Search...

Fedora Update for slurm FEDORA-2018-df1a571a34

2018-03-28T00:00:00

ID OPENVAS:1361412562310874296
Type openvas
Reporter Copyright (C) 2018 Greenbone Networks GmbH
Modified 2019-03-15T00:00:00

Description

The remote host is missing an update for the

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_fedora_2018_df1a571a34_slurm_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $
#
# Fedora Update for slurm FEDORA-2018-df1a571a34
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.874296");
  script_version("$Revision: 14223 $");
  script_tag(name:"last_modification", value:"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $");
  script_tag(name:"creation_date", value:"2018-03-28 09:00:04 +0200 (Wed, 28 Mar 2018)");
  script_cve_id("CVE-2018-7033");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_tag(name:"qod_type", value:"package");
  script_name("Fedora Update for slurm FEDORA-2018-df1a571a34");
  script_tag(name:"summary", value:"The remote host is missing an update for the 'slurm'
  package(s) announced via the referenced advisory.");
  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
  script_tag(name:"affected", value:"slurm on Fedora 27");
  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_xref(name:"FEDORA", value:"2018-df1a571a34");
  script_xref(name:"URL", value:"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAOUNQ3BTMIYE47J6DSGQNCYZQQLWX7V");
  script_tag(name:"solution_type", value:"VendorFix");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2018 Greenbone Networks GmbH");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC27");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";

if(release == "FC27")
{

  if ((res = isrpmvuln(pkg:"slurm", rpm:"slurm~17.02.10~1.fc27", rls:"FC27")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310874296", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for slurm FEDORA-2018-df1a571a34", "description": "The remote host is missing an update for the ", "published": "2018-03-28T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874296", "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "references": ["2018-df1a571a34", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAOUNQ3BTMIYE47J6DSGQNCYZQQLWX7V"], "cvelist": ["CVE-2018-7033"], "lastseen": "2019-05-29T18:33:09", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-7033"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704254", "OPENVAS:1361412562310891437", "OPENVAS:1361412562310891367"]}, {"type": "nessus", "idList": ["FEDORA_2018-D078278C10.NASL", "SUSE_SU-2018-0987-1.NASL", "FREEBSD_PKG_B3E046612A0A11E89E633085A9A47796.NASL", "DEBIAN_DLA-1367.NASL", "SUSE_SU-2020-2607-1.NASL", "FEDORA_2018-DF1A571A34.NASL", "SUSE_SU-2020-0434-1.NASL", "DEBIAN_DSA-4254.NASL", "SUSE_SU-2020-0443-1.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1437-1:80BD6", "DEBIAN:DSA-4254-1:9ADC0", "DEBIAN:DLA-1367-1:BA4A1"]}, {"type": "fedora", "idList": ["FEDORA:9C5E26074A49", "FEDORA:5E93B60BDCA8"]}, {"type": "freebsd", "idList": ["B3E04661-2A0A-11E8-9E63-3085A9A47796"]}], "modified": "2019-05-29T18:33:09", "rev": 2}, "score": {"value": 6.0, "vector": "NONE", "modified": "2019-05-29T18:33:09", "rev": 2}, "vulnersScore": 6.0}, "pluginID": "1361412562310874296", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_df1a571a34_slurm_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for slurm FEDORA-2018-df1a571a34\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874296\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-28 09:00:04 +0200 (Wed, 28 Mar 2018)\");\n script_cve_id(\"CVE-2018-7033\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for slurm FEDORA-2018-df1a571a34\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'slurm'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"slurm on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-df1a571a34\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAOUNQ3BTMIYE47J6DSGQNCYZQQLWX7V\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"slurm\", rpm:\"slurm~17.02.10~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}

{"cve": [{"lastseen": "2020-12-09T20:25:46", "description": "SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-03-15T22:29:00", "title": "CVE-2018-7033", "type": "cve", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7033"], "modified": "2019-02-28T20:20:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/a:schedmd:slurm:17.11.0.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-7033", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7033", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:schedmd:slurm:17.11.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:schedmd:slurm:17.11.0.0:pre1:*:*:*:*:*:*", "cpe:2.3:a:schedmd:slurm:17.11.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:schedmd:slurm:17.11.0.0:pre2:*:*:*:*:*:*", "cpe:2.3:a:schedmd:slurm:17.11.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-7033"], "description": "Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for large and small Linux clusters. ", "modified": "2018-03-27T20:17:46", "published": "2018-03-27T20:17:46", "id": "FEDORA:5E93B60BDCA8", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: slurm-17.02.10-1.fc27", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-7033"], "description": "Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for large and small Linux clusters. ", "modified": "2018-03-30T13:35:41", "published": "2018-03-30T13:35:41", "id": "FEDORA:9C5E26074A49", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: slurm-17.11.5-2.fc28", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:31:58", "bulletinFamily": "unix", "cvelist": ["CVE-2018-7033"], "description": "\nSchedMD reports:\n\nSeveral issues were discovered with incomplete sanitization of\n\t user-provided text strings, which could potentially lead to SQL\n\t injection attacks against SlurmDBD itself. Such exploits could lead to a\n\t loss of accounting data, or escalation of user privileges on the cluster.\n\n", "edition": 5, "modified": "2018-03-15T00:00:00", "published": "2018-03-15T00:00:00", "id": "B3E04661-2A0A-11E8-9E63-3085A9A47796", "href": "https://vuxml.freebsd.org/freebsd/b3e04661-2a0a-11e8-9e63-3085a9a47796.html", "title": "slurm-wlm -- SQL Injection attacks against SlurmDBD", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:22:06", "bulletinFamily": "unix", "cvelist": ["CVE-2018-7033"], "description": "Package : slurm-llnl\nVersion : 2.3.4-2+deb7u2\nCVE ID : CVE-2018-7033\n\n\nCVE-2018-7033\n An issue that could be used for SQL Injection attacks against\n SlurmDBD has been fixed.\n\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n2.3.4-2+deb7u2.\n\nWe recommend that you upgrade your slurm-llnl packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2018-04-28T18:00:28", "published": "2018-04-28T18:00:28", "id": "DEBIAN:DLA-1367-1:BA4A1", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201804/msg00032.html", "title": "[SECURITY] [DLA 1367-1] slurm-llnl security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-11T01:20:46", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10995", "CVE-2018-7033"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4254-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJuly 24, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : slurm-llnl\nCVE ID : CVE-2018-7033 CVE-2018-10995\nDebian Bug : 893044 900548\n\nSeveral vulnerabilities were discovered in the Simple Linux Utility for\nResource Management (SLURM), a cluster resource management and job\nscheduling system. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2018-7033\n\n Incomplete sanitization of user-provided text strings could lead to\n SQL injection attacks against slurmdbd.\n\nCVE-2018-10995\n\n Insecure handling of user_name and gid fields leading to improper\n authentication handling.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 16.05.9-1+deb9u2.\n\nWe recommend that you upgrade your slurm-llnl packages.\n\nFor the detailed security status of slurm-llnl please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/slurm-llnl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 10, "modified": "2018-07-24T19:33:33", "published": "2018-07-24T19:33:33", "id": "DEBIAN:DSA-4254-1:9ADC0", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00183.html", "title": "[SECURITY] [DSA 4254-1] slurm-llnl security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-11T01:25:13", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10995", "CVE-2018-7033"], "description": "Package : slurm-llnl\nVersion : 14.03.9-5+deb8u3\nCVE ID : CVE-2018-7033 CVE-2018-10995\n\n\nCVE-2018-7033\n Fix for issue in accounting_storage/mysql plugin by always\n escaping strings within the slurmdbd.