Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2018-3260-1.NASLHistoryJan 02, 2019 - 12:00 a.m.
SUSE SLED15 / SLES15 Security Update : fuse (SUSE-SU-2018:3260-1)
2019-01-0200:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.7
Confidence
High
EPSS
0.001
Percentile
48.8%
This update for fuse fixes the following issues :
CVE-2018-10906: fusermount was vulnerable to a restriction bypass when SELinux is active. This allowed non-root users to mount a FUSE file system with the ‘allow_other’ mount option regardless of whether ‘user_allow_other’ is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects (bsc#1101797)
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2018:3260-1.
# The text itself is copyright (C) SUSE.
#
include('compat.inc');
if (description)
{
script_id(120136);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/07/10");
script_cve_id("CVE-2018-10906");
script_name(english:"SUSE SLED15 / SLES15 Security Update : fuse (SUSE-SU-2018:3260-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"This update for fuse fixes the following issues :
CVE-2018-10906: fusermount was vulnerable to a restriction bypass when
SELinux is active. This allowed non-root users to mount a FUSE file
system with the 'allow_other' mount option regardless of whether
'user_allow_other' is set in the fuse configuration. An attacker may
use this flaw to mount a FUSE file system, accessible by other users,
and trick them into accessing files on that file system, possibly
causing Denial of Service or other unspecified effects (bsc#1101797)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1101797");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-10906/");
# https://www.suse.com/support/update/announcement/2018/suse-su-20183260-1/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?45dec9c9");
script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch
SUSE-SLE-Module-Basesystem-15-2018-2340=1");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-10906");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/24");
script_set_attribute(attribute:"patch_publication_date", value:"2018/10/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:fuse");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:fuse-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:fuse-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:fuse-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:fuse-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libfuse2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libfuse2-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libulockmgr1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libulockmgr1-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0", os_ver + " SP" + sp);
if (os_ver == "SLED15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES15", sp:"0", reference:"fuse-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"fuse-debuginfo-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"fuse-debugsource-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"fuse-devel-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"fuse-doc-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libfuse2-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libfuse2-debuginfo-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libulockmgr1-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libulockmgr1-debuginfo-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"fuse-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"fuse-debuginfo-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"fuse-debugsource-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"fuse-devel-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"fuse-doc-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libfuse2-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libfuse2-debuginfo-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libulockmgr1-2.9.7-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libulockmgr1-debuginfo-2.9.7-3.3.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "fuse");
}
Related
openvas
openvas
Fedora Update for fuse FEDORA-2019-fd54b80806
2019-04-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:3219-1)
2021-04-19 00:00:00
Huawei EulerOS: Security Advisory for fuse (EulerOS-SA-2019-1442)
2020-01-23 00:00:00
prion
prion
Authentication flaw
2018-07-24 20:29:00
nessus
nessus
Scientific Linux Security Update : fuse on SL7.x x86_64 (20181030)
2018-11-27 00:00:00
EulerOS 2.0 SP5 : fuse (EulerOS-SA-2019-1003)
2019-01-08 00:00:00
openSUSE Security Update : fuse (openSUSE-2019-823)
2019-03-27 00:00:00
ibm
ibm
Security Bulletin: A vulnerability in libfuse affects PowerKVM
2018-12-17 15:00:02
osv
osv
fuse - security update
2018-07-28 00:00:00
CVE-2018-10906
2018-07-24 20:29:00
fuse vulnerability
2022-03-16 22:20:55
cvelist
cvelist
CVE-2018-10906
2018-07-24 20:00:00
packetstorm
packetstorm
fusermount Restriction Bypass
2018-07-30 00:00:00
veracode
veracode
Access Control Bypass
2018-07-25 02:50:47
Access Control Bypass
2019-01-15 09:25:50
debian
debian
[SECURITY] [DLA 1468-1] fuse security update
2018-08-15 20:43:08
[SECURITY] [DSA 4257-1] fuse security update
2018-07-28 14:21:35
[SECURITY] [DSA 4257-1] fuse security update
2018-07-28 14:21:35
alpinelinux
alpinelinux
CVE-2018-10906
2018-07-24 20:29:00
amazon
amazon
Medium: fuse
2018-12-06 20:29:00
Medium: fuse
2019-04-17 18:45:00
fedora
fedora
[SECURITY] Fedora 29 Update: fuse-2.9.9-1.fc29
2019-03-31 03:02:28
[SECURITY] Fedora 30 Update: fuse-2.9.9-1.fc30
2019-03-31 00:07:20
[SECURITY] Fedora 28 Update: fuse-2.9.9-1.fc28
2019-04-05 01:56:29
ubuntucve
ubuntucve
CVE-2018-10906
2018-07-24 00:00:00
debiancve
debiancve
CVE-2018-10906
2018-07-24 20:29:00
suse
suse
Security update for fuse (moderate)
2018-10-23 15:27:32
Security update for fuse (moderate)
2018-10-23 15:27:56
centos
centos
fuse security update
2018-11-15 18:45:07
oraclelinux
oraclelinux
fuse security update
2020-07-27 00:00:00
cbl_mariner
cbl_mariner
CVE-2018-10906 affecting package fuse 2.9.7-7
2020-09-09 06:09:15
CVE-2018-10906 affecting package fuse for versions less than 2.9.7-10
2022-04-09 06:51:53
CVE-2018-10906 affecting package fuse for versions less than 2.9.7-10
2024-03-19 17:21:46
zdt
zdt
exploitdb
exploitdb
fusermount - user_allow_other Restriction Bypass and SELinux Label Control
2018-07-30 00:00:00
redhatcve
redhatcve
CVE-2018-10906
2018-07-24 13:22:43
redhat
redhat
(RHSA-2018:3324) Moderate: fuse security update
2018-10-30 04:43:18
nvd
nvd
CVE-2018-10906
2018-07-24 20:29:00
CVE-2021-33805
2021-06-03 03:15:08
cve
cve
CVE-2018-10906
2018-07-24 20:29:00
CVE-2021-33805
2021-06-03 03:15:08
photon
photon
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.7
Confidence
High
EPSS
0.001
Percentile
48.8%
Related for SUSE_SU-2018-3260-1.NASL