Lucene search
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2013-0638.NASLHistoryDec 06, 2018 - 12:00 a.m.
RHEL 6 : openshift (RHSA-2013:0638)
2018-12-0600:00:00
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
25
Red Hat OpenShift Enterprise 1.1.2, which fixes several security issues, is now available.
The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
OpenShift Enterprise is a cloud computing Platform-as-a-Service (PaaS) solution from Red Hat, and is designed for on-premise or private cloud deployments.
A flaw was found in the handling of paths provided to ruby193-rubygem-rack. A remote attacker could use this flaw to conduct a directory traversal attack by passing malformed requests.
(CVE-2013-0262)
A timing attack flaw was found in the way rubygem-rack and ruby193-rubygem-rack processed HMAC digests in cookies. This flaw could aid an attacker using forged digital signatures to bypass authentication checks. (CVE-2013-0263)
It was found that Jenkins did not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker could trick a user, who was logged into Jenkins, into visiting a specially crafted URL, the attacker could perform operations on Jenkins. (CVE-2013-0327, CVE-2013-0329)
A cross-site scripting (XSS) flaw was found in Jenkins. A remote attacker could use this flaw to conduct an XSS attack against users of Jenkins. (CVE-2013-0328)
A flaw could allow a Jenkins user to build jobs they do not have access to. (CVE-2013-0330)
A flaw could allow a Jenkins user to cause a denial of service if they are able to supply a specially crafted payload. (CVE-2013-0331)
Users are advised to upgrade to Red Hat OpenShift Enterprise 1.1.2. It is recommended that you restart your system after applying this update.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2013:0638. The text
# itself is copyright (C) Red Hat, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(119433);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2013-0262", "CVE-2013-0263", "CVE-2013-0327", "CVE-2013-0328", "CVE-2013-0329", "CVE-2013-0330", "CVE-2013-0331");
script_bugtraq_id(57860, 57862, 57994, 58454, 58456, 58721, 58722, 58726);
script_xref(name:"RHSA", value:"2013:0638");
script_name(english:"RHEL 6 : openshift (RHSA-2013:0638)");
script_summary(english:"Checks the rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Red Hat OpenShift Enterprise 1.1.2, which fixes several security
issues, is now available.
The Red Hat Security Response Team has rated this update as having
moderate security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.
OpenShift Enterprise is a cloud computing Platform-as-a-Service (PaaS)
solution from Red Hat, and is designed for on-premise or private cloud
deployments.
A flaw was found in the handling of paths provided to
ruby193-rubygem-rack. A remote attacker could use this flaw to conduct
a directory traversal attack by passing malformed requests.
(CVE-2013-0262)
A timing attack flaw was found in the way rubygem-rack and
ruby193-rubygem-rack processed HMAC digests in cookies. This flaw
could aid an attacker using forged digital signatures to bypass
authentication checks. (CVE-2013-0263)
It was found that Jenkins did not protect against Cross-Site Request
Forgery (CSRF) attacks. If a remote attacker could trick a user, who
was logged into Jenkins, into visiting a specially crafted URL, the
attacker could perform operations on Jenkins. (CVE-2013-0327,
CVE-2013-0329)
A cross-site scripting (XSS) flaw was found in Jenkins. A remote
attacker could use this flaw to conduct an XSS attack against users of
Jenkins. (CVE-2013-0328)
A flaw could allow a Jenkins user to build jobs they do not have
access to. (CVE-2013-0330)
A flaw could allow a Jenkins user to cause a denial of service if they
are able to supply a specially crafted payload. (CVE-2013-0331)
Users are advised to upgrade to Red Hat OpenShift Enterprise 1.1.2. It
is recommended that you restart your system after applying this
update."