\n\nCVE-2018-10995\n Fix for mishandling of user names (aka user_name fields) and\n group ids (aka gid fields).\n\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n14.03.9-5+deb8u3.\n\nWe recommend that you upgrade your slurm-llnl packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 16, "modified": "2018-07-21T14:10:28", "published": "2018-07-21T14:10:28", "id": "DEBIAN:DLA-1437-1:80BD6", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201807/msg00029.html", "title": "[SECURITY] [DLA 1437-1] slurm-llnl security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-01-29T20:10:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7033"], "description": "CVE-2018-7033\nAn issue that could be used for SQL Injection attacks against\nSlurmDBD has been fixed.", "modified": "2020-01-29T00:00:00", "published": "2018-04-29T00:00:00", "id": "OPENVAS:1361412562310891367", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891367", "type": "openvas", "title": "Debian LTS: Security Advisory for slurm-llnl (DLA-1367-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891367\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-7033\");\n script_name(\"Debian LTS: Security Advisory for slurm-llnl (DLA-1367-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-04-29 00:00:00 +0200 (Sun, 29 Apr 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/04/msg00032.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"slurm-llnl on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n2.3.4-2+deb7u2.\n\nWe recommend that you upgrade your slurm-llnl packages.\");\n\n script_tag(name:\"summary\", value:\"CVE-2018-7033\nAn issue that could be used for SQL Injection attacks against\nSlurmDBD has been fixed.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-slurm\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpmi0\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpmi0-dev\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurm-dev\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurm-perl\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurm23\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurmdb-dev\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurmdb-perl\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurmdb23\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-llnl\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-llnl-basic-plugins\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-llnl-basic-plugins-dev\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-llnl-doc\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-llnl-slurmdbd\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-llnl-sview\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-llnl-torque\", ver:\"2.3.4-2+deb7u2\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T20:07:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10995", "CVE-2018-7033"], "description": "CVE-2018-7033\nFix for issue in accounting_storage/mysql plugin by always\nescaping strings within the slurmdbd.\n\nCVE-2018-10995\nFix for mishandling of user names (aka user_name fields) and\ngroup ids (aka gid fields).", "modified": "2020-01-29T00:00:00", "published": "2018-07-23T00:00:00", "id": "OPENVAS:1361412562310891437", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891437", "type": "openvas", "title": "Debian LTS: Security Advisory for slurm-llnl (DLA-1437-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891437\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-10995\", \"CVE-2018-7033\");\n script_name(\"Debian LTS: Security Advisory for slurm-llnl (DLA-1437-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-23 00:00:00 +0200 (Mon, 23 Jul 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/07/msg00029.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"slurm-llnl on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n14.03.9-5+deb8u3.\n\nWe recommend that you upgrade your slurm-llnl packages.\");\n\n script_tag(name:\"summary\", value:\"CVE-2018-7033\nFix for issue in accounting_storage/mysql plugin by always\nescaping strings within the slurmdbd.\n\nCVE-2018-10995\nFix for mishandling of user names (aka user_name fields) and\ngroup ids (aka gid fields).\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-slurm\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpmi0\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpmi0-dev\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurm-dev\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurm-perl\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurm27\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurmdb-dev\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurmdb-perl\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurmdb27\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-client\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-llnl\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-llnl-slurmdbd\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-wlm\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-wlm-basic-plugins\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-wlm-basic-plugins-dev\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-wlm-doc\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-wlm-torque\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurmctld\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurmd\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurmdbd\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"sview\", ver:\"14.03.9-5+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:56:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10995", "CVE-2018-7033"], "description": "Several vulnerabilities were discovered in the Simple Linux Utility for\nResource Management (SLURM), a cluster resource management and job\nscheduling system. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2018-7033\nIncomplete sanitization of user-provided text strings could lead to\nSQL injection attacks against slurmdbd.\n\nCVE-2018-10995\nInsecure handling of user_name and gid fields leading to improper\nauthentication handling.", "modified": "2019-07-04T00:00:00", "published": "2018-07-24T00:00:00", "id": "OPENVAS:1361412562310704254", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704254", "type": "openvas", "title": "Debian Security Advisory DSA 4254-1 (slurm-llnl - security update)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4254-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704254\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-10995\", \"CVE-2018-7033\");\n script_name(\"Debian Security Advisory DSA 4254-1 (slurm-llnl - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-07-24 00:00:00 +0200 (Tue, 24 Jul 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4254.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"slurm-llnl on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 16.05.9-1+deb9u2.\n\nWe recommend that you upgrade your slurm-llnl packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/slurm-llnl\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered in the Simple Linux Utility for\nResource Management (SLURM), a cluster resource management and job\nscheduling system. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2018-7033\nIncomplete sanitization of user-provided text strings could lead to\nSQL injection attacks against slurmdbd.\n\nCVE-2018-10995\nInsecure handling of user_name and gid fields leading to improper\nauthentication handling.