CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2284 centos6
2018-08-10T00:00:00
ID OPENVAS:1361412562310882933 Type openvas Reporter Copyright (C) 2018 Greenbone Networks GmbH Modified 2019-03-08T00:00:00
Description
Check the version of yum-NetworkManager-dispatcher
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_CESA-2018_2284_yum-NetworkManager-dispatcher_centos6.nasl 14058 2019-03-08 13:25:52Z cfischer $
#
# CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2284 centos6
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.882933");
script_version("$Revision: 14058 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $");
script_tag(name:"creation_date", value:"2018-08-10 05:59:54 +0200 (Fri, 10 Aug 2018)");
script_cve_id("CVE-2018-10897");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"qod_type", value:"package");
script_name("CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2284 centos6");
script_tag(name:"summary", value:"Check the version of yum-NetworkManager-dispatcher");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"The yum-utils packages provide a collection of utilities and examples for
the yum package manager to make yum easier and more powerful to use.
Security Fix(es):
* yum-utils: reposync: improper path validation may lead to directory
traversal (CVE-2018-10897)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.
Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy
(Clover Network) for reporting this issue.");
script_tag(name:"affected", value:"yum-NetworkManager-dispatcher on CentOS 6");
script_tag(name:"solution", value:"Please install the updated packages.");
script_xref(name:"CESA", value:"2018:2284");
script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2018-August/022976.html");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2018 Greenbone Networks GmbH");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS6");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "CentOS6")
{
if ((res = isrpmvuln(pkg:"yum-NetworkManager-dispatcher", rpm:"yum-NetworkManager-dispatcher~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-aliases", rpm:"yum-plugin-aliases~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-auto-update-debug-info", rpm:"yum-plugin-auto-update-debug-info~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-changelog", rpm:"yum-plugin-changelog~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-fastestmirror", rpm:"yum-plugin-fastestmirror~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-filter-data", rpm:"yum-plugin-filter-data~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-fs-snapshot", rpm:"yum-plugin-fs-snapshot~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-keys", rpm:"yum-plugin-keys~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-list-data", rpm:"yum-plugin-list-data~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-local", rpm:"yum-plugin-local~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-merge-conf", rpm:"yum-plugin-merge-conf~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-ovl", rpm:"yum-plugin-ovl~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-post-transaction-actions", rpm:"yum-plugin-post-transaction-actions~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-priorities", rpm:"yum-plugin-priorities~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-protectbase", rpm:"yum-plugin-protectbase~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-ps", rpm:"yum-plugin-ps~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-remove-with-leaves", rpm:"yum-plugin-remove-with-leaves~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-rpm-warm-cache", rpm:"yum-plugin-rpm-warm-cache~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-security", rpm:"yum-plugin-security~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-show-leaves", rpm:"yum-plugin-show-leaves~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-tmprepo", rpm:"yum-plugin-tmprepo~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-tsflags", rpm:"yum-plugin-tsflags~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-upgrade-helper", rpm:"yum-plugin-upgrade-helper~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-verify", rpm:"yum-plugin-verify~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-plugin-versionlock", rpm:"yum-plugin-versionlock~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-updateonboot", rpm:"yum-updateonboot~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"yum-utils", rpm:"yum-utils~1.1.30~42.el6_10", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310882933", "type": "openvas", "bulletinFamily": "scanner", "title": "CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2284 centos6", "description": "Check the version of yum-NetworkManager-dispatcher", "published": "2018-08-10T00:00:00", "modified": "2019-03-08T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882933", "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "references": ["http://lists.centos.org/pipermail/centos-announce/2018-August/022976.html", "2018:2284"], "cvelist": ["CVE-2018-10897"], "lastseen": "2019-05-29T18:33:27", "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-2284", "CVE-2018-10897"]}, {"type": "f5", "idList": ["F5:K23200408"]}, {"type": "fedora", "idList": ["FEDORA:91EC760CCF29", "FEDORA:54940602DC0C", "FEDORA:1CD3F60CCF0B", "FEDORA:C6DFD60CCF2A", "FEDORA:54E526098827", "FEDORA:07330600627B", "FEDORA:49A4560A6175", "FEDORA:D60E460CCF20", "FEDORA:47BF560CCF04", "FEDORA:9480860CCF12"]}, {"type": "amazon", "idList": ["ALAS2-2018-1063", "ALAS-2018-1057"]}, {"type": "redhat", "idList": ["RHSA-2018:2285", "RHSA-2018:2284", "RHSA-2018:2626"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-2284", "ELSA-2018-2285"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1063.NASL", "CENTOS_RHSA-2018-2284.NASL", "ALA_ALAS-2018-1057.NASL", "EULEROS_SA-2018-1319.NASL", "ORACLELINUX_ELSA-2018-2284.NASL", "FEDORA_2018-357E8E07CE.NASL", "ORACLELINUX_ELSA-2018-2285.NASL", "CENTOS_RHSA-2018-2285.NASL", "EULEROS_SA-2019-1160.NASL", "EULEROS_SA-2019-1415.NASL"]}, {"type": "centos", "idList": ["CESA-2018:2285", "CESA-2018:2284"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220181327", "OPENVAS:1361412562310875861", "OPENVAS:1361412562310875757", "OPENVAS:1361412562310876033", "OPENVAS:1361412562311220191160", "OPENVAS:1361412562311220181320", "OPENVAS:1361412562311220191080", "OPENVAS:1361412562310875957", "OPENVAS:1361412562310875632", "OPENVAS:1361412562310875731"]}], "modified": "2019-05-29T18:33:27", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2019-05-29T18:33:27", "rev": 2}, "vulnersScore": 5.4}, "pluginID": "1361412562310882933", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2018_2284_yum-NetworkManager-dispatcher_centos6.nasl 14058 2019-03-08 13:25:52Z cfischer $\n#\n# CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2284 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882933\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-10 05:59:54 +0200 (Fri, 10 Aug 2018)\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for yum-NetworkManager-dispatcher CESA-2018:2284 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of yum-NetworkManager-dispatcher\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The yum-utils packages provide a collection of utilities and examples for\nthe yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es):\n\n * yum-utils: reposync: improper path validation may lead to directory\ntraversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy\n(Clover Network) for reporting this issue.\");\n script_tag(name:\"affected\", value:\"yum-NetworkManager-dispatcher on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"CESA\", value:\"2018:2284\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2018-August/022976.