);
# https://wiki.jenkins-ci.org/display/SECURITY/
script_set_attribute(
attribute:"see_also",
value:"https://wiki.jenkins.io/display/SECURITY/"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/errata/RHSA-2013:0638"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2013-0331"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2013-0330"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2013-0328"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2013-0329"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2013-0327"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2013-0263"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2013-0262"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jenkins");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jenkins-1.4");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rack");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-rack");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/02/08");
script_set_attribute(attribute:"patch_publication_date", value:"2013/03/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/12/06");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2013:0638";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL6", reference:"jenkins-1.502-1.el6")) flag++;
if (rpm_check(release:"RHEL6", reference:"openshift-origin-cartridge-jenkins-1.4-1.0.3-1.el6")) flag++;
if (rpm_check(release:"RHEL6", reference:"ruby193-rubygem-rack-1.4.1-4.el6")) flag++;
if (rpm_check(release:"RHEL6", reference:"rubygem-rack-1.3.0-4.el6")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "jenkins / openshift-origin-cartridge-jenkins-1.4 / etc");
}
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | jenkins | p-cpe:/a:redhat:enterprise_linux:jenkins |
| redhat | enterprise_linux | openshift-origin-cartridge-jenkins-1.4 | p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jenkins-1.4 |
| redhat | enterprise_linux | ruby193-rubygem-rack | p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rack |
| redhat | enterprise_linux | rubygem-rack | p-cpe:/a:redhat:enterprise_linux:rubygem-rack |
| redhat | enterprise_linux | 6 | cpe:/o:redhat:enterprise_linux:6 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0262
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0327
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0328
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0329
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0330
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0331
access.redhat.com/errata/RHSA-2013:0638
access.redhat.com/security/cve/cve-2013-0262
access.redhat.com/security/cve/cve-2013-0263
access.redhat.com/security/cve/cve-2013-0327
access.redhat.com/security/cve/cve-2013-0328
access.redhat.com/security/cve/cve-2013-0329
access.redhat.com/security/cve/cve-2013-0330
access.redhat.com/security/cve/cve-2013-0331
wiki.jenkins.io/display/SECURITY/
Related
redhat
redhat
(RHSA-2013:0638) Moderate: Red Hat OpenShift Enterprise 1.1.2 update
2013-03-12 00:00:00
(RHSA-2013:0686) Moderate: Subscription Asset Manager 1.2.1 update
2013-03-26 00:00:00
veracode
veracode
Improper Access Control
2019-05-02 04:44:00
Cross-site Scripting (XSS)
2019-05-02 04:43:59
Input Validation Bypass
2019-05-02 04:44:00
nessus
nessus
openvas
openvas
Jenkins <= 1.501, <= 1.480.2 LTS Multiple Vulnerabilities - Windows
2022-08-23 00:00:00
Jenkins <= 1.501, <= 1.480.2 LTS Multiple Vulnerabilities - Linux
2022-08-23 00:00:00
Fedora Update for rubygem-rack FEDORA-2013-2306
2013-05-09 00:00:00
freebsd
freebsd
Ruby Rack Gem -- Multiple Issues
2013-02-08 00:00:00
ubuntucve
ubuntucve
prion
prion
Cross site scripting
2013-03-19 14:55:00
Directory traversal
2013-02-08 20:55:00
Code injection
2013-03-19 14:55:00
osv
osv
Jenkins subject to Cross-site Scripting
2022-05-05 02:48:48
Jenkins Cross-Site Request Forgery vulnerability
2022-05-05 02:48:48
Jenkins Cross-Site Request Forgery vulnerability
2022-05-05 02:48:48
fedora
fedora
[SECURITY] Fedora 18 Update: rubygem-rack-1.4.0-5.fc18
2013-05-07 18:33:02
[SECURITY] Fedora 17 Update: rubygem-rack-1.4.0-4.fc17
2013-05-07 18:29:19
gentoo
gentoo
Rack: Multiple vulnerabilities
2014-05-17 00:00:00
cve
cve
github
github
Jenkins Cross-Site Request Forgery vulnerability
2022-05-05 02:48:48
Rack Vulnerable to Path Traversal
2017-10-24 18:33:37
Jenkins Cross-Site Request Forgery vulnerability
2022-05-05 02:48:48
debiancve
debiancve
CVE-2013-0262
2013-02-08 20:55:00
CVE-2013-0263
2013-02-08 20:55:00
rubygems
rubygems
CVE-2013-0262 rubygem-rack: Path sanitization information disclosure
2013-02-06 20:00:00
CVE-2013-0263 rubygem-rack: Timing attack in cookie sessions
2013-02-06 20:00:00
debian
debian
[SECURITY] [DSA 2783-1] librack-ruby security update
2013-10-21 19:20:25
[SECURITY] [DSA 2783-2] librack-ruby regression update
2013-10-24 19:29:38
[SECURITY] [DSA 2783-2] librack-ruby regression update
2013-10-24 19:29:38
securityvulns
securityvulns
[SECURITY] [DSA 2783-2] librack-ruby regression update
2013-10-28 00:00:00
Librack multiple security vulnerabilities
2013-10-28 00:00:00
Related for REDHAT-RHSA-2013-0638.NASL