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libpam-slurm\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpmi0\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpmi0-dbg\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpmi0-dev\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpmi2-0\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpmi2-0-dbg\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpmi2-0-dev\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurm-dev\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurm-perl\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurm30\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurm30-dbg\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurmdb-dev\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurmdb-perl\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurmdb30\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libslurmdb30-dbg\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-client\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-client-dbg\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-client-emulator\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-llnl\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-llnl-slurmdbd\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-wlm\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-wlm-basic-plugins\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-wlm-basic-plugins-dbg\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-wlm-basic-plugins-dev\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-wlm-doc\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-wlm-emulator\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurm-wlm-torque\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurmctld\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurmctld-dbg\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurmd\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurmd-dbg\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurmdbd\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"slurmdbd-dbg\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"sview\", ver:\"16.05.9-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-01T02:44:39", "description": "SchedMD reports :\n\nSeveral issues were discovered with incomplete sanitization of\nuser-provided text strings, which could potentially lead to SQL\ninjection attacks against SlurmDBD itself. Such exploits could lead to\na loss of accounting data, or escalation of user privileges on the\ncluster.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-03-19T00:00:00", "title": "FreeBSD : slurm-wlm -- SQL Injection attacks against SlurmDBD (b3e04661-2a0a-11e8-9e63-3085a9a47796)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7033"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:slurm-wlm"], "id": "FREEBSD_PKG_B3E046612A0A11E89E633085A9A47796.NASL", "href": "https://www.tenable.com/plugins/nessus/108431", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108431);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/10/11 10:17:50\");\n\n script_cve_id(\"CVE-2018-7033\");\n\n script_name(english:\"FreeBSD : slurm-wlm -- SQL Injection attacks against SlurmDBD (b3e04661-2a0a-11e8-9e63-3085a9a47796)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SchedMD reports :\n\nSeveral issues were discovered with incomplete sanitization of\nuser-provided text strings, which could potentially lead to SQL\ninjection attacks against SlurmDBD itself. Such exploits could lead to\na loss of accounting data, or escalation of user privileges on the\ncluster.\"\n );\n # https://vuxml.freebsd.org/freebsd/b3e04661-2a0a-11e8-9e63-3085a9a47796.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?059478c7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:slurm-wlm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"slurm-wlm<17.02.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:39:13", "description": "CVE-2018-7033 An issue that could be used for SQL Injection attacks\nagainst SlurmDBD has been fixed.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n2.3.4-2+deb7u2.\n\nWe recommend that you upgrade your slurm-llnl packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 13, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-30T00:00:00", "title": "Debian DLA-1367-1 : slurm-llnl security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7033"], "modified": "2018-04-30T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:slurm-llnl-slurmdbd", "p-cpe:/a:debian:debian_linux:libslurm-dev", "p-cpe:/a:debian:debian_linux:libslurm23", "p-cpe:/a:debian:debian_linux:libpmi0-dev", "p-cpe:/a:debian:debian_linux:libslurmdb-perl", "p-cpe:/a:debian:debian_linux:libslurmdb-dev", "p-cpe:/a:debian:debian_linux:slurm-llnl-torque", "p-cpe:/a:debian:debian_linux:libslurm-perl", "p-cpe:/a:debian:debian_linux:slurm-llnl-basic-plugins-dev", "p-cpe:/a:debian:debian_linux:slurm-llnl", "p-cpe:/a:debian:debian_linux:slurm-llnl-doc", "cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:libpam-slurm", "p-cpe:/a:debian:debian_linux:slurm-llnl-sview", "p-cpe:/a:debian:debian_linux:libpmi0", "p-cpe:/a:debian:debian_linux:slurm-llnl-basic-plugins", "p-cpe:/a:debian:debian_linux:libslurmdb23"], "id": "DEBIAN_DLA-1367.NASL", "href": "https://www.tenable.com/plugins/nessus/109408", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1367-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109408);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-7033\");\n\n script_name(english:\"Debian DLA-1367-1 : slurm-llnl security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2018-7033 An issue that could be used for SQL Injection attacks\nagainst SlurmDBD has been fixed.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n2.3.4-2+deb7u2.\n\nWe recommend that you upgrade your slurm-llnl packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/04/msg00032.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/slurm-llnl\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpam-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpmi0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurm-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurm-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurm23\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurmdb-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurmdb-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurmdb23\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-llnl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-llnl-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-llnl-basic-plugins-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-llnl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-llnl-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-llnl-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-llnl-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libpam-slurm\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libpmi0\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libpmi0-dev\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libslurm-dev\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libslurm-perl\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libslurm23\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libslurmdb-dev\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libslurmdb-perl\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libslurmdb23\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"slurm-llnl\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"slurm-llnl-basic-plugins\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"slurm-llnl-basic-plugins-dev\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"slurm-llnl-doc\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"slurm-llnl-slurmdbd\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"slurm-llnl-sview\", reference:\"2.3.4-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"slurm-llnl-torque\", reference:\"2.3.4-2+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:21:57", "description": "Security update to close CVE-2018-7033.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 19, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-03-28T00:00:00", "title": "Fedora 27 : slurm (2018-df1a571a34)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7033"], "modified": "2018-03-28T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:27", "p-cpe:/a:fedoraproject:fedora:slurm"], "id": "FEDORA_2018-DF1A571A34.NASL", "href": "https://www.tenable.com/plugins/nessus/108676", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-df1a571a34.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108676);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-7033\");\n script_xref(name:\"FEDORA\", value:\"2018-df1a571a34\");\n\n script_name(english:\"Fedora 27 : slurm (2018-df1a571a34)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security update to close CVE-2018-7033.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-df1a571a34\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected slurm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"slurm-17.02.10-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-14T18:42:52", "description": "This update for slurm fixes the following issues :\n\n - Fix interaction with systemd: systemd expects that a\n daemonizing process doesn't go away until the PID file\n with it PID of the daemon has bee written (bsc#1084125).\n\n - Make sure systemd services get restarted only when all\n packages are in a consistent state, not in the middle of\n an 'update' transaction (bsc#1088693). Since the %postun\n scripts that run on update are from the old package they\n cannot be changed - thus we work around the restart\n breakage.