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"yum-NetworkManager-dispatcher\", rpm:\"yum-NetworkManager-dispatcher~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-aliases\", rpm:\"yum-plugin-aliases~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-auto-update-debug-info\", rpm:\"yum-plugin-auto-update-debug-info~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-changelog\", rpm:\"yum-plugin-changelog~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-fastestmirror\", rpm:\"yum-plugin-fastestmirror~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-filter-data\", rpm:\"yum-plugin-filter-data~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-fs-snapshot\", rpm:\"yum-plugin-fs-snapshot~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-keys\", rpm:\"yum-plugin-keys~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-list-data\", rpm:\"yum-plugin-list-data~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-local\", rpm:\"yum-plugin-local~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-merge-conf\", rpm:\"yum-plugin-merge-conf~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-ovl\", rpm:\"yum-plugin-ovl~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-post-transaction-actions\", rpm:\"yum-plugin-post-transaction-actions~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-priorities\", rpm:\"yum-plugin-priorities~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-protectbase\", rpm:\"yum-plugin-protectbase~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-ps\", rpm:\"yum-plugin-ps~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-remove-with-leaves\", rpm:\"yum-plugin-remove-with-leaves~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-rpm-warm-cache\", rpm:\"yum-plugin-rpm-warm-cache~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-security\", rpm:\"yum-plugin-security~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-show-leaves\", rpm:\"yum-plugin-show-leaves~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-tmprepo\", rpm:\"yum-plugin-tmprepo~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-tsflags\", rpm:\"yum-plugin-tsflags~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-upgrade-helper\", rpm:\"yum-plugin-upgrade-helper~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-verify\", rpm:\"yum-plugin-verify~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-plugin-versionlock\", rpm:\"yum-plugin-versionlock~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-updateonboot\", rpm:\"yum-updateonboot~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.30~42.el6_10\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "CentOS Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T06:52:24", "description": "A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.", "edition": 6, "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-01T17:29:00", "title": "CVE-2018-10897", "type": "cve", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10897"], "modified": "2018-11-30T21:33:00", "cpe": ["cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/a:redhat:virtualization:4.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/a:rpm-software-management_project:yum-utils:1.1.31"], "id": "CVE-2018-10897", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10897", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:rpm-software-management_project:yum-utils:1.1.31:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2020-04-06T22:40:23", "bulletinFamily": "software", "cvelist": ["CVE-2018-10897"], "description": "\nF5 Product Development has assigned ID CPF-25005 (Traffix SDC) to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 14.x | None | Not applicable | Not vulnerable | None | None \n13.x | None | Not applicable \n12.x | None | Not applicable \n11.x | None | Not applicable \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable | None | None \nBIG-IQ Centralized Management | 6.x | None | Not applicable | Not vulnerable | None | None \n5.x | None | Not applicable \n4.x | None | Not applicable \nBIG-IQ Cloud and Orchestration | 1.x | None | Not applicable | Not vulnerable | None | None \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | 5.0.0 | 5.1.0 | High | [8.8](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H>) | **reposync** utility \n4.x | 4.4.0 | None \n \n1 The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2018-10-30T17:33:00", "published": "2018-10-30T17:33:00", "id": "F5:K23200408", "href": "https://support.f5.com/csp/article/K23200408", "title": "reposync vulnerability CVE-2018-10897", "type": "f5", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "Libcomps is library for structure-like manipulation with content of comps XML files. Supports read/write XML file, structure(s) modification. ", "modified": "2019-02-21T02:58:54", "published": "2019-02-21T02:58:54", "id": "FEDORA:54940602DC0C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: libcomps-0.1.10-2.fc29", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "Utility that allows users to manage packages on their systems. It supports RPMs, modules and comps groups & environments. ", "modified": "2019-02-21T02:58:52", "published": "2019-02-21T02:58:52", "id": "FEDORA:9480860CCF12", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: dnf-4.1.0-1.fc29", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "A library providing C and Python (libcURL like) API to downloading reposito ry metadata. ", "modified": "2019-02-21T02:58:54", "published": "2019-02-21T02:58:54", "id": "FEDORA:C6DFD60CCF2A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: librepo-1.9.4-1.fc29", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "yum-utils is a collection of utilities and examples for the yum package manager. It includes utilities by different authors that make yum easier and more powerful to use. These tools include: debuginfo-install, find-repos-of-install, needs-restarting, package-cleanup, repoclosure, repodiff, repo-graph, repomanage, repoquery, repo-rss, reposync, repotrack, show-installed, show-changed-rco, verifytree, yumdownloader, yum-builddep, yum-complete-transaction, yum-config-manager, yum-debug-dump, yum-debug-restore and yum-groups-manager. ", "modified": "2018-10-04T14:10:15", "published": "2018-10-04T14:10:15", "id": "FEDORA:07330600627B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: yum-utils-1.1.31-517.fc29", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "A Library providing simplified C and Python API to libsolv. ", "modified": "2019-02-21T02:58:54", "published": "2019-02-21T02:58:54", "id": "FEDORA:91EC760CCF29", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: libdnf-0.26.0-1.fc29", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "yum-utils is a collection of utilities and examples for the yum package manager. It includes utilities by different authors that make yum easier and more powerful to use. These tools include: debuginfo-install, find-repos-of-install, needs-restarting, package-cleanup, repoclosure, repodiff, repo-graph, repomanage, repoquery, repo-rss, reposync, repotrack, show-installed, show-changed-rco, verifytree, yumdownloader, yum-builddep, yum-complete-transaction, yum-config-manager, yum-debug-dump, yum-debug-restore and yum-groups-manager. ", "modified": "2018-09-27T17:29:34", "published": "2018-09-27T17:29:34", "id": "FEDORA:49A4560A6175", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: yum-utils-1.1.31-515.fc28", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "Core Plugins for DNF. This package enhances DNF with builddep, config-manag er, copr, debug, debuginfo-install, download, needs-restarting, repoclosure, repograph, repomanage, reposync, changelog and repodiff commands. Additiona lly provides generate_completion_cache passive plugin. ", "modified": "2019-02-21T02:58:53", "published": "2019-02-21T02:58:53", "id": "FEDORA:D60E460CCF20", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: dnf-plugins-core-4.0.4-1.fc29", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "Extras Plugins for DNF. ", "modified": "2019-02-21T02:58:54", "published": "2019-02-21T02:58:54", "id": "FEDORA:1CD3F60CCF0B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: dnf-plugins-extras-4.0.2-1.fc29", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "C implementation of Createrepo. A set of utilities (createrepo_c, mergerepo_c, modifyrepo_c) for generating a common metadata repository from a directory of rpm packages and maintaining it. ", "modified": "2019-02-21T02:58:50", "published": "2019-02-21T02:58:50", "id": "FEDORA:47BF560CCF04", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: createrepo_c-0.12.1-1.fc29", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "yum-utils is a collection of utilities and examples for the yum package manager. It includes utilities by different authors that make yum easier and more powerful to use. These tools include: debuginfo-install, find-repos-of-install, needs-restarting, package-cleanup, repoclosure, repodiff, repo-graph, repomanage, repoquery, repo-rss, reposync, repotrack, show-installed, show-changed-rco, verifytree, yumdownloader, yum-builddep, yum-complete-transaction, yum-config-manager, yum-debug-dump, yum-debug-restore and yum-groups-manager. ", "modified": "2018-09-27T16:18:02", "published": "2018-09-27T16:18:02", "id": "FEDORA:54E526098827", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: yum-utils-1.1.31-514.fc27", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:37:34", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "**Issue Overview:**\n\nA directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.