Lucene search

HistoryNov 08, 2014 - 12:00 a.m.

RHEL 6 : rhev-3.1.0 vdsm (RHSA-2012:1508)

2014-11-0800:00:00

www.tenable.com

6.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:H/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.4%

JSON

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1508 advisory.

VDSM is a management module that serves as a Red Hat Enterprise     Virtualization Manager agent on Red Hat Enterprise Virtualization     Hypervisor or Red Hat Enterprise Linux 6.3 hosts.

A flaw was found in the way Red Hat Enterprise Linux hosts were added to     the Red Hat Enterprise Virtualization environment. The Python scripts     needed to configure the host for Red Hat Enterprise Virtualization were     stored in the /tmp/ directory and could be pre-created by an attacker. A     local, unprivileged user on the host to be added to the Red Hat Enterprise     Virtualization environment could use this flaw to escalate their     privileges. This update provides the VDSM part of the fix. The     RHSA-2012:1506 Red Hat Enterprise Virtualization Manager update must also     be installed to completely fix this issue. (CVE-2012-0860)

A flaw was found in the way Red Hat Enterprise Linux and Red Hat Enterprise     Virtualization Hypervisor hosts were added to the Red Hat Enterprise     Virtualization environment. The Python scripts needed to configure the host     for Red Hat Enterprise Virtualization were downloaded in an insecure way,     that is, without properly validating SSL certificates during HTTPS     connections. An attacker on the local network could use this flaw to     conduct a man-in-the-middle attack, potentially gaining root access to the     host being added to the Red Hat Enterprise Virtualization environment. This     update provides the VDSM part of the fix. The RHSA-2012:1506 Red Hat     Enterprise Virtualization Manager update must also be installed to     completely fix this issue. (CVE-2012-0861)

The CVE-2012-0860 and CVE-2012-0861 issues were discovered by Red Hat.

In addition to resolving the above security issues these updated VDSM     packages fix various bugs, and add various enhancements.

Documentation for these bug fixes and enhancements is available in the     Technical Notes:

https://access.redhat.com/knowledge/docs/en-     US/Red_Hat_Enterprise_Virtualization/3.1/html/Technical_Notes/index.html

All users who require VDSM are advised to install these updated packages     which resolve these security issues, fix these bugs, and add these     enhancements.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2012:1508. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(78941);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/03");

  script_cve_id("CVE-2012-0860", "CVE-2012-0861");
  script_bugtraq_id(56825);
  script_xref(name:"RHSA", value:"2012:1508");

  script_name(english:"RHEL 6 : rhev-3.1.0 vdsm (RHSA-2012:1508)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2012:1508 advisory.

    VDSM is a management module that serves as a Red Hat Enterprise
    Virtualization Manager agent on Red Hat Enterprise Virtualization
    Hypervisor or Red Hat Enterprise Linux 6.3 hosts.

    A flaw was found in the way Red Hat Enterprise Linux hosts were added to
    the Red Hat Enterprise Virtualization environment. The Python scripts
    needed to configure the host for Red Hat Enterprise Virtualization were
    stored in the /tmp/ directory and could be pre-created by an attacker. A
    local, unprivileged user on the host to be added to the Red Hat Enterprise
    Virtualization environment could use this flaw to escalate their
    privileges. This update provides the VDSM part of the fix. The
    RHSA-2012:1506 Red Hat Enterprise Virtualization Manager update must also
    be installed to completely fix this issue. (CVE-2012-0860)

    A flaw was found in the way Red Hat Enterprise Linux and Red Hat Enterprise
    Virtualization Hypervisor hosts were added to the Red Hat Enterprise
    Virtualization environment. The Python scripts needed to configure the host
    for Red Hat Enterprise Virtualization were downloaded in an insecure way,
    that is, without properly validating SSL certificates during HTTPS
    connections. An attacker on the local network could use this flaw to
    conduct a man-in-the-middle attack, potentially gaining root access to the
    host being added to the Red Hat Enterprise Virtualization environment. This
    update provides the VDSM part of the fix. The RHSA-2012:1506 Red Hat
    Enterprise Virtualization Manager update must also be installed to
    completely fix this issue. (CVE-2012-0861)

    The CVE-2012-0860 and CVE-2012-0861 issues were discovered by Red Hat.