\n\n - CVE-2018-7033: Fixed security issue in\n accounting_storage/mysql plugin by always escaping\n strings within the slurmdbd (bsc#1085240).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 11, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-02T00:00:00", "title": "SUSE SLES12 Security Update : slurm (SUSE-SU-2018:0987-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7033"], "modified": "2019-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo", "p-cpe:/a:novell:suse_linux:libpmi0-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-torque", "p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:libpmi0", "p-cpe:/a:novell:suse_linux:libslurm31", "p-cpe:/a:novell:suse_linux:slurm-devel", "p-cpe:/a:novell:suse_linux:slurm-debugsource", "p-cpe:/a:novell:suse_linux:slurm-doc", "p-cpe:/a:novell:suse_linux:slurm-sched-wiki", "p-cpe:/a:novell:suse_linux:slurm", "p-cpe:/a:novell:suse_linux:slurm-slurmdb-direct", "p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm", "p-cpe:/a:novell:suse_linux:slurm-lua", "p-cpe:/a:novell:suse_linux:slurm-sql", "p-cpe:/a:novell:suse_linux:slurm-munge", "p-cpe:/a:novell:suse_linux:slurm-plugins", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-auth-none", "p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm31-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo"], "id": "SUSE_SU-2018-0987-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120020", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0987-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120020);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/20\");\n\n script_cve_id(\"CVE-2018-7033\");\n\n script_name(english:\"SUSE SLES12 Security Update : slurm (SUSE-SU-2018:0987-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for slurm fixes the following issues :\n\n - Fix interaction with systemd: systemd expects that a\n daemonizing process doesn't go away until the PID file\n with it PID of the daemon has bee written (bsc#1084125).\n\n - Make sure systemd services get restarted only when all\n packages are in a consistent state, not in the middle of\n an 'update' transaction (bsc#1088693). Since the %postun\n scripts that run on update are from the old package they\n cannot be changed - thus we work around the restart\n breakage.\n\n - CVE-2018-7033: Fixed security issue in\n accounting_storage/mysql plugin by always escaping\n strings within the slurmdbd (bsc#1085240).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7033/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180987-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3750e2af\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 12:zypper in -t patch\nSUSE-SLE-Module-HPC-12-2018-664=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm31-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sched-wiki\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdb-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0-debuginfo-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm31-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm31-debuginfo-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm-debuginfo-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-auth-none-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-auth-none-debuginfo-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-debuginfo-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-debugsource-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-devel-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-doc-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-lua-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-lua-debuginfo-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-munge-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-munge-debuginfo-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-debuginfo-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-plugins-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-plugins-debuginfo-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-sched-wiki-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-slurmdb-direct-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-debuginfo-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-sql-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-sql-debuginfo-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-torque-17.02.10-6.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-torque-debuginfo-17.02.10-6.16.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:21:42", "description": "Security update to close CVE-2018-7033.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 11, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-03T00:00:00", "title": "Fedora 28 : slurm (2018-d078278c10)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7033"], "modified": "2019-01-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:slurm", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-D078278C10.NASL", "href": "https://www.tenable.com/plugins/nessus/120809", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-d078278c10.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120809);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-7033\");\n script_xref(name:\"FEDORA\", value:\"2018-d078278c10\");\n\n script_name(english:\"Fedora 28 : slurm (2018-d078278c10)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security update to close CVE-2018-7033.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-d078278c10\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected slurm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"slurm-17.11.5-2.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T01:47:43", "description": "Several vulnerabilities were discovered in the Simple Linux Utility\nfor Resource Management (SLURM), a cluster resource management and job\nscheduling system. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2018-7033\n Incomplete sanitization of user-provided text strings\n could lead to SQL injection attacks against slurmdbd.\n\n - CVE-2018-10995\n Insecure handling of user_name and gid fields leading to\n improper authentication handling.", "edition": 23, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-25T00:00:00", "title": "Debian DSA-4254-1 : slurm-llnl - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10995", "CVE-2018-7033"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:slurm-llnl", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4254.NASL", "href": "https://www.tenable.com/plugins/nessus/111316", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4254. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111316);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\"CVE-2018-10995\", \"CVE-2018-7033\");\n script_xref(name:\"DSA\", value:\"4254\");\n\n script_name(english:\"Debian DSA-4254-1 : slurm-llnl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in the Simple Linux Utility\nfor Resource Management (SLURM), a cluster resource management and job\nscheduling system. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2018-7033\n Incomplete sanitization of user-provided text strings\n could lead to SQL injection attacks against slurmdbd.\n\n - CVE-2018-10995\n Insecure handling of user_name and gid fields leading to\n improper authentication handling.