Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.PHOTONOS_PHSA-2018-2_0-0041.NASL
HistoryJul 24, 2018 - 12:00 a.m.

Photon OS 2.0 : ceph / linux-esx / rsync / linux / linux-secure / linux-aws (PhotonOS-PHSA-2018-2.0-0041) (deprecated)

2018-07-2400:00:00
This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
127

0.009 Low

EPSS

Percentile

81.3%

JSON

An update of {‘ceph’, ‘linux-esx’, ‘rsync’, ‘linux’, ‘linux-secure’, ‘linux-aws’} packages of Photon OS has been released.

#
# (C) Tenable Network Security, Inc.
#
# @DEPRECATED@
#
# Disabled on 2/7/2019
#

# The descriptive text and package checks in this plugin were
# extracted from VMware Security Advisory PHSA-2018-2.0-0041. The text
# itself is copyright (C) VMware, Inc.

include("compat.inc");

if (description)
{
  script_id(111300);
  script_version("1.2");
  script_cvs_date("Date: 2019/02/07 18:59:50");

  script_cve_id(
    "CVE-2018-1092",
    "CVE-2018-1094",
    "CVE-2018-5764",
    "CVE-2018-7262"
  );
  script_bugtraq_id(102803);

  script_name(english:"Photon OS 2.0 : ceph / linux-esx / rsync / linux / linux-secure / linux-aws (PhotonOS-PHSA-2018-2.0-0041) (deprecated)");
  script_summary(english:"Checks the rpm output for the updated packages.");

  script_set_attribute(attribute:"synopsis", value:
"This plugin has been deprecated.");
  script_set_attribute(attribute:"description", value:
"An update of {'ceph', 'linux-esx', 'rsync', 'linux', 'linux-secure',
'linux-aws'} packages of Photon OS has been released.");
  # https://github.com/vmware/photon/wiki/Security-Updates-2-41
    script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?05d8d84b");
  script_set_attribute(attribute:"solution", value:"n/a.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-1092");

  script_set_attribute(attribute:"patch_publication_date", value:"2018/05/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/07/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:linux");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:ceph");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:rsync");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:libceph");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:python3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:2.0");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"PhotonOS Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");

  exit(0);
}

exit(0, "This plugin has been deprecated.");

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/PhotonOS/release");
if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
if (release !~ "^VMware Photon (?:Linux|OS) 2\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 2.0");

if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);

flag = 0;

pkgs = [
  "ceph-12.2.4-1.ph2",
  "ceph-base-12.2.4-1.ph2",
  "ceph-common-12.2.4-1.ph2",
  "ceph-fuse-12.2.4-1.ph2",
  "ceph-mds-12.2.4-1.ph2",
  "ceph-mgr-12.2.4-1.ph2",
  "ceph-mon-12.2.4-1.ph2",
  "ceph-osd-12.2.4-1.ph2",
  "ceph-radosgw-12.2.4-1.ph2",
  "libceph-common-12.2.4-1.ph2",
  "linux-4.9.97-1.ph2",
  "linux-api-headers-4.9.97-1.ph2",
  "linux-aws-4.9.97-1.ph2",
  "linux-aws-4.9.97-1.ph2",
  "linux-aws-debuginfo-4.9.97-1.ph2",
  "linux-aws-debuginfo-4.9.97-1.ph2",
  "linux-aws-devel-4.9.97-1.ph2",
  "linux-aws-devel-4.9.97-1.ph2",
  "linux-aws-docs-4.9.97-1.ph2",
  "linux-aws-docs-4.9.97-1.ph2",
  "linux-aws-drivers-gpu-4.9.97-1.ph2",
  "linux-aws-drivers-gpu-4.9.97-1.ph2",
  "linux-aws-oprofile-4.9.97-1.ph2",
  "linux-aws-oprofile-4.9.97-1.ph2",
  "linux-aws-sound-4.9.97-1.ph2",
  "linux-aws-sound-4.9.97-1.ph2",
  "linux-aws-tools-4.9.97-1.ph2",
  "linux-aws-tools-4.9.97-1.ph2",
  "linux-debuginfo-4.9.97-1.ph2",
  "linux-devel-4.9.97-1.ph2",
  "linux-docs-4.9.97-1.ph2",
  "linux-drivers-gpu-4.9.97-1.ph2",
  "linux-esx-4.9.97-1.ph2",
  "linux-esx-4.9.97-1.ph2",
  "linux-esx-debuginfo-4.9.97-1.ph2",
  "linux-esx-debuginfo-4.9.97-1.ph2",
  "linux-esx-devel-4.9.97-1.ph2",
  "linux-esx-devel-4.9.97-1.ph2",
  "linux-esx-docs-4.9.97-1.ph2",
  "linux-esx-docs-4.9.97-1.ph2",
  "linux-oprofile-4.9.97-1.ph2",
  "linux-secure-4.9.97-1.ph2",
  "linux-secure-4.9.97-1.ph2",
  "linux-secure-debuginfo-4.9.97-1.ph2",
  "linux-secure-debuginfo-4.9.97-1.ph2",
  "linux-secure-devel-4.9.97-1.ph2",
  "linux-secure-devel-4.9.97-1.ph2",
  "linux-secure-docs-4.9.97-1.ph2",
  "linux-secure-docs-4.9.97-1.ph2",
  "linux-secure-lkcm-4.9.97-1.ph2",
  "linux-secure-lkcm-4.9.97-1.ph2",
  "linux-sound-4.9.97-1.ph2",
  "linux-tools-4.9.97-1.ph2",
  "python-ceph-compat-12.2.4-1.ph2",
  "python3-ceph-argparse-12.2.4-1.ph2",
  "rsync-3.1.3-1.ph2",
  "rsync-debuginfo-3.1.3-1.ph2"
];

