Description
Multiple security issues were discovered in the Simple Linux Utility
for Resource Management (SLURM), a cluster resource management and job
scheduling system, which could result in denial of service,
information disclosure or privilege escalation.
* [CVE-2019-12838](https://security-tracker.debian.org/tracker/CVE-2019-12838)
SchedMD Slurm allows SQL Injection.
* [CVE-2020-12693](https://security-tracker.debian.org/tracker/CVE-2020-12693)
In the rare case where Message Aggregation is enabled, Slurm
allows Authentication Bypass via an Alternate Path or Channel. A
race condition allows a user to launch a process as an arbitrary
user.
* [CVE-2020-27745](https://security-tracker.debian.org/tracker/CVE-2020-27745)
RPC Buffer Overflow in the PMIx MPI plugin.
* [CVE-2021-31215](https://security-tracker.debian.org/tracker/CVE-2021-31215)
SchedMD Slurm allows remote code execution as SlurmUser because
use of a PrologSlurmctld or EpilogSlurmctld script leads to
environment mishandling.
For Debian 9 stretch, these problems have been fixed in version
16.05.9-1+deb9u5.
We recommend that you upgrade your slurm-llnl packages.
For the detailed security status of slurm-llnl please refer to
its security tracker page at:
<https://security-tracker.debian.org/tracker/slurm-llnl>
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: <https://wiki.debian.org/LTS>
Affected Software
Related
{"id": "OSV:DLA-2886-1", "bulletinFamily": "software", "title": "slurm-llnl - security update", "description": "\nMultiple security issues were discovered in the Simple Linux Utility\nfor Resource Management (SLURM), a cluster resource management and job\nscheduling system, which could result in denial of service,\ninformation disclosure or privilege escalation.\n\n\n* [CVE-2019-12838](https://security-tracker.debian.org/tracker/CVE-2019-12838)\nSchedMD Slurm allows SQL Injection.\n* [CVE-2020-12693](https://security-tracker.debian.org/tracker/CVE-2020-12693)\nIn the rare case where Message Aggregation is enabled, Slurm\n allows Authentication Bypass via an Alternate Path or Channel. A\n race condition allows a user to launch a process as an arbitrary\n user.\n* [CVE-2020-27745](https://security-tracker.debian.org/tracker/CVE-2020-27745)\nRPC Buffer Overflow in the PMIx MPI plugin.\n* [CVE-2021-31215](https://security-tracker.debian.org/tracker/CVE-2021-31215)\nSchedMD Slurm allows remote code execution as SlurmUser because\n use of a PrologSlurmctld or EpilogSlurmctld script leads to\n environment mishandling.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n16.05.9-1+deb9u5.\n\n\nWe recommend that you upgrade your slurm-llnl packages.\n\n\nFor the detailed security status of slurm-llnl please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/slurm-llnl>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "published": "2022-01-17T00:00:00", "modified": "2022-08-05T05:19:17", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://osv.dev/vulnerability/DLA-2886-1", "reporter": "Google", "references": ["https://www.debian.org/lts/security/2022/dla-2886"], "cvelist": ["CVE-2019-12838", "CVE-2020-27745", "CVE-2021-31215", "CVE-2020-12693"], "immutableFields": [], "type": "osv", "lastseen": "2022-08-05T05:19:18", "edition": 1, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"idList": ["OPENVAS:1361412562310853012", "OPENVAS:1361412562310877938", "OPENVAS:1361412562310704572", "OPENVAS:1361412562310877941", "OPENVAS:1361412562310852780", "OPENVAS:1361412562310877341", "OPENVAS:1361412562310892143", "OPENVAS:1361412562310876601", "OPENVAS:1361412562310852884", "OPENVAS:1361412562310876600"], "type": "openvas"}, {"idList": ["VERACODE:33768", "VERACODE:33823"], "type": "veracode"}, {"idList": ["RH:CVE-2019-12838"], "type": "redhatcve"}, {"idList": ["OSV:DSA-4841-1", "OSV:DLA-2143-1", "OSV:DSA-4572-1"], "type": "osv"}, {"idList": ["MGASA-2021-0253"], "type": "mageia"}, {"idList": ["CVE-2019-12838", "CVE-2020-27745", "CVE-2021-31215", "CVE-2020-12693"], "type": "cve"}, {"idList": ["DEBIAN:DSA-4572-1:F0C65", "DEBIAN:DLA-2886-1:15075", "DEBIAN:DLA-2143-1:29A41", "DEBIAN:DSA-4841-1:98E0B"], "type": "debian"}, {"idList": ["FEDORA:A8EAB307F06E", "FEDORA:7E12A61571C7", "FEDORA:40C51603E850", "FEDORA:77D893020A98", "FEDORA:0DE5E660D95A", "FEDORA:6ED61610986B", "FEDORA:9B23C307D77B", "FEDORA:6420E6070850", "FEDORA:D145E30C8C35"], "type": "fedora"}, {"idList": ["UB:CVE-2021-31215", "UB:CVE-2019-12838", "UB:CVE-2020-12693", "UB:CVE-2020-27745"], "type": "ubuntucve"}, {"idList": ["DEBIANCVE:CVE-2021-31215", "DEBIANCVE:CVE-2020-12693", "DEBIANCVE:CVE-2019-12838", "DEBIANCVE:CVE-2020-27745"], "type": "debiancve"}, {"idList": ["SUSE_SU-2019-2989-1.NASL", "SUSE_SU-2021-1789-1.NASL", "SUSE_SU-2020-2601-1.NASL", "SUSE_SU-2020-3878-1.NASL", "SUSE_SU-2020-3506-1.NASL", "FEDORA_2020-49B97C38E7.NASL", "SUSE_SU-2020-2602-1.NASL", "FEDORA_2020-11D0CF302F.NASL", "DEBIAN_DLA-2143.NASL", "SUSE_SU-2020-2600-1.NASL", "SUSE_SU-2021-0773-1.NASL", "FEDORA_2020-E95EF17134.NASL", "SUSE_SU-2021-1787-1.NASL", "SUSE_SU-2020-0434-1.NASL", "SUSE_SU-2020-3505-1.NASL", "OPENSUSE-2020-1468.NASL", "SUSE_SU-2021-0155-1.NASL", "SUSE_SU-2021-0139-1.NASL", "SUSE_SU-2021-1810-1.NASL", "SUSE_SU-2021-2473-1.NASL", "SUSE_SU-2020-0110-1.NASL", "FEDORA_2020-98A5098030.NASL", "SUSE_SU-2021-1791-1.NASL", "OPENSUSE-2020-1969.NASL", "OPENSUSE-2021-96.NASL", "SUSE_SU-2019-2229-1.NASL", "SUSE_SU-2021-1788-1.NASL", "DEBIAN_DLA-2886.NASL", "DEBIAN_DSA-4841.NASL", "FEDORA_2019-5D0D2619DF.NASL", "SUSE_SU-2020-1554-1.NASL", "OPENSUSE-2020-2033.NASL", "OPENSUSE-2020-1421.NASL", "SUSE_SU-2019-3080-1.NASL", "OPENSUSE-2019-2536.NASL", "SUSE_SU-2020-2607-1.NASL", "OPENSUSE-2019-2052.NASL", "OPENSUSE-2020-2286.NASL", "SUSE_SU-2020-2598-1.NASL", "DEBIAN_DSA-4572.NASL", "OPENSUSE-2021-821.NASL", "SUSE_SU-2021-2295-1.NASL", "SUSE_SU-2021-1856-1.NASL", "SUSE_SU-2020-0443-1.NASL", "SUSE_SU-2020-3863-1.NASL", "OPENSUSE-2020-2056.NASL", "OPENSUSE-2020-85.NASL", "FEDORA_2019-4CA3A39825.NASL", "SUSE_SU-2020-3892-1.NASL", "SUSE_SU-2021-1855-1.NASL", "SUSE_SU-2020-2194-1.NASL"], "type": "nessus"}, {"idList": ["OPENSUSE-SU-2020:1969-1", "OPENSUSE-SU-2020:1421-1", "OPENSUSE-SU-2021:0821-1", "OPENSUSE-SU-2020:2056-1", "OPENSUSE-SU-2020:0085-1", "OPENSUSE-SU-2020:2033-1", "OPENSUSE-SU-2021:0096-1", "OPENSUSE-SU-2019:2052-1", "OPENSUSE-SU-2020:1468-1", "OPENSUSE-SU-2019:2536-1", "OPENSUSE-SU-2020:2286-1"], "type": "suse"}]}, "score": {"value": 0.6, "vector": "NONE"}, "affected_software": {"major_version": [{"name": "slurm-llnl", "version": 16}, {"name": "slurm-llnl", "version": 16}, {"name": "slurm-llnl", "version": 16}, {"name": "slurm-llnl", "version": 16}, {"name": "slurm-llnl", "version": 16}]}, "epss": [{"cve": "CVE-2019-12838", "epss": "0.016830000", "percentile": "0.857350000", "modified": "2023-03-20"}, {"cve": "CVE-2020-27745", "epss": "0.002170000", "percentile": "0.579830000", "modified": "2023-03-20"}, {"cve": "CVE-2021-31215", "epss": "0.004460000", "percentile": "0.710020000", "modified": "2023-03-20"}, {"cve": "CVE-2020-12693", "epss": "0.007460000", "percentile": "0.780480000", "modified": "2023-03-20"}], "vulnersScore": 0.6}, "_state": {"score": 1660013489, "dependencies": 1660004461, "affected_software_major_version": 1666703109, "epss": 1679338714}, "_internal": {"score_hash": "45420406df7def8bc97c717d82bbf494"}, "affectedSoftware": [{"name": "slurm-llnl", "operator": "eq", "version": "16.05.9-1+deb9u2"}, {"name": "slurm-llnl", "operator": "eq", "version": "16.05.9-1+deb9u3"}, {"name": "slurm-llnl", "operator": "eq", "version": "16.05.9-1"}, {"name": "slurm-llnl", "operator": "eq", "version": "16.05.9-1+deb9u1"}, {"name": "slurm-llnl", "operator": "eq", "version": "16.05.9-1+deb9u4"}]}
{"nessus": [{"lastseen": "2023-01-10T19:13:58", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2886 advisory.\n\n - SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection. (CVE-2019-12838)\n\n - Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user. (CVE-2020-12693)\n\n - Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin.\n (CVE-2020-27745)\n\n - SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.\n (CVE-2021-31215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-17T00:00:00", "type": "nessus", "title": "Debian DLA-2886-1 : slurm-llnl - LTS security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12838", "CVE-2020-12693", "CVE-2020-27745", "CVE-2021-31215"], "modified": "2022-01-17T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libpam-slurm", "p-cpe:/a:debian:debian_linux:libpmi0", "p-cpe:/a:debian:debian_linux:libpmi0-dbg", "p-cpe:/a:debian:debian_linux:libpmi0-dev", "p-cpe:/a:debian:debian_linux:libpmi2-0", "p-cpe:/a:debian:debian_linux:libpmi2-0-dbg", "p-cpe:/a:debian:debian_linux:libpmi2-0-dev", "p-cpe:/a:debian:debian_linux:libslurm-dev", "p-cpe:/a:debian:debian_linux:libslurm-perl", "p-cpe:/a:debian:debian_linux:libslurm30", "p-cpe:/a:debian:debian_linux:libslurm30-dbg", "p-cpe:/a:debian:debian_linux:libslurmdb-dev", "p-cpe:/a:debian:debian_linux:libslurmdb-perl", "p-cpe:/a:debian:debian_linux:libslurmdb30", "p-cpe:/a:debian:debian_linux:libslurmdb30-dbg", "p-cpe:/a:debian:debian_linux:slurm-client", "p-cpe:/a:debian:debian_linux:slurm-client-dbg", "p-cpe:/a:debian:debian_linux:slurm-client-emulator", "p-cpe:/a:debian:debian_linux:slurm-llnl", "p-cpe:/a:debian:debian_linux:slurm-llnl-slurmdbd", "p-cpe:/a:debian:debian_linux:slurm-wlm", "p-cpe:/a:debian:debian_linux:slurm-wlm-basic-plugins", "p-cpe:/a:debian:debian_linux:slurm-wlm-basic-plugins-dbg", "p-cpe:/a:debian:debian_linux:slurm-wlm-basic-plugins-dev", "p-cpe:/a:debian:debian_linux:slurm-wlm-doc", "p-cpe:/a:debian:debian_linux:slurm-wlm-emulator", "p-cpe:/a:debian:debian_linux:slurm-wlm-torque", "p-cpe:/a:debian:debian_linux:slurmctld", "p-cpe:/a:debian:debian_linux:slurmctld-dbg", "p-cpe:/a:debian:debian_linux:slurmd", "p-cpe:/a:debian:debian_linux:slurmd-dbg", "p-cpe:/a:debian:debian_linux:slurmdbd", "p-cpe:/a:debian:debian_linux:slurmdbd-dbg", "p-cpe:/a:debian:debian_linux:sview", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2886.NASL", "href": "https://www.tenable.com/plugins/nessus/156773", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2886. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156773);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/17\");\n\n script_cve_id(\n \"CVE-2019-12838\",\n \"CVE-2020-12693\",\n \"CVE-2020-27745\",\n \"CVE-2021-31215\"\n );\n\n script_name(english:\"Debian DLA-2886-1 : slurm-llnl - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2886 advisory.\n\n - SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection. (CVE-2019-12838)\n\n - Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is\n enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to\n launch a process as an arbitrary user. (CVE-2020-12693)\n\n - Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin.\n (CVE-2020-27745)\n\n - SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as\n SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.\n (CVE-2021-31215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/slurm-llnl\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-2886\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2019-12838\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-12693\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-27745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-31215\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/slurm-llnl\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the slurm-llnl packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 16.05.9-1+deb9u5.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-12838\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpam-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpmi0-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpmi0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpmi2-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpmi2-0-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpmi2-0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurm-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurm-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurm30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurm30-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurmdb-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurmdb-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurmdb30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libslurmdb30-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-client-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-client-emulator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-llnl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-llnl-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-wlm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-wlm-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-wlm-basic-plugins-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-wlm-basic-plugins-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-wlm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-wlm-emulator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-wlm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurmctld\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurmctld-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurmd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurmd-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurmdbd-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sview\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'libpam-slurm', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libpmi0', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libpmi0-dbg', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libpmi0-dev', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libpmi2-0', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libpmi2-0-dbg', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libpmi2-0-dev', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libslurm-dev', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libslurm-perl', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libslurm30', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libslurm30-dbg', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libslurmdb-dev', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libslurmdb-perl', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libslurmdb30', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'libslurmdb30-dbg', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurm-client', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurm-client-dbg', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurm-client-emulator', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurm-llnl', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurm-llnl-slurmdbd', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurm-wlm', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurm-wlm-basic-plugins', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurm-wlm-basic-plugins-dbg', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurm-wlm-basic-plugins-dev', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurm-wlm-doc', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurm-wlm-emulator', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurm-wlm-torque', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurmctld', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurmctld-dbg', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurmd', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurmd-dbg', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurmdbd', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'slurmdbd-dbg', 'reference': '16.05.9-1+deb9u5'},\n {'release': '9.0', 'prefix': 'sview', 'reference': '16.05.9-1+deb9u5'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libpam-slurm / libpmi0 / libpmi0-dbg / libpmi0-dev / libpmi2-0 / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-09T15:09:37", "description": "Multiple security issues were discovered in the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system, which could result in denial of service, information disclosure or privilege escalation.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-28T00:00:00", "type": "nessus", "title": "Debian DSA-4841-1 : slurm-llnl - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19728", "CVE-2020-12693", "CVE-2020-27745", "CVE-2020-27746"], "modified": "2021-02-01T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:slurm-llnl", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4841.NASL", "href": "https://www.tenable.com/plugins/nessus/145523", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4841. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(145523);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/01\");\n\n script_cve_id(\"CVE-2019-19728\", \"CVE-2020-12693\", \"CVE-2020-27745\", \"CVE-2020-27746\");\n script_xref(name:\"DSA\", value:\"4841\");\n\n script_name(english:\"Debian DSA-4841-1 : slurm-llnl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues were discovered in the Simple Linux Utility\nfor Resource Management (SLURM), a cluster resource management and job\nscheduling system, which could result in denial of service,\ninformation disclosure or privilege escalation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/slurm-llnl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/slurm-llnl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2021/dsa-4841\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the slurm-llnl packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 18.08.5.2-1+deb10u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-llnl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"libpam-slurm\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libpmi0\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libpmi0-dev\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libpmi2-0\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libpmi2-0-dev\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libslurm-dev\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libslurm-perl\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libslurm33\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libslurmdb-dev\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libslurmdb-perl\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libslurmdb33\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-client\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-client-emulator\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-wlm\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-wlm-basic-plugins\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-wlm-basic-plugins-dev\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-wlm-doc\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-wlm-emulator\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-wlm-torque\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurmctld\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurmd\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurmdbd\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sview\", reference:\"18.08.5.2-1+deb10u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:45", "description": "This update for slurm fixes the following issues :\n\nCVE-2021-31215: remote code execution as SlurmUser because of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling (bsc#1186024)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-01T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : slurm (SUSE-SU-2021:1787-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31215"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpmi0", "p-cpe:/a:novell:suse_linux:libpmi0-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm31", "p-cpe:/a:novell:suse_linux:libslurm31-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm", "p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm", "p-cpe:/a:novell:suse_linux:slurm-auth-none", "p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-config", "p-cpe:/a:novell:suse_linux:slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-debugsource", "p-cpe:/a:novell:suse_linux:slurm-devel", "p-cpe:/a:novell:suse_linux:slurm-doc", "p-cpe:/a:novell:suse_linux:slurm-lua", "p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-munge", "p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-plugins", "p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sched-wiki", "p-cpe:/a:novell:suse_linux:slurm-slurmdb-direct", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sql", "p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-torque", "p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-1787-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150085", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1787-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(150085);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2021-31215\");\n\n script_name(english:\"SUSE SLES12 Security Update : slurm (SUSE-SU-2021:1787-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm fixes the following issues :\n\nCVE-2021-31215: remote code execution as SlurmUser because of a\nPrologSlurmctld or EpilogSlurmctld script leads to environment\nmishandling (bsc#1186024)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1186024\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2021-31215/\"\n );\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211787-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d2221a19\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 12 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-12-2021-1787=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm31-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sched-wiki\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdb-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0-debuginfo-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm31-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm31-debuginfo-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm-debuginfo-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-auth-none-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-auth-none-debuginfo-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-config-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-debuginfo-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-debugsource-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-devel-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-doc-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-lua-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-lua-debuginfo-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-munge-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-munge-debuginfo-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-debuginfo-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-plugins-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-plugins-debuginfo-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-sched-wiki-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-slurmdb-direct-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-debuginfo-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-sql-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-sql-debuginfo-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-torque-17.02.11-6.50.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-torque-debuginfo-17.02.11-6.50.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:26", "description": "This update for slurm fixes the following issues :\n\nCVE-2021-31215: Fixed a environment mishandling that allowed remote code execution as SlurmUser (bsc#1186024).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-01T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : slurm (SUSE-SU-2021:1810-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31215"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libnss_slurm2", "p-cpe:/a:novell:suse_linux:libnss_slurm2-debuginfo", "p-cpe:/a:novell:suse_linux:libpmi0", "p-cpe:/a:novell:suse_linux:libpmi0-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm35", "p-cpe:/a:novell:suse_linux:libslurm35-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm", "p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm", "p-cpe:/a:novell:suse_linux:slurm-auth-none", "p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-config", "p-cpe:/a:novell:suse_linux:slurm-config-man", "p-cpe:/a:novell:suse_linux:slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-debugsource", "p-cpe:/a:novell:suse_linux:slurm-devel", "p-cpe:/a:novell:suse_linux:slurm-doc", "p-cpe:/a:novell:suse_linux:slurm-lua", "p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-munge", "p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-node", "p-cpe:/a:novell:suse_linux:slurm-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-plugins", "p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sql", "p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sview", "p-cpe:/a:novell:suse_linux:slurm-sview-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-torque", "p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-webdoc", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-1810-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150108", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1810-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(150108);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2021-31215\");\n\n script_name(english:\"SUSE SLES15 Security Update : slurm (SUSE-SU-2021:1810-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm fixes the following issues :\n\nCVE-2021-31215: Fixed a environment mishandling that allowed remote\ncode execution as SlurmUser (bsc#1186024).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1186024\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2021-31215/\"\n );\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211810-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d00020d2\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-15-SP2-2021-1810=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libnss_slurm2-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libnss_slurm2-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libpmi0-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libpmi0-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libslurm35-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libslurm35-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"perl-slurm-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"perl-slurm-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-auth-none-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-auth-none-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-config-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-config-man-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-debugsource-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-devel-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-doc-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-lua-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-lua-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-munge-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-munge-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-node-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-node-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-plugins-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-plugins-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-sql-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-sql-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-sview-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-sview-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-torque-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-torque-debuginfo-20.02.7-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-webdoc-20.02.7-3.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:16", "description": "This update for slurm fixes the following issues :\n\n - CVE-2021-31215: Fixed a environment mishandling that allowed remote code execution as SlurmUser (bsc#1186024).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : slurm (openSUSE-2021-821)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31215"], "modified": "2021-06-07T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libnss_slurm2", "p-cpe:/a:novell:opensuse:libnss_slurm2-debuginfo", "p-cpe:/a:novell:opensuse:libpmi0", "p-cpe:/a:novell:opensuse:libpmi0-debuginfo", "p-cpe:/a:novell:opensuse:libslurm35", "p-cpe:/a:novell:opensuse:libslurm35-debuginfo", "p-cpe:/a:novell:opensuse:perl-slurm", "p-cpe:/a:novell:opensuse:perl-slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm", "p-cpe:/a:novell:opensuse:slurm-auth-none", "p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo", "p-cpe:/a:novell:opensuse:slurm-config", "p-cpe:/a:novell:opensuse:slurm-config-man", "p-cpe:/a:novell:opensuse:slurm-cray", "p-cpe:/a:novell:opensuse:slurm-cray-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debugsource", "p-cpe:/a:novell:opensuse:slurm-devel", "p-cpe:/a:novell:opensuse:slurm-hdf5", "p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo", "p-cpe:/a:novell:opensuse:slurm-lua", "p-cpe:/a:novell:opensuse:slurm-lua-debuginfo", "p-cpe:/a:novell:opensuse:slurm-munge", "p-cpe:/a:novell:opensuse:slurm-munge-debuginfo", "p-cpe:/a:novell:opensuse:slurm-node", "p-cpe:/a:novell:opensuse:slurm-node-debuginfo", "p-cpe:/a:novell:opensuse:slurm-openlava", "p-cpe:/a:novell:opensuse:slurm-pam_slurm", "p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-plugins", "p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo", "p-cpe:/a:novell:opensuse:slurm-rest", "p-cpe:/a:novell:opensuse:slurm-rest-debuginfo", "p-cpe:/a:novell:opensuse:slurm-seff", "p-cpe:/a:novell:opensuse:slurm-sjstat", "p-cpe:/a:novell:opensuse:slurm-slurmdbd", "p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sql", "p-cpe:/a:novell:opensuse:slurm-sql-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sview", "p-cpe:/a:novell:opensuse:slurm-sview-debuginfo", "p-cpe:/a:novell:opensuse:slurm-torque", "p-cpe:/a:novell:opensuse:slurm-torque-debuginfo", "p-cpe:/a:novell:opensuse:slurm-webdoc", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-821.NASL", "href": "https://www.tenable.com/plugins/nessus/150183", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2021-821.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(150183);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/07\");\n\n script_cve_id(\"CVE-2021-31215\");\n\n script_name(english:\"openSUSE Security Update : slurm (openSUSE-2021-821)\");\n script_summary(english:\"Check for the openSUSE-2021-821 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm fixes the following issues :\n\n - CVE-2021-31215: Fixed a environment mishandling that\n allowed remote code execution as SlurmUser\n (bsc#1186024).