Lucene search
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2021-1858-1.NASLHistoryJun 11, 2021 - 12:00 a.m.
SUSE SLES15 Security Update : csync2 (SUSE-SU-2021:1858-1)
2021-06-1100:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
60.8%
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1858-1 advisory.
-
An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL. (CVE-2019-15522)
-
An issue was discovered in LINBIT csync2 through 2.0. It does not correctly check for the return value GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function. It neglects to call this function again, as required by the design of the API. (CVE-2019-15523)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2021:1858-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(150695);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/13");
script_cve_id("CVE-2019-15522", "CVE-2019-15523");
script_xref(name:"SuSE", value:"SUSE-SU-2021:1858-1");
script_name(english:"SUSE SLES15 Security Update : csync2 (SUSE-SU-2021:1858-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in
the SUSE-SU-2021:1858-1 advisory.
- An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a
failure of a hello command when the configuration requires use of SSL. (CVE-2019-15522)
- An issue was discovered in LINBIT csync2 through 2.0. It does not correctly check for the return value
GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function. It neglects to call this function
again, as required by the design of the API. (CVE-2019-15523)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1147137");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1147139");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-15522");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-15523");
# https://lists.suse.com/pipermail/sle-security-updates/2021-June/008934.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cfbd1431");
script_set_attribute(attribute:"solution", value:
"Update the affected csync2 package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-15522");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/20");
script_set_attribute(attribute:"patch_publication_date", value:"2021/06/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/06/11");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:csync2");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(0|1|2)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP0/1/2", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'csync2-2.0+git.1461714863.10636a4-4.6', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15']},
{'reference':'csync2-2.0+git.1461714863.10636a4-4.6', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.1']},
{'reference':'csync2-2.0+git.1461714863.10636a4-4.6', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.2']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'csync2');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | csync2 | p-cpe:/a:novell:suse_linux:csync2 |
| novell | suse_linux | 15 | cpe:/o:novell:suse_linux:15 |
Related
nessus
nessus
openSUSE Security Update : csync2 (openSUSE-2021-853)
2021-06-10 00:00:00
SUSE SLES12 Security Update : csync2 (SUSE-SU-2021:1952-1)
2021-06-12 00:00:00
Debian DLA-2515-1 : csync2 security update
2021-01-05 00:00:00
suse
suse
Security update for csync2 (moderate)
2021-06-07 00:00:00
openvas
openvas
openSUSE: Security Advisory for csync2 (openSUSE-SU-2021:0853-1)
2021-06-08 00:00:00
Debian: Security Advisory (DLA-2515-1)
2021-01-05 00:00:00
redhatcve
redhatcve
CVE-2019-15523
2022-05-20 22:51:56
debian
debian
[SECURITY] [DLA 2515-1] csync2 security update
2021-01-04 16:49:43
ubuntucve
ubuntucve
CVE-2019-15523
2020-12-30 00:00:00
CVE-2019-15522
2020-03-20 00:00:00
cvelist
cvelist
CVE-2019-15523
2020-12-30 20:04:16
CVE-2019-15522
2020-03-20 20:24:41
cve
cve
CVE-2019-15523
2020-12-30 21:15:12
CVE-2019-15522
2020-03-20 21:15:15
alpinelinux
alpinelinux
CVE-2019-15523
2020-12-30 21:15:12
CVE-2019-15522
2020-03-20 21:15:15
osv
osv
csync2 - security update
2021-01-04 00:00:00
CVE-2019-15523
2020-12-30 21:15:12
CVE-2019-15522
2020-03-20 21:15:15
veracode
veracode
Insecure Logic Validation
2021-01-04 23:30:15
Denial Of Service
2021-07-02 17:18:01
nvd
nvd
CVE-2019-15523
2020-12-30 21:15:12
CVE-2019-15522
2020-03-20 21:15:15
debiancve
debiancve
CVE-2019-15523
2020-12-30 21:15:12
CVE-2019-15522
2020-03-20 21:15:15
prion
prion
Code injection
2020-12-30 21:15:00
Command injection
2020-03-20 21:15:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
60.8%
Related for SUSE_SU-2021-1858-1.NASL