Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2018-3665.NASL
HistoryNov 27, 2018 - 12:00 a.m.

RHEL 7 : NetworkManager (RHSA-2018:3665)

2018-11-2700:00:00
This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
155
JSON

An update for NetworkManager is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services.

Security Fix(es) :

  • systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank Ubuntu Security Team for reporting this issue. Upstream acknowledges Felix Wilhelm (Google) as the original reporter.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2018:3665. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('compat.inc');

if (description)
{
  script_id(119172);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/02/01");

  script_cve_id("CVE-2018-15688");
  script_xref(name:"RHSA", value:"2018:3665");

  script_name(english:"RHEL 7 : NetworkManager (RHSA-2018:3665)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"An update for NetworkManager is now available for Red Hat Enterprise
Linux 7.

Red Hat Product Security has rated this update as having a security
impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.

NetworkManager is a system network service that manages network
devices and connections, attempting to keep active network
connectivity when available. Its capabilities include managing
Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as
well as providing VPN integration with a variety of different VPN
services.

Security Fix(es) :

* systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option
handling (CVE-2018-15688)

For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.

Red Hat would like to thank Ubuntu Security Team for reporting this
issue. Upstream acknowledges Felix Wilhelm (Google) as the original
reporter.");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3665");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-15688");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-15688");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"in_the_news", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/10/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/11/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/11/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-adsl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-bluetooth");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-config-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-dispatcher-routing-rules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-glib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-glib-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-libnm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-libnm-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-ovs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-ppp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-team");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-tui");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-wifi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-wwan");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.6");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2018:3665";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-adsl-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-adsl-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-bluetooth-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-bluetooth-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", reference:"NetworkManager-config-server-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", reference:"NetworkManager-debuginfo-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", reference:"NetworkManager-dispatcher-routing-rules-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", reference:"NetworkManager-glib-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", reference:"NetworkManager-glib-devel-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", reference:"NetworkManager-libnm-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", reference:"NetworkManager-libnm-devel-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-ovs-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-ovs-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-ppp-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-ppp-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-team-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-team-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-tui-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-tui-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-wifi-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-wifi-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-wwan-1.12.0-8.el7_6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-wwan-1.12.0-8.el7_6")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "NetworkManager / NetworkManager-adsl / NetworkManager-bluetooth / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxnetworkmanagerp-cpe:/a:redhat:enterprise_linux:networkmanager
redhatenterprise_linuxnetworkmanager-adslp-cpe:/a:redhat:enterprise_linux:networkmanager-adsl
redhatenterprise_linuxnetworkmanager-bluetoothp-cpe:/a:redhat:enterprise_linux:networkmanager-bluetooth
redhatenterprise_linuxnetworkmanager-config-serverp-cpe:/a:redhat:enterprise_linux:networkmanager-config-server
redhatenterprise_linuxnetworkmanager-debuginfop-cpe:/a:redhat:enterprise_linux:networkmanager-debuginfo
redhatenterprise_linuxnetworkmanager-dispatcher-routing-rulesp-cpe:/a:redhat:enterprise_linux:networkmanager-dispatcher-routing-rules
redhatenterprise_linuxnetworkmanager-glibp-cpe:/a:redhat:enterprise_linux:networkmanager-glib
redhatenterprise_linuxnetworkmanager-glib-develp-cpe:/a:redhat:enterprise_linux:networkmanager-glib-devel
redhatenterprise_linuxnetworkmanager-libnmp-cpe:/a:redhat:enterprise_linux:networkmanager-libnm
redhatenterprise_linuxnetworkmanager-libnm-develp-cpe:/a:redhat:enterprise_linux:networkmanager-libnm-devel
Rows per page:
1-10 of 181

