Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20161103_SYSTEMD_ON_SL7_X.NASL
HistoryDec 15, 2016 - 12:00 a.m.

Scientific Linux Security Update : systemd on SL7.x x86_64 (20161103)

2016-12-1500:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
JSON

Security Fix(es) :

  • A flaw was found in the way systemd handled empty notification messages. A local attacker could use this flaw to make systemd freeze its execution, preventing further management of system services, system shutdown, or zombie process collection via systemd.
    (CVE-2016-7795)

Bug Fix(es) :

  • Previously, the udev device manager automatically enabled all memory banks on IBM z System installations.
    As a consequence, hot plug memory was enabled automatically, which was incorrect. With this update, system architecture checks have been added to the udev rules to address the problem. As a result, hot plug memory is no longer automatically enabled.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(95862);
  script_version("3.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2016-7795");

  script_name(english:"Scientific Linux Security Update : systemd on SL7.x x86_64 (20161103)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Security Fix(es) :

  - A flaw was found in the way systemd handled empty
    notification messages. A local attacker could use this
    flaw to make systemd freeze its execution, preventing
    further management of system services, system shutdown,
    or zombie process collection via systemd.
    (CVE-2016-7795)

Bug Fix(es) :

  - Previously, the udev device manager automatically
    enabled all memory banks on IBM z System installations.
    As a consequence, hot plug memory was enabled
    automatically, which was incorrect. With this update,
    system architecture checks have been added to the udev
    rules to address the problem. As a result, hot plug
    memory is no longer automatically enabled."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1612&L=scientific-linux-errata&F=&S=&P=1691
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?c4a76215"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libgudev1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libgudev1-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:systemd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:systemd-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:systemd-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:systemd-journal-gateway");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:systemd-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:systemd-networkd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:systemd-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:systemd-resolved");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:systemd-sysv");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/11/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);


flag = 0;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libgudev1-219-30.el7_3.3")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libgudev1-devel-219-30.el7_3.3")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"systemd-219-30.el7_3.3")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"systemd-debuginfo-219-30.el7_3.3")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"systemd-devel-219-30.el7_3.3")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"systemd-journal-gateway-219-30.el7_3.3")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"systemd-libs-219-30.el7_3.3")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"systemd-networkd-219-30.el7_3.3")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"systemd-python-219-30.el7_3.3")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"systemd-resolved-219-30.el7_3.3")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"systemd-sysv-219-30.el7_3.3")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libgudev1 / libgudev1-devel / systemd / systemd-debuginfo / etc");
}
VendorProductVersionCPE
fermilabscientific_linuxlibgudev1p-cpe:/a:fermilab:scientific_linux:libgudev1
fermilabscientific_linuxlibgudev1-develp-cpe:/a:fermilab:scientific_linux:libgudev1-devel
fermilabscientific_linuxsystemdp-cpe:/a:fermilab:scientific_linux:systemd
fermilabscientific_linuxsystemd-debuginfop-cpe:/a:fermilab:scientific_linux:systemd-debuginfo
fermilabscientific_linuxsystemd-develp-cpe:/a:fermilab:scientific_linux:systemd-devel
fermilabscientific_linuxsystemd-journal-gatewayp-cpe:/a:fermilab:scientific_linux:systemd-journal-gateway
fermilabscientific_linuxsystemd-libsp-cpe:/a:fermilab:scientific_linux:systemd-libs
fermilabscientific_linuxsystemd-networkdp-cpe:/a:fermilab:scientific_linux:systemd-networkd
fermilabscientific_linuxsystemd-pythonp-cpe:/a:fermilab:scientific_linux:systemd-python
fermilabscientific_linuxsystemd-resolvedp-cpe:/a:fermilab:scientific_linux:systemd-resolved
Rows per page:
1-10 of 121

Related

openvas 9
oraclelinux 1
archlinux 1
nessus 10
prion 1
cve 1
redhat 2
fedora 2
debiancve 1
mageia 1
redhatcve 1
photon 1
ubuntucve 1
rosalinux 1
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0380)
2022-01-28 00:00:00
Fedora Update for systemd FEDORA-2016-894abe29d2
2016-12-07 00:00:00
RedHat Update for systemd RHSA-2016:2610-01
2016-11-04 00:00:00
oraclelinux
oraclelinux
systemd security and bug fix update
2016-11-09 00:00:00
archlinux
archlinux
[ASA-201610-2] systemd: denial of service
2016-10-04 00:00:00
nessus
nessus
Fedora 24 : systemd (2016-c942ed0424)
2016-10-06 00:00:00
Fedora 25 : systemd (2016-894abe29d2)
2016-11-15 00:00:00
Oracle Linux 7 : systemd (ELSA-2016-2610)
2016-11-11 00:00:00
prion
prion
Code injection
2016-10-13 14:59:00
cve
cve
CVE-2016-7795
2016-10-13 14:59:00
redhat
redhat
(RHSA-2016:2610) Moderate: systemd security and bug fix update
2016-11-03 10:38:19
(RHSA-2016:2694) Moderate: systemd security and bug fix update
2016-11-09 16:10:50
fedora
fedora
[SECURITY] Fedora 25 Update: systemd-231-6.fc25
2016-10-09 03:15:22
[SECURITY] Fedora 24 Update: systemd-229-15.fc24
2016-10-03 03:51:35
debiancve
debiancve
CVE-2016-7795
2016-10-13 14:59:00
mageia
mageia
Updated systemd packages fix security vulnerability
2016-11-17 19:37:05
redhatcve
redhatcve
CVE-2016-7795
2016-09-30 08:17:35
photon
photon
Moderate Photon OS Security Update - PHSA-2016-0006
2016-10-07 00:00:00
ubuntucve
ubuntucve
CVE-2016-7795
2016-10-13 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1982
2021-07-02 18:13:58
JSON
Related for SL_20161103_SYSTEMD_ON_SL7_X.NASL
openvas9oraclelinux1archlinux1nessus10prion1cve1redhat2fedora2debiancve1mageia1redhatcve1photon1ubuntucve1rosalinux1