([CVE-2018-10897 __](<https://access.redhat.com/security/cve/CVE-2018-10897>))\n\n \n**Affected Packages:** \n\n\nyum-utils\n\n \n**Issue Correction:** \nRun _yum update yum-utils_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n noarch: \n yum-updateonboot-1.1.31-46.30.amzn1.noarch \n yum-plugin-ps-1.1.31-46.30.amzn1.noarch \n yum-plugin-rpm-warm-cache-1.1.31-46.30.amzn1.noarch \n yum-plugin-tmprepo-1.1.31-46.30.amzn1.noarch \n yum-plugin-ovl-1.1.31-46.30.amzn1.noarch \n yum-plugin-fastestmirror-1.1.31-46.30.amzn1.noarch \n yum-plugin-auto-update-debug-info-1.1.31-46.30.amzn1.noarch \n yum-plugin-filter-data-1.1.31-46.30.amzn1.noarch \n yum-plugin-versionlock-1.1.31-46.30.amzn1.noarch \n yum-plugin-remove-with-leaves-1.1.31-46.30.amzn1.noarch \n yum-plugin-pre-transaction-actions-1.1.31-46.30.amzn1.noarch \n yum-plugin-show-leaves-1.1.31-46.30.amzn1.noarch \n yum-plugin-tsflags-1.1.31-46.30.amzn1.noarch \n yum-utils-1.1.31-46.30.amzn1.noarch \n yum-plugin-local-1.1.31-46.30.amzn1.noarch \n yum-plugin-upgrade-helper-1.1.31-46.30.amzn1.noarch \n yum-plugin-refresh-updatesd-1.1.31-46.30.amzn1.noarch \n yum-plugin-changelog-1.1.31-46.30.amzn1.noarch \n yum-plugin-protectbase-1.1.31-46.30.amzn1.noarch \n yum-plugin-copr-1.1.31-46.30.amzn1.noarch \n yum-plugin-aliases-1.1.31-46.30.amzn1.noarch \n yum-plugin-merge-conf-1.1.31-46.30.amzn1.noarch \n yum-plugin-keys-1.1.31-46.30.amzn1.noarch \n yum-plugin-post-transaction-actions-1.1.31-46.30.amzn1.noarch \n yum-plugin-priorities-1.1.31-46.30.amzn1.noarch \n yum-plugin-verify-1.1.31-46.30.amzn1.noarch \n yum-plugin-puppetverify-1.1.31-46.30.amzn1.noarch \n yum-plugin-list-data-1.1.31-46.30.amzn1.noarch \n yum-NetworkManager-dispatcher-1.1.31-46.30.amzn1.noarch \n yum-plugin-fs-snapshot-1.1.31-46.30.amzn1.noarch \n \n src: \n yum-utils-1.1.31-46.30.amzn1.src \n \n \n", "edition": 5, "modified": "2018-08-09T16:13:00", "published": "2018-08-09T16:13:00", "id": "ALAS-2018-1057", "href": "https://alas.aws.amazon.com/ALAS-2018-1057.html", "title": "Important: yum-utils", "type": "amazon", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-10T12:36:04", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "**Issue Overview:**\n\nA directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. ([CVE-2018-10897 __](<https://access.redhat.com/security/cve/CVE-2018-10897>))\n\n \n**Affected Packages:** \n\n\nyum-utils\n\n \n**Issue Correction:** \nRun _yum update yum-utils_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n noarch: \n yum-utils-1.1.31-46.amzn2.0.1.noarch \n yum-updateonboot-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-changelog-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-fastestmirror-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-protectbase-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-versionlock-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-tsflags-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-priorities-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-merge-conf-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-upgrade-helper-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-aliases-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-list-data-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-filter-data-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-tmprepo-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-verify-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-keys-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-remove-with-leaves-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-pre-transaction-actions-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-post-transaction-actions-1.1.31-46.amzn2.0.1.noarch \n yum-NetworkManager-dispatcher-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-rpm-warm-cache-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-auto-update-debug-info-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-show-leaves-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-local-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-fs-snapshot-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-ps-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-copr-1.1.31-46.amzn2.0.1.noarch \n yum-plugin-ovl-1.1.31-46.amzn2.0.1.noarch \n \n src: \n yum-utils-1.1.31-46.amzn2.0.1.src \n \n \n", "edition": 1, "modified": "2018-08-21T17:18:00", "published": "2018-08-21T17:18:00", "id": "ALAS2-2018-1063", "href": "https://alas.aws.amazon.com/AL2/ALAS-2018-1063.html", "title": "Important: yum-utils", "type": "amazon", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:23", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nThe ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nSecurity Fix(es):\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.\n\nBug fix:\n\n* This update rebases imgbased to version 1.0.24. This update fixes the issue with removing broken symlinks when synchronizing layers. (BZ#1598781) (BZ#1622025)", "modified": "2018-09-04T17:22:03", "published": "2018-09-04T17:15:19", "id": "RHSA-2018:2626", "href": "https://access.redhat.com/errata/RHSA-2018:2626", "type": "redhat", "title": "(RHSA-2018:2626) Important: Red Hat Virtualization security, bug fix, and enhancement update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:50", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es):\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.", "modified": "2018-08-17T00:53:56", "published": "2018-07-30T17:27:37", "id": "RHSA-2018:2284", "href": "https://access.redhat.com/errata/RHSA-2018:2284", "type": "redhat", "title": "(RHSA-2018:2284) Important: yum-utils security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:53", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es):\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.", "modified": "2018-07-30T17:33:54", "published": "2018-07-30T17:28:01", "id": "RHSA-2018:2285", "href": "https://access.redhat.com/errata/RHSA-2018:2285", "type": "redhat", "title": "(RHSA-2018:2285) Important: yum-utils security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:46", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "[1.1.31-46.0.1]\n- needs-restarting not checking kernel-uek for reboot message [Orabug 27189714]\n- add bug27596617.patch to remove upstream URL reference\n[1.1.31-46]\n- reposync: prevent path traversal.\n- Resolves: bug#1600617", "edition": 3, "modified": "2018-07-30T00:00:00", "published": "2018-07-30T00:00:00", "id": "ELSA-2018-2285", "href": "http://linux.oracle.com/errata/ELSA-2018-2285.html", "title": "yum-utils security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:37", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "[1.1.30-42.0.1]\n- add dependency btrfs-progs for yum-plugin-fs-snapshot (guangyu.sun@oracle.com) [bug 16285176]\n- use unified btrfs binary instead of btrfsctl (guangyu.sun@oracle.com) [bug 16285176]\n[-1.1.30-42]\n- reposync: prevent path traversal.\n- Resolves: bug#1600619", "edition": 3, "modified": "2018-07-30T00:00:00", "published": "2018-07-30T00:00:00", "id": "ELSA-2018-2284", "href": "http://linux.oracle.com/errata/ELSA-2018-2284.html", "title": "yum-utils security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:32:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310876033", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876033", "type": "openvas", "title": "Fedora Update for librepo FEDORA-2019-1fccede810", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876033\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:32:40 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for librepo FEDORA-2019-1fccede810\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W4OZYE7TAWZHYNTPNZAF2L34STALGF2K\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'librepo'\n package(s) announced via the FEDORA-2019-1fccede810 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A library providing C and Python (libcURL like) API to downloading repository\nmetadata.\");\n\n script_tag(name:\"affected\", value:\"'librepo' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"librepo\", rpm:\"librepo~1.9.4~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:37:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181327", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181327", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2018-1327)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1327\");\n script_version(\"2020-01-23T11:21:50+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:21:50 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:21:50 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2018-1327)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1327\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1327\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'yum-utils' package(s) announced via the EulerOS-SA-2018-1327 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\");\n\n script_tag(name:\"affected\", value:\"'yum-utils' package(s) on Huawei EulerOS Virtualization 2.5.