foreach (pkg in pkgs)
  if (rpm_check(release:"PhotonOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux / ceph / rsync / python / libceph / python3");
}
VendorProductVersionCPE
vmwarephotonoslinuxp-cpe:/a:vmware:photonos:linux
vmwarephotonoscephp-cpe:/a:vmware:photonos:ceph
vmwarephotonosrsyncp-cpe:/a:vmware:photonos:rsync
vmwarephotonospythonp-cpe:/a:vmware:photonos:python
vmwarephotonoslibcephp-cpe:/a:vmware:photonos:libceph
vmwarephotonospython3p-cpe:/a:vmware:photonos:python3
vmwarephotonos2.0cpe:/o:vmware:photonos:2.0

Related

photon 4
nessus 65
prion 4
osv 5
redhatcve 4
debiancve 4
openvas 50
fedora 3
veracode 4
ubuntucve 4
redhat 4
cve 4
mageia 4
alpinelinux 1
debian 3
gentoo 1
altlinux 1
suse 4
slackware 2
cloudfoundry 2
ubuntu 14
oraclelinux 6
archlinux 1
rosalinux 1
ibm 3
centos 1
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0041
2018-05-03 00:00:00
Important Photon OS Security Update - PHSA-2018-0041
2018-05-03 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0132
2018-05-03 00:00:00
nessus
nessus
Photon OS 2.0: Linux PHSA-2018-2.0-0041
2019-02-07 00:00:00
Photon OS 1.0: Linux / Rsync PHSA-2018-1.0-0132 (deprecated)
2018-08-17 00:00:00
Fedora 27 : 1:ceph (2018-ed907ef9a0)
2018-03-15 00:00:00
prion
prion
Design/Logic Flaw
2018-03-19 21:29:00
Design/Logic Flaw
2018-01-17 22:29:00
Null pointer dereference
2018-04-02 03:29:00
osv
osv
CVE-2018-7262
2018-03-19 21:29:01
CVE-2018-5764
2018-01-17 22:29:00
rsync - security update
2018-01-19 00:00:00
redhatcve
redhatcve
CVE-2018-7262
2018-03-23 05:19:14
CVE-2018-5764
2018-01-19 21:20:00
CVE-2018-1094
2018-03-27 01:18:51
debiancve
debiancve
CVE-2018-7262
2018-03-19 21:29:00
CVE-2018-5764
2018-01-17 22:29:00
CVE-2018-1092
2018-04-02 03:29:00
openvas
openvas
Fedora Update for ceph FEDORA-2018-ed907ef9a0
2018-03-15 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0174-1)
2021-04-19 00:00:00
Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2018-1050)
2020-01-23 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: ceph-12.2.4-1.fc27
2018-03-14 19:40:32
[SECURITY] Fedora 27 Update: rsync-3.1.3-1.fc27
2018-02-06 15:39:17
[SECURITY] Fedora 26 Update: rsync-3.1.3-2.fc26
2018-02-05 14:39:29
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:22:26
Access Control Bypass
2020-05-10 23:22:58
Denial Of Service (DoS)
2019-05-16 03:18:35
ubuntucve
ubuntucve
CVE-2018-7262
2018-03-19 00:00:00
CVE-2018-5764
2018-01-17 00:00:00
CVE-2018-1094
2018-04-01 00:00:00
redhat
redhat
(RHSA-2018:0548) Important: ceph security update
2018-03-15 18:27:53
(RHSA-2018:0546) Important: ceph security update
