Lucene search
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2017-0948-1.NASLHistoryApr 07, 2017 - 12:00 a.m.
SUSE SLES11 Security Update : ruby (SUSE-SU-2017:0948-1)
2017-04-0700:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
32
This update for ruby fixes the following issues: Secuirty issues fixed :
-
CVE-2015-1855: Ruby OpenSSL Hostname Verification (bsc#926974)
-
CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL (bsc#959495) Bugfixes :
-
fix small mistake in the backport for (bsc#986630)
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2017:0948-1.
# The text itself is copyright (C) SUSE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(99242);
script_version("3.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2015-1855", "CVE-2015-7551");
script_bugtraq_id(74446);
script_name(english:"SUSE SLES11 Security Update : ruby (SUSE-SU-2017:0948-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"This update for ruby fixes the following issues: Secuirty issues
fixed :
- CVE-2015-1855: Ruby OpenSSL Hostname Verification
(bsc#926974)
- CVE-2015-7551: Unsafe tainted string usage in Fiddle and
DL (bsc#959495) Bugfixes :
- fix small mistake in the backport for (bsc#986630)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=926974"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=959495"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=986630"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-1855/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7551/"
);
# https://www.suse.com/support/update/announcement/2017/suse-su-20170948-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?b0596e31"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :
SUSE Webyast 1.3:zypper in -t patch slewyst13-ruby-13052=1
SUSE Studio Onsite 1.3:zypper in -t patch slestso13-ruby-13052=1
SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t
patch sdksp4-ruby-13052=1
SUSE Linux Enterprise Server 11-SP4:zypper in -t patch
slessp4-ruby-13052=1
SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch
dbgsp4-ruby-13052=1
SUSE Lifecycle Management Server 1.3:zypper in -t patch
sleslms13-ruby-13052=1
To bring your system up-to-date, use 'zypper patch'."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ruby");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ruby-doc-html");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ruby-tk");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/03/24");
script_set_attribute(attribute:"patch_publication_date", value:"2017/04/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/04/07");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES11" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP4", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES11", sp:"4", reference:"ruby-1.8.7.p357-0.9.19.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"ruby-doc-html-1.8.7.p357-0.9.19.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"ruby-tk-1.8.7.p357-0.9.19.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | ruby | p-cpe:/a:novell:suse_linux:ruby |
| novell | suse_linux | ruby-doc-html | p-cpe:/a:novell:suse_linux:ruby-doc-html |
| novell | suse_linux | ruby-tk | p-cpe:/a:novell:suse_linux:ruby-tk |
| novell | suse_linux | 11 | cpe:/o:novell:suse_linux:11 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1855
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7551
www.nessus.org/u?b0596e31
bugzilla.suse.com/show_bug.cgi?id=926974
bugzilla.suse.com/show_bug.cgi?id=959495
bugzilla.suse.com/show_bug.cgi?id=986630
www.suse.com/security/cve/CVE-2015-1855/
www.suse.com/security/cve/CVE-2015-7551/
Related
nessus
nessus
Amazon Linux AMI : ruby19 / ruby20,ruby21,ruby22 (ALAS-2016-632)
2016-01-19 00:00:00
SUSE SLED12 / SLES12 Security Update : ruby2.1 (SUSE-SU-2017:1067-1)
2017-04-21 00:00:00
openSUSE Security Update : ruby2.1 (openSUSE-2017-527)
2017-05-01 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2016-632)
2016-01-20 00:00:00
openSUSE: Security Advisory for ruby2.1 (openSUSE-SU-2017:1128-1)
2017-04-29 00:00:00
Debian Security Advisory DSA 3247-1 (ruby2.1 - security update)
2015-05-02 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-16 02:49:48
amazon
amazon
Low: ruby19, ruby20, ruby21, ruby22
2016-01-18 11:00:00
Medium: ruby22
2015-05-27 14:06:00
Medium: ruby19
2015-05-27 14:05:00
suse
suse
Security update for ruby2.1 (important)
2017-04-20 12:08:57
Security update for ruby2.1 (important)
2017-04-28 18:11:28
Security update for ruby2.2, ruby2.3 (important)
2017-04-05 15:08:17
fedora
fedora
[SECURITY] Fedora 21 Update: ruby-2.1.6-27.fc21
2015-04-28 13:11:23
[SECURITY] Fedora 22 Update: ruby-2.2.2-11.fc22
2015-04-23 16:09:56
[SECURITY] Fedora 22 Update: ruby-2.2.4-47.fc22
2016-01-08 03:36:39
osv
osv
ruby1.8 - security update
2015-05-02 00:00:00
ruby2.1 - security update
2015-05-02 00:00:00
ruby1.9.1 - security update
2015-05-02 00:00:00
debian
debian
[SECURITY] [DSA 3246-1] ruby1.9.1 security update
2015-05-02 11:20:09
[SECURITY] [DLA 224-1] ruby1.8 security update
2015-05-18 21:57:18
[SECURITY] [DSA 3245-1] ruby1.8 security update
2015-05-02 11:19:31
ubuntucve
ubuntucve
securityvulns
securityvulns
Ruby SSL checks bypass
2015-05-04 00:00:00
[ MDVSA-2015:224 ] ruby
2015-05-04 00:00:00
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11
2015-10-05 00:00:00
cve
cve
CVE-2015-1855
2019-11-29 21:15:00
CVE-2015-7551
2016-03-24 01:59:00
freebsd
freebsd
Ruby -- OpenSSL Hostname Verification Vulnerability
2015-04-13 00:00:00
Ruby -- unsafe tainted string vulnerability
2015-12-16 00:00:00
mageia
mageia
Updated ruby packages fix CVE-2015-1855
2015-05-03 03:19:16
Updated ruby packages fix security vulnerability
2016-01-12 12:13:53
prion
prion
Design/Logic Flaw
2019-11-29 21:15:00
Design/Logic Flaw
2016-03-24 01:59:00
archlinux
archlinux
ruby: permissive certificate verification
2015-04-14 00:00:00
ruby: unsafe tainted string usage
2015-12-17 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2017-07-25 00:00:00
cloudfoundry
cloudfoundry
CVE-2015-1855 Ruby OpenSSL Hostname Verification | Cloud Foundry
2015-04-30 00:00:00
redhat
redhat
apple
apple
Related for SUSE_SU-2017-0948-1.NASL