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~29.h1\", rls:\"EULEROSVIRT-2.5.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310875861", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875861", "type": "openvas", "title": "Fedora Update for dnf-plugins-core FEDORA-2019-1fccede810", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875861\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:24:34 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for dnf-plugins-core FEDORA-2019-1fccede810\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKVE7N7VZH2T7GY65VZKWNNDACGZQRPQ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dnf-plugins-core'\n package(s) announced via the FEDORA-2019-1fccede810 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Core Plugins for DNF. This package enhances DNF with builddep, config-manager,\ncopr, debug, debuginfo-install, download, needs-restarting, repoclosure,\nrepograph, repomanage, reposync, changelog and repodiff commands. Additionally\nprovides generate_completion_cache passive plugin.\");\n\n script_tag(name:\"affected\", value:\"'dnf-plugins-core' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dnf-plugins-core\", rpm:\"dnf-plugins-core~4.0.4~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310875109", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875109", "type": "openvas", "title": "Fedora Update for yum-utils FEDORA-2018-3aafb854a9", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_3aafb854a9_yum-utils_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for yum-utils FEDORA-2018-3aafb854a9\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875109\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-09-28 13:34:55 +0200 (Fri, 28 Sep 2018)\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for yum-utils FEDORA-2018-3aafb854a9\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'yum-utils'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"yum-utils on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-3aafb854a9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6YI7EHWQR75S5AV7RAV4VGWO535PTZAO\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~514.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310875632", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875632", "type": "openvas", "title": "Fedora Update for libcomps FEDORA-2019-1fccede810", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875632\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:13:48 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for libcomps FEDORA-2019-1fccede810\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJS6HJ7MYCPHDEWBWUNY5SVUZ2HOGT2G\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libcomps'\n package(s) announced via the FEDORA-2019-1fccede810 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Libcomps is library for structure-like manipulation with content of\ncomps XML files. Supports read/write XML file, structure(s) modification.\");\n\n script_tag(name:\"affected\", value:\"'libcomps' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libcomps\", rpm:\"libcomps~0.1.10~2.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:33:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181319", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181319", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2018-1319)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1319\");\n script_version(\"2020-01-23T11:21:39+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:21:39 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:21:39 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2018-1319)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1319\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1319\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'yum-utils' package(s) announced via the EulerOS-SA-2018-1319 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\");\n\n script_tag(name:\"affected\", value:\"'yum-utils' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-aliases\", rpm:\"yum-plugin-aliases~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-changelog\", rpm:\"yum-plugin-changelog~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-priorities\", rpm:\"yum-plugin-priorities~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-tmprepo\", rpm:\"yum-plugin-tmprepo~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-verify\", rpm:\"yum-plugin-verify~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-plugin-versionlock\", rpm:\"yum-plugin-versionlock~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~34.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310875113", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875113", "type": "openvas", "title": "Fedora Update for yum-utils FEDORA-2018-4f0089c995", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_4f0089c995_yum-utils_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for yum-utils FEDORA-2018-4f0089c995\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875113\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-09-28 13:35:42 +0200 (Fri, 28 Sep 2018)\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for yum-utils FEDORA-2018-4f0089c995\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'yum-utils'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"yum-utils on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-4f0089c995\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIJSDH2IJCF5PQXVAMDP4ZDMYSDSHRPT\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~515.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:34:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191160", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191160", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2019-1160)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1160\");\n script_version(\"2020-01-23T11:33:20+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:33:20 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:33:20 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for yum-utils (EulerOS-SA-2019-1160)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1160\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1160\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'yum-utils' package(s) announced via the EulerOS-SA-2019-1160 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.CVE-2018-10897\");\n\n script_tag(name:\"affected\", value:\"'yum-utils' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"yum-utils\", rpm:\"yum-utils~1.1.31~42.h1\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310875757", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875757", "type": "openvas", "title": "Fedora Update for dnf-plugins-extras FEDORA-2019-1fccede810", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875757\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:19:31 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for dnf-plugins-extras FEDORA-2019-1fccede810\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWU5VSDZ7HMTTRQABT46KDUVTFV4HCYM\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dnf-plugins-extras'\n package(s) announced via the FEDORA-2019-1fccede810 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Extras Plugins for DNF.\");\n\n script_tag(name:\"affected\", value:\"'dnf-plugins-extras' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dnf-plugins-extras\", rpm:\"dnf-plugins-extras~4.0.2~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310875957", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875957", "type": "openvas", "title": "Fedora Update for libdnf FEDORA-2019-1fccede810", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875957\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-10897\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:29:40 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for libdnf FEDORA-2019-1fccede810\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1fccede810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQPC3CGOUDVZPBP7MHBEWGTYREJBYK2L\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libdnf'\n package(s) announced via the FEDORA-2019-1fccede810 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A Library providing simplified C and Python API to libsolv.