    In addition to resolving the above security issues these updated VDSM
    packages fix various bugs, and add various enhancements.

    Documentation for these bug fixes and enhancements is available in the
    Technical Notes:

    https://access.redhat.com/knowledge/docs/en-
    US/Red_Hat_Enterprise_Virtualization/3.1/html/Technical_Notes/index.html

    All users who require VDSM are advised to install these updated packages
    which resolve these security issues, fix these bugs, and add these
    enhancements.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Virtualization/3.1/html/Technical_Notes/index.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1b979d61");
  # https://access.redhat.com/security/data/csaf/v2/advisories/2012/rhsa-2012_1508.json
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?326e0902");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2012:1508");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=734847");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=744704");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=766281");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=772556");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=783383");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=790730");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=790754");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=797526");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=798635");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=800367");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=802759");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=806625");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=806757");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=807351");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=807687");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=811807");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=812793");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=813423");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=814435");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=815359");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=826467");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=826873");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=826921");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=829037");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=829645");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=829710");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=830485");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=830486");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=831528");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=832765");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=832798");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=833084");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=833099");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=833119");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=833425");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=833803");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=834008");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=834105");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=834205");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=835478");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=835784");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=835900");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=835920");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=836161");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=836562");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=836954");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=837054");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=837836");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=838347");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=838547");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=838802");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=838924");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=840294");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=840300");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=840386");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=840594");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=841863");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842115");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842146");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842338");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842662");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842771");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=843076");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=843387");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=843498");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=844180");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=844294");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=844347");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845193");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845346");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845525");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845830");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=846004");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=846014");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=846307");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=846312");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=846323");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=846376");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=847518");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=847733");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=847744");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=848101");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=848299");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=848616");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=848728");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=849315");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=849542");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=851146");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=851839");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=852989");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=853011");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=853040");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=853703");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=853710");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=853910");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=853968");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854027");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854151");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854212");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854242");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854457");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854748");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854763");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854765");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854919");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854953");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=855049");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=855425");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=855729");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=855887");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=855918");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=855922");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=855924");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=856163");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=856167");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=857112");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=859109");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=862002");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=863265");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=865386");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=866163");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=866533");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=867354");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=867806");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=867813");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=867922");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=868272");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=868681");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=868721");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=870024");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=870079");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=870734");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=870768");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=871355");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=871811");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=872270");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=872935");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=874481");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=876115");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=876558");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:A/AC:H/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-0861");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2012-0860");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(295, 377);
  script_set_attribute(attribute:"vendor_severity", value:"Important");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/01/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/12/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/08");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:vdsm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:vdsm-cli");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:vdsm-hook-vhostmd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:vdsm-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:vdsm-reg");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2014-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("redhat_repos.nasl", "ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');
include('rhel.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '6')) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);

var constraints = [
  {
    'repo_relative_urls': [
      'content/dist/rhel/client/6/6Client/x86_64/rhev-agent/3/debug',
      'content/dist/rhel/client/6/6Client/x86_64/rhev-agent/3/os',
      'content/dist/rhel/client/6/6Client/x86_64/rhev-agent/3/source/SRPMS',
      'content/dist/rhel/server/6/6Server/x86_64/rhev-agent/3/debug',
      'content/dist/rhel/server/6/6Server/x86_64/rhev-agent/3/os',
      'content/dist/rhel/server/6/6Server/x86_64/rhev-agent/3/source/SRPMS',
      'content/dist/rhel/server/6/6Server/x86_64/rhev-mgmt-agent/3/debug',
      'content/dist/rhel/server/6/6Server/x86_64/rhev-mgmt-agent/3/os',
      'content/dist/rhel/server/6/6Server/x86_64/rhev-mgmt-agent/3/source/SRPMS',
      'content/dist/rhel/workstation/6/6Workstation/x86_64/rhev-agent/3/debug',
      'content/dist/rhel/workstation/6/6Workstation/x86_64/rhev-agent/3/os',
      'content/dist/rhel/workstation/6/6Workstation/x86_64/rhev-agent/3/source/SRPMS'
    ],
    'pkgs': [
      {'reference':'vdsm-4.9.6-44.0.el6_3', 'cpu':'x86_64', 'release':'6', 'el_string':'el6_3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'ovirt-'},
      {'reference':'vdsm-cli-4.9.6-44.0.el6_3', 'release':'6', 'el_string':'el6_3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'ovirt-'},
      {'reference':'vdsm-hook-vhostmd-4.9.6-44.0.el6_3', 'release':'6', 'el_string':'el6_3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'ovirt-'},
      {'reference':'vdsm-python-4.9.6-44.0.el6_3', 'cpu':'x86_64', 'release':'6', 'el_string':'el6_3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'ovirt-'},
      {'reference':'vdsm-reg-4.9.6-44.0.el6_3', 'release':'6', 'el_string':'el6_3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'ovirt-'}
    ]
  }
];