2018-03-15 18:08:22
(RHSA-2018:3083) Important: kernel security, bug fix, and enhancement update
2018-10-30 04:16:59
cve
cve
CVE-2018-7262
2018-03-19 21:29:00
CVE-2018-5764
2018-01-17 22:29:00
CVE-2018-1094
2018-04-02 03:29:00
mageia
mageia
Updated rsync package fixes security vulnerability
2018-01-31 23:47:38
Updated kernel packages fix security vulnerabilities
2018-05-18 18:27:18
Updated kernel-linus packages fix security vulnerabilities
2018-05-31 23:34:08
alpinelinux
alpinelinux
CVE-2018-5764
2018-01-17 22:29:00
debian
debian
[SECURITY] [DLA 2833-1] rsync security update
2021-11-30 21:21:18
[SECURITY] [DLA 1247-1] rsync security update
2018-01-19 04:55:38
[SECURITY] [DLA 1725-1] rsync security update
2019-03-24 21:48:25
gentoo
gentoo
rsync: Arbitrary command execution
2018-05-08 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package kernel-image-std-pae version 1:4.4.129-alt0.M80P.1
2018-04-26 00:00:00
suse
suse
Security update for ceph (important)
2018-08-22 15:40:44
Security update for ceph (important)
2018-05-30 15:07:21
Security update for the Linux Kernel (important)
2018-06-21 18:19:06
slackware
slackware
[slackware-security] rsync
2018-02-01 18:52:57
[slackware-security] Slackware 14.2 kernel
2018-05-23 06:37:00
cloudfoundry
cloudfoundry
USN-3543-1: rsync vulnerabilities | Cloud Foundry
2018-03-01 00:00:00
USN-3676-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2018-06-20 00:00:00
ubuntu
ubuntu
rsync vulnerabilities
2018-01-23 00:00:00
rsync vulnerabilities
2018-01-23 00:00:00
Linux kernel (Azure) vulnerabilities
2018-06-12 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2019-01-15 00:00:00
Unbreakable Enterprise kernel security update
2019-02-07 00:00:00
Unbreakable Enterprise kernel security update
2019-02-06 00:00:00
archlinux
archlinux
[ASA-201801-21] rsync: multiple issues
2018-01-29 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1964
2021-07-02 18:04:47
ibm
ibm
Security Bulletin: IBM QRadar Network Security is affected by Linux kernel vulnerabilities
2019-06-27 08:40:01
Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM
2018-09-26 19:00:02
Security Bulletin: Vulnerabilities in the Linux Kernel affect PowerKVM
2019-05-17 16:05:02
centos
centos
bpftool, kernel, perf, python security update
2018-11-15 18:40:28

0.009 Low

EPSS

Percentile

81.3%

JSON
Related for PHOTONOS_PHSA-2018-2_0-0041.NASL
photon4nessus65prion4osv5redhatcve4debiancve4openvas50fedora3veracode4ubuntucve4redhat4cve4mageia4alpinelinux1debian3gentoo1altlinux1suse4slackware2cloudfoundry2ubuntu14oraclelinux6archlinux1rosalinux1ibm3centos1