\");\n\n script_tag(name:\"affected\", value:\"'libdnf' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libdnf\", rpm:\"libdnf~0.26.0~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-07T08:55:00", "description": "According to the version of the yum-utils package installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to\n copy files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted\n system, this flaw could potentially result in system\n compromise via the overwriting of critical system\n files.i1/4^CVE-2018-10897i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 10, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-09T00:00:00", "title": "EulerOS Virtualization 2.5.3 : yum-utils (EulerOS-SA-2019-1160)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "modified": "2019-04-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:yum-utils", "cpe:/o:huawei:euleros:uvp:2.5.3"], "id": "EULEROS_SA-2019-1160.NASL", "href": "https://www.tenable.com/plugins/nessus/123846", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123846);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10897\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.3 : yum-utils (EulerOS-SA-2019-1160)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the yum-utils package installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to\n copy files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted\n system, this flaw could potentially result in system\n compromise via the overwriting of critical system\n files.i1/4^CVE-2018-10897i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1160\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?eed9ea55\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected yum-utils package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.3\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.3\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"yum-utils-1.1.31-42.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T08:54:07", "description": "According to the version of the yum-utils packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-09-27T00:00:00", "title": "EulerOS 2.0 SP2 : yum-utils (EulerOS-SA-2018-1319)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "modified": "2018-09-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:yum-plugin-versionlock", "p-cpe:/a:huawei:euleros:yum-utils", "p-cpe:/a:huawei:euleros:yum-plugin-tmprepo", "p-cpe:/a:huawei:euleros:yum-plugin-aliases", "p-cpe:/a:huawei:euleros:yum-plugin-priorities", "p-cpe:/a:huawei:euleros:yum-plugin-verify", "p-cpe:/a:huawei:euleros:yum-plugin-changelog", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1319.NASL", "href": "https://www.tenable.com/plugins/nessus/117762", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117762);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10897\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : yum-utils (EulerOS-SA-2018-1319)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the yum-utils packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1319\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?031de15a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected yum-utils package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"yum-plugin-aliases-1.1.31-34.h1\",\n \"yum-plugin-changelog-1.1.31-34.h1\",\n \"yum-plugin-priorities-1.1.31-34.h1\",\n \"yum-plugin-tmprepo-1.1.31-34.h1\",\n \"yum-plugin-verify-1.1.31-34.h1\",\n \"yum-plugin-versionlock-1.1.31-34.h1\",\n \"yum-utils-1.1.31-34.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-18T02:48:50", "description": "Security Fix(es) :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)", "edition": 11, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-02T00:00:00", "title": "Scientific Linux Security Update : yum-utils on SL7.x (noarch) (20180730)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "modified": "2018-08-02T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:yum-plugin-protectbase", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-rpm-warm-cache", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-post-transaction-actions", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-priorities", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-fs-snapshot", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-list-data", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-ovl", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-tsflags", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-local", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-keys", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-tmprepo", "p-cpe:/a:fermilab:scientific_linux:yum-utils", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-merge-conf", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-pre-transaction-actions", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-aliases", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-auto-update-debug-info", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-ps", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-show-leaves", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-versionlock", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-copr", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-changelog", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-filter-data", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-remove-with-leaves", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-upgrade-helper", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-verify", "p-cpe:/a:fermilab:scientific_linux:yum-updateonboot", "p-cpe:/a:fermilab:scientific_linux:yum-NetworkManager-dispatcher", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-fastestmirror"], "id": "SL_20180730_YUM_UTILS_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/111497", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111497);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-10897\");\n\n script_name(english:\"Scientific Linux Security Update : yum-utils on SL7.x (noarch) (20180730)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1807&L=scientific-linux-errata&F=&S=&P=11881\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?17b5c2c8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-copr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-pre-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", reference:\"yum-NetworkManager-dispatcher-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-aliases-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-auto-update-debug-info-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-changelog-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-copr-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-fastestmirror-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-filter-data-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-fs-snapshot-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-keys-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-list-data-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-local-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-merge-conf-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-ovl-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-post-transaction-actions-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-pre-transaction-actions-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-priorities-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-protectbase-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-ps-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-remove-with-leaves-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-rpm-warm-cache-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-show-leaves-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-tmprepo-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-tsflags-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-upgrade-helper-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-verify-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-plugin-versionlock-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-updateonboot-1.1.31-46.