Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT_UNPATCHED-LIBDB-RHEL6.NASL
HistoryMay 11, 2024 - 12:00 a.m.

RHEL 6 : libdb (Unpatched Vulnerability)

2024-05-1100:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
1
redhat enterprise linux 6
unpatched vulnerability
libdb package
cve-2017-10140
cve-2019-2708
nessus scanner
data store component
oracle berkeley db
denial of service

5.1 Medium

AI Score

Confidence

High

JSON

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  • libdb: Reads DB_CONFIG from the current working directory (CVE-2017-10140)

  • Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Data Store. (CVE-2019-2708)

Note that Nessus has not tested for these issues but has instead relied on the package manager’s report that the package is installed.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory libdb. The text
# itself is copyright (C) Red Hat, Inc.
##

include('compat.inc');

if (description)
{
  script_id(195731);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/11");

  script_cve_id("CVE-2017-10140", "CVE-2019-2708");

  script_name(english:"RHEL 6 : libdb (Unpatched Vulnerability)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat 6 host is affected by multiple vulnerabilities that will not be patched.");
  script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple
vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - libdb: Reads DB_CONFIG from the current working directory (CVE-2017-10140)

  - Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are
    Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low
    privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store
    executes to compromise Data Store. Successful attacks of this vulnerability can result in unauthorized
    ability to cause a partial denial of service (partial DOS) of Data Store. (CVE-2019-2708)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package
is installed.");
  script_set_attribute(attribute:"solution", value:
"The vendor has acknowledged the vulnerabilities but no solution has been provided. Refer to the vendor for remediation
guidance.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-10140");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/09/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/05/11");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:db4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libdb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postfix");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');
include('rhel.inc');

if (!get_kb_item("global_settings/vendor_unpatched"))
exit(0, "Unpatched Vulnerabilities Detection not active.");

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '6')) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);

var constraints = [
  {
    'pkgs': [
      {'reference':'db4', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'unpatched_pkg':'db4'},
      {'reference':'postfix', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'unpatched_pkg':'postfix', 'cves':['CVE-2017-10140']}
    ]
  }
];


var flag = 0;
foreach var constraint_array ( constraints ) {
  var repo_relative_urls = NULL;
  var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);
  foreach var pkg ( constraint_array['pkgs'] ) {
    var unpatched_pkg = NULL;
    var _release = NULL;
    var sp = NULL;
    var el_string = NULL;
    var rpm_spec_vers_cmp = NULL;
    var exists_check = NULL;
    var cves = NULL;
    if (!empty_or_null(pkg['unpatched_pkg'])) unpatched_pkg = pkg['unpatched_pkg'];
    if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (unpatched_pkg &&
        _release &&
        (!exists_check || rpm_exists(release:_release, rpm:exists_check)) &&
        unpatched_package_exists(release:_release, package:unpatched_pkg, cves: cves)) flag++;
  }
}

if (flag)
{
  var extra = NULL;
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : unpatched_packages_report()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'db4 / postfix');
}
VendorProductVersionCPE
redhatenterprise_linux5cpe:/o:redhat:enterprise_linux:5
redhatenterprise_linux6cpe:/o:redhat:enterprise_linux:6
redhatenterprise_linux7cpe:/o:redhat:enterprise_linux:7
redhatenterprise_linuxdb4p-cpe:/a:redhat:enterprise_linux:db4
redhatenterprise_linuxlibdbp-cpe:/a:redhat:enterprise_linux:libdb
redhatenterprise_linuxpostfixp-cpe:/a:redhat:enterprise_linux:postfix