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893044\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900548\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-7033\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-10995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/slurm-llnl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/slurm-llnl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4254\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the slurm-llnl packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 16.05.9-1+deb9u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-llnl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libpam-slurm\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpmi0\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpmi0-dbg\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpmi0-dev\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpmi2-0\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpmi2-0-dbg\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpmi2-0-dev\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libslurm-dev\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libslurm-perl\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libslurm30\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libslurm30-dbg\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libslurmdb-dev\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libslurmdb-perl\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libslurmdb30\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libslurmdb30-dbg\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurm-client\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurm-client-dbg\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurm-client-emulator\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurm-llnl\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurm-llnl-slurmdbd\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurm-wlm\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurm-wlm-basic-plugins\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurm-wlm-basic-plugins-dbg\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurm-wlm-basic-plugins-dev\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurm-wlm-doc\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurm-wlm-emulator\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurm-wlm-torque\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurmctld\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurmctld-dbg\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurmd\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurmd-dbg\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurmdbd\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"slurmdbd-dbg\", reference:\"16.05.9-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"sview\", reference:\"16.05.9-1+deb9u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-14T19:02:00", "description": "This update for pdsh, slurm_18_08 fixes the following issues :\n\nSlurm was included in the 18.08 release, as 'slurm_18_08' package. The\nversion 18.08.9 contains all recent security fixes, including :\n\nCVE-2019-19728: Fixed a privilege escalation with srun, where --uid\nmight have unintended side effects (bsc#1159692).\n\nCVE-2019-19727: Fixed permissions of slurmdbd.conf (bsc#1155784).\n\npdsh was updated to: Add support for an alternative SLURM version when\nbuilding the slurm plugin.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 2, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-25T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : pdsh, slurm_18_08 (SUSE-SU-2020:0443-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10995", "CVE-2019-19728", "CVE-2019-12838", "CVE-2019-19727", "CVE-2017-15566", "CVE-2016-10030", "CVE-2019-6438", "CVE-2018-7033"], "modified": "2020-02-25T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08", "p-cpe:/a:novell:suse_linux:slurm_18_08-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-node", "p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-config", "p-cpe:/a:novell:suse_linux:slurm_18_08-munge", "p-cpe:/a:novell:suse_linux:pdsh-genders-debuginfo", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:pdsh-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh", "p-cpe:/a:novell:suse_linux:pdsh-slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-sql", "p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none", "p-cpe:/a:novell:suse_linux:slurm_18_08-devel", "p-cpe:/a:novell:suse_linux:libslurm33", "p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm", "p-cpe:/a:novell:suse_linux:pdsh-debugsource", "p-cpe:/a:novell:suse_linux:slurm_18_08-torque", "p-cpe:/a:novell:suse_linux:slurm_18_08-doc", "p-cpe:/a:novell:suse_linux:pdsh-dshgroup", "p-cpe:/a:novell:suse_linux:libpmi0_18_08", "p-cpe:/a:novell:suse_linux:slurm_18_08-munge-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-netgroup-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-torque-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm33-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-machines-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-machines", "p-cpe:/a:novell:suse_linux:slurm_18_08-plugins", "p-cpe:/a:novell:suse_linux:slurm_18_08", "p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-netgroup", "p-cpe:/a:novell:suse_linux:slurm_18_08-sql-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-slurm", "p-cpe:/a:novell:suse_linux:perl-slurm_18_08", "p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-lua", "p-cpe:/a:novell:suse_linux:libpmi0_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-debugsource", "p-cpe:/a:novell:suse_linux:pdsh-dshgroup-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd", "p-cpe:/a:novell:suse_linux:pdsh-genders"], "id": "SUSE_SU-2020-0443-1.NASL", "href": "https://www.tenable.com/plugins/nessus/134036", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0443-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134036);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/27\");\n\n script_cve_id(\"CVE-2016-10030\", \"CVE-2017-15566\", \"CVE-2018-10995\", \"CVE-2018-7033\", \"CVE-2019-12838\", \"CVE-2019-19727\", \"CVE-2019-19728\", \"CVE-2019-6438\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : pdsh, slurm_18_08 (SUSE-SU-2020:0443-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for pdsh, slurm_18_08 fixes the following issues :\n\nSlurm was included in the 18.08 release, as 'slurm_18_08' package. The\nversion 18.08.9 contains all recent security fixes, including :\n\nCVE-2019-19728: Fixed a privilege escalation with srun, where --uid\nmight have unintended side effects (bsc#1159692).\n\nCVE-2019-19727: Fixed permissions of slurmdbd.conf (bsc#1155784).\n\npdsh was updated to: Add support for an alternative SLURM version when\nbuilding the slurm plugin.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1018371\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065697\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155784\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10030/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-15566/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10995/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7033/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12838/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19727/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19728/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6438/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200443-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f5e4d795\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-443=1\n\nSUSE Linux Enterprise Module for HPC 15-SP1:zypper in -t patch\nSUSE-SLE-Module-HPC-15-SP1-2020-443=1\n\nSUSE Linux Enterprise Module for HPC 15:zypper in -t patch\nSUSE-SLE-Module-HPC-15-2020-443=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-10030\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-dshgroup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-dshgroup-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-genders\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-genders-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-machines\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-machines-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-netgroup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-netgroup-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-debugsource-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-dshgroup-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-dshgroup-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-genders-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-genders-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-machines-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-machines-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-netgroup-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-netgroup-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-slurm-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-slurm-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-slurm_18_08-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"pdsh-slurm_18_08-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-debugsource-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-dshgroup-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-dshgroup-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-genders-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-genders-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-machines-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-machines-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-netgroup-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