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"yum-utils-1.1.31-46.el7_5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T08:54:07", "description": "According to the version of the yum-utils packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-09-27T00:00:00", "title": "EulerOS 2.0 SP3 : yum-utils (EulerOS-SA-2018-1320)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "modified": "2018-09-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:yum-plugin-versionlock", "p-cpe:/a:huawei:euleros:yum-utils", "p-cpe:/a:huawei:euleros:yum-plugin-tmprepo", "p-cpe:/a:huawei:euleros:yum-plugin-aliases", "p-cpe:/a:huawei:euleros:yum-plugin-priorities", "p-cpe:/a:huawei:euleros:yum-plugin-verify", "p-cpe:/a:huawei:euleros:yum-plugin-changelog", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1320.NASL", "href": "https://www.tenable.com/plugins/nessus/117763", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117763);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10897\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : yum-utils (EulerOS-SA-2018-1320)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the yum-utils packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1320\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1d053134\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected yum-utils package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"yum-plugin-aliases-1.1.31-34.h1\",\n \"yum-plugin-changelog-1.1.31-34.h1\",\n \"yum-plugin-priorities-1.1.31-34.h1\",\n \"yum-plugin-tmprepo-1.1.31-34.h1\",\n \"yum-plugin-verify-1.1.31-34.h1\",\n \"yum-plugin-versionlock-1.1.31-34.h1\",\n \"yum-utils-1.1.31-34.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T08:55:41", "description": "According to the version of the yum-utils packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to\n copy files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted\n system, this flaw could potentially result in system\n compromise via the overwriting of critical system\n files. Version 1.1.31 and older are believed to be\n affected.(CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-14T00:00:00", "title": "EulerOS Virtualization for ARM 64 3.0.1.0 : yum-utils (EulerOS-SA-2019-1415)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "modified": "2019-05-14T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:yum-plugin-fastestmirror", "p-cpe:/a:huawei:euleros:yum-utils", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1415.NASL", "href": "https://www.tenable.com/plugins/nessus/124918", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124918);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10897\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.1.0 : yum-utils (EulerOS-SA-2019-1415)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the yum-utils packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to\n copy files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted\n system, this flaw could potentially result in system\n compromise via the overwriting of critical system\n files. Version 1.1.31 and older are believed to be\n affected.(CVE-2018-10897)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1415\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?21ebddb7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected yum-utils package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"yum-plugin-fastestmirror-1.1.31-46\",\n \"yum-utils-1.1.31-46\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-18T02:48:49", "description": "Security Fix(es) :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)", "edition": 11, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-02T00:00:00", "title": "Scientific Linux Security Update : yum-utils on SL6.x (noarch) (20180730)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "modified": "2018-08-02T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:yum-plugin-protectbase", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-rpm-warm-cache", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-post-transaction-actions", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-priorities", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-fs-snapshot", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-list-data", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-ovl", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-tsflags", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-local", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-keys", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-tmprepo", "p-cpe:/a:fermilab:scientific_linux:yum-utils", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-merge-conf", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-aliases", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-auto-update-debug-info", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-ps", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-show-leaves", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-versionlock", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-changelog", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-filter-data", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-remove-with-leaves", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-upgrade-helper", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-security", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-verify", "p-cpe:/a:fermilab:scientific_linux:yum-updateonboot", "p-cpe:/a:fermilab:scientific_linux:yum-NetworkManager-dispatcher", "p-cpe:/a:fermilab:scientific_linux:yum-plugin-fastestmirror"], "id": "SL_20180730_YUM_UTILS_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/111496", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111496);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-10897\");\n\n script_name(english:\"Scientific Linux Security Update : yum-utils on SL6.x (noarch) (20180730)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - yum-utils: reposync: improper path validation may lead\n to directory traversal (CVE-2018-10897)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1807&L=scientific-linux-errata&F=&S=&P=12557\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5fa40177\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"yum-NetworkManager-dispatcher-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-aliases-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-auto-update-debug-info-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-changelog-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-fastestmirror-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-filter-data-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-fs-snapshot-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-keys-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-list-data-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-local-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-merge-conf-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-ovl-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-post-transaction-actions-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-priorities-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-protectbase-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-ps-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-remove-with-leaves-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-rpm-warm-cache-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-security-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-show-leaves-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-tmprepo-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-tsflags-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-upgrade-helper-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-verify-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-plugin-versionlock-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-updateonboot-1.1.30-42.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"yum-utils-1.1.30-42.el6_10\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:18:07", "description": "Security fix for CVE-2018-10897\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 11, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-03T00:00:00", "title": "Fedora 28 : yum-utils (2018-4f0089c995)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "modified": "2019-01-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:yum-utils", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-4F0089C995.NASL", "href": "https://www.tenable.com/plugins/nessus/120412", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-4f0089c995.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120412);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"FEDORA\", value:\"2018-4f0089c995\");\n\n script_name(english:\"Fedora 28 : yum-utils (2018-4f0089c995)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2018-10897\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f0089c995\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected yum-utils package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"yum-utils-1.1.31-515.