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1186024\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected slurm packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnss_slurm2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnss_slurm2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm35-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-openlava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-rest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-rest-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-seff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sjstat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnss_slurm2-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnss_slurm2-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libpmi0-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libpmi0-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libslurm35-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libslurm35-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"perl-slurm-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"perl-slurm-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-auth-none-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-auth-none-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-config-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-config-man-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-cray-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-cray-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-debugsource-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-devel-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-hdf5-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-hdf5-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-lua-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-lua-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-munge-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-munge-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-node-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-node-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-openlava-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-pam_slurm-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-pam_slurm-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-plugins-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-plugins-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-rest-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-rest-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-seff-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sjstat-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-slurmdbd-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-slurmdbd-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sql-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sql-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sview-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sview-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-torque-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-torque-debuginfo-20.02.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-webdoc-20.02.7-lp152.2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libnss_slurm2 / libnss_slurm2-debuginfo / libpmi0 / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:37", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:1855-1 advisory.\n\n - SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.\n (CVE-2021-31215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-10T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : slurm (SUSE-SU-2021:1855-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31215"], "modified": "2021-08-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpmi0", "p-cpe:/a:novell:suse_linux:libslurm32", "p-cpe:/a:novell:suse_linux:perl-slurm", "p-cpe:/a:novell:suse_linux:slurm", "p-cpe:/a:novell:suse_linux:slurm-auth-none", "p-cpe:/a:novell:suse_linux:slurm-config", "p-cpe:/a:novell:suse_linux:slurm-devel", "p-cpe:/a:novell:suse_linux:slurm-doc", "p-cpe:/a:novell:suse_linux:slurm-lua", "p-cpe:/a:novell:suse_linux:slurm-munge", "p-cpe:/a:novell:suse_linux:slurm-node", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm-plugins", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm-sql", "p-cpe:/a:novell:suse_linux:slurm-torque", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-1855-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150686", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:1855-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150686);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/09\");\n\n script_cve_id(\"CVE-2021-31215\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:1855-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : slurm (SUSE-SU-2021:1855-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-\nSU-2021:1855-1 advisory.\n\n - SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as\n SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.\n (CVE-2021-31215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1186024\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-June/008930.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?287aa030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-31215\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-31215\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'libslurm32-17.11.13-6.37', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libslurm32-17.11.13-6.37', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'libpmi0-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libpmi0-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libpmi0-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libpmi0-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libslurm32-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libslurm32-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libslurm32-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libslurm32-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'perl-slurm-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'perl-slurm-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'perl-slurm-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'perl-slurm-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-auth-none-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-auth-none-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-auth-none-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-auth-none-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-config-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-config-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-config-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-config-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-devel-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-devel-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-devel-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-devel-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-doc-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-doc-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-doc-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-doc-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-lua-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-lua-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-lua-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-lua-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-munge-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-munge-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-munge-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-munge-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-node-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-node-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-node-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-node-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-pam_slurm-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-pam_slurm-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-pam_slurm-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-pam_slurm-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-plugins-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-plugins-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-plugins-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-plugins-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-slurmdbd-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-slurmdbd-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-slurmdbd-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-slurmdbd-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-sql-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-sql-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-sql-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-sql-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-torque-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-torque-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-torque-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm-torque-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libpmi0-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libpmi0-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libpmi0-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libpmi0-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libslurm32-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libslurm32-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libslurm32-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libslurm32-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'perl-slurm-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'perl-slurm-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'perl-slurm-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'perl-slurm-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-auth-none-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-auth-none-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-auth-none-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-auth-none-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-config-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-config-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-config-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-config-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-devel-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-devel-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-devel-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-devel-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-doc-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-doc-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-doc-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-doc-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-lua-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-lua-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-lua-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-lua-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-munge-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-munge-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-munge-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-munge-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-node-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-node-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-node-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-node-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-pam_slurm-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-pam_slurm-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-pam_slurm-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-pam_slurm-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-plugins-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-plugins-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-plugins-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-plugins-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-slurmdbd-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-slurmdbd-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-slurmdbd-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-slurmdbd-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-sql-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-sql-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-sql-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-sql-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-torque-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-torque-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-torque-17.11.13-6.37', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm-torque-17.11.13-6.37', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libslurm32-17.11.13-6.37', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'libslurm32-17.11.13-6.37', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libpmi0 / libslurm32 / perl-slurm / slurm / slurm-auth-none / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:07", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:1856-1 advisory.\n\n - SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.\n (CVE-2021-31215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-11T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : slurm_18_08 (SUSE-SU-2021:1856-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31215"], "modified": "2021-08-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpmi0_18_08", "p-cpe:/a:novell:suse_linux:libslurm33", "p-cpe:/a:novell:suse_linux:perl-slurm_18_08", "p-cpe:/a:novell:suse_linux:slurm_18_08", "p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none", "p-cpe:/a:novell:suse_linux:slurm_18_08-config", "p-cpe:/a:novell:suse_linux:slurm_18_08-devel", "p-cpe:/a:novell:suse_linux:slurm_18_08-doc", "p-cpe:/a:novell:suse_linux:slurm_18_08-lua", "p-cpe:/a:novell:suse_linux:slurm_18_08-munge", "p-cpe:/a:novell:suse_linux:slurm_18_08-node", "p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm_18_08-plugins", "p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm_18_08-sql", "p-cpe:/a:novell:suse_linux:slurm_18_08-torque", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-1856-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150698", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:1856-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150698);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/09\");\n\n script_cve_id(\"CVE-2021-31215\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:1856-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : slurm_18_08 (SUSE-SU-2021:1856-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-\nSU-2021:1856-1 advisory.\n\n - SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as\n SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.\n (CVE-2021-31215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1186024\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.suse.com/pipermail/sle-updates/2021-June/019202.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-31215\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-31215\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'libpmi0_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libpmi0_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libpmi0_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libpmi0_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libslurm33-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libslurm33-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libslurm33-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libslurm33-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'perl-slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'perl-slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'perl-slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'perl-slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-auth-none-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-auth-none-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-auth-none-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-auth-none-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-config-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-config-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-config-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-config-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-devel-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-devel-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-devel-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-devel-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-doc-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-doc-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-doc-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-doc-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-lua-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-lua-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-lua-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-lua-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-munge-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-munge-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-munge-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-munge-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-node-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-node-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-node-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-node-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-pam_slurm-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-pam_slurm-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-pam_slurm-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-pam_slurm-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-plugins-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-plugins-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-plugins-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-plugins-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-slurmdbd-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-slurmdbd-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-slurmdbd-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-slurmdbd-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-sql-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-sql-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-sql-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-sql-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-torque-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-torque-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-torque-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'slurm_18_08-torque-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'libpmi0_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libpmi0_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libpmi0_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libpmi0_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libslurm33-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libslurm33-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libslurm33-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'libslurm33-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'perl-slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'perl-slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'perl-slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'perl-slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-auth-none-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-auth-none-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-auth-none-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-auth-none-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-config-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-config-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-config-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-config-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-devel-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-devel-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-devel-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-devel-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-doc-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-doc-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-doc-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-doc-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-lua-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-lua-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-lua-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-lua-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-munge-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-munge-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-munge-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-munge-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-node-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-node-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-node-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-node-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-pam_slurm-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-pam_slurm-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-pam_slurm-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-pam_slurm-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-plugins-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-plugins-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-plugins-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-plugins-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-slurmdbd-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-slurmdbd-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-slurmdbd-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-slurmdbd-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-sql-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-sql-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-sql-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-sql-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-torque-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-torque-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-torque-18.08.9-1.14', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'slurm_18_08-torque-18.08.9-1.14', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libpmi0_18_08 / libslurm33 / perl-slurm_18_08 / slurm_18_08 / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:19", "description": "This update for slurm_18_08 fixes the following issues :\n\nCVE-2021-31215: remote code execution as SlurmUser because of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling (bsc#1186024)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-01T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : slurm_18_08 (SUSE-SU-2021:1788-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31215"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpmi0_18_08", "p-cpe:/a:novell:suse_linux:libpmi0_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm33", "p-cpe:/a:novell:suse_linux:libslurm33-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm_18_08", "p-cpe:/a:novell:suse_linux:perl-slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08", "p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none", "p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-config", "p-cpe:/a:novell:suse_linux:slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-debugsource", "p-cpe:/a:novell:suse_linux:slurm_18_08-devel", "p-cpe:/a:novell:suse_linux:slurm_18_08-doc", "p-cpe:/a:novell:suse_linux:slurm_18_08-lua", "p-cpe:/a:novell:suse_linux:slurm_18_08-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-munge", "p-cpe:/a:novell:suse_linux:slurm_18_08-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-node", "p-cpe:/a:novell:suse_linux:slurm_18_08-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-plugins", "p-cpe:/a:novell:suse_linux:slurm_18_08-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-sql", "p-cpe:/a:novell:suse_linux:slurm_18_08-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-torque", "p-cpe:/a:novell:suse_linux:slurm_18_08-torque-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-1788-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150092", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1788-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(150092);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2021-31215\");\n\n script_name(english:\"SUSE SLES12 Security Update : slurm_18_08 (SUSE-SU-2021:1788-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm_18_08 fixes the following issues :\n\nCVE-2021-31215: remote code execution as SlurmUser because of a\nPrologSlurmctld or EpilogSlurmctld script leads to environment\nmishandling (bsc#1186024)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1186024\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2021-31215/\"\n );\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211788-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?41c2f8c3\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 12 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-12-2021-1788=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_18_08-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_18_08-debuginfo-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm33-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm33-debuginfo-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_18_08-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_18_08-debuginfo-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-auth-none-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-auth-none-debuginfo-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-config-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-debuginfo-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-debugsource-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-devel-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-doc-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-lua-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-lua-debuginfo-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-munge-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-munge-debuginfo-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-node-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-node-debuginfo-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-pam_slurm-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-pam_slurm-debuginfo-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-plugins-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-plugins-debuginfo-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-slurmdbd-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-slurmdbd-debuginfo-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-sql-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-sql-debuginfo-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-torque-18.08.9-3.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-torque-debuginfo-18.08.9-3.14.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm_18_08\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:26", "description": "This update for slurm_20_11 fixes the following issues :\n\nUdpate to 20.02.7 :\n\nCVE-2021-31215: remote code execution as SlurmUser because of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling (bsc#1186024)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-01T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : slurm_20_11 (SUSE-SU-2021:1789-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31215"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02", "p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:libpmi0_20_02", "p-cpe:/a:novell:suse_linux:libpmi0_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm35", "p-cpe:/a:novell:suse_linux:libslurm35-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm_20_02", "p-cpe:/a:novell:suse_linux:perl-slurm_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02", "p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none", "p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-config", "p-cpe:/a:novell:suse_linux:slurm_20_02-config-man", "p-cpe:/a:novell:suse_linux:slurm_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-debugsource", "p-cpe:/a:novell:suse_linux:slurm_20_02-devel", "p-cpe:/a:novell:suse_linux:slurm_20_02-doc", "p-cpe:/a:novell:suse_linux:slurm_20_02-lua", "p-cpe:/a:novell:suse_linux:slurm_20_02-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-munge", "p-cpe:/a:novell:suse_linux:slurm_20_02-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-node", "p-cpe:/a:novell:suse_linux:slurm_20_02-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-plugins", "p-cpe:/a:novell:suse_linux:slurm_20_02-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-sql", "p-cpe:/a:novell:suse_linux:slurm_20_02-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-sview", "p-cpe:/a:novell:suse_linux:slurm_20_02-sview-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-torque", "p-cpe:/a:novell:suse_linux:slurm_20_02-torque-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-1789-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150112", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1789-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(150112);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2021-31215\");\n\n script_name(english:\"SUSE SLES12 Security Update : slurm_20_11 (SUSE-SU-2021:1789-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm_20_11 fixes the following issues :\n\nUdpate to 20.02.7 :\n\nCVE-2021-31215: remote code execution as SlurmUser because of a\nPrologSlurmctld or EpilogSlurmctld script leads to environment\nmishandling (bsc#1186024)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1186024\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2021-31215/\"\n );\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211789-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?86892c9a\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 12 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-12-2021-1789=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libnss_slurm2_20_02-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libnss_slurm2_20_02-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_20_02-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_20_02-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm35-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm35-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_20_02-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_20_02-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-auth-none-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-auth-none-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-config-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-config-man-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-debugsource-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-devel-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-doc-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-lua-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-lua-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-munge-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-munge-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-node-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-node-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-pam_slurm-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-pam_slurm-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-plugins-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-plugins-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-slurmdbd-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-slurmdbd-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-sql-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-sql-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-sview-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-sview-debuginfo-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-torque-20.02.7-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-torque-debuginfo-20.02.7-3.11.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm_20_11\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:03", "description": "This update for slurm_20_11 fixes the following issues :\n\nUdpate to 20.11.7 :\n\nCVE-2021-31215: remote code execution as SlurmUser because of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling (bsc#1186024)\n\nShip REST API version and auth plugins with slurmrestd.