Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20161103_FIREWALLD_ON_SL7_X.NASL
HistoryDec 15, 2016 - 12:00 a.m.

Scientific Linux Security Update : firewalld on SL7.x (noarch) (20161103)

2016-12-1500:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19
JSON

The following packages have been upgraded to a newer upstream version:
firewalld (0.4.3.2).

Security Fix(es) :

  • A flaw was found in the way firewalld allowed certain firewall configurations to be modified by unauthenticated users. Any locally logged in user could use this flaw to tamper or change firewall settings.
    (CVE-2016-5410)

Additional Changes :

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(95837);
  script_version("3.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2016-5410");

  script_name(english:"Scientific Linux Security Update : firewalld on SL7.x (noarch) (20161103)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The following packages have been upgraded to a newer upstream version:
firewalld (0.4.3.2).

Security Fix(es) :

  - A flaw was found in the way firewalld allowed certain
    firewall configurations to be modified by
    unauthenticated users. Any locally logged in user could
    use this flaw to tamper or change firewall settings.
    (CVE-2016-5410)

Additional Changes :"
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1612&L=scientific-linux-errata&F=&S=&P=10449
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?af79f32c"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:firewall-applet");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:firewall-config");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:firewalld");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:firewalld-filesystem");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:python-firewall");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/04/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/11/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL7", reference:"firewall-applet-0.4.3.2-8.el7")) flag++;
if (rpm_check(release:"SL7", reference:"firewall-config-0.4.3.2-8.el7")) flag++;
if (rpm_check(release:"SL7", reference:"firewalld-0.4.3.2-8.el7")) flag++;
if (rpm_check(release:"SL7", reference:"firewalld-filesystem-0.4.3.2-8.el7")) flag++;
if (rpm_check(release:"SL7", reference:"python-firewall-0.4.3.2-8.el7")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_NOTE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firewall-applet / firewall-config / firewalld / etc");
}
VendorProductVersionCPE
fermilabscientific_linuxfirewall-appletp-cpe:/a:fermilab:scientific_linux:firewall-applet
fermilabscientific_linuxfirewall-configp-cpe:/a:fermilab:scientific_linux:firewall-config
fermilabscientific_linuxfirewalldp-cpe:/a:fermilab:scientific_linux:firewalld
fermilabscientific_linuxfirewalld-filesystemp-cpe:/a:fermilab:scientific_linux:firewalld-filesystem
fermilabscientific_linuxpython-firewallp-cpe:/a:fermilab:scientific_linux:python-firewall
fermilabscientific_linuxx-cpe:/o:fermilab:scientific_linux

Related

oraclelinux 1
redhatcve 1
prion 1
redhat 1
openvas 4
gentoo 1
fedora 2
nessus 7
ubuntucve 1
debiancve 1
cvelist 1
cve 1
centos 1
ibm 1
oraclelinux
oraclelinux
firewalld security, bug fix, and enhancement update
2016-11-09 00:00:00
redhatcve
redhatcve
CVE-2016-5410
2016-12-15 20:23:01
prion
prion
Authentication flaw
2017-04-19 14:59:00
redhat
redhat
(RHSA-2016:2597) Moderate: firewalld security, bug fix, and enhancement update
2016-11-03 06:07:16
openvas
openvas
Huawei EulerOS: Security Advisory for firewalld (EulerOS-SA-2019-2377)
2020-01-23 00:00:00
Fedora Update for firewalld FEDORA-2016-de55d2c2c9
2016-08-20 00:00:00
RedHat Update for firewalld RHSA-2016:2597-02
2016-11-04 00:00:00
gentoo
gentoo
Firewalld: Improper authentication methods
2017-01-29 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: firewalld-0.4.3.3-1.fc25
2016-09-03 17:43:44
[SECURITY] Fedora 24 Update: firewalld-0.4.3.3-1.fc24
2016-08-19 19:54:53
nessus
nessus
Oracle Linux 7 : firewalld (ELSA-2016-2597)
2016-11-11 00:00:00
CentOS 7 : firewalld (CESA-2016:2597)
2016-11-28 00:00:00
EulerOS 2.0 SP2 : firewalld (EulerOS-SA-2019-2377)
2019-12-10 00:00:00
ubuntucve
ubuntucve
CVE-2016-5410
2017-04-19 00:00:00
debiancve
debiancve
CVE-2016-5410
2017-04-19 14:59:00
cvelist
cvelist
CVE-2016-5410
2017-04-19 14:00:00
cve
cve
CVE-2016-5410
2017-04-19 14:59:00
centos
centos
firewall, firewalld, python security update
2016-11-25 15:57:23
ibm
ibm
Security Bulletin: A vulnerability in DHCP affects PowerKVM (CVE-2016-5410)
2018-06-18 01:34:16
JSON
Related for SL_20161103_FIREWALLD_ON_SL7_X.NASL
oraclelinux1redhatcve1prion1redhat1openvas4gentoo1fedora2nessus7ubuntucve1debiancve1cvelist1cve1centos1ibm1