-netgroup-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-slurm-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-slurm-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-slurm_18_08-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-slurm_18_08-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_18_08-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_18_08-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm33-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm33-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-debugsource-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-dshgroup-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-dshgroup-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-genders-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-genders-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-machines-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-machines-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-netgroup-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-netgroup-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_18_08-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_18_08-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_18_08-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_18_08-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-auth-none-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-auth-none-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-config-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-debugsource-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-devel-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-doc-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-lua-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-lua-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-munge-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-munge-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-node-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-node-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-pam_slurm-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-pam_slurm-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-plugins-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-plugins-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-slurmdbd-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-slurmdbd-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-sql-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-sql-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-torque-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-torque-debuginfo-18.08.9-1.5.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-debugsource-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-dshgroup-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-dshgroup-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-genders-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-genders-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-machines-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-machines-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-netgroup-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-netgroup-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-slurm-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-slurm-debuginfo-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-slurm_18_08-2.33-7.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"pdsh-slurm_18_08-debuginfo-2.33-7.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdsh / slurm_18_08\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-14T19:01:59", "description": "This update for pdsh, slurm_18_08 fixes the following issues :\n\nSlurm was included in the 18.08 release, as 'slurm_18_08' package. The\nversion 18.08.9 contains all recent security fixes, including :\n\nCVE-2019-19728: Fixed a privilege escalation with srun, where --uid\nmight have unintended side effects (bsc#1159692).\n\nCVE-2019-19727: Fixed permissions of slurmdbd.conf (bsc#1155784).\n\npdsh was updated to: Add support for an alternative SLURM version when\nbuilding the slurm plugin.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 2, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-24T00:00:00", "title": "SUSE SLES12 Security Update : pdsh, slurm_18_08 (SUSE-SU-2020:0434-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10995", "CVE-2019-19728", "CVE-2019-12838", "CVE-2019-19727", "CVE-2017-15566", "CVE-2016-10030", "CVE-2019-6438", "CVE-2018-7033"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08", "p-cpe:/a:novell:suse_linux:slurm_18_08-plugins-debuginfo", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:slurm_18_08-node", "p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-config", "p-cpe:/a:novell:suse_linux:slurm_18_08-munge", "p-cpe:/a:novell:suse_linux:pdsh-genders-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh", "p-cpe:/a:novell:suse_linux:pdsh-slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-sql", "p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none", "p-cpe:/a:novell:suse_linux:slurm_18_08-devel", "p-cpe:/a:novell:suse_linux:libslurm33", "p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm", "p-cpe:/a:novell:suse_linux:pdsh-debugsource", "p-cpe:/a:novell:suse_linux:slurm_18_08-torque", "p-cpe:/a:novell:suse_linux:slurm_18_08-doc", "p-cpe:/a:novell:suse_linux:pdsh-dshgroup", "p-cpe:/a:novell:suse_linux:libpmi0_18_08", "p-cpe:/a:novell:suse_linux:slurm_18_08-munge-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-netgroup-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-torque-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm33-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-machines-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-machines", "p-cpe:/a:novell:suse_linux:slurm_18_08-plugins", "p-cpe:/a:novell:suse_linux:slurm_18_08", "p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-netgroup", "p-cpe:/a:novell:suse_linux:slurm_18_08-sql-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-slurm", "p-cpe:/a:novell:suse_linux:perl-slurm_18_08", "p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-lua", "p-cpe:/a:novell:suse_linux:libpmi0_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-debugsource", "p-cpe:/a:novell:suse_linux:pdsh-dshgroup-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd", "p-cpe:/a:novell:suse_linux:pdsh-genders"], "id": "SUSE_SU-2020-0434-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133949", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0434-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133949);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/26\");\n\n script_cve_id(\"CVE-2016-10030\", \"CVE-2017-15566\", \"CVE-2018-10995\", \"CVE-2018-7033\", \"CVE-2019-12838\", \"CVE-2019-19727\", \"CVE-2019-19728\", \"CVE-2019-6438\");\n\n script_name(english:\"SUSE SLES12 Security Update : pdsh, slurm_18_08 (SUSE-SU-2020:0434-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for pdsh, slurm_18_08 fixes the following issues :\n\nSlurm was included in the 18.08 release, as 'slurm_18_08' package. The\nversion 18.08.9 contains all recent security fixes, including :\n\nCVE-2019-19728: Fixed a privilege escalation with srun, where --uid\nmight have unintended side effects (bsc#1159692).\n\nCVE-2019-19727: Fixed permissions of slurmdbd.conf (bsc#1155784).\n\npdsh was updated to: Add support for an alternative SLURM version when\nbuilding the slurm plugin.