var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);

var flag = 0;
foreach var constraint_array ( constraints ) {
  var repo_relative_urls = NULL;
  if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
  foreach var pkg ( constraint_array['pkgs'] ) {
    var reference = NULL;
    var _release = NULL;
    var sp = NULL;
    var _cpu = NULL;
    var el_string = NULL;
    var rpm_spec_vers_cmp = NULL;
    var epoch = NULL;
    var allowmaj = NULL;
    var exists_check = NULL;
    var cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        _release &&
        rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
        (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
        rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  var extra = NULL;
  if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
  else extra = rpm_report_get();
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : extra
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vdsm / vdsm-cli / vdsm-hook-vhostmd / vdsm-python / vdsm-reg');
}

VendorProductVersionCPE
redhatenterprise_linuxvdsm-hook-vhostmdp-cpe:/a:redhat:enterprise_linux:vdsm-hook-vhostmd
redhatenterprise_linux6cpe:/o:redhat:enterprise_linux:6
redhatenterprise_linuxvdsm-regp-cpe:/a:redhat:enterprise_linux:vdsm-reg
redhatenterprise_linuxvdsm-clip-cpe:/a:redhat:enterprise_linux:vdsm-cli
redhatenterprise_linuxvdsmp-cpe:/a:redhat:enterprise_linux:vdsm
redhatenterprise_linuxvdsm-pythonp-cpe:/a:redhat:enterprise_linux:vdsm-python

Vendor	Product	Version	CPE
redhat	enterprise_linux	vdsm-hook-vhostmd	p-cpe:/a:redhat:enterprise_linux:vdsm-hook-vhostmd
redhat	enterprise_linux	6	cpe:/o:redhat:enterprise_linux:6
redhat	enterprise_linux	vdsm-reg	p-cpe:/a:redhat:enterprise_linux:vdsm-reg
redhat	enterprise_linux	vdsm-cli	p-cpe:/a:redhat:enterprise_linux:vdsm-cli
redhat	enterprise_linux	vdsm	p-cpe:/a:redhat:enterprise_linux:vdsm
redhat	enterprise_linux	vdsm-python	p-cpe:/a:redhat:enterprise_linux:vdsm-python

