4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
0.002 Low
EPSS
Percentile
54.7%
Security Fix(es) :
Note: This update will change the behavior of Nautilus. Nautilus will now prompt the user for confirmation when executing an untrusted .desktop file for the first time, and then add it to the trusted file list. Desktop files stored in the system directory, as specified by the XDG_DATA_DIRS environment variable, are always considered trusted and executed without prompt.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include("compat.inc");
if (description)
{
script_id(106341);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24");
script_cve_id("CVE-2017-14604");
script_name(english:"Scientific Linux Security Update : nautilus on SL7.x x86_64 (20180125)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Scientific Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Security Fix(es) :
- An untrusted .desktop file with executable permission
set could choose its displayed name and icon, and
execute commands without warning when opened by the
user. An attacker could use this flaw to trick a user
into opening a .desktop file disguised as a document,
such as a PDF, and execute arbitrary commands.
(CVE-2017-14604)
Note: This update will change the behavior of Nautilus. Nautilus will
now prompt the user for confirmation when executing an untrusted
.desktop file for the first time, and then add it to the trusted file
list. Desktop files stored in the system directory, as specified by
the XDG_DATA_DIRS environment variable, are always considered trusted
and executed without prompt."
);
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind1801&L=scientific-linux-errata&F=&S=&P=9492
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?dec1e4a9"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:nautilus");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:nautilus-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:nautilus-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:nautilus-extensions");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/09/20");
script_set_attribute(attribute:"patch_publication_date", value:"2018/01/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/25");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Scientific Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
flag = 0;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"nautilus-3.22.3-4.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"nautilus-debuginfo-3.22.3-4.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"nautilus-devel-3.22.3-4.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"nautilus-extensions-3.22.3-4.el7_4")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nautilus / nautilus-debuginfo / nautilus-devel / etc");
}
Vendor | Product | Version | CPE |
---|---|---|---|
fermilab | scientific_linux | nautilus | p-cpe:/a:fermilab:scientific_linux:nautilus |
fermilab | scientific_linux | nautilus-debuginfo | p-cpe:/a:fermilab:scientific_linux:nautilus-debuginfo |
fermilab | scientific_linux | nautilus-devel | p-cpe:/a:fermilab:scientific_linux:nautilus-devel |
fermilab | scientific_linux | nautilus-extensions | p-cpe:/a:fermilab:scientific_linux:nautilus-extensions |
fermilab | scientific_linux | x-cpe:/o:fermilab:scientific_linux |
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
0.002 Low
EPSS
Percentile
54.7%