\n\nAdd YAML support for REST API to build (bsc#1185603).\n\nFix Provides:/Conflicts: for libnss_slurm (bsc#1180700).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-01T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : slurm_20_11 (SUSE-SU-2021:1791-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31215"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libnss_slurm2_20_11", "p-cpe:/a:novell:suse_linux:libnss_slurm2_20_11-debuginfo", "p-cpe:/a:novell:suse_linux:libpmi0_20_11", "p-cpe:/a:novell:suse_linux:libpmi0_20_11-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm36", "p-cpe:/a:novell:suse_linux:libslurm36-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm_20_11", "p-cpe:/a:novell:suse_linux:perl-slurm_20_11-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11", "p-cpe:/a:novell:suse_linux:slurm_20_11-auth-none", "p-cpe:/a:novell:suse_linux:slurm_20_11-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-config", "p-cpe:/a:novell:suse_linux:slurm_20_11-config-man", "p-cpe:/a:novell:suse_linux:slurm_20_11-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-debugsource", "p-cpe:/a:novell:suse_linux:slurm_20_11-devel", "p-cpe:/a:novell:suse_linux:slurm_20_11-doc", "p-cpe:/a:novell:suse_linux:slurm_20_11-lua", "p-cpe:/a:novell:suse_linux:slurm_20_11-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-munge", "p-cpe:/a:novell:suse_linux:slurm_20_11-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-node", "p-cpe:/a:novell:suse_linux:slurm_20_11-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm_20_11-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-plugins", "p-cpe:/a:novell:suse_linux:slurm_20_11-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm_20_11-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-sql", "p-cpe:/a:novell:suse_linux:slurm_20_11-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-sview", "p-cpe:/a:novell:suse_linux:slurm_20_11-sview-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-torque", "p-cpe:/a:novell:suse_linux:slurm_20_11-torque-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-webdoc", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-1791-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1791-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(150084);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2021-31215\");\n\n script_name(english:\"SUSE SLES12 Security Update : slurm_20_11 (SUSE-SU-2021:1791-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm_20_11 fixes the following issues :\n\nUdpate to 20.11.7 :\n\nCVE-2021-31215: remote code execution as SlurmUser because of a\nPrologSlurmctld or EpilogSlurmctld script leads to environment\nmishandling (bsc#1186024)\n\nShip REST API version and auth plugins with slurmrestd.\n\nAdd YAML support for REST API to build (bsc#1185603).\n\nFix Provides:/Conflicts: for libnss_slurm (bsc#1180700).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1180700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1185603\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1186024\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2021-31215/\"\n );\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211791-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?08b740f5\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 12 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-12-2021-1791=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm36-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libnss_slurm2_20_11-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libnss_slurm2_20_11-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_20_11-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_20_11-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm36-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm36-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_20_11-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_20_11-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-auth-none-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-auth-none-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-config-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-config-man-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-debugsource-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-devel-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-doc-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-lua-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-lua-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-munge-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-munge-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-node-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-node-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-pam_slurm-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-pam_slurm-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-plugins-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-plugins-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-slurmdbd-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-slurmdbd-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-sql-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-sql-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-sview-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-sview-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-torque-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-torque-debuginfo-20.11.7-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-webdoc-20.11.7-3.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm_20_11\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:01", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:2473-1 advisory.\n\n - SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.\n (CVE-2021-31215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-27T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : slurm (SUSE-SU-2021:2473-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31215"], "modified": "2021-08-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libnss_slurm2", "p-cpe:/a:novell:suse_linux:libpmi0", "p-cpe:/a:novell:suse_linux:libslurm36", "p-cpe:/a:novell:suse_linux:perl-slurm", "p-cpe:/a:novell:suse_linux:slurm", "p-cpe:/a:novell:suse_linux:slurm-auth-none", "p-cpe:/a:novell:suse_linux:slurm-config", "p-cpe:/a:novell:suse_linux:slurm-config-man", "p-cpe:/a:novell:suse_linux:slurm-devel", "p-cpe:/a:novell:suse_linux:slurm-doc", "p-cpe:/a:novell:suse_linux:slurm-lua", "p-cpe:/a:novell:suse_linux:slurm-munge", "p-cpe:/a:novell:suse_linux:slurm-node", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm-plugins", "p-cpe:/a:novell:suse_linux:slurm-rest", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm-sql", "p-cpe:/a:novell:suse_linux:slurm-sview", "p-cpe:/a:novell:suse_linux:slurm-torque", "p-cpe:/a:novell:suse_linux:slurm-webdoc", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-2473-1.NASL", "href": "https://www.tenable.com/plugins/nessus/152104", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:2473-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152104);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/09\");\n\n script_cve_id(\"CVE-2021-31215\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:2473-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : slurm (SUSE-SU-2021:2473-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-\nSU-2021:2473-1 advisory.\n\n - SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as\n SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.\n (CVE-2021-31215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1180700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1186024\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-July/009216.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2f973b93\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-31215\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-31215\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-rest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'libnss_slurm2-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'libnss_slurm2-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'libpmi0-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'libpmi0-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'libslurm36-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'libslurm36-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'perl-slurm-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'perl-slurm-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-auth-none-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-auth-none-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-config-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-config-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-config-man-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-config-man-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-devel-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-devel-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-doc-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-doc-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-lua-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-lua-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-munge-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-munge-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-node-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-node-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-pam_slurm-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-pam_slurm-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-plugins-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-plugins-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-rest-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-rest-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-slurmdbd-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-slurmdbd-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-sql-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-sql-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-sview-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-sview-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-torque-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-torque-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-webdoc-20.11.7-4.3.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'},\n {'reference':'slurm-webdoc-20.11.7-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.3'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libnss_slurm2 / libpmi0 / libslurm36 / perl-slurm / slurm / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:20", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:2295-1 advisory.\n\n - SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.\n (CVE-2021-31215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : slurm_20_11 (SUSE-SU-2021:2295-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31215"], "modified": "2021-08-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libnss_slurm2_20_11", "p-cpe:/a:novell:suse_linux:libpmi0_20_11", "p-cpe:/a:novell:suse_linux:libslurm36", "p-cpe:/a:novell:suse_linux:perl-slurm_20_11", "p-cpe:/a:novell:suse_linux:slurm_20_11", "p-cpe:/a:novell:suse_linux:slurm_20_11-auth-none", "p-cpe:/a:novell:suse_linux:slurm_20_11-config", "p-cpe:/a:novell:suse_linux:slurm_20_11-config-man", "p-cpe:/a:novell:suse_linux:slurm_20_11-devel", "p-cpe:/a:novell:suse_linux:slurm_20_11-doc", "p-cpe:/a:novell:suse_linux:slurm_20_11-lua", "p-cpe:/a:novell:suse_linux:slurm_20_11-munge", "p-cpe:/a:novell:suse_linux:slurm_20_11-node", "p-cpe:/a:novell:suse_linux:slurm_20_11-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm_20_11-plugins", "p-cpe:/a:novell:suse_linux:slurm_20_11-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm_20_11-sql", "p-cpe:/a:novell:suse_linux:slurm_20_11-sview", "p-cpe:/a:novell:suse_linux:slurm_20_11-torque", "p-cpe:/a:novell:suse_linux:slurm_20_11-webdoc", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-2295-1.NASL", "href": "https://www.tenable.com/plugins/nessus/151530", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:2295-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151530);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/09\");\n\n script_cve_id(\"CVE-2021-31215\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:2295-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : slurm_20_11 (SUSE-SU-2021:2295-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-\nSU-2021:2295-1 advisory.\n\n - SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as\n SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.\n (CVE-2021-31215)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1180700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1186024\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-July/009122.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d11f0ae2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-31215\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-31215\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'libnss_slurm2_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'libnss_slurm2_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'libpmi0_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'libpmi0_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'libslurm36-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'libslurm36-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'perl-slurm_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'perl-slurm_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-auth-none-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-auth-none-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-config-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-config-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-config-man-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-config-man-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-devel-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-devel-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-doc-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-doc-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-lua-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-lua-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-munge-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-munge-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-node-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-node-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-pam_slurm-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-pam_slurm-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-plugins-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-plugins-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-slurmdbd-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-slurmdbd-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-sql-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-sql-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-sview-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-sview-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-torque-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-torque-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-webdoc-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'slurm_20_11-webdoc-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.2'},\n {'reference':'libnss_slurm2_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'libnss_slurm2_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'libpmi0_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'libpmi0_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'libslurm36-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'libslurm36-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'perl-slurm_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'perl-slurm_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-auth-none-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-auth-none-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-config-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-config-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-config-man-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-config-man-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-devel-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-devel-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-doc-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-doc-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-lua-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-lua-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-munge-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-munge-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-node-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-node-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-pam_slurm-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-pam_slurm-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-plugins-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-plugins-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-slurmdbd-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-slurmdbd-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-sql-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-sql-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-sview-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-sview-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-torque-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-torque-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-webdoc-20.11.7-6.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'},\n {'reference':'slurm_20_11-webdoc-20.11.7-6.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-hpc-release-15.2'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libnss_slurm2_20_11 / libpmi0_20_11 / libslurm36 / perl-slurm_20_11 / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-03-09T15:10:13", "description": "This update for slurm fixes the following issues :\n\n - CVE-2020-27745: PMIx - fix potential buffer overflows from use of unpackmem(). (bsc#1178890)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-20T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : slurm (SUSE-SU-2021:0155-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745"], "modified": "2021-01-22T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpmi0", "p-cpe:/a:novell:suse_linux:libpmi0-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm31", "p-cpe:/a:novell:suse_linux:libslurm31-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm", "p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm", "p-cpe:/a:novell:suse_linux:slurm-auth-none", "p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-config", "p-cpe:/a:novell:suse_linux:slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-debugsource", "p-cpe:/a:novell:suse_linux:slurm-devel", "p-cpe:/a:novell:suse_linux:slurm-doc", "p-cpe:/a:novell:suse_linux:slurm-lua", "p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-munge", "p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-plugins", "p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sched-wiki", "p-cpe:/a:novell:suse_linux:slurm-slurmdb-direct", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sql", "p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-torque", "p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-0155-1.NASL", "href": "https://www.tenable.com/plugins/nessus/145164", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:0155-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(145164);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/22\");\n\n script_cve_id(\"CVE-2020-27745\");\n\n script_name(english:\"SUSE SLES12 Security Update : slurm (SUSE-SU-2021:0155-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm fixes the following issues :\n\n - CVE-2020-27745: PMIx - fix potential buffer overflows\n from use of unpackmem(). (bsc#1178890)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27745/\"\n );\n # https://www.suse.com/support/update/announcement/2021/suse-su-20210155-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?daf9ab49\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 12 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-12-2021-155=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm31-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sched-wiki\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdb-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0-debuginfo-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm31-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm31-debuginfo-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm-debuginfo-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-auth-none-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-auth-none-debuginfo-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-config-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-debuginfo-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-debugsource-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-devel-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-doc-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-lua-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-lua-debuginfo-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-munge-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-munge-debuginfo-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-debuginfo-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-plugins-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-plugins-debuginfo-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-sched-wiki-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-slurmdb-direct-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-debuginfo-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-sql-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-sql-debuginfo-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-torque-17.02.11-6.47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-torque-debuginfo-17.02.11-6.47.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:52:08", "description": "This update for slurm_18_08 fixes the following issues :\n\n - Fix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user to launch a process as an arbitrary user. (CVE-2020-12693, bsc#1172004). Add:\n Fix-Authentication-Bypass-when-Message-Aggregation-is-en abled-CVE-2020-12693.patch\n\n - Remove unneeded build dependency to postgresql-devel.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : slurm_18_08 (openSUSE-2020-1969)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12693"], "modified": "2020-11-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpmi0", "p-cpe:/a:novell:opensuse:libpmi0-debuginfo", "p-cpe:/a:novell:opensuse:libslurm33", "p-cpe:/a:novell:opensuse:libslurm33-debuginfo", "p-cpe:/a:novell:opensuse:perl-slurm", "p-cpe:/a:novell:opensuse:perl-slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm", "p-cpe:/a:novell:opensuse:slurm-auth-none", "p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo", "p-cpe:/a:novell:opensuse:slurm-config", "p-cpe:/a:novell:opensuse:slurm-config-man", "p-cpe:/a:novell:opensuse:slurm-cray", "p-cpe:/a:novell:opensuse:slurm-cray-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debugsource", "p-cpe:/a:novell:opensuse:slurm-devel", "p-cpe:/a:novell:opensuse:slurm-hdf5", "p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo", "p-cpe:/a:novell:opensuse:slurm-lua", "p-cpe:/a:novell:opensuse:slurm-lua-debuginfo", "p-cpe:/a:novell:opensuse:slurm-munge", "p-cpe:/a:novell:opensuse:slurm-munge-debuginfo", "p-cpe:/a:novell:opensuse:slurm-node", "p-cpe:/a:novell:opensuse:slurm-node-debuginfo", "p-cpe:/a:novell:opensuse:slurm-openlava", "p-cpe:/a:novell:opensuse:slurm-pam_slurm", "p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-plugins", "p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo", "p-cpe:/a:novell:opensuse:slurm-seff", "p-cpe:/a:novell:opensuse:slurm-sjstat", "p-cpe:/a:novell:opensuse:slurm-slurmdbd", "p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sql", "p-cpe:/a:novell:opensuse:slurm-sql-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sview", "p-cpe:/a:novell:opensuse:slurm-sview-debuginfo", "p-cpe:/a:novell:opensuse:slurm-torque", "p-cpe:/a:novell:opensuse:slurm-torque-debuginfo", "p-cpe:/a:novell:opensuse:slurm-webdoc", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-1969.NASL", "href": "https://www.tenable.com/plugins/nessus/143146", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1969.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143146);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/25\");\n\n script_cve_id(\"CVE-2020-12693\");\n\n script_name(english:\"openSUSE Security Update : slurm_18_08 (openSUSE-2020-1969)\");\n script_summary(english:\"Check for the openSUSE-2020-1969 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm_18_08 fixes the following issues :\n\n - Fix Authentication Bypass when Message Aggregation is\n enabled CVE-2020-12693 This fixes and issue where\n authentication could be bypassed via an alternate path\n or channel when message Aggregation was enabled. A race\n condition allowed a user to launch a process as an\n arbitrary user. (CVE-2020-12693, bsc#1172004). Add:\n Fix-Authentication-Bypass-when-Message-Aggregation-is-en\n abled-CVE-2020-12693.patch\n\n - Remove unneeded build dependency to postgresql-devel.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172004\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected slurm_18_08 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12693\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-openlava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-seff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sjstat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpmi0-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpmi0-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libslurm33-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libslurm33-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-slurm-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-slurm-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-auth-none-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-auth-none-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-config-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-config-man-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-cray-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-cray-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-debugsource-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-devel-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-hdf5-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-hdf5-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-lua-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-lua-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-munge-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-munge-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-node-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-node-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-openlava-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-pam_slurm-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-pam_slurm-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-plugins-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-plugins-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-seff-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sjstat-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-slurmdbd-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-slurmdbd-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sql-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sql-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sview-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sview-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-torque-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-torque-debuginfo-18.08.9-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-webdoc-18.08.9-lp151.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpmi0 / libpmi0-debuginfo / libslurm33 / libslurm33-debuginfo / etc\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:19:45", "description": "This update for slurm fixes the following issues :\n\n - Fix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user to launch a process as an arbitrary user. Add:\n Fix-Authentication-Bypass-when-Message-Aggregation-is-en abled-CVE-2020-12693.patch (CVE-2020-12693, bsc#1172004).\n\n - Remove unneeded build dependency to postgresql-devel.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-09-14T00:00:00", "type": "nessus", "title": "openSUSE Security Update : slurm (openSUSE-2020-1421)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12693"], "modified": "2020-09-16T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpmi0", "p-cpe:/a:novell:opensuse:libpmi0-debuginfo", "p-cpe:/a:novell:opensuse:libslurm33", "p-cpe:/a:novell:opensuse:libslurm33-debuginfo", "p-cpe:/a:novell:opensuse:perl-slurm", "p-cpe:/a:novell:opensuse:perl-slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm", "p-cpe:/a:novell:opensuse:slurm-auth-none", "p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo", "p-cpe:/a:novell:opensuse:slurm-config", "p-cpe:/a:novell:opensuse:slurm-config-man", "p-cpe:/a:novell:opensuse:slurm-cray", "p-cpe:/a:novell:opensuse:slurm-cray-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debugsource", "p-cpe:/a:novell:opensuse:slurm-devel", "p-cpe:/a:novell:opensuse:slurm-hdf5", "p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo", "p-cpe:/a:novell:opensuse:slurm-lua", "p-cpe:/a:novell:opensuse:slurm-lua-debuginfo", "p-cpe:/a:novell:opensuse:slurm-munge", "p-cpe:/a:novell:opensuse:slurm-munge-debuginfo", "p-cpe:/a:novell:opensuse:slurm-node", "p-cpe:/a:novell:opensuse:slurm-node-debuginfo", "p-cpe:/a:novell:opensuse:slurm-openlava", "p-cpe:/a:novell:opensuse:slurm-pam_slurm", "p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-plugins", "p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo", "p-cpe:/a:novell:opensuse:slurm-seff", "p-cpe:/a:novell:opensuse:slurm-sjstat", "p-cpe:/a:novell:opensuse:slurm-slurmdbd", "p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sql", "p-cpe:/a:novell:opensuse:slurm-sql-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sview", "p-cpe:/a:novell:opensuse:slurm-sview-debuginfo", "p-cpe:/a:novell:opensuse:slurm-torque", "p-cpe:/a:novell:opensuse:slurm-torque-debuginfo", "p-cpe:/a:novell:opensuse:slurm-webdoc", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-1421.NASL", "href": "https://www.tenable.com/plugins/nessus/140574", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1421.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140574);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/16\");\n\n script_cve_id(\"CVE-2020-12693\");\n\n script_name(english:\"openSUSE Security Update : slurm (openSUSE-2020-1421)\");\n script_summary(english:\"Check for the openSUSE-2020-1421 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm fixes the following issues :\n\n - Fix Authentication Bypass when Message Aggregation is\n enabled CVE-2020-12693 This fixes and issue where\n authentication could be bypassed via an alternate path\n or channel when message Aggregation was enabled. A race\n condition allowed a user to launch a process as an\n arbitrary user. Add:\n Fix-Authentication-Bypass-when-Message-Aggregation-is-en\n abled-CVE-2020-12693.patch (CVE-2020-12693,\n bsc#1172004).