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1018371\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065697\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155784\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10030/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-15566/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10995/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7033/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12838/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19727/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19728/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6438/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200434-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?202a566d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 12:zypper in -t patch\nSUSE-SLE-Module-HPC-12-2020-434=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-10030\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-dshgroup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-dshgroup-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-genders\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-genders-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-machines\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-machines-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-netgroup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-netgroup-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_18_08-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_18_08-debuginfo-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm33-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm33-debuginfo-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-debuginfo-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-debugsource-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-dshgroup-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-dshgroup-debuginfo-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-genders-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-genders-debuginfo-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-machines-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-machines-debuginfo-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-netgroup-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-netgroup-debuginfo-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm-debuginfo-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_18_08-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_18_08-debuginfo-2.33-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_18_08-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_18_08-debuginfo-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-auth-none-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-auth-none-debuginfo-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-config-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-debuginfo-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-debugsource-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-devel-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-doc-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-lua-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-lua-debuginfo-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-munge-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-munge-debuginfo-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-node-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-node-debuginfo-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-pam_slurm-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-pam_slurm-debuginfo-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-plugins-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-plugins-debuginfo-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-slurmdbd-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-slurmdbd-debuginfo-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-sql-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-sql-debuginfo-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-torque-18.08.9-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-torque-debuginfo-18.08.9-3.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdsh / slurm_18_08\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-12T14:48:24", "description": "This update for pdsh, slurm_20_02 fixes the following issues :\n\nChanges in slurm_20_02 :\n\nAdd support for openPMIx also for Leap/SLE 15.0/1 (bsc#1173805).\n\nDo not run %check on SLE-12-SP2: Some incompatibility in tcl makes\nthis fail.\n\nRemove unneeded build dependency to postgresql-devel.\n\nDisable build on s390 (requires 64bit).\n\nBring QA to the package build: add %%check stage.\n\nRemove cruft that isn't needed any longer.\n\nAdd 'ghosted' run-file.\n\nAdd rpmlint filter to handle issues with library packages for Leap and\nenterprise upgrade versions.\n\nUpdated to 20.02.3 which fixes CVE-2020-12693 (bsc#1172004).\n\nOther changes are :\n\n - Factor in ntasks-per-core=1 with cons_tres.\n\n - Fix formatting in error message in cons_tres.\n\n - Fix calling stat on a NULL variable.\n\n - Fix minor memory leak when using reservations with\n flags=first_cores.\n\n - Fix gpu bind issue when CPUs=Cores and ThreadsPerCore >\n 1 on a node.\n\n - Fix --mem-per-gpu for heterogenous --gres requests.\n\n - Fix slurmctld load order in load_all_part_state().\n\n - Fix race condition not finding jobacct gather task\n cgroup entry.\n\n - Suppress error message when selecting nodes on disjoint\n topologies.\n\n - Improve performance of _pack_default_job_details() with\n large number of job\n\n - arguments.\n\n - Fix archive loading previous to 17.11 jobs per-node\n req_mem.\n\n - Fix regresion validating that --gpus-per-socket requires\n\n --sockets-per-node\n\n - for steps. Should only validate allocation requests.\n\n - error() instead of fatal() when parsing an invalid\n hostlist.\n\n - nss_slurm - fix potential deadlock in slurmstepd on\n overloaded systems.\n\n - cons_tres - fix --gres-flags=enforce-binding and related\n\n --cpus-per-gres.\n\n - cons_tres - Allocate lowest numbered cores when\n filtering cores with gres.\n\n - Fix getting system counts for named GRES/TRES.\n\n - MySQL - Fix for handing typed GRES for association\n rollups.\n\n - Fix step allocations when tasks_per_core > 1.\n\n - Fix allocating more GRES than requested when asking for\n multiple GRES types.\n\nTreat libnss_slurm like any other package: add version string to\nupgrade package.\n\nUpdated to 20.02.1 with following changes'\n\n - Improve job state reason for jobs hitting\n partition_job_depth.\n\n - Speed up testing of singleton dependencies.\n\n - Fix negative loop bound in cons_tres.\n\n - srun - capture the MPI plugin return code from\n mpi_hook_client_fini() and use as final return code for\n step failure.\n\n - Fix segfault in cli_filter/lua.\n\n - Fix --gpu-bind=map_gpu reusability if tasks > elements.\n\n - Make sure config_flags on a gres are sent to the\n slurmctld on node registration.\n\n - Prolog/Epilog - Fix missing GPU information.\n\n - Fix segfault when using config parser for expanded\n lines.\n\n - Fix bit overlap test function.\n\n - Don't accrue time if job begin time is in the future.\n\n - Remove accrue time when updating a job start/eligible\n time to the future.\n\n - Fix regression in 20.02.0 that broke --depend=expand.\n\n - Reset begin time on job release if it's not in the\n future.\n\n - Fix for recovering burst buffers when using\n high-availability.\n\n - Fix invalid read due to freeing an incorrectly allocated\n env array.\n\n - Update slurmctld -i message to warn about losing data.\n\n - Fix scontrol cancel_reboot so it clears the DRAIN flag\n and node reason for a pending ASAP reboot.\n\nChanges in pdsh: Bring QA to the package build: add %%check stage\n\nSince the build for the SLE-12 HPC Module got fixed, simplify spec\nfile and remove legacy workarounds.\n\nRemove _multibuild file where not needed.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 2, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "title": "SUSE SLES12 Security Update : pdsh, slurm_20_02 (SUSE-SU-2020:2607-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10995", "CVE-2019-19728", "CVE-2019-12838", "CVE-2019-19727", "CVE-2017-15566", "CVE-2016-10030", "CVE-2020-12693", "CVE-2019-6438", "CVE-2018-7033"], "modified": "2020-12-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:slurm_20_02-sview", "p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08", "p-cpe:/a:novell:suse_linux:slurm_20_02-sql-debuginfo", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:slurm_20_02-plugins", "p-cpe:/a:novell:suse_linux:slurm_20_02-munge", "p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm", "p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02", "p-cpe:/a:novell:suse_linux:slurm_20_02-sql", "p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02", "p-cpe:/a:novell:suse_linux:slurm_20_02-config", "p-cpe:/a:novell:suse_linux:slurm_20_02-lua", "p-cpe:/a:novell:suse_linux:slurm_20_02-node", "p-cpe:/a:novell:suse_linux:slurm_20_02-torque-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-config-man", "p-cpe:/a:novell:suse_linux:slurm_20_02-doc", "p-cpe:/a:novell:suse_linux:slurm_20_02-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:libpmi0_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-node-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-slurm_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-debugsource", "p-cpe:/a:novell:suse_linux:perl-slurm_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm_20_02", "p-cpe:/a:novell:suse_linux:libslurm35-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm35", "p-cpe:/a:novell:suse_linux:libpmi0_20_02", "p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none", "p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-sview-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-slurm_20_02", "p-cpe:/a:novell:suse_linux:slurm_20_02-devel", "p-cpe:/a:novell:suse_linux:slurm_20_02-torque"], "id": "SUSE_SU-2020-2607-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143870", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2607-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143870);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2016-10030\", \"CVE-2017-15566\", \"CVE-2018-10995\", \"CVE-2018-7033\", \"CVE-2019-12838\", \"CVE-2019-19727\", \"CVE-2019-19728\", \"CVE-2019-6438\", \"CVE-2020-12693\");\n\n script_name(english:\"SUSE SLES12 Security Update : pdsh, slurm_20_02 (SUSE-SU-2020:2607-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for pdsh, slurm_20_02 fixes the following issues :\n\nChanges in slurm_20_02 :\n\nAdd support for openPMIx also for Leap/SLE 15.0/1 (bsc#1173805).