Related

nessus 37
veracode 2
openvas 27
fedora 11
osv 2
cloudfoundry 1
debiancve 1
redhat 2
amazon 2
oraclelinux 3
photon 3
cve 1
ubuntucve 1
cbl_mariner 1
altlinux 2
prion 1
redhatcve 1
ibm 4
ubuntu 2
centos 2
suse 2
archlinux 1
debian 1
gentoo 1
nessus
nessus
Photon OS 2.0: Systemd PHSA-2018-2.0-0107
2019-02-07 00:00:00
Scientific Linux Security Update : NetworkManager on SL7.x x86_64 (20181127)
2018-11-28 00:00:00
Photon OS 1.0: Systemd PHSA-2018-1.0-0193
2019-02-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:26:47
Denial Of Service (DoS)
2018-10-29 07:43:47
openvas
openvas
CentOS Update for NetworkManager CESA-2018:3665 centos7
2018-12-18 00:00:00
Ubuntu Update for network-manager USN-3807-1
2018-11-06 00:00:00
Fedora Update for NetworkManager FEDORA-2018-7243f31304
2018-11-08 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: NetworkManager-1.8.8-2.fc27
2018-11-16 03:42:02
[SECURITY] Fedora 29 Update: NetworkManager-1.12.4-2.fc29
2018-11-04 05:53:43
[SECURITY] Fedora 28 Update: NetworkManager-1.10.12-2.fc28
2018-11-08 02:20:43
osv
osv
CVE-2018-15688
2018-10-26 14:29:00
systemd - security update
2018-11-19 00:00:00
cloudfoundry
cloudfoundry
USN-3806-1: systemd vulnerability | Cloud Foundry
2018-11-20 00:00:00
debiancve
debiancve
CVE-2018-15688
2018-10-26 14:29:00
redhat
redhat
(RHSA-2018:3665) Important: NetworkManager security update
2018-11-26 23:01:01
(RHSA-2019:0049) Important: systemd security update
2019-01-14 11:21:52
amazon
amazon
Important: NetworkManager
2019-01-07 22:07:00
Important: systemd
2019-02-13 18:37:00
oraclelinux
oraclelinux
NetworkManager security update
2018-11-27 00:00:00
systemd security update
2019-01-14 00:00:00
systemd security, bug fix, and enhancement update
2019-08-13 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0107
2018-11-06 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0193
2018-11-06 00:00:00
Critical Photon OS Security Update - PHSA-2018-0193
2018-11-06 00:00:00
cve
cve
CVE-2018-15688
2018-10-26 14:29:00
ubuntucve
ubuntucve
CVE-2018-15688
2018-10-26 00:00:00
cbl_mariner
cbl_mariner
CVE-2018-15688 affecting package systemd 239-44
2020-09-09 06:09:21
altlinux
altlinux
Security fix for the ALT Linux 9 package NetworkManager version 1.14.5-alt1.gitba83251bba87
2018-11-01 00:00:00
Security fix for the ALT Linux 9 package systemd version 1:239-alt3
2018-10-29 00:00:00
prion
prion
Buffer overflow
2018-10-26 14:29:00
redhatcve
redhatcve
CVE-2018-15688
2022-01-13 06:45:36
ibm
ibm
Security Bulletin: A vulnerability in NetworkManager affects PowerKVM
2019-03-04 05:55:02
Security Bulletin: IBM MQ Cloud Paks are vulnerable to multiple vulnerabilities in Systemd (CVE-2018-15688 CVE-2018-15687 CVE-2018-15686)
2018-12-18 13:50:01
Security Bulletin: Vulnerabiliies in systemd affect PowerKVM
2019-03-04 05:50:01
ubuntu
ubuntu
NetworkManager vulnerability
2018-11-05 00:00:00
systemd vulnerability
2018-11-05 00:00:00
centos
centos
NetworkManager security update
2018-12-13 20:45:55
libgudev1, systemd security update
2019-01-15 11:38:56
suse
suse
Security update for systemd (important)
2018-11-10 00:11:51
Security update for systemd (important)
2018-11-17 00:16:31
archlinux
archlinux
[ASA-201811-11] systemd: multiple issues
2018-11-07 00:00:00
debian
debian
[SECURITY] [DLA 1580-1] systemd security update
2018-11-19 23:42:42
gentoo
gentoo
systemd: Multiple vulnerabilities
2018-10-30 00:00:00
JSON
Related for REDHAT-RHSA-2018-3665.NASL
nessus37veracode2openvas27fedora11osv2cloudfoundry1debiancve1redhat2amazon2oraclelinux3photon3cve1ubuntucve1cbl_mariner1altlinux2prion1redhatcve1ibm4ubuntu2centos2suse2archlinux1debian1gentoo1