\n\n - Remove unneeded build dependency to postgresql-devel.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172004\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected slurm packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-openlava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-seff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sjstat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpmi0-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpmi0-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libslurm33-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libslurm33-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-slurm-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-slurm-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-auth-none-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-auth-none-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-config-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-config-man-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-cray-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-cray-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-debugsource-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-devel-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-hdf5-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-hdf5-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-lua-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-lua-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-munge-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-munge-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-node-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-node-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-openlava-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-pam_slurm-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-pam_slurm-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-plugins-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-plugins-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-seff-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sjstat-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-slurmdbd-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-slurmdbd-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sql-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sql-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sview-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sview-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-torque-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-torque-debuginfo-18.08.9-lp151.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-webdoc-18.08.9-lp151.2.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpmi0 / libpmi0-debuginfo / libslurm33 / libslurm33-debuginfo / etc\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:20:02", "description": "This update for slurm_18_08 fixes the following issues :\n\n - Fix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user to launch a process as an arbitrary user. (CVE-2020-12693, bsc#1172004). Add:\n Fix-Authentication-Bypass-when-Message-Aggregation-is-en abled-CVE-2020-12693.patch\n\n - Remove unneeded build dependency to postgresql-devel.\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-09-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : slurm_18_08 (openSUSE-2020-1468)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12693"], "modified": "2020-09-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpmi0", "p-cpe:/a:novell:opensuse:libpmi0-debuginfo", "p-cpe:/a:novell:opensuse:libslurm33", "p-cpe:/a:novell:opensuse:libslurm33-debuginfo", "p-cpe:/a:novell:opensuse:perl-slurm", "p-cpe:/a:novell:opensuse:perl-slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm", "p-cpe:/a:novell:opensuse:slurm-auth-none", "p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo", "p-cpe:/a:novell:opensuse:slurm-config", "p-cpe:/a:novell:opensuse:slurm-config-man", "p-cpe:/a:novell:opensuse:slurm-cray", "p-cpe:/a:novell:opensuse:slurm-cray-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debugsource", "p-cpe:/a:novell:opensuse:slurm-devel", "p-cpe:/a:novell:opensuse:slurm-hdf5", "p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo", "p-cpe:/a:novell:opensuse:slurm-lua", "p-cpe:/a:novell:opensuse:slurm-lua-debuginfo", "p-cpe:/a:novell:opensuse:slurm-munge", "p-cpe:/a:novell:opensuse:slurm-munge-debuginfo", "p-cpe:/a:novell:opensuse:slurm-node", "p-cpe:/a:novell:opensuse:slurm-node-debuginfo", "p-cpe:/a:novell:opensuse:slurm-openlava", "p-cpe:/a:novell:opensuse:slurm-pam_slurm", "p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-plugins", "p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo", "p-cpe:/a:novell:opensuse:slurm-seff", "p-cpe:/a:novell:opensuse:slurm-sjstat", "p-cpe:/a:novell:opensuse:slurm-slurmdbd", "p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sql", "p-cpe:/a:novell:opensuse:slurm-sql-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sview", "p-cpe:/a:novell:opensuse:slurm-sview-debuginfo", "p-cpe:/a:novell:opensuse:slurm-torque", "p-cpe:/a:novell:opensuse:slurm-torque-debuginfo", "p-cpe:/a:novell:opensuse:slurm-webdoc", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1468.NASL", "href": "https://www.tenable.com/plugins/nessus/140689", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1468.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140689);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/23\");\n\n script_cve_id(\"CVE-2020-12693\");\n\n script_name(english:\"openSUSE Security Update : slurm_18_08 (openSUSE-2020-1468)\");\n script_summary(english:\"Check for the openSUSE-2020-1468 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm_18_08 fixes the following issues :\n\n - Fix Authentication Bypass when Message Aggregation is\n enabled CVE-2020-12693 This fixes and issue where\n authentication could be bypassed via an alternate path\n or channel when message Aggregation was enabled. A race\n condition allowed a user to launch a process as an\n arbitrary user. (CVE-2020-12693, bsc#1172004). Add:\n Fix-Authentication-Bypass-when-Message-Aggregation-is-en\n abled-CVE-2020-12693.patch\n\n - Remove unneeded build dependency to postgresql-devel.\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172004\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected slurm_18_08 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-openlava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-seff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sjstat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libpmi0-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libpmi0-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libslurm33-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libslurm33-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"perl-slurm-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"perl-slurm-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-auth-none-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-auth-none-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-config-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-config-man-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-cray-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-cray-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-debugsource-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-devel-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-hdf5-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-hdf5-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-lua-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-lua-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-munge-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-munge-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-node-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-node-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-openlava-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-pam_slurm-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-pam_slurm-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-plugins-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-plugins-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-seff-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sjstat-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-slurmdbd-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-slurmdbd-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sql-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sql-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sview-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sview-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-torque-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-torque-debuginfo-18.08.9-lp152.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-webdoc-18.08.9-lp152.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpmi0 / libpmi0-debuginfo / libslurm33 / libslurm33-debuginfo / etc\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:14:33", "description": "This update for slurm_20_02 to version 20.02.3 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2020-12693: Fixed an authentication bypass via an alternate path or channel (bsc#1172004).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-18T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : slurm_20_02 (SUSE-SU-2020:1554-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12693"], "modified": "2020-12-21T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libnss_slurm2", "p-cpe:/a:novell:suse_linux:libnss_slurm2-debuginfo", "p-cpe:/a:novell:suse_linux:libpmi0_20_02", "p-cpe:/a:novell:suse_linux:libpmi0_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm35", "p-cpe:/a:novell:suse_linux:libslurm35-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm_20_02", "p-cpe:/a:novell:suse_linux:perl-slurm_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02", "p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none", "p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-config", "p-cpe:/a:novell:suse_linux:slurm_20_02-config-man", "p-cpe:/a:novell:suse_linux:slurm_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-debugsource", "p-cpe:/a:novell:suse_linux:slurm_20_02-devel", "p-cpe:/a:novell:suse_linux:slurm_20_02-doc", "p-cpe:/a:novell:suse_linux:slurm_20_02-lua", "p-cpe:/a:novell:suse_linux:slurm_20_02-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-munge", "p-cpe:/a:novell:suse_linux:slurm_20_02-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-node", "p-cpe:/a:novell:suse_linux:slurm_20_02-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-plugins", "p-cpe:/a:novell:suse_linux:slurm_20_02-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-sql", "p-cpe:/a:novell:suse_linux:slurm_20_02-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-sview", "p-cpe:/a:novell:suse_linux:slurm_20_02-sview-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-torque", "p-cpe:/a:novell:suse_linux:slurm_20_02-torque-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-webdoc", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-1554-1.NASL", "href": "https://www.tenable.com/plugins/nessus/137593", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1554-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137593);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/21\");\n\n script_cve_id(\"CVE-2020-12693\");\n\n script_name(english:\"SUSE SLES15 Security Update : slurm_20_02 (SUSE-SU-2020:1554-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm_20_02 to version 20.02.3 fixes the following\nissues :\n\nSecurity issue fixed :\n\nCVE-2020-12693: Fixed an authentication bypass via an alternate path\nor channel (bsc#1172004).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172004\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-12693/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201554-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dec3da2c\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-15-SP1-2020-1554=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12693\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libnss_slurm2-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libnss_slurm2-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpmi0_20_02-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpmi0_20_02-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libslurm35-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libslurm35-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"perl-slurm_20_02-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"perl-slurm_20_02-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-auth-none-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-auth-none-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-config-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-config-man-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-debugsource-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-devel-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-doc-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-lua-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-lua-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-munge-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-munge-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-node-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-node-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-pam_slurm-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-pam_slurm-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-plugins-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-plugins-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-slurmdbd-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-slurmdbd-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-sql-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-sql-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-sview-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-sview-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-torque-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-torque-debuginfo-20.02.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-webdoc-20.02.3-3.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm_20_02\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:14:33", "description": "Bug fix and security fix for CVE-2020-12693\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-04T00:00:00", "type": "nessus", "title": "Fedora 31 : slurm (2020-11d0cf302f)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12693"], "modified": "2020-06-09T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:slurm", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-11D0CF302F.NASL", "href": "https://www.tenable.com/plugins/nessus/137105", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-11d0cf302f.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137105);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/09\");\n\n script_cve_id(\"CVE-2020-12693\");\n script_xref(name:\"FEDORA\", value:\"2020-11d0cf302f\");\n\n script_name(english:\"Fedora 31 : slurm (2020-11d0cf302f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Bug fix and security fix for CVE-2020-12693\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-11d0cf302f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected slurm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"slurm-19.05.7-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:15:12", "description": "Bug fix and security fix for CVE-2020-12693\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-04T00:00:00", "type": "nessus", "title": "Fedora 32 : slurm (2020-e95ef17134)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12693"], "modified": "2020-06-09T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:slurm", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-E95EF17134.NASL", "href": "https://www.tenable.com/plugins/nessus/137123", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-e95ef17134.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137123);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/09\");\n\n script_cve_id(\"CVE-2020-12693\");\n script_xref(name:\"FEDORA\", value:\"2020-e95ef17134\");\n\n script_name(english:\"Fedora 32 : slurm (2020-e95ef17134)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Bug fix and security fix for CVE-2020-12693\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-e95ef17134\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected slurm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"slurm-19.05.7-1.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:20:27", "description": "- Release of 18.08.8\n\n - Closes security issue (CVE-2019-12838)\n\n - Configure for UCX support on supported arches\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-24T00:00:00", "type": "nessus", "title": "Fedora 29 : slurm (2019-4ca3a39825)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12838"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:slurm", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-4CA3A39825.NASL", "href": "https://www.tenable.com/plugins/nessus/126969", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-4ca3a39825.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126969);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-12838\");\n script_xref(name:\"FEDORA\", value:\"2019-4ca3a39825\");\n\n script_name(english:\"Fedora 29 : slurm (2019-4ca3a39825)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Release of 18.08.8\n\n - Closes security issue (CVE-2019-12838)\n\n - Configure for UCX support on supported arches\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-4ca3a39825\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected slurm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"slurm-18.08.8-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:19:44", "description": "- Release of 18.08.8\n\n - Closes security issue (CVE-2019-12838)\n\n - Configure for UCX support on supported arches\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-24T00:00:00", "type": "nessus", "title": "Fedora 30 : slurm (2019-5d0d2619df)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12838"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:slurm", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-5D0D2619DF.NASL", "href": "https://www.tenable.com/plugins/nessus/126970", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-5d0d2619df.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126970);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-12838\");\n script_xref(name:\"FEDORA\", value:\"2019-5d0d2619df\");\n\n script_name(english:\"Fedora 30 : slurm (2019-5d0d2619df)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Release of 18.08.8\n\n - Closes security issue (CVE-2019-12838)\n\n - Configure for UCX support on supported arches\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-5d0d2619df\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected slurm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"slurm-18.08.8-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:27:17", "description": "This update for slurm to version 18.08.8 fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2019-12838: Fixed a SQL injection in slurmdbd (bsc#1140709).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : slurm (openSUSE-2019-2052)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12838"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpmi0", "p-cpe:/a:novell:opensuse:libpmi0-debuginfo", "p-cpe:/a:novell:opensuse:libslurm33", "p-cpe:/a:novell:opensuse:libslurm33-debuginfo", "p-cpe:/a:novell:opensuse:perl-slurm", "p-cpe:/a:novell:opensuse:perl-slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm", "p-cpe:/a:novell:opensuse:slurm-auth-none", "p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo", "p-cpe:/a:novell:opensuse:slurm-config", "p-cpe:/a:novell:opensuse:slurm-config-man", "p-cpe:/a:novell:opensuse:slurm-cray", "p-cpe:/a:novell:opensuse:slurm-cray-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debugsource", "p-cpe:/a:novell:opensuse:slurm-devel", "p-cpe:/a:novell:opensuse:slurm-hdf5", "p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo", "p-cpe:/a:novell:opensuse:slurm-lua", "p-cpe:/a:novell:opensuse:slurm-lua-debuginfo", "p-cpe:/a:novell:opensuse:slurm-munge", "p-cpe:/a:novell:opensuse:slurm-munge-debuginfo", "p-cpe:/a:novell:opensuse:slurm-node", "p-cpe:/a:novell:opensuse:slurm-node-debuginfo", "p-cpe:/a:novell:opensuse:slurm-openlava", "p-cpe:/a:novell:opensuse:slurm-pam_slurm", "p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-plugins", "p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo", "p-cpe:/a:novell:opensuse:slurm-seff", "p-cpe:/a:novell:opensuse:slurm-sjstat", "p-cpe:/a:novell:opensuse:slurm-slurmdbd", "p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sql", "p-cpe:/a:novell:opensuse:slurm-sql-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sview", "p-cpe:/a:novell:opensuse:slurm-sview-debuginfo", "p-cpe:/a:novell:opensuse:slurm-torque", "p-cpe:/a:novell:opensuse:slurm-torque-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2052.NASL", "href": "https://www.tenable.com/plugins/nessus/128461", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2052.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128461);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2019-12838\");\n\n script_name(english:\"openSUSE Security Update : slurm (openSUSE-2019-2052)\");\n script_summary(english:\"Check for the openSUSE-2019-2052 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for slurm to version 18.08.8 fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2019-12838: Fixed a SQL injection in slurmdbd\n (bsc#1140709).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140709\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected slurm packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-openlava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-seff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sjstat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpmi0-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpmi0-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libslurm33-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libslurm33-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-slurm-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-slurm-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-auth-none-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-auth-none-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-config-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-config-man-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-cray-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-cray-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-debugsource-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-devel-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-hdf5-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-hdf5-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-lua-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-lua-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-munge-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-munge-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-node-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-node-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-openlava-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-pam_slurm-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-pam_slurm-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-plugins-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-plugins-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-seff-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sjstat-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-slurmdbd-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-slurmdbd-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sql-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sql-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sview-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sview-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-torque-18.08.8-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-torque-debuginfo-18.08.8-lp151.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpmi0 / libpmi0-debuginfo / libslurm33 / libslurm33-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:22:10", "description": "This update for slurm to version 18.08.8 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-12838: Fixed a SQL injection in slurmdbd (bsc#1140709).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-29T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : slurm (SUSE-SU-2019:2229-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12838"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpmi0", "p-cpe:/a:novell:suse_linux:libpmi0-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm33", "p-cpe:/a:novell:suse_linux:libslurm33-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm", "p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm", "p-cpe:/a:novell:suse_linux:slurm-auth-none", "p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-config", "p-cpe:/a:novell:suse_linux:slurm-config-man", "p-cpe:/a:novell:suse_linux:slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-debugsource", "p-cpe:/a:novell:suse_linux:slurm-devel", "p-cpe:/a:novell:suse_linux:slurm-doc", "p-cpe:/a:novell:suse_linux:slurm-lua", "p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-munge", "p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-node", "p-cpe:/a:novell:suse_linux:slurm-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-openlava", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-plugins", "p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-seff", "p-cpe:/a:novell:suse_linux:slurm-sjstat", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sql", "p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sview", "p-cpe:/a:novell:suse_linux:slurm-sview-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-torque", "p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2229-1.NASL", "href": "https://www.tenable.com/plugins/nessus/128314", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2229-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128314);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-12838\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : slurm (SUSE-SU-2019:2229-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm to version 18.08.8 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-12838: Fixed a SQL injection in slurmdbd (bsc#1140709).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12838/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192229-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?16500e8a\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2229=1\n\nSUSE Linux Enterprise Module for HPC 15-SP1:zypper in -t patch\nSUSE-SLE-Module-HPC-15-SP1-2019-2229=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-SP1-2019-2229=1\n\nSUSE Linux Enterprise Module for Development Tools 15:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-2019-2229=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-openlava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-seff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sjstat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpmi0-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpmi0-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libslurm33-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libslurm33-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"perl-slurm-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"perl-slurm-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-auth-none-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-auth-none-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-config-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-config-man-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-devel-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-doc-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-lua-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-lua-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-munge-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-munge-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-node-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-node-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-plugins-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-plugins-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-sql-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-sql-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-torque-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-torque-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"libpmi0-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"libpmi0-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"libslurm33-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"libslurm33-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"perl-slurm-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"perl-slurm-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-auth-none-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-auth-none-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-config-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-config-man-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-devel-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-doc-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-lua-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-lua-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-munge-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-munge-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-node-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-node-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-pam_slurm-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-pam_slurm-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-plugins-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-plugins-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-slurmdbd-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-slurmdbd-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-sql-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-sql-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-torque-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-torque-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"slurm-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"slurm-debugsource-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"slurm-openlava-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"slurm-seff-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"slurm-sjstat-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"slurm-sview-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"slurm-sview-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"libpmi0-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"libpmi0-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"libslurm33-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"libslurm33-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"perl-slurm-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"perl-slurm-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-auth-none-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-auth-none-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-config-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-config-man-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-devel-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-doc-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-lua-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-lua-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-munge-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-munge-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-node-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-node-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-pam_slurm-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-pam_slurm-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-plugins-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-plugins-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-slurmdbd-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-slurmdbd-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-sql-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-sql-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-torque-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"slurm-torque-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"slurm-debuginfo-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"slurm-debugsource-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"slurm-openlava-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"slurm-seff-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"slurm-sjstat-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"slurm-sview-18.08.8-3.4.