Scientific Linux Security Update : ipa on SL6.x i386/x86_64 (20130221)

2013-03-0500:00:00

www.tenable.com

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

51.2%

JSON

It was found that the current default configuration of IPA servers did not publish correct CRLs (Certificate Revocation Lists). The default configuration specifies that every replica is to generate its own CRL;
however, this can result in inconsistencies in the CRL contents provided to clients from different Identity Management replicas. More specifically, if a certificate is revoked on one Identity Management replica, it will not show up on another Identity Management replica.
(CVE-2012-4546)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(65012);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2012-4546");

  script_name(english:"Scientific Linux Security Update : ipa on SL6.x i386/x86_64 (20130221)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"It was found that the current default configuration of IPA servers did
not publish correct CRLs (Certificate Revocation Lists). The default
configuration specifies that every replica is to generate its own CRL;
however, this can result in inconsistencies in the CRL contents
provided to clients from different Identity Management replicas. More
specifically, if a certificate is revoked on one Identity Management
replica, it will not show up on another Identity Management replica.
(CVE-2012-4546)"
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1303&L=scientific-linux-errata&T=0&P=1062
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?30836ec8"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-admintools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-server-selinux");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-server-trust-ad");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/04/03");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/02/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/05");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL6", reference:"ipa-admintools-3.0.0-25.el6")) flag++;
if (rpm_check(release:"SL6", reference:"ipa-client-3.0.0-25.el6")) flag++;
if (rpm_check(release:"SL6", reference:"ipa-debuginfo-3.0.0-25.el6")) flag++;
if (rpm_check(release:"SL6", reference:"ipa-python-3.0.0-25.el6")) flag++;
if (rpm_check(release:"SL6", reference:"ipa-server-3.0.0-25.el6")) flag++;
if (rpm_check(release:"SL6", reference:"ipa-server-selinux-3.0.0-25.el6")) flag++;
if (rpm_check(release:"SL6", reference:"ipa-server-trust-ad-3.0.0-25.el6")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ipa-admintools / ipa-client / ipa-debuginfo / ipa-python / etc");
}

VendorProductVersionCPE
fermilabscientific_linuxipa-admintoolsp-cpe:/a:fermilab:scientific_linux:ipa-admintools
fermilabscientific_linuxipa-clientp-cpe:/a:fermilab:scientific_linux:ipa-client
fermilabscientific_linuxipa-debuginfop-cpe:/a:fermilab:scientific_linux:ipa-debuginfo
fermilabscientific_linuxipa-pythonp-cpe:/a:fermilab:scientific_linux:ipa-python
fermilabscientific_linuxipa-serverp-cpe:/a:fermilab:scientific_linux:ipa-server
fermilabscientific_linuxipa-server-selinuxp-cpe:/a:fermilab:scientific_linux:ipa-server-selinux
fermilabscientific_linuxipa-server-trust-adp-cpe:/a:fermilab:scientific_linux:ipa-server-trust-ad
fermilabscientific_linuxx-cpe:/o:fermilab:scientific_linux

Vendor	Product	Version	CPE
fermilab	scientific_linux	ipa-admintools	p-cpe:/a:fermilab:scientific_linux:ipa-admintools
fermilab	scientific_linux	ipa-client	p-cpe:/a:fermilab:scientific_linux:ipa-client
fermilab	scientific_linux	ipa-debuginfo	p-cpe:/a:fermilab:scientific_linux:ipa-debuginfo
fermilab	scientific_linux	ipa-python	p-cpe:/a:fermilab:scientific_linux:ipa-python
fermilab	scientific_linux	ipa-server	p-cpe:/a:fermilab:scientific_linux:ipa-server
fermilab	scientific_linux	ipa-server-selinux	p-cpe:/a:fermilab:scientific_linux:ipa-server-selinux
fermilab	scientific_linux	ipa-server-trust-ad	p-cpe:/a:fermilab:scientific_linux:ipa-server-trust-ad
fermilab	scientific_linux		x-cpe:/o:fermilab:scientific_linux