Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2013-1536.NASL
HistoryNov 21, 2013 - 12:00 a.m.

RHEL 6 : libguestfs (RHSA-2013:1536)

2013-11-2100:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14

6.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:H/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

41.3%

JSON

Updated libguestfs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

Libguestfs is a library and set of tools for accessing and modifying guest disk images.

It was found that guestfish, which enables shell scripting and command line access to libguestfs, insecurely created the temporary directory used to store the network socket when started in server mode. A local attacker could use this flaw to intercept and modify other user’s guestfish command, allowing them to perform arbitrary guestfish actions with the privileges of a different user, or use this flaw to obtain authentication credentials. (CVE-2013-4419)

This issue was discovered by Michael Scherer of the Red Hat Regional IT team.

These updated libguestfs packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical Notes, linked to in the References, for information on the most significant of these changes.

All libguestfs users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2013:1536. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(70999);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2013-4419");
  script_bugtraq_id(63226);
  script_xref(name:"RHSA", value:"2013:1536");

  script_name(english:"RHEL 6 : libguestfs (RHSA-2013:1536)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated libguestfs packages that fix one security issue, several bugs,
and add various enhancements are now available for Red Hat Enterprise
Linux 6.

The Red Hat Security Response Team has rated this update as having
moderate security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from
the CVE link in the References section.

Libguestfs is a library and set of tools for accessing and modifying
guest disk images.

It was found that guestfish, which enables shell scripting and command
line access to libguestfs, insecurely created the temporary directory
used to store the network socket when started in server mode. A local
attacker could use this flaw to intercept and modify other user's
guestfish command, allowing them to perform arbitrary guestfish
actions with the privileges of a different user, or use this flaw to
obtain authentication credentials. (CVE-2013-4419)

This issue was discovered by Michael Scherer of the Red Hat Regional
IT team.

These updated libguestfs packages include numerous bug fixes and
enhancements. Space precludes documenting all of these changes in this
advisory. Users are directed to the Red Hat Enterprise Linux 6.5
Technical Notes, linked to in the References, for information on the
most significant of these changes.

All libguestfs users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues and add these
enhancements."
  );
  # https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?c6b506c4"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2013:1536"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2013-4419"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:A/AC:H/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-java");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-libguestfs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/11/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/11/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/21");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2013:1536";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libguestfs-1.20.11-2.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libguestfs-debuginfo-1.20.11-2.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libguestfs-devel-1.20.11-2.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libguestfs-java-1.20.11-2.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libguestfs-java-devel-1.20.11-2.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libguestfs-javadoc-1.20.11-2.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libguestfs-tools-1.20.11-2.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libguestfs-tools-c-1.20.11-2.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ocaml-libguestfs-1.20.11-2.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ocaml-libguestfs-devel-1.20.11-2.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"perl-Sys-Guestfs-1.20.11-2.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"python-libguestfs-1.20.11-2.el6")) flag++;
  if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ruby-libguestfs-1.20.11-2.el6")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libguestfs / libguestfs-debuginfo / libguestfs-devel / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxlibguestfsp-cpe:/a:redhat:enterprise_linux:libguestfs
redhatenterprise_linuxlibguestfs-debuginfop-cpe:/a:redhat:enterprise_linux:libguestfs-debuginfo
redhatenterprise_linuxlibguestfs-develp-cpe:/a:redhat:enterprise_linux:libguestfs-devel
redhatenterprise_linuxlibguestfs-javap-cpe:/a:redhat:enterprise_linux:libguestfs-java
redhatenterprise_linuxlibguestfs-java-develp-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel
redhatenterprise_linuxlibguestfs-javadocp-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc
redhatenterprise_linuxlibguestfs-toolsp-cpe:/a:redhat:enterprise_linux:libguestfs-tools
redhatenterprise_linuxlibguestfs-tools-cp-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c
redhatenterprise_linuxocaml-libguestfsp-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs
redhatenterprise_linuxocaml-libguestfs-develp-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel
Rows per page:
1-10 of 141

Related

centos 1
fedora 5
prion 1
suse 1
ubuntucve 1
nvd 1
nessus 8
debiancve 1
openvas 8
cve 1
redhat 2
veracode 1
cvelist 1
oraclelinux 1
centos
centos
libguestfs, ocaml, perl, python, ruby security update
2013-11-26 13:32:04
fedora
fedora
[SECURITY] Fedora 19 Update: libguestfs-1.22.7-1.fc19
2013-10-27 04:00:04
[SECURITY] Fedora 20 Update: libguestfs-1.24.0-1.fc20
2013-11-10 06:52:22
[SECURITY] Fedora 19 Update: libguestfs-1.22.7-1.fc19
2013-10-27 05:32:56
prion
prion
Design/Logic Flaw
2013-11-05 20:55:00
suse
suse
Security update for guestfs (important)
2013-11-04 17:04:16
ubuntucve
ubuntucve
CVE-2013-4419
2013-11-05 00:00:00
nvd
nvd
CVE-2013-4419
2013-11-05 20:55:29
nessus
nessus
Scientific Linux Security Update : libguestfs on SL6.x x86_64 (20131121)
2013-12-04 00:00:00
Fedora 20 : libguestfs-1.24.0-1.fc20 (2013-19553)
2013-11-11 00:00:00
Fedora 19 : libguestfs-1.22.7-1.fc19 (2013-19492)
2013-10-27 00:00:00
debiancve
debiancve
CVE-2013-4419
2013-11-05 20:55:29
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:1626-1)
2021-06-09 00:00:00
RedHat Update for libguestfs RHSA-2013:1536-02
2013-11-21 00:00:00
RedHat Update for libguestfs RHSA-2013:1536-02
2013-11-21 00:00:00
cve
cve
CVE-2013-4419
2013-11-05 20:55:29
redhat
redhat
(RHSA-2013:1536) Moderate: libguestfs security, bug fix, and enhancement update
2013-11-21 00:00:00
(RHSA-2013:1527) Important: rhev-hypervisor6 security and bug fix update
2013-11-21 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:01:25
cvelist
cvelist
CVE-2013-4419
2013-11-05 20:00:00
oraclelinux
oraclelinux
libguestfs security, bug fix, and enhancement update
2013-11-26 00:00:00

6.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:H/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

41.3%

JSON
Related for REDHAT-RHSA-2013-1536.NASL
centos1fedora5prion1suse1ubuntucve1nvd1nessus8debiancve1openvas8cve1redhat2veracode1cvelist1oraclelinux1