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"slurm-sview-debuginfo-18.08.8-3.4.1\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/SQLi', value:TRUE);\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:32:36", "description": "This update for slurm fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-12838: Fixed an SQL injection (bsc#1140709).\n\nNon-security issue fixed: Added X11-forwarding (bsc#1153245).\n\nMoved srun from 'slurm' to 'slurm-node': srun is required on the nodes as well so sbatch will work. 'slurm-node' is a requirement when 'slurm' is installed (bsc#1153095).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-18T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : slurm (SUSE-SU-2019:2989-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12838"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpmi0", "p-cpe:/a:novell:suse_linux:libpmi0-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm32", "p-cpe:/a:novell:suse_linux:libslurm32-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm", "p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm", "p-cpe:/a:novell:suse_linux:slurm-auth-none", "p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-config", "p-cpe:/a:novell:suse_linux:slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-debugsource", "p-cpe:/a:novell:suse_linux:slurm-devel", "p-cpe:/a:novell:suse_linux:slurm-doc", "p-cpe:/a:novell:suse_linux:slurm-lua", "p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-munge", "p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-node", "p-cpe:/a:novell:suse_linux:slurm-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-openlava", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-plugins", "p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-seff", "p-cpe:/a:novell:suse_linux:slurm-sjstat", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sql", "p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sview", "p-cpe:/a:novell:suse_linux:slurm-sview-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-torque", "p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2989-1.NASL", "href": "https://www.tenable.com/plugins/nessus/131124", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2989-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131124);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-12838\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : slurm (SUSE-SU-2019:2989-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-12838: Fixed an SQL injection (bsc#1140709).\n\nNon-security issue fixed: Added X11-forwarding (bsc#1153245).\n\nMoved srun from 'slurm' to 'slurm-node': srun is required on the nodes\nas well so sbatch will work. 'slurm-node' is a requirement when\n'slurm' is installed (bsc#1153095).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153245\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12838/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192989-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2e5884e8\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2989=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2989=1\n\nSUSE Linux Enterprise Module for HPC 15-SP1:zypper in -t patch\nSUSE-SLE-Module-HPC-15-SP1-2019-2989=1\n\nSUSE Linux Enterprise Module for HPC 15:zypper in -t patch\nSUSE-SLE-Module-HPC-15-2019-2989=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm32-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-openlava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-seff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sjstat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libslurm32-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libslurm32-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"libslurm32-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"libslurm32-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm32-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm32-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-auth-none-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-auth-none-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-config-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-devel-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-doc-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-lua-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-lua-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-munge-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-munge-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-node-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-node-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-plugins-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-plugins-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-sql-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-sql-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-torque-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm-torque-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"slurm-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"slurm-debugsource-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"slurm-openlava-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"slurm-seff-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"slurm-sjstat-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"slurm-sview-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"slurm-sview-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"libslurm32-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"libslurm32-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"slurm-debuginfo-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"slurm-debugsource-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"slurm-openlava-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"slurm-seff-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"slurm-sjstat-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"slurm-sview-17.11.13-6.18.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"slurm-sview-debuginfo-17.11.13-6.18.1\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/SQLi', value:TRUE);\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:33:30", "description": "It was discovered that the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system, did not escape strings when importing an archive file into the accounting_storage/mysql backend, resulting in SQL injection.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-20T00:00:00", "type": "nessus", "title": "Debian DSA-4572-1 : slurm-llnl - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12838"], "modified": "2019-12-09T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:slurm-llnl", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4572.NASL", "href": "https://www.tenable.com/plugins/nessus/131140", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4572. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131140);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/09\");\n\n script_cve_id(\"CVE-2019-12838\");\n script_xref(name:\"DSA\", value:\"4572\");\n\n script_name(english:\"Debian DSA-4572-1 : slurm-llnl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Simple Linux Utility for Resource\nManagement (SLURM), a cluster resource management and job scheduling\nsystem, did not escape strings when importing an archive file into the\naccounting_storage/mysql backend, resulting in SQL injection.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/slurm-llnl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/slurm-llnl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4572\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the slurm-llnl packages.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 18.08.5.2-1+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:slurm-llnl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"libpam-slurm\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libpmi0\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libpmi0-dev\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libpmi2-0\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libpmi2-0-dev\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libslurm-dev\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libslurm-perl\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libslurm33\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libslurmdb-dev\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libslurmdb-perl\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libslurmdb33\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-client\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-client-emulator\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-wlm\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-wlm-basic-plugins\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-wlm-basic-plugins-dev\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-wlm-doc\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-wlm-emulator\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurm-wlm-torque\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurmctld\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurmd\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"slurmdbd\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sview\", reference:\"18.08.5.2-1+deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:31:30", "description": "This update for slurm fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2019-12838: Fixed a SQL injection (bsc#1140709).\n\nNon-security issue fixed :\n\n - Added X11-forwarding (bsc#1153245).\n\n - Moved srun from 'slurm' to 'slurm-node': srun is required on the nodes as well so sbatch will work.\n 'slurm-node' is a requirement when 'slurm' is installed (bsc#1153095). \n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : slurm (openSUSE-2019-2536)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12838"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpmi0", "p-cpe:/a:novell:opensuse:libpmi0-debuginfo", "p-cpe:/a:novell:opensuse:libslurm32", "p-cpe:/a:novell:opensuse:libslurm32-debuginfo", "p-cpe:/a:novell:opensuse:perl-slurm", "p-cpe:/a:novell:opensuse:perl-slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm", "p-cpe:/a:novell:opensuse:slurm-auth-none", "p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo", "p-cpe:/a:novell:opensuse:slurm-config", "p-cpe:/a:novell:opensuse:slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debugsource", "p-cpe:/a:novell:opensuse:slurm-devel", "p-cpe:/a:novell:opensuse:slurm-lua", "p-cpe:/a:novell:opensuse:slurm-lua-debuginfo", "p-cpe:/a:novell:opensuse:slurm-munge", "p-cpe:/a:novell:opensuse:slurm-munge-debuginfo", "p-cpe:/a:novell:opensuse:slurm-node", "p-cpe:/a:novell:opensuse:slurm-node-debuginfo", "p-cpe:/a:novell:opensuse:slurm-openlava", "p-cpe:/a:novell:opensuse:slurm-pam_slurm", "p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-plugins", "p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo", "p-cpe:/a:novell:opensuse:slurm-seff", "p-cpe:/a:novell:opensuse:slurm-sjstat", "p-cpe:/a:novell:opensuse:slurm-slurmdbd", "p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sql", "p-cpe:/a:novell:opensuse:slurm-sql-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sview", "p-cpe:/a:novell:opensuse:slurm-sview-debuginfo", "p-cpe:/a:novell:opensuse:slurm-torque", "p-cpe:/a:novell:opensuse:slurm-torque-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-2536.NASL", "href": "https://www.tenable.com/plugins/nessus/131181", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2536.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131181);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-12838\");\n\n script_name(english:\"openSUSE Security Update : slurm (openSUSE-2019-2536)\");\n script_summary(english:\"Check for the openSUSE-2019-2536 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for slurm fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2019-12838: Fixed a SQL injection (bsc#1140709).\n\nNon-security issue fixed :\n\n - Added X11-forwarding (bsc#1153245).\n\n - Moved srun from 'slurm' to 'slurm-node': srun is\n required on the nodes as well so sbatch will work.\n 'slurm-node' is a requirement when 'slurm' is installed\n (bsc#1153095). \n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153245\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected slurm packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm32-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-openlava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-seff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sjstat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpmi0-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpmi0-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libslurm32-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libslurm32-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"perl-slurm-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"perl-slurm-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-auth-none-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-auth-none-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-config-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-debugsource-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-devel-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-lua-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-lua-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-munge-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-munge-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-node-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-node-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-openlava-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-pam_slurm-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-pam_slurm-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-plugins-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-plugins-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-seff-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-sjstat-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-slurmdbd-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-slurmdbd-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-sql-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-sql-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-sview-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-sview-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-torque-17.11.13-lp150.5.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"slurm-torque-debuginfo-17.11.13-lp150.5.24.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpmi0 / libpmi0-debuginfo / libslurm32 / libslurm32-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:44:24", "description": "This update for pdsh fixes the following issues :\n\nPreparing pdsh for Slurm 20.11 (jsc#ECO-2412)\n\nSimplify convoluted condition.\n\nThis update for slurm fixes the following issues :\n\nFix potential buffer overflows from use of unpackmem(). CVE-2020-27745 (bsc#1178890)\n\nFix potential leak of the magic cookie when sent as an argument to the xauth command. CVE-2020-27746 (bsc#1178891)\n\nAdd support for openPMIx also for Leap/SLE 15.0/1 (bsc#1173805).\n\nUpdated to 20.02.3 which fixes CVE-2020-12693 (bsc#1172004).\n\nslurm-plugins will now also require pmix not only libpmix (bsc#1164326)\n\nRemoved autopatch as it doesn't work for the SLE-11-SP4 build.\n\nDisable %arm builds as this is no longer supported.\n\npmix searches now also for libpmix.so.2 so that there is no dependency for devel package (bsc#1164386)\n\nUpdate to version 20.02.0 (jsc#SLE-8491)\n\n - Fix minor memory leak in slurmd on reconfig.\n\n - Fix invalid ptr reference when rolling up data in the database.\n\n - Change shtml2html.py to require python3 for RHEL8 support, and match man2html.py.\n\n - slurm.spec - override 'hardening' linker flags to ensure RHEL8 builds in a usable manner.\n\n - Fix type mismatches in the perl API.\n\n - Prevent use of uninitialized slurmctld_diag_stats.\n\n - Fixed various Coverity issues.\n\n - Only show warning about root-less topology in daemons.\n\n - Fix accounting of jobs in IGNORE_JOBS reservations.\n\n - Fix issue with batch steps state not loading correctly when upgrading from 19.05.\n\n - Deprecate max_depend_depth in SchedulerParameters and move it to DependencyParameters.\n\n - Silence erroneous error on slurmctld upgrade when loading federation state.\n\n - Break infinite loop in cons_tres dealing with incorrect tasks per tres request resulting in slurmctld hang.\n\n - Improve handling of --gpus-per-task to make sure appropriate number of GPUs is assigned to job.\n\n - Fix seg fault on cons_res when requesting --spread-job.\n\nMove to python3 for everything but SLE-11-SP4\n\n - For SLE-11-SP4 add a workaround to handle a python3 script (python2.7 compliant).\n\n - sbatch - fix segfault when no newline at the end of a burst buffer file.\n\n - Change scancel to only check job's base state when matching -t options.\n\n - Save job dependency list in state files.\n\n - cons_tres - allow jobs to be run on systems with root-less topologies.\n\n - Restore pre-20.02pre1 PrologSlurmctld synchonization behavior to avoid various race conditions, and ensure proper batch job launch.\n\n - Add new slurmrestd command/daemon which implements the Slurm REST API.\n\nstandard slurm.conf uses now also SlurmctldHost on all build targets (bsc#1162377)\n\nstart slurmdbd after mariadb (bsc#1161716)\n\nUpdate to version 19.05.5 (jsc#SLE-8491)\n\n - Includes security fixes CVE-2019-19727, CVE-2019-19728, CVE-2019-12838.\n\n - Disable i586 builds as this is no longer supported.\n\n - Create libnss_slurm package to support user and group resolution thru slurmstepd.\n\nUpdate to v18.08.9 for fixing CVE-2019-19728 (bsc#1159692).\n\n - Make Slurm compile on linux after sys/sysctl.h was deprecated.\n\n - Install slurmdbd.conf.example with 0600 permissions to encourage secure use. CVE-2019-19727.\n\n - srun - do not continue with job launch if --uid fails.\n CVE-2019-19728.\n\nadded pmix support jsc#SLE-10800\n\nUse --with-shared-libslurm to build slurm binaries using libslurm.\n\nMake libslurm depend on slurm-config.\n\nFix ownership of /var/spool/slurm on new installations and upgrade (bsc#1158696).\n\nFix permissions of slurmdbd.conf (bsc#1155784, CVE-2019-19727).\n\nFix %posttrans macro _res_update to cope with added newline (bsc#1153259).\n\nAdd package slurm-webdoc which sets up a web server to provide the documentation for the version shipped.\n\nMove srun from 'slurm' to 'slurm-node': srun is required on the nodes as well so sbatch will work. 'slurm-node' is a requirement when 'slurm' is installed (bsc#1153095).\n\nUpdated to 18.08.8 for fixing (CVE-2019-12838, bsc#1140709, jsc#SLE-7341, jsc#SLE-7342)\n\n - Update 'xauth list' to use the same 10000ms timeout as the other xauth commands.\n\n - Fix issue in gres code to handle a gres cnt of 0.\n\n - Don't purge jobs if backfill is running.\n\n - Verify job is pending add/removing accrual time.\n\n - Don't abort when the job doesn't have an association that was removed before the job was able to make it to the database.\n\n - Set state_reason if select_nodes() fails job for QOS or Account.\n\n - Avoid seg_fault on referencing association without a valid_qos bitmap.\n\n - If Association/QOS is removed on a pending job set that job as ineligible.\n\n - When changing a jobs account/qos always make sure you remove the old limits.\n\n - Don't reset a FAIL_QOS or FAIL_ACCOUNT job reason until the qos or account changed.\n\n - Restore 'sreport -T ALL' functionality.\n\n - Correctly typecast signals being sent through the api.\n\n - Properly initialize structures throughout Slurm.\n\n - Sync 'numtask' squeue format option for jobs and steps to 'numtasks'.\n\n - Fix sacct -PD to avoid CA before start jobs.\n\n - Fix potential deadlock with backup slurmctld.\n\n - Fixed issue with jobs not appearing in sacct after dependency satisfied.\n\n - Fix showing non-eligible jobs when asking with -j and not -s.\n\n - Fix issue with backfill scheduler scheduling tasks of an array when not the head job.\n\n - accounting_storage/mysql - fix SIGABRT in the archive load logic.\n\n - accounting_storage/mysql - fix memory leak in the archive load logic.\n\n - Limit records per single SQL statement when loading archived data.\n\n - Fix unnecessary reloading of job submit plugins.\n\n - Allow job submit plugins to be turned on/off with a reconfigure.\n\n - Fix segfault when loading/unloading Lua job submit plugin multiple times.\n\n - Fix printing duplicate error messages of jobs rejected by job submit plugin.\n\n - Fix printing of job submit plugin messages of het jobs without pack id.\n\n - Fix memory leak in group_cache.c\n\n - Fix jobs stuck from FedJobLock when requeueing in a federation\n\n - Fix requeueing job in a federation of clusters with differing associations\n\n - sacctmgr - free memory before exiting in 'sacctmgr show runaway'.\n\n - Fix seff showing memory overflow when steps tres mem usage is 0.\n\n - Upon archive file name collision, create new archive file instead of overwriting the old one to prevent lost records.\n\n - Limit archive files to 50000 records per file so that archiving large databases will succeed.\n\n - Remove stray newlines in SPANK plugin error messages.\n\n - Fix archive loading events.\n\n - In select/cons_res: Only allocate 1 CPU per node with the --overcommit and --nodelist options.\n\n - Fix main scheduler from potentially not running through whole queue.\n\n - cons_res/job_test - prevent a job from overallocating a node memory.\n\n - cons_res/job_test - fix to consider a node's current allocated memory when testing a job's memory request.\n\n - Fix issue where multi-node job steps on cloud nodes wouldn't finish cleaning up until the end of the job (rather than the end of the step).\n\n - Fix issue with a 17.11 sbcast call to a 18.08 daemon.\n\n - Add new job bit_flags of JOB_DEPENDENT.\n\n - Make it so dependent jobs reset the AccrueTime and do not count against any AccrueTime limits.\n\n - Fix sacctmgr --parsable2 output for reservations and tres.\n\n - Prevent slurmctld from potential segfault after job_start_data() called for completing job.\n\n - Fix jobs getting on nodes with 'scontrol reboot asap'.\n\n - Record node reboot events to database.\n\n - Fix node reboot failure message getting to event table.\n\n - Don't write '(null)' to event table when no event reason exists.\n\n - Fix minor memory leak when clearing runaway jobs.\n\n - Avoid flooding slurmctld and logging when prolog complete RPC errors occur.\n\n - Fix GCC 9 compiler warnings.\n\n - Fix seff human readable memory string for values below a megabyte.\n\n - Fix dump/load of rejected heterogeneous jobs.\n\n - For heterogeneous jobs, do not count the each component against the QOS or association job limit multiple times.\n\n - slurmdbd - avoid reservation flag column corruption with the use of newer flags, instead preserve the older flag fields that we can still fit in the smallint field, and discard the rest.\n\n - Fix security issue in accounting_storage/mysql plugin on archive file loads by always escaping strings within the slurmdbd. CVE-2019-12838.\n\n - Fix underflow causing decay thread to exit.\n\n - Fix main scheduler not considering hetjobs when building the job queue.\n\n - Fix regression for sacct to display old jobs without a start time.\n\n - Fix setting correct number of gres topology bits.\n\n - Update hetjobs pending state reason when appropriate.\n\n - Fix accounting_storage/filetxt's understanding of TRES.\n\n - Set Accrue time when not enforcing limits.\n\n - Fix srun segfault when requesting a hetjob with test_exec or bcast options.\n\n - Hide multipart priorities log message behind Priority debug flag.\n\n - sched/backfill - Make hetjobs sensitive to bf_max_job_start.\n\n - Fix slurmctld segfault due to job's partition pointer NULL dereference.\n\n - Fix issue with OR'ed job dependencies.\n\n - Add new job's bit_flags of INVALID_DEPEND to prevent rebuilding a job's dependency string when it has at least one invalid and purged dependency.\n\n - Promote federation unsynced siblings log message from debug to info.\n\n - burst_buffer/cray - fix slurmctld SIGABRT due to illegal read/writes.\n\n - burst_buffer/cray - fix memory leak due to unfreed job script content.\n\n - node_features/knl_cray - fix script_argv use-after-free.\n\n - burst_buffer/cray - fix script_argv use-after-free.\n\n - Fix invalid reads of size 1 due to non null-terminated string reads.\n\n - Add extra debug2 logs to identify why BadConstraints reason is set.\n\nDo not build hdf5 support where not available.\n\nAdd support for version updates on SLE: Update packages to a later version than the version supported originally on SLE will receive a version string in their package name.\n\nadded the hdf5 job data gathering plugin\n\nAdd backward compatibility with SLE-11 SP4\n\nUpdate to version 18.08.05 :\n\n - Add mitigation for a potential heap overflow on 32-bit systems in xmalloc. (CVE-2019-6438, bsc#1123304)\n\nFix fallout from 750cc23ed for CVE-2019-6438.\n\nUpdate to 18.08.04, with following highlights\n\n - Fix message sent to user to display preempted instead of time limit when a job is preempted.\n\n - Fix memory leak when a failure happens processing a nodes gres config.\n\n - Improve error message when failures happen processing a nodes gres config.\n\n - Don't skip jobs in scontrol hold.\n\n - Allow --cpu-bind=verbose to be used with SLURM_HINT environment variable.\n\n - Enhanced handling for runaway jobs\n\n - cons_res: Delay exiting cr_job_test until after cores/cpus are calculated and distributed.\n\n - Don't check existence of srun --prolog or --epilog executables when set to 'none' and SLURM_TEST_EXEC is used.\n\n - Add 'P' suffix support to job and step tres specifications.\n\n - Fix jobacct_gather/cgroup to work correctly when more than one task is started on a node.\n\n - salloc - set SLURM_NTASKS_PER_CORE and SLURM_NTASKS_PER_SOCKET in the environment if the corresponding command line options are used.\n\n - slurmd - fix handling of the -f flag to specify alternate config file locations.\n\n - Add SchedulerParameters option of bf_ignore_newly_avail_nodes to avoid scheduling lower priority jobs on resources that become available during the backfill scheduling cycle when bf_continue is enabled.\n\n - job_submit/lua: Add several slurmctld return codes and add user/group info\n\n - salloc/sbatch/srun - print warning if mutually exclusive options of\n\n --mem and --mem-per-cpu are both set.\n\nrestarting services on update only when activated\n\nadded rotation of logs\n\nAdded backported patches which harden the pam module pam_slurm_adopt.\n(BOO#1116758)\n\nMoved config man pages to a separate package: This way, they won't get installed on compute nodes.\n\nadded correct link flags for perl bindings (bsc#1108671)\n\n - perl:Switch is required by slurm torque wrappers\n\nFix Requires(pre) and Requires(post) for slurm-config and slurm-node.\nThis fixes issues with failing slurm user creation when installed during initial system installation. (bsc#1109373)\n\nWhen using a remote shared StateSaveLocation, slurmctld needs to be started after remote filesystems have become available. Add 'remote-fs.target' to the 'After=' directive in slurmctld.service (bsc#1103561).\n\nUpdate to 17.11.8\n\n - Fix incomplete RESPONSE_[RESOURCE|JOB_PACK]_ALLOCATION building path.\n\n - Do not allocate nodes that were marked down due to the node not responding by ResumeTimeout.\n\n - task/cray plugin - search for 'mems' cgroup information in the file 'cpuset.mems' then fall back to the file 'mems'.\n\n - Fix ipmi profile debug uninitialized variable.\n\n - PMIx: fixed the direct connect inline msg sending.\n\n - MYSQL: Fix issue not handling all fields when loading an archive dump.\n\n - Allow a job_submit plugin to change the admin_comment field during job_submit_plugin_modify().\n\n - job_submit/lua - fix access into reservation table.\n\n - MySQL - Prevent deadlock caused by archive logic locking reads.\n\n - Don't enforce MaxQueryTimeRange when requesting specific jobs.\n\n - Modify --test-only logic to properly support jobs submitted to more than one partition.\n\n - Prevent slurmctld from abort when attempting to set non-existing qos as def_qos_id.\n\n - Add new job dependency type of 'afterburstbuffer'. The pending job will be delayed until the first job completes execution and it's burst buffer stage-out is completed.\n\n - Reorder proctrack/task plugin load in the slurmstepd to match that of slurmd and avoid race condition calling task before proctrack can introduce.\n\n - Prevent reboot of a busy KNL node when requesting inactive features.\n\n - Revert to previous behavior when requesting memory per cpu/node introduced in 17.11.7.\n\n - Fix to reinitialize previously adjusted job members to their original value when validating the job memory in multi-partition requests.\n\n - Fix _step_signal() from always returning SLURM_SUCCESS.\n\n - Combine active and available node feature change logs on one line rather than one line per node for performance reasons.\n\n - Prevent occasionally leaking freezer cgroups.\n\n - Fix potential segfault when closing the mpi/pmi2 plugin.\n\n - Fix issues with --exclusive=[user|mcs] to work correctly with preemption or when job requests a specific list of hosts.\n\n - Make code compile with hdf5 1.10.2+\n\n - mpi/pmix: Fixed the collectives canceling.\n\n - SlurmDBD: improve error message handling on archive load failure.\n\n - Fix incorrect locking when deleting reservations.\n\n - Fix incorrect locking when setting up the power save module.\n\n - Fix setting format output length for squeue when showing array jobs.\n\n - Add xstrstr function.\n\n - Fix printing out of --hint options in sbatch, salloc\n --help.\n\n - Prevent possible divide by zero in\n _validate_time_limit().\n\n - Add Delegate=yes to the slurmd.service file to prevent systemd from interfering with the jobs' cgroup hierarchies.\n\n - Change the backlog argument to the listen() syscall within srun to 4096 to match elsewhere in the code, and avoid communication problems at scale.