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:03:49", "description": "The remote NewStart CGSL host, running version MAIN 4.05, has yum-utils packages installed that are affected by a\nvulnerability:\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to copy\n files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted system,\n this flaw could potentially result in system compromise\n via the overwriting of critical system files.\n (CVE-2018-10897)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 17, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "title": "NewStart CGSL MAIN 4.05 : yum-utils Vulnerability (NS-SA-2019-0133)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "modified": "2019-08-12T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0133_YUM-UTILS.NASL", "href": "https://www.tenable.com/plugins/nessus/127390", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0133. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127390);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-10897\");\n\n script_name(english:\"NewStart CGSL MAIN 4.05 : yum-utils Vulnerability (NS-SA-2019-0133)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 4.05, has yum-utils packages installed that are affected by a\nvulnerability:\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to copy\n files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted system,\n this flaw could potentially result in system compromise\n via the overwriting of critical system files.\n (CVE-2018-10897)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0133\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL yum-utils packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10897\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 4.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 4.05\": [\n \"yum-NetworkManager-dispatcher-1.1.30-42.el6_10\",\n \"yum-plugin-aliases-1.1.30-42.el6_10\",\n \"yum-plugin-auto-update-debug-info-1.1.30-42.el6_10\",\n \"yum-plugin-changelog-1.1.30-42.el6_10\",\n \"yum-plugin-fastestmirror-1.1.30-42.el6_10\",\n \"yum-plugin-filter-data-1.1.30-42.el6_10\",\n \"yum-plugin-fs-snapshot-1.1.30-42.el6_10\",\n \"yum-plugin-keys-1.1.30-42.el6_10\",\n \"yum-plugin-list-data-1.1.30-42.el6_10\",\n \"yum-plugin-local-1.1.30-42.el6_10\",\n \"yum-plugin-merge-conf-1.1.30-42.el6_10\",\n \"yum-plugin-ovl-1.1.30-42.el6_10\",\n \"yum-plugin-post-transaction-actions-1.1.30-42.el6_10\",\n \"yum-plugin-priorities-1.1.30-42.el6_10\",\n \"yum-plugin-protectbase-1.1.30-42.el6_10\",\n \"yum-plugin-ps-1.1.30-42.el6_10\",\n \"yum-plugin-remove-with-leaves-1.1.30-42.el6_10\",\n \"yum-plugin-rpm-warm-cache-1.1.30-42.el6_10\",\n \"yum-plugin-security-1.1.30-42.el6_10\",\n \"yum-plugin-show-leaves-1.1.30-42.el6_10\",\n \"yum-plugin-tmprepo-1.1.30-42.el6_10\",\n \"yum-plugin-tsflags-1.1.30-42.el6_10\",\n \"yum-plugin-upgrade-helper-1.1.30-42.el6_10\",\n \"yum-plugin-verify-1.1.30-42.el6_10\",\n \"yum-plugin-versionlock-1.1.30-42.el6_10\",\n \"yum-updateonboot-1.1.30-42.el6_10\",\n \"yum-utils-1.1.30-42.el6_10\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:01:56", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has yum-utils packages installed that are affected\nby a vulnerability:\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to copy\n files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted system,\n this flaw could potentially result in system compromise\n via the overwriting of critical system files.\n (CVE-2018-10897)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 17, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : yum-utils Vulnerability (NS-SA-2019-0024)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "modified": "2019-08-12T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0024_YUM-UTILS.NASL", "href": "https://www.tenable.com/plugins/nessus/127184", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0024. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127184);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-10897\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : yum-utils Vulnerability (NS-SA-2019-0024)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has yum-utils packages installed that are affected\nby a vulnerability:\n\n - A directory traversal issue was found in reposync, a\n part of yum-utils, where reposync fails to sanitize\n paths in remote repository configuration files. If an\n attacker controls a repository, they may be able to copy\n files outside of the destination directory on the\n targeted system via path traversal. If reposync is\n running with heightened privileges on a targeted system,\n this flaw could potentially result in system compromise\n via the overwriting of critical system files.\n (CVE-2018-10897)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0024\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL yum-utils packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10897\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"yum-NetworkManager-dispatcher-1.1.31-46.el7_5\",\n \"yum-plugin-aliases-1.1.31-46.el7_5\",\n \"yum-plugin-auto-update-debug-info-1.1.31-46.el7_5\",\n \"yum-plugin-changelog-1.1.31-46.el7_5\",\n \"yum-plugin-copr-1.1.31-46.el7_5\",\n \"yum-plugin-fastestmirror-1.1.31-46.el7_5\",\n \"yum-plugin-filter-data-1.1.31-46.el7_5\",\n \"yum-plugin-fs-snapshot-1.1.31-46.el7_5\",\n \"yum-plugin-keys-1.1.31-46.el7_5\",\n \"yum-plugin-list-data-1.1.31-46.el7_5\",\n \"yum-plugin-local-1.1.31-46.el7_5\",\n \"yum-plugin-merge-conf-1.1.31-46.el7_5\",\n \"yum-plugin-ovl-1.1.31-46.el7_5\",\n \"yum-plugin-post-transaction-actions-1.1.31-46.el7_5\",\n \"yum-plugin-pre-transaction-actions-1.1.31-46.el7_5\",\n \"yum-plugin-priorities-1.1.31-46.el7_5\",\n \"yum-plugin-protectbase-1.1.31-46.el7_5\",\n \"yum-plugin-ps-1.1.31-46.el7_5\",\n \"yum-plugin-remove-with-leaves-1.1.31-46.el7_5\",\n \"yum-plugin-rpm-warm-cache-1.1.31-46.el7_5\",\n \"yum-plugin-show-leaves-1.1.31-46.el7_5\",\n \"yum-plugin-tmprepo-1.1.31-46.el7_5\",\n \"yum-plugin-tsflags-1.1.31-46.el7_5\",\n \"yum-plugin-upgrade-helper-1.1.31-46.el7_5\",\n \"yum-plugin-verify-1.1.31-46.el7_5\",\n \"yum-plugin-versionlock-1.1.31-46.el7_5\",\n \"yum-updateonboot-1.1.31-46.el7_5\",\n \"yum-utils-1.1.31-46.el7_5\"\n ],\n \"CGSL MAIN 5.04\": [\n \"yum-NetworkManager-dispatcher-1.1.31-46.el7_5\",\n \"yum-plugin-aliases-1.1.31-46.el7_5\",\n \"yum-plugin-auto-update-debug-info-1.1.31-46.el7_5\",\n \"yum-plugin-changelog-1.1.31-46.el7_5\",\n \"yum-plugin-copr-1.1.31-46.el7_5\",\n \"yum-plugin-fastestmirror-1.1.31-46.el7_5\",\n \"yum-plugin-filter-data-1.1.31-46.el7_5\",\n \"yum-plugin-fs-snapshot-1.1.31-46.el7_5\",\n \"yum-plugin-keys-1.1.31-46.el7_5\",\n \"yum-plugin-list-data-1.1.31-46.el7_5\",\n \"yum-plugin-local-1.1.31-46.el7_5\",\n \"yum-plugin-merge-conf-1.1.31-46.el7_5\",\n \"yum-plugin-ovl-1.1.31-46.el7_5\",\n \"yum-plugin-post-transaction-actions-1.1.31-46.el7_5\",\n \"yum-plugin-pre-transaction-actions-1.1.31-46.el7_5\",\n \"yum-plugin-priorities-1.1.31-46.el7_5\",\n \"yum-plugin-protectbase-1.1.31-46.el7_5\",\n \"yum-plugin-ps-1.1.31-46.el7_5\",\n \"yum-plugin-remove-with-leaves-1.1.31-46.el7_5\",\n \"yum-plugin-rpm-warm-cache-1.1.31-46.el7_5\",\n \"yum-plugin-show-leaves-1.1.31-46.el7_5\",\n \"yum-plugin-tmprepo-1.1.31-46.el7_5\",\n \"yum-plugin-tsflags-1.1.31-46.el7_5\",\n \"yum-plugin-upgrade-helper-1.1.31-46.el7_5\",\n \"yum-plugin-verify-1.1.31-46.el7_5\",\n \"yum-plugin-versionlock-1.1.31-46.el7_5\",\n \"yum-updateonboot-1.1.31-46.el7_5\",\n \"yum-utils-1.1.31-46.el7_5\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-utils\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T05:45:11", "description": "An update for yum-utils is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples\nfor the yum package manager to make yum easier and more powerful to\nuse.