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0860

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0861

www.nessus.org/u?1b979d61

www.nessus.org/u?326e0902

access.redhat.com/errata/RHSA-2012:1508

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=734847

bugzilla.redhat.com/show_bug.cgi?id=744704

bugzilla.redhat.com/show_bug.cgi?id=766281

bugzilla.redhat.com/show_bug.cgi?id=772556

bugzilla.redhat.com/show_bug.cgi?id=783383

bugzilla.redhat.com/show_bug.cgi?id=790730

bugzilla.redhat.com/show_bug.cgi?id=790754

bugzilla.redhat.com/show_bug.cgi?id=797526

bugzilla.redhat.com/show_bug.cgi?id=798635

bugzilla.redhat.com/show_bug.cgi?id=800367

bugzilla.redhat.com/show_bug.cgi?id=802759

bugzilla.redhat.com/show_bug.cgi?id=806625

bugzilla.redhat.com/show_bug.cgi?id=806757

bugzilla.redhat.com/show_bug.cgi?id=807351

bugzilla.redhat.com/show_bug.cgi?id=807687

bugzilla.redhat.com/show_bug.cgi?id=811807

bugzilla.redhat.com/show_bug.cgi?id=812793

bugzilla.redhat.com/show_bug.cgi?id=813423

bugzilla.redhat.com/show_bug.cgi?id=814435

bugzilla.redhat.com/show_bug.cgi?id=815359

bugzilla.redhat.com/show_bug.cgi?id=826467

bugzilla.redhat.com/show_bug.cgi?id=826873

bugzilla.redhat.com/show_bug.cgi?id=826921

bugzilla.redhat.com/show_bug.cgi?id=829037

bugzilla.redhat.com/show_bug.cgi?id=829645

bugzilla.redhat.com/show_bug.cgi?id=829710

bugzilla.redhat.com/show_bug.cgi?id=830485

bugzilla.redhat.com/show_bug.cgi?id=830486

bugzilla.redhat.com/show_bug.cgi?id=831528

bugzilla.redhat.com/show_bug.cgi?id=832765

bugzilla.redhat.com/show_bug.cgi?id=832798

bugzilla.redhat.com/show_bug.cgi?id=833084

bugzilla.redhat.com/show_bug.cgi?id=833099

bugzilla.redhat.com/show_bug.cgi?id=833119

bugzilla.redhat.com/show_bug.cgi?id=833425

bugzilla.redhat.com/show_bug.cgi?id=833803

bugzilla.redhat.com/show_bug.cgi?id=834008

bugzilla.redhat.com/show_bug.cgi?id=834105

bugzilla.redhat.com/show_bug.cgi?id=834205

bugzilla.redhat.com/show_bug.cgi?id=835478

bugzilla.redhat.com/show_bug.cgi?id=835784

bugzilla.redhat.com/show_bug.cgi?id=835900

bugzilla.redhat.com/show_bug.cgi?id=835920

bugzilla.redhat.com/show_bug.cgi?id=836161

bugzilla.redhat.com/show_bug.cgi?id=836562

bugzilla.redhat.com/show_bug.cgi?id=836954

bugzilla.redhat.com/show_bug.cgi?id=837054

bugzilla.redhat.com/show_bug.cgi?id=837836

bugzilla.redhat.com/show_bug.cgi?id=838347

bugzilla.redhat.com/show_bug.cgi?id=838547

bugzilla.redhat.com/show_bug.cgi?id=838802

bugzilla.redhat.com/show_bug.cgi?id=838924

bugzilla.redhat.com/show_bug.cgi?id=840294

bugzilla.redhat.com/show_bug.cgi?id=840300

bugzilla.redhat.com/show_bug.cgi?id=840386

bugzilla.redhat.com/show_bug.cgi?id=840594

bugzilla.redhat.com/show_bug.cgi?id=841863

bugzilla.redhat.com/show_bug.cgi?id=842115

bugzilla.redhat.com/show_bug.cgi?id=842146

bugzilla.redhat.com/show_bug.cgi?id=842338

bugzilla.redhat.com/show_bug.cgi?id=842662

bugzilla.redhat.com/show_bug.cgi?id=842771

bugzilla.redhat.com/show_bug.cgi?id=843076

bugzilla.redhat.com/show_bug.cgi?id=843387

bugzilla.redhat.com/show_bug.cgi?id=843498

bugzilla.redhat.com/show_bug.cgi?id=844180

bugzilla.redhat.com/show_bug.cgi?id=844294

bugzilla.redhat.com/show_bug.cgi?id=844347

bugzilla.redhat.com/show_bug.cgi?id=845193