\n\n Fix race in the slurmctld backup controller which prevents it to clean up allocations on nodes properly after failing over (bsc#1084917). Handled %license in a backward compatible manner.\n\nAdd a 'Recommends: slurm-munge' to slurm-slurmdbd.\n\nShield comments between script snippets with a %{!?nil:...} to avoid them being interpreted as scripts - in which case the update level is passed as argument (see chapter 'Shared libraries' in:\nhttps://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets) (bsc#1100850).\n\nUpdate from 17.11.5 to 17.11.7\n\nFix security issue in handling of username and gid fields CVE-2018-10995 and bsc#1095508 what implied an update from 17.11.5 to 17.11.7 Highlights of 17.11.6 :\n\n - CRAY - Add slurmsmwd to the contribs/cray dir\n\n - PMIX - Added the direct connect authentication.\n\n - Prevent the backup slurmctld from losing the active/available node features list on takeover.\n\n - Be able to force power_down of cloud node even if in power_save state.\n\n - Allow cloud nodes to be recognized in Slurm when booted out of band.\n\n - Numerous fixes - check 'NEWS' file. Highlights of 17.11.7 :\n\n - Notify srun and ctld when unkillable stepd exits.\n\n - Numerous fixes - check 'NEWS' file.\n\n - Fixes daemoniziation in newly introduced slurmsmwd daemon.\n\nRename :\n\n - remain in sync with commit messages which introduced that file\n\nAvoid running pretrans scripts when running in an instsys: there may be not much installed, yet. pretrans code should be done in lua, this way, it will be executed by the rpm-internal lua interpreter and not be passed to a shell which may not be around at the time this scriptlet is run (bsc#1090292).\n\nAdd requires for slurm-sql to the slurmdbd package.\n\nPackage READMEs for pam and pam_slurm_adopt.\n\nUse the new %%license directive for COPYING file. Fix interaction with systemd: systemd expects that a daemonizing process doesn't go away until the PID file with it PID of the daemon has bee written (bsc#1084125).\n\nMake sure systemd services get restarted only when all packages are in a consistent state, not in the middle of an 'update' transaction (bsc#1088693). Since the %postun scripts that run on update are from the old package they cannot be changed - thus we work around the restart breakage.\n\nfixed wrong log file location in slurmdbd.conf and fixed pid location for slurmdbd and made slurm-slurmdbd depend on slurm config which provides the dir /var/run/slurm (bsc#1086859).\n\nadded comment for (bsc#1085606)\n\nFix security issue in accounting_storage/mysql plugin by always escaping strings within the slurmdbd. CVE-2018-7033 (bsc#1085240).\n\nUpdate slurm to v17.11.5 (FATE#325451) Highlights of 17.11 :\n\n - Support for federated clusters to manage a single work-flow across a set of clusters.\n\n - Support for heterogeneous job allocations (various processor types, memory sizes, etc. by job component).\n Support for heterogeneous job steps within a single MPI_COMM_WORLD is not yet supported for most configurations.\n\n - X11 support is now fully integrated with the main Slurm code. Remove any X11 plugin configured in your plugstack.conf file to avoid errors being logged about conflicting options.\n\n - Added new advanced reservation flag of 'flex', which permits jobs requesting the reservation to begin prior to the reservation's start time and use resources inside or outside of the reservation. A typical use case is to prevent jobs not explicitly requesting the reservation from using those reserved resources rather than forcing jobs requesting the reservation to use those resources in the time frame reserved.\n\n - The sprio command has been modified to report a job's priority information for every partition the job has been submitted to.\n\n - Group ID lookup performed at job submit time to avoid lookup on all compute nodes. Enable with PrologFlags=SendGIDs configuration parameter.\n\n - Slurm commands and daemons dynamically link to libslurmfull.so instead of statically linking. This dramatically reduces the footprint of Slurm.\n\n - In switch plugin, added plugin_id symbol to plugins and wrapped switch_jobinfo_t with dynamic_plugin_data_t in interface calls in order to pass switch information between clusters with different switch types.\n\n - Changed default ProctrackType to cgroup.\n\n - Changed default sched_min_interval from 0 to 2 microseconds.\n\n - Added new 'scontrol write batch_script ' command to fetch a job's batch script. Removed the ability to see the script as part of the 'scontrol -dd show job' command.\n\n - Add new 'billing' TRES which allows jobs to be limited based on the job's billable TRES calculated by the job's partition's TRESBillingWeights.\n\n - Regular user use of 'scontrol top' command is now disabled. Use the configuration parameter 'SchedulerParameters=enable_user_top' to enable that functionality. The configuration parameter 'SchedulerParameters=disable_user_top' will be silently ignored.\n\n - Change default to let pending jobs run outside of reservation after reservation is gone to put jobs in held state. Added NO_HOLD_JOBS_AFTER_END reservation flag to use old default. Support for PMIx v2.0 as well as UCX support.\n\n - Remove plugins for obsolete MPI stacks :\n\n - lam\n\n - mpich1_p4\n\n - mpich1_shmem\n\n - mvapich\n\n - Numerous fixes - check 'NEWS' file. Replaced by sed script.\n\nFix some rpmlint warnings.\n\nmoved config files to slurm-config package (FATE#324574).\n\nMoved slurmstepd and man page into slurm-node due to slurmd dependency\n\nMoved config files into slurm-node\n\nMoved slurmd rc scripts into slurm-node\n\nMade slurm-munge require slurm-plugins instead of slurm itself\n\n - slurm-node suggested slurm-munge, causing the whole slurm to be installed. The slurm-plugins seems to be a more base class (FATE#324574).\n\nsplit up light wight slurm-node package for deployment on nodes (FATE#324574).\n\nPackage so-versioned libs separately. libslurm is expected to change more frequently and thus is packaged separately from libpmi.\n\nUpdated to 17.02.9 to fix CVE-2017-15566 (bsc#1065697). Changes in 17.0.9\n\n - When resuming powered down nodes, mark DOWN nodes right after ResumeTimeout has been reached (previous logic would wait about one minute longer).\n\n - Fix sreport not showing full column name for TRES Count.\n\n - Fix slurmdb_reservations_get() giving wrong usage data when job's spanned reservation that was modified.\n\n - Fix sreport reservation utilization report showing bad data.\n\n - Show all TRES' on a reservation in sreport reservation utilization report by default.\n\n - Fix sacctmgr show reservation handling 'end' parameter.\n\n - Work around issue with sysmacros.h and gcc7 / glibc 2.25.\n\n - Fix layouts code to only allow setting a boolean.\n\n - Fix sbatch --wait to keep waiting even if a message timeout occurs.\n\n - CRAY - If configured with NodeFeatures=knl_cray and there are non-KNL nodes which include no features the slurmctld will abort without this patch when attemping strtok_r(NULL).\n\n - Fix regression in 17.02.7 which would run the spank_task_privileged as part of the slurmstepd instead of it's child process.\n\n - Fix security issue in Prolog and Epilog by always prepending SPANK_ to all user-set environment variables.\n CVE-2017-15566. Changes in 17.0.8 :\n\n - Add 'slurmdbd:' to the accounting plugin to notify message is from dbd instead of local.\n\n - mpi/mvapich - Buffer being only partially cleared. No failures observed.\n\n - Fix for job --switch option on dragonfly network.\n\n - In salloc with --uid option, drop supplementary groups before changing UID.\n\n - jobcomp/elasticsearch - strip any trailing slashes from JobCompLoc.\n\n - jobcomp/elasticsearch - fix memory leak when transferring generated buffer.\n\n - Prevent slurmstepd ABRT when parsing gres.conf CPUs.\n\n - Fix sbatch --signal to signal all MPI ranks in a step instead of just those on node 0.\n\n - Check multiple partition limits when scheduling a job that were previously only checked on submit.\n\n - Cray: Avoid running application/step Node Health Check on the external job step.\n\n - Optimization enhancements for partition based job preemption.\n\n - Address some build warnings from GCC 7.1, and one possible memory leak if /proc is inaccessible.\n\n - If creating/altering a core based reservation with scontrol/sview on a remote cluster correctly determine the select type.\n\n - Fix autoconf test for libcurl when clang is used.\n\n - Fix default location for cgroup_allowed_devices_file.conf to use correct default path.\n\n - Document NewName option to sacctmgr.\n\n - Reject a second PMI2_Init call within a single step to prevent slurmstepd from hanging.\n\n - Handle old 32bit values stored in the database for requested memory correctly in sacct.\n\n - Fix memory leaks in the task/cgroup plugin when constraining devices.\n\n - Make extremely verbose info messages debug2 messages in the task/cgroup plugin when constraining devices.\n\n - Fix issue that would deny the stepd access to /dev/null where GRES has a 'type' but no file defined.\n\n - Fix issue where the slurmstepd would fatal on job launch if you have no gres listed in your slurm.conf but some in gres.conf.\n\n - Fix validating time spec to correctly validate various time formats.\n\n - Make scontrol work correctly with job update timelimit [+|-]=.\n\n - Reduce the visibily of a number of warnings in\n _part_access_check.\n\n - Prevent segfault in sacctmgr if no association name is specified for an update command.\n\n - burst_buffer/cray plugin modified to work with changes in Cray UP05 software release.\n\n - Fix job reasons for jobs that are violating assoc MaxTRESPerNode limits.\n\n - Fix segfault when unpacking a 16.05 slurm_cred in a 17.02 daemon.\n\n - Fix setting TRES limits with case insensitive TRES names.\n\n - Add alias for xstrncmp() -- slurm_xstrncmp().\n\n - Fix sorting of case insensitive strings when using xstrcasecmp().\n\n - Gracefully handle race condition when reading /proc as process exits.\n\n - Avoid error on Cray duplicate setup of core specialization.\n\n - Skip over undefined (hidden in Slurm) nodes in pbsnodes.\n\n - Add empty hashes in perl api's slurm_load_node() for hidden nodes.\n\n - CRAY - Add rpath logic to work for the alpscomm libs.\n\n - Fixes for administrator extended TimeLimit (job reason & time limit reset).\n\n - Fix gres selection on systems running select/linear.\n\n - sview: Added window decorator for maximize,minimize,close buttons for all systems.\n\n - squeue: interpret negative length format specifiers as a request to delimit values with spaces.\n\n - Fix the torque pbsnodes wrapper script to parse a gres field with a type set correctly.\n\nFixed ABI version of libslurm.\n\nTrim redundant wording in descriptions.\n\nUpdated to slurm 17-02-7-1\n\n - Added python as BuildRequires\n\n - Removed sched-wiki package\n\n - Removed slurmdb-direct package\n\n - Obsoleted sched-wiki and slurmdb-direct packages\n\n - Removing Cray-specific files\n\n - Added /etc/slurm/layout.d files (new for this version)\n\n - Remove /etc/slurm/cgroup files from package\n\n - Added lib/slurm/mcs_account.so\n\n - Removed lib/slurm/jobacct_gather_aix.so\n\n - Removed lib/slurm/job_submit_cnode.so\n\nCreated slurm-sql package\n\nMoved files from slurm-plugins to slurm-torque package\n\nMoved creation of /usr/lib/tmpfiles.d/slurm.conf into slurm.spec\n\n - Removed tmpfiles.d-slurm.conf\n\nChanged /var/run path for slurm daemons to /var/run/slurm (FATE#324026).\n\nMade tmpfiles_create post-install macro SLE12 SP2 or greater\n\nDirectly calling systemd-tmpfiles --create for before SLE12 SP2\n\nAllows OpenSUSE Factory build as well\n\nRemoves unused .service files from project\n\nAdds /var/run/slurm to /usr/lib/tmpfiles.d for boottime creation\n\n - Patches upstream .service files to allow for /var/run/slurm path\n\n - Modifies slurm.conf to allow for /var/run/slurm path\n\nMove wrapper script mpiexec provided by slrum-torque to mpiexec.slurm to avoid conflicts. This file is normally provided by the MPI implementation (bsc#1041706).\n\nReplace remaining ${RPM_BUILD_ROOT}s.\n\nImprove description.\n\nFix up changelog.\n\nSpec file: Replace 'Requires : slurm-perlapi' by 'Requires: perl-slurm = %{version}' (bsc#1031872).\n\nTrim redundant parts of description. Fixup RPM groups.\n\nReplace unnecessary %__ macro indirections; replace historic $RPM_* variables by macros.\n\nUse %slurm_u and %slurm_g macros defined at the beginning of the spec file when adding the slurm user/group for consistency.\n\nDefine these macros to daemon,root for non-systemd.\n\nFor anything newer than Leap 42.1 or SLE-12-SP1 build OpenHPC compatible.\n\nUpdated to 16.05.8.1\n\n - Remove StoragePass from being printed out in the slurmdbd log at debug2 level.\n\n - Defer PATH search for task program until launch in slurmstepd.\n\n - Modify regression test1.89 to avoid leaving vestigial job. Also reduce logging to reduce likelyhood of Expect buffer overflow.\n\n - Do not PATH search for mult-prog launches if LaunchParamters=test_exec is enabled.\n\n - Fix for possible infinite loop in select/cons_res plugin when trying to satisfy a job's ntasks_per_core or socket specification.\n\n - If job is held for bad constraints make it so once updated the job doesn't go into JobAdminHeld.\n\n - sched/backfill - Fix logic to reserve resources for jobs that require a node reboot (i.e. to change KNL mode) in order to start.\n\n - When unpacking a node or front_end record from state and the protocol version is lower than the min version, set it to the min.\n\n - Remove redundant lookup for part_ptr when updating a reservation's nodes.\n\n - Fix memory and file descriptor leaks in slurmd daemon's sbcast logic.\n\n - Do not allocate specialized cores to jobs using the\n --exclusive option.\n\n - Cancel interactive job if Prolog failure with 'PrologFlags=contain' or 'PrologFlags=alloc' configured.\n Send new error prolog failure message to the salloc or srun command as needed.\n\n - Prevent possible out-of-bounds read in slurmstepd on an invalid #! line.\n\n - Fix check for PluginDir within slurmctld to work with multiple directories.\n\n - Cancel interactive jobs automatically on communication error to launching srun/salloc process.\n\n - Fix security issue caused by insecure file path handling triggered by the failure of a Prolog script. To exploit this a user needs to anticipate or cause the Prolog to fail for their job. CVE-2016-10030 (bsc#1018371).\n\nReplace group/user add macros with function calls.\n\nFix array initialzation and ensure strings are always NULL terminated in\n\npam_slurm.c (bsc#1007053).\n\nDisable building with netloc support: the netloc API is part of the devel branch of hwloc. Since this devel branch was included accidentally and has been reversed since, we need to disable this for the time being.\n\nConditionalized architecture specific pieces to support non-x86 architectures better.\n\nRemove: unneeded 'BuildRequires: python'\n\nAdd: BuildRequires: freeipmi-devel BuildRequires: libibmad-devel BuildRequires: libibumad-devel so they are picked up by the slurm build.\n\nEnable modifications from openHPC Project.\n\nEnable lua API package build.\n\nAdd a recommends for slurm-munge to the slurm package: This is way, the munge auth method is available and slurm works out of the box.\n\nCreate /var/lib/slurm as StateSaveLocation directory. /tmp is dangerous.\n\nCreate slurm user/group in preinstall script.\n\nKeep %{_libdir}/libpmi* and %{_libdir}/mpi_pmi2* on SUSE.\n\nFix build with and without OHCP_BUILD define.\n\nFix build for systemd and non-systemd.\n\nUpdated to 16-05-5 - equvalent to OpenHPC 1.2.\n\n - Fix issue with resizing jobs and limits not be kept track of correctly.\n\n - BGQ - Remove redeclaration of job_read_lock.\n\n - BGQ - Tighter locks around structures when nodes/cables change state.\n\n - Make it possible to change CPUsPerTask with scontrol.\n\n - Make it so scontrol update part qos= will take away a partition QOS from a partition.\n\n - Backfill scheduling properly synchronized with Cray Node Health Check. Prior logic could result in highest priority job getting improperly postponed.\n\n - Make it so daemons also support TopologyParam=NoInAddrAny.\n\n - If scancel is operating on large number of jobs and RPC responses from slurmctld daemon are slow then introduce a delay in sending the cancel job requests from scancel in order to reduce load on slurmctld.\n\n - Remove redundant logic when updating a job's task count.\n\n - MySQL - Fix querying jobs with reservations when the id's have rolled.\n\n - Perl - Fix use of uninitialized variable in slurm_job_step_get_pids.\n\n - Launch batch job requsting --reboot after the boot completes.\n\n - Do not attempt to power down a node which has never responded if the slurmctld daemon restarts without state.\n\n - Fix for possible slurmstepd segfault on invalid user ID.\n\n - MySQL - Fix for possible race condition when archiving multiple clusters at the same time.\n\n - Add logic so that slurmstepd can be launched under valgrind.\n\n - Increase buffer size to read /proc/*/stat files.\n\n - Remove the SchedulerParameters option of 'assoc_limit_continue', making it the default value. Add option of 'assoc_limit_stop'. If 'assoc_limit_stop' is set and a job cannot start due to association limits, then do not attempt to initiate any lower priority jobs in that partition. Setting this can decrease system throughput and utlization, but avoid potentially starving larger jobs by preventing them from launching indefinitely.\n\n - Update a node's socket and cores per socket counts as needed after a node boot to reflect configuration changes which can occur on KNL processors. Note that the node's total core count must not change, only the distribution of cores across varying socket counts (KNL NUMA nodes treated as sockets by Slurm).\n\n - Rename partition configuration from 'Shared' to 'OverSubscribe'. Rename salloc, sbatch, srun option from '--shared' to '--oversubscribe'. The old options will continue to function. Output field names also changed in scontrol, sinfo, squeue and sview.\n\n - Add SLURM_UMASK environment variable to user job.\n\n - knl_conf: Added new configuration parameter of CapmcPollFreq.\n\n - Cleanup two minor Coverity warnings.\n\n - Make it so the tres units in a job's formatted string are converted like they are in a step.\n\n - Correct partition's MaxCPUsPerNode enforcement when nodes are shared by multiple partitions.\n\n - node_feature/knl_cray - Prevent slurmctld GRES errors for 'hbm' references.\n\n - Display thread name instead of thread id and remove process name in stderr logging for 'thread_id' LogTimeFormat.\n\n - Log IP address of bad incomming message to slurmctld.\n\n - If a user requests tasks, nodes and ntasks-per-node and tasks-per-node/nodes != tasks print warning and ignore ntasks-per-node.\n\n - Release CPU 'owner' file locks.\n\n - Update seff to fix warnings with ncpus, and list slurm-perlapi dependency in spec file.\n\n - Allow QOS timelimit to override partition timelimit when EnforcePartLimits is set to all/any.\n\n - Make it so qsub will do a 'basename' on a wrapped command for the output and error files.\n\n - Add logic so that slurmstepd can be launched under valgrind.\n\n - Increase buffer size to read /proc/*/stat files.\n\n - Prevent job stuck in configuring state if slurmctld daemon restarted while PrologSlurmctld is running. Also re-issue burst_buffer/pre-load operation as needed.\n\n - Move test for job wait reason value of BurstBufferResources and BurstBufferStageIn later in the scheduling logic.\n\n - Document which srun options apply to only job, only step, or job and step allocations.\n\n - Use more compatible function to get thread name (>= 2.6.11).\n\n - Make it so the extern step uses a reverse tree when cleaning up.\n\n - If extern step doesn't get added into the proctrack plugin make sure the sleep is killed.\n\n - Add web links to Slurm Diamond Collectors (from Harvard University) and collectd (from EDF).\n\n - Add job_submit plugin for the 'reboot' field.\n\n - Make some more Slurm constants (INFINITE, NO_VAL64, etc.) available to job_submit/lua plugins.\n\n - Send in a -1 for a taskid into spank_task_post_fork for the extern_step.\n\n - MYSQL - Sightly better logic if a job completion comes in with an end time of 0.\n\n - task/cgroup plugin is configured with ConstrainRAMSpace=yes, then set soft memory limit to allocated memory limit (previously no soft limit was set).\n\n - Streamline when schedule() is called when running with message aggregation on batch script completes.\n\n - Fix incorrect casting when [un]packing derived_ec on slurmdb_job_rec_t.\n\n - Document that persistent burst buffers can not be created or destroyed using the salloc or srun --bb options.\n\n - Add support for setting the SLURM_JOB_ACCOUNT, SLURM_JOB_QOS and SLURM_JOB_RESERVAION environment variables are set for the salloc command. Document the same environment variables for the salloc, sbatch and srun commands in their man pages.\n\n - Fix issue where sacctmgr load cluster.cfg wouldn't load associations that had a partition in them.\n\n - Don't return the extern step from sstat by default.\n\n - In sstat print 'extern' instead of 4294967295 for the extern step.\n\n - Make advanced reservations work properly with core specialization.\n\n - slurmstepd modified to pre-load all relevant plugins at startup to avoid the possibility of modified plugins later resulting in inconsistent API or data structures and a failure of slurmstepd.\n\n - Export functions from parse_time.c in libslurm.so.\n\n - Export unit convert functions from slurm_protocol_api.c in libslurm.so.\n\n - Fix scancel to allow multiple steps from a job to be cancelled at once.\n\n - Update and expand upgrade guide (in Quick Start Administrator web page).\n\n - burst_buffer/cray: Requeue, but do not hold a job which fails the pre_run operation.\n\n - Insure reported expected job start time is not in the past for pending jobs.\n\n - Add support for PMIx v2. Required for FATE#316379.\n\nSetting 'download_files' service to mode='localonly' and adding source tarball. (Required for Factory).\n\nversion 15.08.7.1\n\n - Remove the 1024-character limit on lines in batch scripts. task/affinity: Disable core-level task binding if more CPUs required than available cores.\n\n - Preemption/gang scheduling: If a job is suspended at slurmctld restart or reconfiguration time, then leave it suspended rather than resume+suspend.\n\n - Don't use lower weight nodes for job allocation when topology/tree used.\n\n - Don't allow user specified reservation names to disrupt the normal reservation sequeuece numbering scheme.\n\n - Avoid hard-link/copy of script/environment files for job arrays. Use the master job record file for all tasks of the job array. NOTE: Job arrays submitted to Slurm version 15.08.6 or later will fail if the slurmctld daemon is downgraded to an earlier version of Slurm.\n\n - In slurmctld log file, log duplicate job ID found by slurmd. Previously was being logged as prolog/epilog failure.\n\n - If a job is requeued while in the process of being launch, remove it's job ID from slurmd's record of active jobs in order to avoid generating a duplicate job ID error when launched for the second time (which would drain the node).\n\n - Cleanup messages when handling job script and environment variables in older directory structure formats.\n\n - Prevent triggering gang scheduling within a partition if configured with PreemptType=partition_prio and PreemptMode=suspend,gang.\n\n - Decrease parallelism in job cancel request to prevent denial of service when cancelling huge numbers of jobs.\n\n - If all ephemeral ports are in use, try using other port numbers.\n\n - Prevent 'scontrol update job' from updating jobs that have already finished.\n\n - Show requested TRES in 'squeue -O tres' when job is pending.\n\n - Backfill scheduler: Test association and QOS node limits before reserving resources for pending job.\n\n - Many bug fixes.\n\nUse source services to download package.\n\nFix code for new API of hwloc-2.0.\n\npackage netloc_to_topology where avialable.\n\nPackage documentation.\n\nversion 15.08.3\n\n - Many new features and bug fixes. See NEWS file\n\nupdate files list accordingly\n\nfix wrong end of line in some files\n\nversion 14.11.8\n\n - Many bug fixes. See NEWS file\n\nupdate files list accordingly\n\nadd missing systemd requirements\n\nadd missing rclink\n\nversion 14.03.9\n\n - Many bug fixes. See NEWS file\n\nadd systemd support\n\nversion 14.03.6\n\n - Added support for native Slurm operation on Cray systems (without ALPS).\n\n - Added partition configuration parameters AllowAccounts, AllowQOS, DenyAccounts and DenyQOS to provide greater control over use.\n\n - Added the ability to perform load based scheduling.\n Allocating resources to jobs on the nodes with the largest number if idle CPUs.\n\n - Added support for reserving cores on a compute node for system services (core specialization)\n\n - Add mechanism for job_submit plugin to generate error message for srun, salloc or sbatch to stderr.\n\n - Support for Postgres database has long since been out of date and problematic, so it has been removed entirely.\n If you would like to use it the code still exists in <= 2.6, but will not be included in this and future versions of the code.\n\n - Added new structures and support for both server and cluster resources.\n\n - Significant performance improvements, especially with respect to job array support.\n\nupdate files list\n\nupdate to version 2.6.7\n\n - Support for job arrays, which increases performance and ease of use for sets of similar jobs.\n\n - Job profiling capability added to record a wide variety of job characteristics for each task on a user configurable periodic basis. Data currently available includes CPU use, memory use, energy use, Infiniband network use, Lustre file system use, etc.\n\n - Support for MPICH2 using PMI2 communications interface with much greater scalability.\n\n - Prolog and epilog support for advanced reservations.\n\n - Much faster throughput for job step execution with\n --exclusive option. The srun process is notified when resources become available rather than periodic polling.\n\n - Support improved for Intel MIC (Many Integrated Core) processor.\n\n - Advanced reservations with hostname and core counts now supports asymmetric reservations (e.g. specific different core count for each node).\n\n - External sensor plugin infrastructure added to record power consumption, temperature, etc.\n\n - Improved performance for high-throughput computing.\n\n - MapReduce+ support (launches ~1000x faster, runs ~10x faster).\n\n - Added 'MaxCPUsPerNode' partition configuration parameter. This can be especially useful to schedule GPUs. For example a node can be associated with two Slurm partitions (e.g. 'cpu' and 'gpu') and the partition/queue 'cpu' could be limited to only a subset of the node's CPUs, insuring that one or more CPUs would be available to jobs in the 'gpu' partition/queue.\n\nversion 2.5.7\n\n - Fix for linking to the select/cray plugin to not give warning about undefined variable.\n\n - Add missing symbols to the xlator.h\n\n - Avoid placing pending jobs in AdminHold state due to backfill scheduler interactions with advanced reservation.\n\n - Accounting - make average by task not cpu.\n\n - POE - Correct logic to support poe option '-euidevice sn_all' and '-euidevice sn_single'.\n\n - Accounting - Fix minor initialization error.\n\n - POE - Correct logic to support srun network instances count with POE.\n\n - POE - With the srun --launch-cmd option, report proper task count when the --cpus-per-task option is used without the\n\n --ntasks option.\n\n - POE - Fix logic binding tasks to CPUs.\n\n - sview - Fix race condition where new information could of slipped past the node tab and we didn't notice.\n\n - Accounting - Fix an invalid memory read when slurmctld sends data about start job to slurmdbd.\n\n - If a prolog or epilog failure occurs, drain the node rather than setting it down and killing all of its jobs.\n\n - Priority/multifactor - Avoid underflow in half-life calculation.\n\n - POE - pack missing variable to allow fanout (more than 32 nodes)\n\n - Prevent clearing reason field for pending jobs. This bug was introduced in v2.5.5 (see 'Reject job at submit time ...').\n\n - BGQ - Fix issue with preemption on sub-block jobs where a job would kill all preemptable jobs on the midplane instead of just the ones it needed to.\n\n - switch/nrt - Validate dynamic window allocation size.\n\n - BGQ - When --geo is requested do not impose the default conn_types.\n\n - RebootNode logic - Defers (rather than forgets) reboot request with job running on the node within a reservation.\n\n - switch/nrt - Correct network_id use logic. Correct support for user sn_all and sn_single options.\n\n - sched/backfill - Modify logic to reduce overhead under heavy load.\n\n - Fix job step allocation with --exclusive and --hostlist option.\n\n - Select/cons_res - Fix bug resulting in error of 'cons_res: sync loop not progressing, holding job #'\n\n - checkpoint/blcr - Reset max_nodes from zero to NO_VAL on job restart.\n\n - launch/poe - Fix for hostlist file support with repeated host names.\n\n - priority/multifactor2 - Prevent possible divide by zero.\n\n -- srun - Don't check for executable if --test-only flag is used.\n\n - energy - On a single node only use the last task for gathering energy. Since we don't currently track energy usage per task (only per step). Otherwise we get double the energy.\n\nversion 2.5.4\n\n - Support for Intel® Many Integrated Core (MIC) processors.\n\n - User control over CPU frequency of each job step.\n\n - Recording power usage information for each job.\n\n - Advanced reservation of cores rather than whole nodes.\n\n - Integration with IBM's Parallel Environment including POE (Parallel Operating Environment) and NRT (Network Resource Table) API.\n\n - Highly optimized throughput for serial jobs in a new 'select/serial' plugin.\n\n - CPU load is information available\n\n - Configurable number of CPUs available to jobs in each SLURM partition, which provides a mechanism to reserve CPUs for use with GPUs.