
Security Bulletin: Vulnerabilities in glibc affect Power Hardware Management Console (CVE-2015-7547, CVE-2014-9761, CVE-2015-8776, CVE-2015-8777, CVE-2015-8778, CVE-2015-8779)
2021-09-23 01:31:39
centos
centos
glibc, nscd security update
2017-03-24 15:31:35
glibc, nscd security update
2017-08-24 01:37:20
oraclelinux
oraclelinux
glibc security and bug fix update
2017-03-27 00:00:00
glibc security update
2017-03-27 00:00:00
glibc security, bug fix, and enhancement update
2017-08-07 00:00:00
osv
osv
eglibc - regression update
2016-02-05 00:00:00
glibc - security update
2016-02-16 00:00:00
eglibc - security update
2016-02-05 00:00:00
debian
debian
[SECURITY] [DSA 3481-1] glibc security update
2016-02-16 14:18:27
[SECURITY] [DLA 411-1] eglibc security update
2016-02-05 16:21:21
[SECURITY] [DSA 3481-1] glibc security update
2016-02-16 14:18:27
mageia
mageia
Updated glibc packages fix security vulnerabilities
2016-02-19 11:40:43
redhat
redhat
(RHSA-2017:0680) Moderate: glibc security and bug fix update
2017-03-21 06:17:46
(RHSA-2017:1916) Moderate: glibc security, bug fix, and enhancement update
2017-08-01 05:56:24
(RHSA-2016:0225) Critical: glibc security update
2016-02-16 00:00:00
amazon
amazon
Medium: glibc
2017-08-31 15:52:00
archlinux
archlinux
lib32-glibc: multiple issues
2016-02-17 00:00:00
glibc: multiple issues
2016-02-17 00:00:00
lib32-glibc: unbound stack usage
2016-02-28 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: glibc-2.22-15.fc23
2016-05-10 18:01:37
[SECURITY] Fedora 23 Update: glibc-2.22-9.fc23
2016-02-17 14:21:52
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2017-02-19 00:00:00
GNU C Library: Multiple vulnerabilities
2016-02-17 00:00:00
ubuntu
ubuntu
GNU C Library regression
2016-05-26 00:00:00
GNU C Library vulnerabilities
2016-05-25 00:00:00
cloudfoundry
cloudfoundry
USN-2985-2 GNU C Library regression | Cloud Foundry
2016-06-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:16:44
Denial Of Service (DoS)
2019-05-02 05:51:55
Arbitrary Code Execution And Denial Of Service (DoS)
2019-05-02 05:51:55
cve
cve
CVE-2014-9761
2016-04-19 21:59:00
CVE-2015-8776
2016-04-19 21:59:00
CVE-2015-8778
2016-04-19 21:59:00
f5
f5
K23946311 : glibc vulnerability CVE-2015-8776
2016-04-01 00:00:00
SOL23946311 - glibc vulnerability CVE-2015-8776
2016-04-01 00:00:00
SOL31211252 - glibc vulnerability CVE-2014-9761
2016-05-31 00:00:00
ubuntucve
ubuntucve
CVE-2015-8776
2016-04-19 00:00:00
CVE-2014-9761
2016-04-19 00:00:00
CVE-2015-8778
2016-04-19 00:00:00
debiancve
debiancve
CVE-2014-9761
2016-04-19 21:59:00
CVE-2015-8776
2016-04-19 21:59:00
CVE-2015-8778
2016-04-19 21:59:00
prion
prion
Stack overflow
2016-04-19 21:59:00
Code injection
2016-04-19 21:59:00
Integer overflow
2016-04-19 21:59:00
checkpoint_advisories
checkpoint_advisories
DNS Client Resolver glibc Buffer Overflow (CVE-2015-7547)
2016-02-18 00:00:00
fortinet
fortinet
Glibc getaddrinfo() stack-overflow
2016-02-25 00:00:00
huawei
huawei
Security Advisory - GNU Glibc Buffer Overflow Security Vulnerability
2016-03-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package glibc version 6:2.11.3-alt8.M60P.5
2016-02-16 00:00:00
Security fix for the ALT Linux 7 package glibc version 6:2.17-alt8.M70P.1
2016-02-16 00:00:00
exploitpack
exploitpack
glibc - getaddrinfo Remote Stack Buffer Overflow
2016-09-06 00:00:00
glibc - getaddrinfo Stack Buffer Overflow (PoC)
2016-02-16 00:00:00
symantec
symantec
SA114 : GNU C Library (glibc) Remote Code Execution February 2016
2016-02-19 08:00:00
threatpost
threatpost
Magnitude of glibc Vulnerability Coming to Light
2016-02-17 16:01:47
citrix
citrix
CVE-2015-7547 - Citrix Security Advisory for glibc Vulnerability
2016-02-19 04:00:00
slackware
slackware
[slackware-security] glibc
2016-02-23 19:50:50
cert
cert
glibc vulnerable to stack buffer overflow in DNS resolver
2016-02-17 00:00:00
cisco
cisco
Vulnerability in GNU glibc Affecting Cisco Products: February 2016
2016-02-18 20:22:00
chrome
chrome
Stable Channel Update for Chrome OS
2016-02-18 00:00:00
zdt
zdt
glibc - getaddrinfo Stack Based Buffer Overflow (1)
2016-02-16 00:00:00
myhack58
myhack58
How to by CVE-2015-7547(GLIBC getaddrinfo)vulnerability to bypass ASLR-exploits warning-the black bar safety net
2017-03-05 00:00:00
freebsd
freebsd
glibc -- getaddrinfo stack-based buffer overflow
2016-02-16 00:00:00
arista
arista
Security Advisory 0017
2017-10-31 00:00:00
vmware
vmware
VMware product updates address a critical glibc security vulnerability
2016-02-22 00:00:00
seebug
seebug
glibc getaddrinfo 栈缓冲区溢出漏洞(CVE-2015-7547)
2016-02-17 00:00:00
paloalto
paloalto
Glibc DNS Resolver Vulnerability
2016-08-15 19:00:00
JSON
Related for ORACLEVM_OVMSA-2017-0051.NASL
suse10nessus42openvas30ibm35centos2oraclelinux5osv5debian7mageia1redhat5amazon1archlinux4fedora2gentoo2ubuntu2cloudfoundry1veracode3cve5f57ubuntucve3debiancve3prion3checkpoint_advisories1fortinet1huawei1altlinux2exploitpack2symantec1threatpost1citrix1slackware1cert1cisco1chrome1zdt1myhack581freebsd1arista1vmware1seebug1paloalto1