bugzilla.redhat.com/show_bug.cgi?id=845346

bugzilla.redhat.com/show_bug.cgi?id=845525

bugzilla.redhat.com/show_bug.cgi?id=845830

bugzilla.redhat.com/show_bug.cgi?id=846004

bugzilla.redhat.com/show_bug.cgi?id=846014

bugzilla.redhat.com/show_bug.cgi?id=846307

bugzilla.redhat.com/show_bug.cgi?id=846312

bugzilla.redhat.com/show_bug.cgi?id=846323

bugzilla.redhat.com/show_bug.cgi?id=846376

bugzilla.redhat.com/show_bug.cgi?id=847518

bugzilla.redhat.com/show_bug.cgi?id=847733

bugzilla.redhat.com/show_bug.cgi?id=847744

bugzilla.redhat.com/show_bug.cgi?id=848101

bugzilla.redhat.com/show_bug.cgi?id=848299

bugzilla.redhat.com/show_bug.cgi?id=848616

bugzilla.redhat.com/show_bug.cgi?id=848728

bugzilla.redhat.com/show_bug.cgi?id=849315

bugzilla.redhat.com/show_bug.cgi?id=849542

bugzilla.redhat.com/show_bug.cgi?id=851146

bugzilla.redhat.com/show_bug.cgi?id=851839

bugzilla.redhat.com/show_bug.cgi?id=852989

bugzilla.redhat.com/show_bug.cgi?id=853011

bugzilla.redhat.com/show_bug.cgi?id=853040

bugzilla.redhat.com/show_bug.cgi?id=853703

bugzilla.redhat.com/show_bug.cgi?id=853710

bugzilla.redhat.com/show_bug.cgi?id=853910

bugzilla.redhat.com/show_bug.cgi?id=853968

bugzilla.redhat.com/show_bug.cgi?id=854027

bugzilla.redhat.com/show_bug.cgi?id=854151

bugzilla.redhat.com/show_bug.cgi?id=854212

bugzilla.redhat.com/show_bug.cgi?id=854242

bugzilla.redhat.com/show_bug.cgi?id=854457

bugzilla.redhat.com/show_bug.cgi?id=854748

bugzilla.redhat.com/show_bug.cgi?id=854763

bugzilla.redhat.com/show_bug.cgi?id=854765

bugzilla.redhat.com/show_bug.cgi?id=854919

bugzilla.redhat.com/show_bug.cgi?id=854953

bugzilla.redhat.com/show_bug.cgi?id=855049

bugzilla.redhat.com/show_bug.cgi?id=855425

bugzilla.redhat.com/show_bug.cgi?id=855729

bugzilla.redhat.com/show_bug.cgi?id=855887

bugzilla.redhat.com/show_bug.cgi?id=855918

bugzilla.redhat.com/show_bug.cgi?id=855922

bugzilla.redhat.com/show_bug.cgi?id=855924

bugzilla.redhat.com/show_bug.cgi?id=856163

bugzilla.redhat.com/show_bug.cgi?id=856167

bugzilla.redhat.com/show_bug.cgi?id=857112

bugzilla.redhat.com/show_bug.cgi?id=859109

bugzilla.redhat.com/show_bug.cgi?id=862002

bugzilla.redhat.com/show_bug.cgi?id=863265

bugzilla.redhat.com/show_bug.cgi?id=865386

bugzilla.redhat.com/show_bug.cgi?id=866163

bugzilla.redhat.com/show_bug.cgi?id=866533

bugzilla.redhat.com/show_bug.cgi?id=867354

bugzilla.redhat.com/show_bug.cgi?id=867806

bugzilla.redhat.com/show_bug.cgi?id=867813

bugzilla.redhat.com/show_bug.cgi?id=867922

bugzilla.redhat.com/show_bug.cgi?id=868272

bugzilla.redhat.com/show_bug.cgi?id=868681

bugzilla.redhat.com/show_bug.cgi?id=868721

bugzilla.redhat.com/show_bug.cgi?id=870024

bugzilla.redhat.com/show_bug.cgi?id=870079

bugzilla.redhat.com/show_bug.cgi?id=870734

bugzilla.redhat.com/show_bug.cgi?id=870768

bugzilla.redhat.com/show_bug.cgi?id=871355

bugzilla.redhat.com/show_bug.cgi?id=871811

bugzilla.redhat.com/show_bug.cgi?id=872270

bugzilla.redhat.com/show_bug.cgi?id=872935

bugzilla.redhat.com/show_bug.cgi?id=874481

bugzilla.redhat.com/show_bug.cgi?id=876115

bugzilla.redhat.com/show_bug.cgi?id=876558

6.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:H/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.4%

JSON

Related for REDHAT-RHSA-2012-1508.NASL