\n\nremore runlevel 4 from init script thanks to patch1\n\nfix self obsoletion of slurm-munge package\n\nuse fdupes to remove duplicates\n\nspec file reformaing\n\nput perl macro in a better within install section\n\nenable numa on x86_64 arch only\n\nadd numa and hwloc support\n\nfix perl module files list\n\nuse perl_process_packlist macro for the perl files cleanup\n\nfix some summaries length\n\nadd cgoups directory and example the cgroup.release_common file\n\nspec file cleanup\n\nfirst package\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-15T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : slurm_20_11 / pdsh (SUSE-SU-2021:0773-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10030", "CVE-2017-15566", "CVE-2018-10995", "CVE-2018-7033", "CVE-2019-12838", "CVE-2019-19727", "CVE-2019-19728", "CVE-2019-6438", "CVE-2020-12693", "CVE-2020-27745", "CVE-2020-27746"], "modified": "2022-05-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libnss_slurm2_20_11", "p-cpe:/a:novell:suse_linux:libnss_slurm2_20_11-debuginfo", "p-cpe:/a:novell:suse_linux:libpmi0_20_11", "p-cpe:/a:novell:suse_linux:libpmi0_20_11-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm36", "p-cpe:/a:novell:suse_linux:libslurm36-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh", "p-cpe:/a:novell:suse_linux:pdsh-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-debugsource", "p-cpe:/a:novell:suse_linux:pdsh-dshgroup", "p-cpe:/a:novell:suse_linux:pdsh-dshgroup-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-genders", "p-cpe:/a:novell:suse_linux:pdsh-genders-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-machines", "p-cpe:/a:novell:suse_linux:pdsh-machines-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-netgroup", "p-cpe:/a:novell:suse_linux:pdsh-netgroup-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-slurm", "p-cpe:/a:novell:suse_linux:pdsh-slurm-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08", "p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-slurm_20_02", "p-cpe:/a:novell:suse_linux:pdsh-slurm_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh-slurm_20_11", "p-cpe:/a:novell:suse_linux:pdsh-slurm_20_11-debuginfo", "p-cpe:/a:novell:suse_linux:pdsh_slurm_18_08-debugsource", "p-cpe:/a:novell:suse_linux:pdsh_slurm_20_02-debugsource", "p-cpe:/a:novell:suse_linux:pdsh_slurm_20_11-debugsource", "p-cpe:/a:novell:suse_linux:perl-slurm_20_11", "p-cpe:/a:novell:suse_linux:perl-slurm_20_11-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11", "p-cpe:/a:novell:suse_linux:slurm_20_11-auth-none", "p-cpe:/a:novell:suse_linux:slurm_20_11-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-config", "p-cpe:/a:novell:suse_linux:slurm_20_11-config-man", "p-cpe:/a:novell:suse_linux:slurm_20_11-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-debugsource", "p-cpe:/a:novell:suse_linux:slurm_20_11-devel", "p-cpe:/a:novell:suse_linux:slurm_20_11-doc", "p-cpe:/a:novell:suse_linux:slurm_20_11-lua", "p-cpe:/a:novell:suse_linux:slurm_20_11-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-munge", "p-cpe:/a:novell:suse_linux:slurm_20_11-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-node", "p-cpe:/a:novell:suse_linux:slurm_20_11-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm_20_11-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-plugins", "p-cpe:/a:novell:suse_linux:slurm_20_11-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm_20_11-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-sql", "p-cpe:/a:novell:suse_linux:slurm_20_11-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-sview", "p-cpe:/a:novell:suse_linux:slurm_20_11-sview-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-torque", "p-cpe:/a:novell:suse_linux:slurm_20_11-torque-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_11-webdoc", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-0773-1.NASL", "href": "https://www.tenable.com/plugins/nessus/147801", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:0773-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147801);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2016-10030\",\n \"CVE-2017-15566\",\n \"CVE-2018-7033\",\n \"CVE-2018-10995\",\n \"CVE-2019-6438\",\n \"CVE-2019-12838\",\n \"CVE-2019-19727\",\n \"CVE-2019-19728\",\n \"CVE-2020-12693\",\n \"CVE-2020-27745\",\n \"CVE-2020-27746\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : slurm_20_11 / pdsh (SUSE-SU-2021:0773-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for pdsh fixes the following issues :\n\nPreparing pdsh for Slurm 20.11 (jsc#ECO-2412)\n\nSimplify convoluted condition.\n\nThis update for slurm fixes the following issues :\n\nFix potential buffer overflows from use of unpackmem(). CVE-2020-27745\n(bsc#1178890)\n\nFix potential leak of the magic cookie when sent as an argument to the\nxauth command. CVE-2020-27746 (bsc#1178891)\n\nAdd support for openPMIx also for Leap/SLE 15.0/1 (bsc#1173805).\n\nUpdated to 20.02.3 which fixes CVE-2020-12693 (bsc#1172004).\n\nslurm-plugins will now also require pmix not only libpmix\n(bsc#1164326)\n\nRemoved autopatch as it doesn't work for the SLE-11-SP4 build.\n\nDisable %arm builds as this is no longer supported.\n\npmix searches now also for libpmix.so.2 so that there is no dependency\nfor devel package (bsc#1164386)\n\nUpdate to version 20.02.0 (jsc#SLE-8491)\n\n - Fix minor memory leak in slurmd on reconfig.\n\n - Fix invalid ptr reference when rolling up data in the\n database.\n\n - Change shtml2html.py to require python3 for RHEL8\n support, and match man2html.py.\n\n - slurm.spec - override 'hardening' linker flags to ensure\n RHEL8 builds in a usable manner.\n\n - Fix type mismatches in the perl API.\n\n - Prevent use of uninitialized slurmctld_diag_stats.\n\n - Fixed various Coverity issues.\n\n - Only show warning about root-less topology in daemons.\n\n - Fix accounting of jobs in IGNORE_JOBS reservations.\n\n - Fix issue with batch steps state not loading correctly\n when upgrading from 19.05.\n\n - Deprecate max_depend_depth in SchedulerParameters and\n move it to DependencyParameters.\n\n - Silence erroneous error on slurmctld upgrade when\n loading federation state.\n\n - Break infinite loop in cons_tres dealing with incorrect\n tasks per tres request resulting in slurmctld hang.\n\n - Improve handling of --gpus-per-task to make sure\n appropriate number of GPUs is assigned to job.\n\n - Fix seg fault on cons_res when requesting --spread-job.\n\nMove to python3 for everything but SLE-11-SP4\n\n - For SLE-11-SP4 add a workaround to handle a python3\n script (python2.7 compliant).\n\n - sbatch - fix segfault when no newline at the end of a\n burst buffer file.\n\n - Change scancel to only check job's base state when\n matching -t options.\n\n - Save job dependency list in state files.\n\n - cons_tres - allow jobs to be run on systems with\n root-less topologies.\n\n - Restore pre-20.02pre1 PrologSlurmctld synchonization\n behavior to avoid various race conditions, and ensure\n proper batch job launch.\n\n - Add new slurmrestd command/daemon which implements the\n Slurm REST API.\n\nstandard slurm.conf uses now also SlurmctldHost on all build targets\n(bsc#1162377)\n\nstart slurmdbd after mariadb (bsc#1161716)\n\nUpdate to version 19.05.5 (jsc#SLE-8491)\n\n - Includes security fixes CVE-2019-19727, CVE-2019-19728,\n CVE-2019-12838.\n\n - Disable i586 builds as this is no longer supported.\n\n - Create libnss_slurm package to support user and group\n resolution thru slurmstepd.\n\nUpdate to v18.08.9 for fixing CVE-2019-19728 (bsc#1159692).\n\n - Make Slurm compile on linux after sys/sysctl.h was\n deprecated.\n\n - Install slurmdbd.conf.example with 0600 permissions to\n encourage secure use. CVE-2019-19727.\n\n - srun - do not continue with job launch if --uid fails.\n CVE-2019-19728.\n\nadded pmix support jsc#SLE-10800\n\nUse --with-shared-libslurm to build slurm binaries using libslurm.\n\nMake libslurm depend on slurm-config.\n\nFix ownership of /var/spool/slurm on new installations and upgrade\n(bsc#1158696).\n\nFix permissions of slurmdbd.conf (bsc#1155784, CVE-2019-19727).\n\nFix %posttrans macro _res_update to cope with added newline\n(bsc#1153259).\n\nAdd package slurm-webdoc which sets up a web server to provide the\ndocumentation for the version shipped.\n\nMove srun from 'slurm' to 'slurm-node': srun is required on the nodes\nas well so sbatch will work. 'slurm-node' is a requirement when\n'slurm' is installed (bsc#1153095).\n\nUpdated to 18.08.8 for fixing (CVE-2019-12838, bsc#1140709,\njsc#SLE-7341, jsc#SLE-7342)\n\n - Update 'xauth list' to use the same 10000ms timeout as\n the other xauth commands.\n\n - Fix issue in gres code to handle a gres cnt of 0.\n\n - Don't purge jobs if backfill is running.\n\n - Verify job is pending add/removing accrual time.\n\n - Don't abort when the job doesn't have an association\n that was removed before the job was able to make it to\n the database.\n\n - Set state_reason if select_nodes() fails job for QOS or\n Account.\n\n - Avoid seg_fault on referencing association without a\n valid_qos bitmap.\n\n - If Association/QOS is removed on a pending job set that\n job as ineligible.\n\n - When changing a jobs account/qos always make sure you\n remove the old limits.\n\n - Don't reset a FAIL_QOS or FAIL_ACCOUNT job reason until\n the qos or account changed.\n\n - Restore 'sreport -T ALL' functionality.\n\n - Correctly typecast signals being sent through the api.\n\n - Properly initialize structures throughout Slurm.\n\n - Sync 'numtask' squeue format option for jobs and steps\n to 'numtasks'.\n\n - Fix sacct -PD to avoid CA before start jobs.\n\n - Fix potential deadlock with backup slurmctld.\n\n - Fixed issue with jobs not appearing in sacct after\n dependency satisfied.\n\n - Fix showing non-eligible jobs when asking with -j and\n not -s.\n\n - Fix issue with backfill scheduler scheduling tasks of an\n array when not the head job.\n\n - accounting_storage/mysql - fix SIGABRT in the archive\n load logic.\n\n - accounting_storage/mysql - fix memory leak in the\n archive load logic.\n\n - Limit records per single SQL statement when loading\n archived data.\n\n - Fix unnecessary reloading of job submit plugins.\n\n - Allow job submit plugins to be turned on/off with a\n reconfigure.\n\n - Fix segfault when loading/unloading Lua job submit\n plugin multiple times.\n\n - Fix printing duplicate error messages of jobs rejected\n by job submit plugin.\n\n - Fix printing of job submit plugin messages of het jobs\n without pack id.\n\n - Fix memory leak in group_cache.c\n\n - Fix jobs stuck from FedJobLock when requeueing in a\n federation\n\n - Fix requeueing job in a federation of clusters with\n differing associations\n\n - sacctmgr - free memory before exiting in 'sacctmgr show\n runaway'.\n\n - Fix seff showing memory overflow when steps tres mem\n usage is 0.\n\n - Upon archive file name collision, create new archive\n file instead of overwriting the old one to prevent lost\n records.\n\n - Limit archive files to 50000 records per file so that\n archiving large databases will succeed.\n\n - Remove stray newlines in SPANK plugin error messages.\n\n - Fix archive loading events.\n\n - In select/cons_res: Only allocate 1 CPU per node with\n the --overcommit and --nodelist options.\n\n - Fix main scheduler from potentially not running through\n whole queue.\n\n - cons_res/job_test - prevent a job from overallocating a\n node memory.\n\n - cons_res/job_test - fix to consider a node's current\n allocated memory when testing a job's memory request.\n\n - Fix issue where multi-node job steps on cloud nodes\n wouldn't finish cleaning up until the end of the job\n (rather than the end of the step).\n\n - Fix issue with a 17.11 sbcast call to a 18.08 daemon.\n\n - Add new job bit_flags of JOB_DEPENDENT.\n\n - Make it so dependent jobs reset the AccrueTime and do\n not count against any AccrueTime limits.\n\n - Fix sacctmgr --parsable2 output for reservations and\n tres.\n\n - Prevent slurmctld from potential segfault after\n job_start_data() called for completing job.\n\n - Fix jobs getting on nodes with 'scontrol reboot asap'.\n\n - Record node reboot events to database.\n\n - Fix node reboot failure message getting to event table.\n\n - Don't write '(null)' to event table when no event reason\n exists.\n\n - Fix minor memory leak when clearing runaway jobs.\n\n - Avoid flooding slurmctld and logging when prolog\n complete RPC errors occur.\n\n - Fix GCC 9 compiler warnings.\n\n - Fix seff human readable memory string for values below a\n megabyte.\n\n - Fix dump/load of rejected heterogeneous jobs.\n\n - For heterogeneous jobs, do not count the each component\n against the QOS or association job limit multiple times.\n\n - slurmdbd - avoid reservation flag column corruption with\n the use of newer flags, instead preserve the older flag\n fields that we can still fit in the smallint field, and\n discard the rest.\n\n - Fix security issue in accounting_storage/mysql plugin on\n archive file loads by always escaping strings within the\n slurmdbd. CVE-2019-12838.\n\n - Fix underflow causing decay thread to exit.\n\n - Fix main scheduler not considering hetjobs when building\n the job queue.\n\n - Fix regression for sacct to display old jobs without a\n start time.\n\n - Fix setting correct number of gres topology bits.\n\n - Update hetjobs pending state reason when appropriate.\n\n - Fix accounting_storage/filetxt's understanding of TRES.\n\n - Set Accrue time when not enforcing limits.\n\n - Fix srun segfault when requesting a hetjob with\n test_exec or bcast options.\n\n - Hide multipart priorities log message behind Priority\n debug flag.\n\n - sched/backfill - Make hetjobs sensitive to\n bf_max_job_start.\n\n - Fix slurmctld segfault due to job's partition pointer\n NULL dereference.\n\n - Fix issue with OR'ed job dependencies.\n\n - Add new job's bit_flags of INVALID_DEPEND to prevent\n rebuilding a job's dependency string when it has at\n least one invalid and purged dependency.\n\n - Promote federation unsynced siblings log message from\n debug to info.\n\n - burst_buffer/cray - fix slurmctld SIGABRT due to illegal\n read/writes.\n\n - burst_buffer/cray - fix memory leak due to unfreed job\n script content.\n\n - node_features/knl_cray - fix script_argv use-after-free.\n\n - burst_buffer/cray - fix script_argv use-after-free.\n\n - Fix invalid reads of size 1 due to non null-terminated\n string reads.\n\n - Add extra debug2 logs to identify why BadConstraints\n reason is set.\n\nDo not build hdf5 support where not available.\n\nAdd support for version updates on SLE: Update packages to a later\nversion than the version supported originally on SLE will receive a\nversion string in their package name.\n\nadded the hdf5 job data gathering plugin\n\nAdd backward compatibility with SLE-11 SP4\n\nUpdate to version 18.08.05 :\n\n - Add mitigation for a potential heap overflow on 32-bit\n systems in xmalloc. (CVE-2019-6438, bsc#1123304)\n\nFix fallout from 750cc23ed for CVE-2019-6438.\n\nUpdate to 18.08.04, with following highlights\n\n - Fix message sent to user to display preempted instead of\n time limit when a job is preempted.\n\n - Fix memory leak when a failure happens processing a\n nodes gres config.\n\n - Improve error message when failures happen processing a\n nodes gres config.\n\n - Don't skip jobs in scontrol hold.\n\n - Allow --cpu-bind=verbose to be used with SLURM_HINT\n environment variable.\n\n - Enhanced handling for runaway jobs\n\n - cons_res: Delay exiting cr_job_test until after\n cores/cpus are calculated and distributed.\n\n - Don't check existence of srun --prolog or --epilog\n executables when set to 'none' and SLURM_TEST_EXEC is\n used.\n\n - Add 'P' suffix support to job and step tres\n specifications.\n\n - Fix jobacct_gather/cgroup to work correctly when more\n than one task is started on a node.\n\n - salloc - set SLURM_NTASKS_PER_CORE and\n SLURM_NTASKS_PER_SOCKET in the environment if the\n corresponding command line options are used.\n\n - slurmd - fix handling of the -f flag to specify\n alternate config file locations.\n\n - Add SchedulerParameters option of\n bf_ignore_newly_avail_nodes to avoid scheduling lower\n priority jobs on resources that become available during\n the backfill scheduling cycle when bf_continue is\n enabled.\n\n - job_submit/lua: Add several slurmctld return codes and\n add user/group info\n\n - salloc/sbatch/srun - print warning if mutually exclusive\n options of\n\n --mem and --mem-per-cpu are both set.\n\nrestarting services on update only when activated\n\nadded rotation of logs\n\nAdded backported patches which harden the pam module pam_slurm_adopt.\n(BOO#1116758)\n\nMoved config man pages to a separate package: This way, they won't get\ninstalled on compute nodes.\n\nadded correct link flags for perl bindings (bsc#1108671)\n\n - perl:Switch is required by slurm torque wrappers\n\nFix Requires(pre) and Requires(post) for slurm-config and slurm-node.\nThis fixes issues with failing slurm user creation when installed\nduring initial system installation. (bsc#1109373)\n\nWhen using a remote shared StateSaveLocation, slurmctld needs to be\nstarted after remote filesystems have become available. Add\n'remote-fs.target' to the 'After=' directive in slurmctld.service\n(bsc#1103561).\n\nUpdate to 17.11.8\n\n - Fix incomplete RESPONSE_[RESOURCE|JOB_PACK]_ALLOCATION\n building path.\n\n - Do not allocate nodes that were marked down due to the\n node not responding by ResumeTimeout.\n\n - task/cray plugin - search for 'mems' cgroup information\n in the file 'cpuset.mems' then fall back to the file\n 'mems'.\n\n - Fix ipmi profile debug uninitialized variable.\n\n - PMIx: fixed the direct connect inline msg sending.\n\n - MYSQL: Fix issue not handling all fields when loading an\n archive dump.\n\n - Allow a job_submit plugin to change the admin_comment\n field during job_submit_plugin_modify().\n\n - job_submit/lua - fix access into reservation table.\n\n - MySQL - Prevent deadlock caused by archive logic locking\n reads.\n\n - Don't enforce MaxQueryTimeRange when requesting specific\n jobs.\n\n - Modify --test-only logic to properly support jobs\n submitted to more than one partition.\n\n - Prevent slurmctld from abort when attempting to set\n non-existing qos as def_qos_id.\n\n - Add new job dependency type of 'afterburstbuffer'. The\n pending job will be delayed until the first job\n completes execution and it's burst buffer stage-out is\n completed.\n\n - Reorder proctrack/task plugin load in the slurmstepd to\n match that of slurmd and avoid race condition calling\n task before proctrack can introduce.\n\n - Prevent reboot of a busy KNL node when requesting\n inactive features.\n\n - Revert to previous behavior when requesting memory per\n cpu/node introduced in 17.11.7.\n\n - Fix to reinitialize previously adjusted job members to\n their original value when validating the job memory in\n multi-partition requests.\n\n - Fix _step_signal() from always returning SLURM_SUCCESS.\n\n - Combine active and available node feature change logs on\n one line rather than one line per node for performance\n reasons.\n\n - Prevent occasionally leaking freezer cgroups.\n\n - Fix potential segfault when closing the mpi/pmi2 plugin.\n\n - Fix issues with --exclusive=[user|mcs] to work correctly\n with preemption or when job requests a specific list of\n hosts.\n\n - Make code compile with hdf5 1.10.2+\n\n - mpi/pmix: Fixed the collectives canceling.\n\n - SlurmDBD: improve error message handling on archive load\n failure.\n\n - Fix incorrect locking when deleting reservations.\n\n - Fix incorrect locking when setting up the power save\n module.\n\n - Fix setting format output length for squeue when showing\n array jobs.\n\n - Add xstrstr function.\n\n - Fix printing out of --hint options in sbatch, salloc\n --help.\n\n - Prevent possible divide by zero in\n _validate_time_limit().\n\n - Add Delegate=yes to the slurmd.service file to prevent\n systemd from interfering with the jobs' cgroup\n hierarchies.\n\n - Change the backlog argument to the listen() syscall\n within srun to 4096 to match elsewhere in the code, and\n avoid communication problems at scale.\n\n Fix race in the slurmctld backup controller which\n prevents it to clean up allocations on nodes properly\n after failing over (bsc#1084917). Handled %license in a\n backward compatible manner.\n\nAdd a 'Recommends: slurm-munge' to slurm-slurmdbd.\n\nShield comments between script snippets with a %{!?nil:...} to avoid\nthem being interpreted as scripts - in which case the update level is\npassed as argument (see chapter 'Shared libraries' in:\nhttps://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets)\n(bsc#1100850).\n\nUpdate from 17.11.5 to 17.11.7\n\nFix security issue in handling of username and gid fields\nCVE-2018-10995 and bsc#1095508 what implied an update from 17.11.5 to\n17.11.7 Highlights of 17.11.6 :\n\n - CRAY - Add slurmsmwd to the contribs/cray dir\n\n - PMIX - Added the direct connect authentication.\n\n - Prevent the backup slurmctld from losing the\n active/available node features list on takeover.\n\n - Be able to force power_down of cloud node even if in\n power_save state.\n\n - Allow cloud nodes to be recognized in Slurm when booted\n out of band.\n\n - Numerous fixes - check 'NEWS' file. Highlights of\n 17.11.7 :\n\n - Notify srun and ctld when unkillable stepd exits.\n\n - Numerous fixes - check 'NEWS' file.\n\n - Fixes daemoniziation in newly introduced slurmsmwd\n daemon.\n\nRename :\n\n - remain in sync with commit messages which introduced\n that file\n\nAvoid running pretrans scripts when running in an instsys: there may\nbe not much installed, yet. pretrans code should be done in lua, this\nway, it will be executed by the rpm-internal lua interpreter and not\nbe passed to a shell which may not be around at the time this\nscriptlet is run (bsc#1090292).\n\nAdd requires for slurm-sql to the slurmdbd package.\n\nPackage READMEs for pam and pam_slurm_adopt.\n\nUse the new %%license directive for COPYING file. Fix interaction with\nsystemd: systemd expects that a daemonizing process doesn't go away\nuntil the PID file with it PID of the daemon has bee written\n(bsc#1084125).\n\nMake sure systemd services get restarted only when all packages are in\na consistent state, not in the middle of an 'update' transaction\n(bsc#1088693). Since the %postun scripts that run on update are from\nthe old package they cannot be changed - thus we work around the\nrestart breakage.\n\nfixed wrong log file location in slurmdbd.conf and fixed pid location\nfor slurmdbd and made slurm-slurmdbd depend on slurm config which\nprovides the dir /var/run/slurm (bsc#1086859).\n\nadded comment for (bsc#1085606)\n\nFix security issue in accounting_storage/mysql plugin by always\nescaping strings within the slurmdbd. CVE-2018-7033 (bsc#1085240).\n\nUpdate slurm to v17.11.5 (FATE#325451) Highlights of 17.11 :\n\n - Support for federated clusters to manage a single\n work-flow across a set of clusters.\n\n - Support for heterogeneous job allocations (various\n processor types, memory sizes, etc. by job component).\n Support for heterogeneous job steps within a single\n MPI_COMM_WORLD is not yet supported for most\n configurations.\n\n - X11 support is now fully integrated with the main Slurm\n code. Remove any X11 plugin configured in your\n plugstack.conf file to avoid errors being logged about\n conflicting options.\n\n - Added new advanced reservation flag of 'flex', which\n permits jobs requesting the reservation to begin prior\n to the reservation's start time and use resources inside\n or outside of the reservation. A typical use case is to\n prevent jobs not explicitly requesting the reservation\n from using those reserved resources rather than forcing\n jobs requesting the reservation to use those resources\n in the time frame reserved.\n\n - The sprio command has been modified to report a job's\n priority information for every partition the job has\n been submitted to.\n\n - Group ID lookup performed at job submit time to avoid\n lookup on all compute nodes. Enable with\n PrologFlags=SendGIDs configuration parameter.\n\n - Slurm commands and daemons dynamically link to\n libslurmfull.so instead of statically linking. This\n dramatically reduces the footprint of Slurm.\n\n - In switch plugin, added plugin_id symbol to plugins and\n wrapped switch_jobinfo_t with dynamic_plugin_data_t in\n interface calls in order to pass switch information\n between clusters with different switch types.\n\n - Changed default ProctrackType to cgroup.\n\n - Changed default sched_min_interval from 0 to 2\n microseconds.\n\n - Added new 'scontrol write batch_script ' command to\n fetch a job's batch script. Removed the ability to see\n the script as part of the 'scontrol -dd show job'\n command.\n\n - Add new 'billing' TRES which allows jobs to be limited\n based on the job's billable TRES calculated by the job's\n partition's TRESBillingWeights.\n\n - Regular user use of 'scontrol top' command is now\n disabled. Use the configuration parameter\n 'SchedulerParameters=enable_user_top' to enable that\n functionality. The configuration parameter\n 'SchedulerParameters=disable_user_top' will be silently\n ignored.\n\n - Change default to let pending jobs run outside of\n reservation after reservation is gone to put jobs in\n held state. Added NO_HOLD_JOBS_AFTER_END reservation\n flag to use old default. Support for PMIx v2.0 as well\n as UCX support.\n\n - Remove plugins for obsolete MPI stacks :\n\n - lam\n\n - mpich1_p4\n\n - mpich1_shmem\n\n - mvapich\n\n - Numerous fixes - check 'NEWS' file. Replaced by sed\n script.\n\nFix some rpmlint warnings.\n\nmoved config files to slurm-config package (FATE#324574).\n\nMoved slurmstepd and man page into slurm-node due to slurmd dependency\n\nMoved config files into slurm-node\n\nMoved slurmd rc scripts into slurm-node\n\nMade slurm-munge require slurm-plugins instead of slurm itself\n\n - slurm-node suggested slurm-munge, causing the whole\n slurm to be installed. The slurm-plugins seems to be a\n more base class (FATE#324574).\n\nsplit up light wight slurm-node package for deployment on nodes\n(FATE#324574).\n\nPackage so-versioned libs separately. libslurm is expected to change\nmore frequently and thus is packaged separately from libpmi.\n\nUpdated to 17.02.9 to fix CVE-2017-15566 (bsc#1065697). Changes in\n17.0.9\n\n - When resuming powered down nodes, mark DOWN nodes right\n after ResumeTimeout has been reached (previous logic\n would wait about one minute longer).\n\n - Fix sreport not showing full column name for TRES Count.\n\n - Fix slurmdb_reservations_get() giving wrong usage data\n when job's spanned reservation that was modified.\n\n - Fix sreport reservation utilization report showing bad\n data.\n\n - Show all TRES' on a reservation in sreport reservation\n utilization report by default.\n\n - Fix sacctmgr show reservation handling 'end' parameter.\n\n - Work around issue with sysmacros.h and gcc7 / glibc\n 2.25.\n\n - Fix layouts code to only allow setting a boolean.\n\n - Fix sbatch --wait to keep waiting even if a message\n timeout occurs.\n\n - CRAY - If configured with NodeFeatures=knl_cray and\n there are non-KNL nodes which include no features the\n slurmctld will abort without this patch when attemping\n strtok_r(NULL).\n\n - Fix regression in 17.02.7 which would run the\n spank_task_privileged as part of the slurmstepd instead\n of it's child process.\n\n - Fix security issue in Prolog and Epilog by always\n prepending SPANK_ to all user-set environment variables.\n CVE-2017-15566. Changes in 17.0.8 :\n\n - Add 'slurmdbd:' to the accounting plugin to notify\n message is from dbd instead of local.\n\n - mpi/mvapich - Buffer being only partially cleared. No\n failures observed.\n\n - Fix for job --switch option on dragonfly network.\n\n - In salloc with --uid option, drop supplementary groups\n before changing UID.\n\n - jobcomp/elasticsearch - strip any trailing slashes from\n JobCompLoc.\n\n - jobcomp/elasticsearch - fix memory leak when\n transferring generated buffer.\n\n - Prevent slurmstepd ABRT when parsing gres.conf CPUs.\n\n - Fix sbatch --signal to signal all MPI ranks in a step\n instead of just those on node 0.\n\n - Check multiple partition limits when scheduling a job\n that were previously only checked on submit.\n\n - Cray: Avoid running application/step Node Health Check\n on the external job step.\n\n - Optimization enhancements for partition based job\n preemption.\n\n - Address some build warnings from GCC 7.1, and one\n possible memory leak if /proc is inaccessible.\n\n - If creating/altering a core based reservation with\n scontrol/sview on a remote cluster correctly determine\n the select type.\n\n - Fix autoconf test for libcurl when clang is used.\n\n - Fix default location for\n cgroup_allowed_devices_file.conf to use correct default\n path.\n\n - Document NewName option to sacctmgr.\n\n - Reject a second PMI2_Init call within a single step to\n prevent slurmstepd from hanging.\n\n - Handle old 32bit values stored in the database for\n requested memory correctly in sacct.\n\n - Fix memory leaks in the task/cgroup plugin when\n constraining devices.\n\n - Make extremely verbose info messages debug2 messages in\n the task/cgroup plugin when constraining devices.\n\n - Fix issue that would deny the stepd access to /dev/null\n where GRES has a 'type' but no file defined.\n\n - Fix issue where the slurmstepd would fatal on job launch\n if you have no gres listed in your slurm.conf but some\n in gres.conf.\n\n - Fix validating time spec to correctly validate various\n time formats.\n\n - Make scontrol work correctly with job update timelimit\n [+|-]=.\n\n - Reduce the visibily of a number of warnings in\n _part_access_check.\n\n - Prevent segfault in sacctmgr if no association name is\n specified for an update command.\n\n - burst_buffer/cray plugin modified to work with changes\n in Cray UP05 software release.\n\n - Fix job reasons for jobs that are violating assoc\n MaxTRESPerNode limits.\n\n - Fix segfault when unpacking a 16.05 slurm_cred in a\n 17.02 daemon.\n\n - Fix setting TRES limits with case insensitive TRES\n names.\n\n - Add alias for xstrncmp() -- slurm_xstrncmp().\n\n - Fix sorting of case insensitive strings when using\n xstrcasecmp().\n\n - Gracefully handle race condition when reading /proc as\n process exits.\n\n - Avoid error on Cray duplicate setup of core\n specialization.\n\n - Skip over undefined (hidden in Slurm) nodes in pbsnodes.\n\n - Add empty hashes in perl api's slurm_load_node() for\n hidden nodes.\n\n - CRAY - Add rpath logic to work for the alpscomm libs.\n\n - Fixes for administrator extended TimeLimit (job reason &\n time limit reset).\n\n - Fix gres selection on systems running select/linear.\n\n - sview: Added window decorator for\n maximize,minimize,close buttons for all systems.\n\n - squeue: interpret negative length format specifiers as a\n request to delimit values with spaces.\n\n - Fix the torque pbsnodes wrapper script to parse a gres\n field with a type set correctly.\n\nFixed ABI version of libslurm.\n\nTrim redundant wording in descriptions.\n\nUpdated to slurm 17-02-7-1\n\n - Added python as BuildRequires\n\n - Removed sched-wiki package\n\n - Removed slurmdb-direct package\n\n - Obsoleted sched-wiki and slurmdb-direct packages\n\n - Removing Cray-specific files\n\n - Added /etc/slurm/layout.d files (new for this version)\n\n - Remove /etc/slurm/cgroup files from package\n\n - Added lib/slurm/mcs_account.so\n\n - Removed lib/slurm/jobacct_gather_aix.so\n\n - Removed lib/slurm/job_submit_cnode.so\n\nCreated slurm-sql package\n\nMoved files from slurm-plugins to slurm-torque package\n\nMoved creation of /usr/lib/tmpfiles.d/slurm.conf into slurm.spec\n\n - Removed tmpfiles.d-slurm.conf\n\nChanged /var/run path for slurm daemons to /var/run/slurm\n(FATE#324026).\n\nMade tmpfiles_create post-install macro SLE12 SP2 or greater\n\nDirectly calling systemd-tmpfiles --create for before SLE12 SP2\n\nAllows OpenSUSE Factory build as well\n\nRemoves unused .service files from project\n\nAdds /var/run/slurm to /usr/lib/tmpfiles.d for boottime creation\n\n - Patches upstream .service files to allow for\n /var/run/slurm path\n\n - Modifies slurm.conf to allow for /var/run/slurm path\n\nMove wrapper script mpiexec provided by slrum-torque to mpiexec.slurm\nto avoid conflicts. This file is normally provided by the MPI\nimplementation (bsc#1041706).\n\nReplace remaining ${RPM_BUILD_ROOT}s.\n\nImprove description.\n\nFix up changelog.\n\nSpec file: Replace 'Requires : slurm-perlapi' by 'Requires: perl-slurm\n= %{version}' (bsc#1031872).\n\nTrim redundant parts of description. Fixup RPM groups.\n\nReplace unnecessary %__ macro indirections; replace historic $RPM_*\nvariables by macros.\n\nUse %slurm_u and %slurm_g macros defined at the beginning of the spec\nfile when adding the slurm user/group for consistency.\n\nDefine these macros to daemon,root for non-systemd.\n\nFor anything newer than Leap 42.1 or SLE-12-SP1 build OpenHPC\ncompatible.\n\nUpdated to 16.05.8.1\n\n - Remove StoragePass from being printed out in the\n slurmdbd log at debug2 level.\n\n - Defer PATH search for task program until launch in\n slurmstepd.\n\n - Modify regression test1.89 to avoid leaving vestigial\n job. Also reduce logging to reduce likelyhood of Expect\n buffer overflow.