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory\ntraversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron\nLevy (Clover Network) for reporting this issue.", "edition": 23, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-02T00:00:00", "title": "RHEL 7 : yum-utils (RHSA-2018:2285)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10897"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:yum-plugin-filter-data", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-keys", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-tsflags", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-verify", "cpe:/o:redhat:enterprise_linux:7.7", "p-cpe:/a:redhat:enterprise_linux:yum-utils", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-merge-conf", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-priorities", "cpe:/o:redhat:enterprise_linux:7.5", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-upgrade-helper", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-auto-update-debug-info", "p-cpe:/a:redhat:enterprise_linux:yum-NetworkManager-dispatcher", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-ps", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-versionlock", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-list-data", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-remove-with-leaves", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-post-transaction-actions", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-protectbase", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-aliases", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-fastestmirror", "p-cpe:/a:redhat:enterprise_linux:yum-updateonboot", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-show-leaves", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-pre-transaction-actions", "cpe:/o:redhat:enterprise_linux:7.6", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-rpm-warm-cache", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-fs-snapshot", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-ovl", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-copr", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-tmprepo", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-local", "p-cpe:/a:redhat:enterprise_linux:yum-plugin-changelog"], "id": "REDHAT-RHSA-2018-2285.NASL", "href": "https://www.tenable.com/plugins/nessus/111490", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2285. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111490);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-10897\");\n script_xref(name:\"RHSA\", value:\"2018:2285\");\n\n script_name(english:\"RHEL 7 : yum-utils (RHSA-2018:2285)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for yum-utils is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe yum-utils packages provide a collection of utilities and examples\nfor the yum package manager to make yum easier and more powerful to\nuse.\n\nSecurity Fix(es) :\n\n* yum-utils: reposync: improper path validation may lead to directory\ntraversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron\nLevy (Clover Network) for reporting this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:2285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10897\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-NetworkManager-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-aliases\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-auto-update-debug-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-changelog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-copr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-fastestmirror\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-filter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-fs-snapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-keys\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-list-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-merge-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-ovl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-post-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-pre-transaction-actions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-priorities\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-protectbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-remove-with-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-rpm-warm-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-show-leaves\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-tmprepo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-tsflags\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-upgrade-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-verify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-plugin-versionlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-updateonboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:yum-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2285\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"yum-NetworkManager-dispatcher-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-aliases-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-auto-update-debug-info-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-changelog-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-copr-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-fastestmirror-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-filter-data-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-fs-snapshot-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-keys-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-list-data-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-local-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-merge-conf-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-ovl-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-post-transaction-actions-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-pre-transaction-actions-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-priorities-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-protectbase-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-ps-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-remove-with-leaves-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-rpm-warm-cache-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-show-leaves-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-tmprepo-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-tsflags-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-upgrade-helper-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-verify-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-plugin-versionlock-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-updateonboot-1.1.31-46.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"yum-utils-1.1.31-46.el7_5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yum-NetworkManager-dispatcher / yum-plugin-aliases / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2020-12-08T03:35:13", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "**CentOS Errata and Security Advisory** CESA-2018:2284\n\n\nThe yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es):\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2018-August/035014.html\n\n**Affected packages:**\nyum-NetworkManager-dispatcher\nyum-plugin-aliases\nyum-plugin-auto-update-debug-info\nyum-plugin-changelog\nyum-plugin-fastestmirror\nyum-plugin-filter-data\nyum-plugin-fs-snapshot\nyum-plugin-keys\nyum-plugin-list-data\nyum-plugin-local\nyum-plugin-merge-conf\nyum-plugin-ovl\nyum-plugin-post-transaction-actions\nyum-plugin-priorities\nyum-plugin-protectbase\nyum-plugin-ps\nyum-plugin-remove-with-leaves\nyum-plugin-rpm-warm-cache\nyum-plugin-security\nyum-plugin-show-leaves\nyum-plugin-tmprepo\nyum-plugin-tsflags\nyum-plugin-upgrade-helper\nyum-plugin-verify\nyum-plugin-versionlock\nyum-updateonboot\nyum-utils\n\n**Upstream details at:**\n", "edition": 5, "modified": "2018-08-09T15:06:44", "published": "2018-08-09T15:06:44", "id": "CESA-2018:2284", "href": "http://lists.centos.org/pipermail/centos-announce/2018-August/035014.html", "title": "yum security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-08T03:38:42", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10897"], "description": "**CentOS Errata and Security Advisory** CESA-2018:2285\n\n\nThe yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use.\n\nSecurity Fix(es):\n\n* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2018-August/035019.html\n\n**Affected packages:**\nyum-NetworkManager-dispatcher\nyum-plugin-aliases\nyum-plugin-auto-update-debug-info\nyum-plugin-changelog\nyum-plugin-copr\nyum-plugin-fastestmirror\nyum-plugin-filter-data\nyum-plugin-fs-snapshot\nyum-plugin-keys\nyum-plugin-list-data\nyum-plugin-local\nyum-plugin-merge-conf\nyum-plugin-ovl\nyum-plugin-post-transaction-actions\nyum-plugin-pre-transaction-actions\nyum-plugin-priorities\nyum-plugin-protectbase\nyum-plugin-ps\nyum-plugin-remove-with-leaves\nyum-plugin-rpm-warm-cache\nyum-plugin-show-leaves\nyum-plugin-tmprepo\nyum-plugin-tsflags\nyum-plugin-upgrade-helper\nyum-plugin-verify\nyum-plugin-versionlock\nyum-updateonboot\nyum-utils\n\n**Upstream details at:**\n", "edition": 5, "modified": "2018-08-09T15:12:08", "published": "2018-08-09T15:12:08", "id": "CESA-2018:2285", "href": "http://lists.centos.org/pipermail/centos-announce/2018-August/035019.html", "title": "yum security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