Related

nessus 32
openvas 25
ubuntu 2
osv 5
debian 3
cloudfoundry 1
rosalinux 1
ubuntucve 1
prion 2
amazon 2
cvelist 2
cve 3
debiancve 1
mageia 2
veracode 1
redhatcve 1
cbl_mariner 3
oraclelinux 1
fedora 1
redhat 14
almalinux 1
rocky 1
archlinux 1
ibm 3
apple 4
oracle 2
nessus
nessus
RHEL 5 : libdb (Unpatched Vulnerability)
2024-05-11 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Berkeley DB vulnerability (USN-3489-1)
2017-11-22 00:00:00
EulerOS Virtualization 3.0.6.0 : libdb (EulerOS-SA-2020-1742)
2020-07-01 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for postfix (EulerOS-SA-2018-1204)
2020-01-23 00:00:00
Debian: Security Advisory (DLA-1137-1)
2018-02-06 00:00:00
Debian: Security Advisory (DLA-1136-1)
2018-02-06 00:00:00
ubuntu
ubuntu
Berkeley DB vulnerability
2017-11-21 00:00:00
Berkeley DB vulnerability
2017-11-21 00:00:00
osv
osv
db4.8 - security update
2017-10-18 00:00:00
db - security update
2017-10-18 00:00:00
db4.7 - security update
2017-10-18 00:00:00
debian
debian
[SECURITY] [DLA 1137-1] db4.7 security update
2017-10-18 18:16:20
[SECURITY] [DLA 1135-1] db security update
2017-10-18 18:12:03
[SECURITY] [DLA 1136-1] db4.8 security update
2017-10-18 18:14:35
cloudfoundry
cloudfoundry
USN-3489-1: Berkeley DB vulnerability | Cloud Foundry
2017-12-14 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1954
2021-07-02 17:59:26
ubuntucve
ubuntucve
CVE-2017-10140
2017-08-14 00:00:00
prion
prion
Directory traversal
2018-04-16 17:29:00
Code injection
2019-04-23 19:32:00
amazon
amazon
Important: libdb
2023-03-02 21:49:00
Important: db4
2023-03-30 22:50:00
cvelist
cvelist
CVE-2017-10140
2018-04-16 16:00:00
CVE-2019-2708
2019-04-23 18:16:45
cve
cve
CVE-2017-10140
2018-04-16 17:29:00
CVE-2019-2708
2019-04-23 19:32:00
CVE-2017-13826
2017-11-13 03:29:00
debiancve
debiancve
CVE-2017-10140
2018-04-16 17:29:00
mageia
mageia
Updated db48 and db53 packages fix security vulnerability
2017-10-20 01:05:51
Updated db53 packages fix a security vulnerability
2021-01-29 22:05:33
veracode
veracode
Denial Of Service (DoS)
2021-05-21 14:01:38
redhatcve
redhatcve
CVE-2019-2708
2020-07-02 09:20:42
cbl_mariner
cbl_mariner
CVE-2019-2708 affecting package libdb for versions less than 5.3.28-7
2022-04-26 19:57:55
CVE-2019-2708 affecting package libdb for versions less than 5.3.28-7
2024-03-19 17:21:46
CVE-2019-2708 affecting package libdb 5.3.28-6
2021-10-05 03:00:59
oraclelinux
oraclelinux
libdb security update
2021-05-25 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: libdb-5.3.28-45.fc33
2020-12-16 01:43:18
redhat
redhat
(RHSA-2021:1675) Low: libdb security update
2021-05-18 05:48:41
(RHSA-2019:0366) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP1 security update
2019-02-18 16:45:31
(RHSA-2021:2705) Moderate: Release of OpenShift Serverless 1.16.0
2021-07-13 16:31:04
almalinux
almalinux
Low: libdb security update
2021-05-18 05:48:41
rocky
rocky
libdb security update
2021-05-18 05:48:41
archlinux
archlinux
[ASA-201711-32] exim: multiple issues
2017-11-30 00:00:00
ibm
ibm
Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities
2021-12-03 18:52:37
Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs
2021-10-19 15:38:04
Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to multiple CVEs
2023-03-08 18:05:21
apple
apple
About the security content of macOS High Sierra 10.13
2017-09-25 00:00:00
About the security content of macOS High Sierra 10.13 - Apple Support
2020-02-06 07:51:09
About the security content of macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan
2017-10-31 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00
Oracle Critical Patch Update Advisory - July 2020
2020-07-14 00:00:00

5.1 Medium

AI Score

Confidence

High

JSON
Related for REDHAT_UNPATCHED-LIBDB-RHEL6.NASL
nessus32openvas25ubuntu2osv5debian3cloudfoundry1rosalinux1ubuntucve1prion2amazon2cvelist2cve3debiancve1mageia2veracode1redhatcve1cbl_mariner3oraclelinux1fedora1redhat14almalinux1rocky1archlinux1ibm3apple4oracle2