\n\nDo not run %check on SLE-12-SP2: Some incompatibility in tcl makes\nthis fail.\n\nRemove unneeded build dependency to postgresql-devel.\n\nDisable build on s390 (requires 64bit).\n\nBring QA to the package build: add %%check stage.\n\nRemove cruft that isn't needed any longer.\n\nAdd 'ghosted' run-file.\n\nAdd rpmlint filter to handle issues with library packages for Leap and\nenterprise upgrade versions.\n\nUpdated to 20.02.3 which fixes CVE-2020-12693 (bsc#1172004).\n\nOther changes are :\n\n - Factor in ntasks-per-core=1 with cons_tres.\n\n - Fix formatting in error message in cons_tres.\n\n - Fix calling stat on a NULL variable.\n\n - Fix minor memory leak when using reservations with\n flags=first_cores.\n\n - Fix gpu bind issue when CPUs=Cores and ThreadsPerCore >\n 1 on a node.\n\n - Fix --mem-per-gpu for heterogenous --gres requests.\n\n - Fix slurmctld load order in load_all_part_state().\n\n - Fix race condition not finding jobacct gather task\n cgroup entry.\n\n - Suppress error message when selecting nodes on disjoint\n topologies.\n\n - Improve performance of _pack_default_job_details() with\n large number of job\n\n - arguments.\n\n - Fix archive loading previous to 17.11 jobs per-node\n req_mem.\n\n - Fix regresion validating that --gpus-per-socket requires\n\n --sockets-per-node\n\n - for steps. Should only validate allocation requests.\n\n - error() instead of fatal() when parsing an invalid\n hostlist.\n\n - nss_slurm - fix potential deadlock in slurmstepd on\n overloaded systems.\n\n - cons_tres - fix --gres-flags=enforce-binding and related\n\n --cpus-per-gres.\n\n - cons_tres - Allocate lowest numbered cores when\n filtering cores with gres.\n\n - Fix getting system counts for named GRES/TRES.\n\n - MySQL - Fix for handing typed GRES for association\n rollups.\n\n - Fix step allocations when tasks_per_core > 1.\n\n - Fix allocating more GRES than requested when asking for\n multiple GRES types.\n\nTreat libnss_slurm like any other package: add version string to\nupgrade package.\n\nUpdated to 20.02.1 with following changes'\n\n - Improve job state reason for jobs hitting\n partition_job_depth.\n\n - Speed up testing of singleton dependencies.\n\n - Fix negative loop bound in cons_tres.\n\n - srun - capture the MPI plugin return code from\n mpi_hook_client_fini() and use as final return code for\n step failure.\n\n - Fix segfault in cli_filter/lua.\n\n - Fix --gpu-bind=map_gpu reusability if tasks > elements.\n\n - Make sure config_flags on a gres are sent to the\n slurmctld on node registration.\n\n - Prolog/Epilog - Fix missing GPU information.\n\n - Fix segfault when using config parser for expanded\n lines.\n\n - Fix bit overlap test function.\n\n - Don't accrue time if job begin time is in the future.\n\n - Remove accrue time when updating a job start/eligible\n time to the future.\n\n - Fix regression in 20.02.0 that broke --depend=expand.\n\n - Reset begin time on job release if it's not in the\n future.\n\n - Fix for recovering burst buffers when using\n high-availability.\n\n - Fix invalid read due to freeing an incorrectly allocated\n env array.\n\n - Update slurmctld -i message to warn about losing data.\n\n - Fix scontrol cancel_reboot so it clears the DRAIN flag\n and node reason for a pending ASAP reboot.\n\nChanges in pdsh: Bring QA to the package build: add %%check stage\n\nSince the build for the SLE-12 HPC Module got fixed, simplify spec\nfile and remove legacy workarounds.\n\nRemove _multibuild file where not needed.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1007053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1018371\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031872\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1041706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065697\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085606\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1100850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108671\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109373\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155784\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161716\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162377\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172004\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10030/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-15566/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10995/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7033/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12838/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19727/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19728/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6438/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-12693/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202607-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8522e9c3\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 12 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-12-2020-2607=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-10030\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libnss_slurm2_20_02-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libnss_slurm2_20_02-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_20_02-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_20_02-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm35-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm35-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_18_08-2.34-7.26.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_18_08-debuginfo-2.34-7.26.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_20_02-2.34-7.26.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_20_02-debuginfo-2.34-7.26.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_20_02-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_20_02-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-auth-none-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-auth-none-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-config-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-config-man-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-debugsource-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-devel-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-doc-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-lua-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-lua-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-munge-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-munge-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-node-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-node-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-pam_slurm-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-pam_slurm-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-plugins-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-plugins-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-slurmdbd-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-slurmdbd-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-sql-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-sql-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-sview-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-sview-debuginfo-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-torque-20.02.3-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-torque-debuginfo-20.02.3-3.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdsh / slurm_20_02\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}]}