\n\n - Do not PATH search for mult-prog launches if\n LaunchParamters=test_exec is enabled.\n\n - Fix for possible infinite loop in select/cons_res plugin\n when trying to satisfy a job's ntasks_per_core or socket\n specification.\n\n - If job is held for bad constraints make it so once\n updated the job doesn't go into JobAdminHeld.\n\n - sched/backfill - Fix logic to reserve resources for jobs\n that require a node reboot (i.e. to change KNL mode) in\n order to start.\n\n - When unpacking a node or front_end record from state and\n the protocol version is lower than the min version, set\n it to the min.\n\n - Remove redundant lookup for part_ptr when updating a\n reservation's nodes.\n\n - Fix memory and file descriptor leaks in slurmd daemon's\n sbcast logic.\n\n - Do not allocate specialized cores to jobs using the\n --exclusive option.\n\n - Cancel interactive job if Prolog failure with\n 'PrologFlags=contain' or 'PrologFlags=alloc' configured.\n Send new error prolog failure message to the salloc or\n srun command as needed.\n\n - Prevent possible out-of-bounds read in slurmstepd on an\n invalid #! line.\n\n - Fix check for PluginDir within slurmctld to work with\n multiple directories.\n\n - Cancel interactive jobs automatically on communication\n error to launching srun/salloc process.\n\n - Fix security issue caused by insecure file path handling\n triggered by the failure of a Prolog script. To exploit\n this a user needs to anticipate or cause the Prolog to\n fail for their job. CVE-2016-10030 (bsc#1018371).\n\nReplace group/user add macros with function calls.\n\nFix array initialzation and ensure strings are always NULL terminated\nin\n\npam_slurm.c (bsc#1007053).\n\nDisable building with netloc support: the netloc API is part of the\ndevel branch of hwloc. Since this devel branch was included\naccidentally and has been reversed since, we need to disable this for\nthe time being.\n\nConditionalized architecture specific pieces to support non-x86\narchitectures better.\n\nRemove: unneeded 'BuildRequires: python'\n\nAdd: BuildRequires: freeipmi-devel BuildRequires: libibmad-devel\nBuildRequires: libibumad-devel so they are picked up by the slurm\nbuild.\n\nEnable modifications from openHPC Project.\n\nEnable lua API package build.\n\nAdd a recommends for slurm-munge to the slurm package: This is way,\nthe munge auth method is available and slurm works out of the box.\n\nCreate /var/lib/slurm as StateSaveLocation directory. /tmp is\ndangerous.\n\nCreate slurm user/group in preinstall script.\n\nKeep %{_libdir}/libpmi* and %{_libdir}/mpi_pmi2* on SUSE.\n\nFix build with and without OHCP_BUILD define.\n\nFix build for systemd and non-systemd.\n\nUpdated to 16-05-5 - equvalent to OpenHPC 1.2.\n\n - Fix issue with resizing jobs and limits not be kept\n track of correctly.\n\n - BGQ - Remove redeclaration of job_read_lock.\n\n - BGQ - Tighter locks around structures when nodes/cables\n change state.\n\n - Make it possible to change CPUsPerTask with scontrol.\n\n - Make it so scontrol update part qos= will take away a\n partition QOS from a partition.\n\n - Backfill scheduling properly synchronized with Cray Node\n Health Check. Prior logic could result in highest\n priority job getting improperly postponed.\n\n - Make it so daemons also support\n TopologyParam=NoInAddrAny.\n\n - If scancel is operating on large number of jobs and RPC\n responses from slurmctld daemon are slow then introduce\n a delay in sending the cancel job requests from scancel\n in order to reduce load on slurmctld.\n\n - Remove redundant logic when updating a job's task count.\n\n - MySQL - Fix querying jobs with reservations when the\n id's have rolled.\n\n - Perl - Fix use of uninitialized variable in\n slurm_job_step_get_pids.\n\n - Launch batch job requsting --reboot after the boot\n completes.\n\n - Do not attempt to power down a node which has never\n responded if the slurmctld daemon restarts without\n state.\n\n - Fix for possible slurmstepd segfault on invalid user ID.\n\n - MySQL - Fix for possible race condition when archiving\n multiple clusters at the same time.\n\n - Add logic so that slurmstepd can be launched under\n valgrind.\n\n - Increase buffer size to read /proc/*/stat files.\n\n - Remove the SchedulerParameters option of\n 'assoc_limit_continue', making it the default value. Add\n option of 'assoc_limit_stop'. If 'assoc_limit_stop' is\n set and a job cannot start due to association limits,\n then do not attempt to initiate any lower priority jobs\n in that partition. Setting this can decrease system\n throughput and utlization, but avoid potentially\n starving larger jobs by preventing them from launching\n indefinitely.\n\n - Update a node's socket and cores per socket counts as\n needed after a node boot to reflect configuration\n changes which can occur on KNL processors. Note that the\n node's total core count must not change, only the\n distribution of cores across varying socket counts (KNL\n NUMA nodes treated as sockets by Slurm).\n\n - Rename partition configuration from 'Shared' to\n 'OverSubscribe'. Rename salloc, sbatch, srun option from\n '--shared' to '--oversubscribe'. The old options will\n continue to function. Output field names also changed in\n scontrol, sinfo, squeue and sview.\n\n - Add SLURM_UMASK environment variable to user job.\n\n - knl_conf: Added new configuration parameter of\n CapmcPollFreq.\n\n - Cleanup two minor Coverity warnings.\n\n - Make it so the tres units in a job's formatted string\n are converted like they are in a step.\n\n - Correct partition's MaxCPUsPerNode enforcement when\n nodes are shared by multiple partitions.\n\n - node_feature/knl_cray - Prevent slurmctld GRES errors\n for 'hbm' references.\n\n - Display thread name instead of thread id and remove\n process name in stderr logging for 'thread_id'\n LogTimeFormat.\n\n - Log IP address of bad incomming message to slurmctld.\n\n - If a user requests tasks, nodes and ntasks-per-node and\n tasks-per-node/nodes != tasks print warning and ignore\n ntasks-per-node.\n\n - Release CPU 'owner' file locks.\n\n - Update seff to fix warnings with ncpus, and list\n slurm-perlapi dependency in spec file.\n\n - Allow QOS timelimit to override partition timelimit when\n EnforcePartLimits is set to all/any.\n\n - Make it so qsub will do a 'basename' on a wrapped\n command for the output and error files.\n\n - Add logic so that slurmstepd can be launched under\n valgrind.\n\n - Increase buffer size to read /proc/*/stat files.\n\n - Prevent job stuck in configuring state if slurmctld\n daemon restarted while PrologSlurmctld is running. Also\n re-issue burst_buffer/pre-load operation as needed.\n\n - Move test for job wait reason value of\n BurstBufferResources and BurstBufferStageIn later in the\n scheduling logic.\n\n - Document which srun options apply to only job, only\n step, or job and step allocations.\n\n - Use more compatible function to get thread name (>=\n 2.6.11).\n\n - Make it so the extern step uses a reverse tree when\n cleaning up.\n\n - If extern step doesn't get added into the proctrack\n plugin make sure the sleep is killed.\n\n - Add web links to Slurm Diamond Collectors (from Harvard\n University) and collectd (from EDF).\n\n - Add job_submit plugin for the 'reboot' field.\n\n - Make some more Slurm constants (INFINITE, NO_VAL64,\n etc.) available to job_submit/lua plugins.\n\n - Send in a -1 for a taskid into spank_task_post_fork for\n the extern_step.\n\n - MYSQL - Sightly better logic if a job completion comes\n in with an end time of 0.\n\n - task/cgroup plugin is configured with\n ConstrainRAMSpace=yes, then set soft memory limit to\n allocated memory limit (previously no soft limit was\n set).\n\n - Streamline when schedule() is called when running with\n message aggregation on batch script completes.\n\n - Fix incorrect casting when [un]packing derived_ec on\n slurmdb_job_rec_t.\n\n - Document that persistent burst buffers can not be\n created or destroyed using the salloc or srun --bb\n options.\n\n - Add support for setting the SLURM_JOB_ACCOUNT,\n SLURM_JOB_QOS and SLURM_JOB_RESERVAION environment\n variables are set for the salloc command. Document the\n same environment variables for the salloc, sbatch and\n srun commands in their man pages.\n\n - Fix issue where sacctmgr load cluster.cfg wouldn't load\n associations that had a partition in them.\n\n - Don't return the extern step from sstat by default.\n\n - In sstat print 'extern' instead of 4294967295 for the\n extern step.\n\n - Make advanced reservations work properly with core\n specialization.\n\n - slurmstepd modified to pre-load all relevant plugins at\n startup to avoid the possibility of modified plugins\n later resulting in inconsistent API or data structures\n and a failure of slurmstepd.\n\n - Export functions from parse_time.c in libslurm.so.\n\n - Export unit convert functions from slurm_protocol_api.c\n in libslurm.so.\n\n - Fix scancel to allow multiple steps from a job to be\n cancelled at once.\n\n - Update and expand upgrade guide (in Quick Start\n Administrator web page).\n\n - burst_buffer/cray: Requeue, but do not hold a job which\n fails the pre_run operation.\n\n - Insure reported expected job start time is not in the\n past for pending jobs.\n\n - Add support for PMIx v2. Required for FATE#316379.\n\nSetting 'download_files' service to mode='localonly' and adding source\ntarball. (Required for Factory).\n\nversion 15.08.7.1\n\n - Remove the 1024-character limit on lines in batch\n scripts. task/affinity: Disable core-level task binding\n if more CPUs required than available cores.\n\n - Preemption/gang scheduling: If a job is suspended at\n slurmctld restart or reconfiguration time, then leave it\n suspended rather than resume+suspend.\n\n - Don't use lower weight nodes for job allocation when\n topology/tree used.\n\n - Don't allow user specified reservation names to disrupt\n the normal reservation sequeuece numbering scheme.\n\n - Avoid hard-link/copy of script/environment files for job\n arrays. Use the master job record file for all tasks of\n the job array. NOTE: Job arrays submitted to Slurm\n version 15.08.6 or later will fail if the slurmctld\n daemon is downgraded to an earlier version of Slurm.\n\n - In slurmctld log file, log duplicate job ID found by\n slurmd. Previously was being logged as prolog/epilog\n failure.\n\n - If a job is requeued while in the process of being\n launch, remove it's job ID from slurmd's record of\n active jobs in order to avoid generating a duplicate job\n ID error when launched for the second time (which would\n drain the node).\n\n - Cleanup messages when handling job script and\n environment variables in older directory structure\n formats.\n\n - Prevent triggering gang scheduling within a partition if\n configured with PreemptType=partition_prio and\n PreemptMode=suspend,gang.\n\n - Decrease parallelism in job cancel request to prevent\n denial of service when cancelling huge numbers of jobs.\n\n - If all ephemeral ports are in use, try using other port\n numbers.\n\n - Prevent 'scontrol update job' from updating jobs that\n have already finished.\n\n - Show requested TRES in 'squeue -O tres' when job is\n pending.\n\n - Backfill scheduler: Test association and QOS node limits\n before reserving resources for pending job.\n\n - Many bug fixes.\n\nUse source services to download package.\n\nFix code for new API of hwloc-2.0.\n\npackage netloc_to_topology where avialable.\n\nPackage documentation.\n\nversion 15.08.3\n\n - Many new features and bug fixes. See NEWS file\n\nupdate files list accordingly\n\nfix wrong end of line in some files\n\nversion 14.11.8\n\n - Many bug fixes. See NEWS file\n\nupdate files list accordingly\n\nadd missing systemd requirements\n\nadd missing rclink\n\nversion 14.03.9\n\n - Many bug fixes. See NEWS file\n\nadd systemd support\n\nversion 14.03.6\n\n - Added support for native Slurm operation on Cray systems\n (without ALPS).\n\n - Added partition configuration parameters AllowAccounts,\n AllowQOS, DenyAccounts and DenyQOS to provide greater\n control over use.\n\n - Added the ability to perform load based scheduling.\n Allocating resources to jobs on the nodes with the\n largest number if idle CPUs.\n\n - Added support for reserving cores on a compute node for\n system services (core specialization)\n\n - Add mechanism for job_submit plugin to generate error\n message for srun, salloc or sbatch to stderr.\n\n - Support for Postgres database has long since been out of\n date and problematic, so it has been removed entirely.\n If you would like to use it the code still exists in <=\n 2.6, but will not be included in this and future\n versions of the code.\n\n - Added new structures and support for both server and\n cluster resources.\n\n - Significant performance improvements, especially with\n respect to job array support.\n\nupdate files list\n\nupdate to version 2.6.7\n\n - Support for job arrays, which increases performance and\n ease of use for sets of similar jobs.\n\n - Job profiling capability added to record a wide variety\n of job characteristics for each task on a user\n configurable periodic basis. Data currently available\n includes CPU use, memory use, energy use, Infiniband\n network use, Lustre file system use, etc.\n\n - Support for MPICH2 using PMI2 communications interface\n with much greater scalability.\n\n - Prolog and epilog support for advanced reservations.\n\n - Much faster throughput for job step execution with\n --exclusive option. The srun process is notified when\n resources become available rather than periodic polling.\n\n - Support improved for Intel MIC (Many Integrated Core)\n processor.\n\n - Advanced reservations with hostname and core counts now\n supports asymmetric reservations (e.g. specific\n different core count for each node).\n\n - External sensor plugin infrastructure added to record\n power consumption, temperature, etc.\n\n - Improved performance for high-throughput computing.\n\n - MapReduce+ support (launches ~1000x faster, runs ~10x\n faster).\n\n - Added 'MaxCPUsPerNode' partition configuration\n parameter. This can be especially useful to schedule\n GPUs. For example a node can be associated with two\n Slurm partitions (e.g. 'cpu' and 'gpu') and the\n partition/queue 'cpu' could be limited to only a subset\n of the node's CPUs, insuring that one or more CPUs would\n be available to jobs in the 'gpu' partition/queue.\n\nversion 2.5.7\n\n - Fix for linking to the select/cray plugin to not give\n warning about undefined variable.\n\n - Add missing symbols to the xlator.h\n\n - Avoid placing pending jobs in AdminHold state due to\n backfill scheduler interactions with advanced\n reservation.\n\n - Accounting - make average by task not cpu.\n\n - POE - Correct logic to support poe option '-euidevice\n sn_all' and '-euidevice sn_single'.\n\n - Accounting - Fix minor initialization error.\n\n - POE - Correct logic to support srun network instances\n count with POE.\n\n - POE - With the srun --launch-cmd option, report proper\n task count when the --cpus-per-task option is used\n without the\n\n --ntasks option.\n\n - POE - Fix logic binding tasks to CPUs.\n\n - sview - Fix race condition where new information could\n of slipped past the node tab and we didn't notice.\n\n - Accounting - Fix an invalid memory read when slurmctld\n sends data about start job to slurmdbd.\n\n - If a prolog or epilog failure occurs, drain the node\n rather than setting it down and killing all of its jobs.\n\n - Priority/multifactor - Avoid underflow in half-life\n calculation.\n\n - POE - pack missing variable to allow fanout (more than\n 32 nodes)\n\n - Prevent clearing reason field for pending jobs. This bug\n was introduced in v2.5.5 (see 'Reject job at submit time\n ...').\n\n - BGQ - Fix issue with preemption on sub-block jobs where\n a job would kill all preemptable jobs on the midplane\n instead of just the ones it needed to.\n\n - switch/nrt - Validate dynamic window allocation size.\n\n - BGQ - When --geo is requested do not impose the default\n conn_types.\n\n - RebootNode logic - Defers (rather than forgets) reboot\n request with job running on the node within a\n reservation.\n\n - switch/nrt - Correct network_id use logic. Correct\n support for user sn_all and sn_single options.\n\n - sched/backfill - Modify logic to reduce overhead under\n heavy load.\n\n - Fix job step allocation with --exclusive and --hostlist\n option.\n\n - Select/cons_res - Fix bug resulting in error of\n 'cons_res: sync loop not progressing, holding job #'\n\n - checkpoint/blcr - Reset max_nodes from zero to NO_VAL on\n job restart.\n\n - launch/poe - Fix for hostlist file support with repeated\n host names.\n\n - priority/multifactor2 - Prevent possible divide by zero.\n\n -- srun - Don't check for executable if --test-only flag\n is used.\n\n - energy - On a single node only use the last task for\n gathering energy. Since we don't currently track energy\n usage per task (only per step). Otherwise we get double\n the energy.\n\nversion 2.5.4\n\n - Support for Intel® Many Integrated Core (MIC)\n processors.\n\n - User control over CPU frequency of each job step.\n\n - Recording power usage information for each job.\n\n - Advanced reservation of cores rather than whole nodes.\n\n - Integration with IBM's Parallel Environment including\n POE (Parallel Operating Environment) and NRT (Network\n Resource Table) API.\n\n - Highly optimized throughput for serial jobs in a new\n 'select/serial' plugin.\n\n - CPU load is information available\n\n - Configurable number of CPUs available to jobs in each\n SLURM partition, which provides a mechanism to reserve\n CPUs for use with GPUs.\n\nremore runlevel 4 from init script thanks to patch1\n\nfix self obsoletion of slurm-munge package\n\nuse fdupes to remove duplicates\n\nspec file reformaing\n\nput perl macro in a better within install section\n\nenable numa on x86_64 arch only\n\nadd numa and hwloc support\n\nfix perl module files list\n\nuse perl_process_packlist macro for the perl files cleanup\n\nfix some summaries length\n\nadd cgoups directory and example the cgroup.release_common file\n\nspec file cleanup\n\nfirst package\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1018371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065697\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095508\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140709\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155784\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159692\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178891\");\n script_set_attribute(attribute:\"see_also\", value:\"https://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2016-10030/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-15566/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-10995/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-7033/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-12838/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19727/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19728/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-6438/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-12693/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27745/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27746/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20210773-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?18cd535c\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 12 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-12-2021-773=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-10030\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-27745\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm36-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-dshgroup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-dshgroup-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-genders\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-genders-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-machines\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-machines-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-netgroup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-netgroup-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh-slurm_20_11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh_slurm_18_08-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh_slurm_20_02-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:pdsh_slurm_20_11-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_11-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libnss_slurm2_20_11-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libnss_slurm2_20_11-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_20_11-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_20_11-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm36-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm36-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-debuginfo-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-debugsource-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-dshgroup-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-dshgroup-debuginfo-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-genders-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-genders-debuginfo-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-machines-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-machines-debuginfo-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-netgroup-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-netgroup-debuginfo-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm-debuginfo-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_18_08-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_18_08-debuginfo-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_20_02-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_20_02-debuginfo-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_20_11-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh-slurm_20_11-debuginfo-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh_slurm_18_08-debugsource-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh_slurm_20_02-debugsource-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"pdsh_slurm_20_11-debugsource-2.34-7.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_20_11-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_20_11-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-auth-none-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-auth-none-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-config-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-config-man-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-debugsource-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-devel-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-doc-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-lua-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-lua-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-munge-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-munge-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-node-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-node-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-pam_slurm-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-pam_slurm-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-plugins-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-plugins-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-slurmdbd-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-slurmdbd-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-sql-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-sql-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-sview-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-sview-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-torque-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-torque-debuginfo-20.11.4-3.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_11-webdoc-20.11.4-3.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm_20_11 / pdsh\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-09T15:12:01", "description": "This update for slurm_18_08 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2020-27745: Fixed a potential buffer overflow from use of unpackmem (bsc#1178890).\n\n - CVE-2020-27746: Fixed a potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-25T00:00:00", "type": "nessus", "title": "openSUSE Security Update : slurm_18_08 (openSUSE-2020-2286)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745", "CVE-2020-27746"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpmi0", "p-cpe:/a:novell:opensuse:libpmi0-debuginfo", "p-cpe:/a:novell:opensuse:libslurm33", "p-cpe:/a:novell:opensuse:libslurm33-debuginfo", "p-cpe:/a:novell:opensuse:perl-slurm", "p-cpe:/a:novell:opensuse:perl-slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm", "p-cpe:/a:novell:opensuse:slurm-auth-none", "p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo", "p-cpe:/a:novell:opensuse:slurm-config", "p-cpe:/a:novell:opensuse:slurm-config-man", "p-cpe:/a:novell:opensuse:slurm-cray", "p-cpe:/a:novell:opensuse:slurm-cray-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debugsource", "p-cpe:/a:novell:opensuse:slurm-devel", "p-cpe:/a:novell:opensuse:slurm-hdf5", "p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo", "p-cpe:/a:novell:opensuse:slurm-lua", "p-cpe:/a:novell:opensuse:slurm-lua-debuginfo", "p-cpe:/a:novell:opensuse:slurm-munge", "p-cpe:/a:novell:opensuse:slurm-munge-debuginfo", "p-cpe:/a:novell:opensuse:slurm-node", "p-cpe:/a:novell:opensuse:slurm-node-debuginfo", "p-cpe:/a:novell:opensuse:slurm-openlava", "p-cpe:/a:novell:opensuse:slurm-pam_slurm", "p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-plugins", "p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo", "p-cpe:/a:novell:opensuse:slurm-seff", "p-cpe:/a:novell:opensuse:slurm-sjstat", "p-cpe:/a:novell:opensuse:slurm-slurmdbd", "p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sql", "p-cpe:/a:novell:opensuse:slurm-sql-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sview", "p-cpe:/a:novell:opensuse:slurm-sview-debuginfo", "p-cpe:/a:novell:opensuse:slurm-torque", "p-cpe:/a:novell:opensuse:slurm-torque-debuginfo", "p-cpe:/a:novell:opensuse:slurm-webdoc", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-2286.NASL", "href": "https://www.tenable.com/plugins/nessus/145334", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-2286.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(145334);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/02\");\n\n script_cve_id(\"CVE-2020-27745\", \"CVE-2020-27746\");\n\n script_name(english:\"openSUSE Security Update : slurm_18_08 (openSUSE-2020-2286)\");\n script_summary(english:\"Check for the openSUSE-2020-2286 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm_18_08 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2020-27745: Fixed a potential buffer overflow from\n use of unpackmem (bsc#1178890).\n\n - CVE-2020-27746: Fixed a potential leak of the magic\n cookie when sent as an argument to the xauth command\n (bsc#1178891).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1178890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1178891\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected slurm_18_08 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-openlava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-seff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sjstat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpmi0-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpmi0-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libslurm33-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libslurm33-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-slurm-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-slurm-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-auth-none-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-auth-none-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-config-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-config-man-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-cray-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-cray-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-debugsource-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-devel-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-hdf5-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-hdf5-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-lua-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-lua-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-munge-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-munge-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-node-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-node-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-openlava-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-pam_slurm-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-pam_slurm-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-plugins-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-plugins-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-seff-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sjstat-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-slurmdbd-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-slurmdbd-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sql-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sql-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sview-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sview-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-torque-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-torque-debuginfo-18.08.9-lp151.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-webdoc-18.08.9-lp151.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpmi0 / libpmi0-debuginfo / libslurm33 / libslurm33-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-09T15:10:46", "description": "This update for slurm_18_08 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2020-27745: Fixed a potential buffer overflow from use of unpackmem (bsc#1178890).\n\n - CVE-2020-27746: Fixed a potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-25T00:00:00", "type": "nessus", "title": "openSUSE Security Update : slurm_18_08 (openSUSE-2021-96)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745", "CVE-2020-27746"], "modified": "2021-01-27T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpmi0", "p-cpe:/a:novell:opensuse:libpmi0-debuginfo", "p-cpe:/a:novell:opensuse:libslurm33", "p-cpe:/a:novell:opensuse:libslurm33-debuginfo", "p-cpe:/a:novell:opensuse:perl-slurm", "p-cpe:/a:novell:opensuse:perl-slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm", "p-cpe:/a:novell:opensuse:slurm-auth-none", "p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo", "p-cpe:/a:novell:opensuse:slurm-config", "p-cpe:/a:novell:opensuse:slurm-config-man", "p-cpe:/a:novell:opensuse:slurm-cray", "p-cpe:/a:novell:opensuse:slurm-cray-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debugsource", "p-cpe:/a:novell:opensuse:slurm-devel", "p-cpe:/a:novell:opensuse:slurm-hdf5", "p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo", "p-cpe:/a:novell:opensuse:slurm-lua", "p-cpe:/a:novell:opensuse:slurm-lua-debuginfo", "p-cpe:/a:novell:opensuse:slurm-munge", "p-cpe:/a:novell:opensuse:slurm-munge-debuginfo", "p-cpe:/a:novell:opensuse:slurm-node", "p-cpe:/a:novell:opensuse:slurm-node-debuginfo", "p-cpe:/a:novell:opensuse:slurm-openlava", "p-cpe:/a:novell:opensuse:slurm-pam_slurm", "p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-plugins", "p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo", "p-cpe:/a:novell:opensuse:slurm-seff", "p-cpe:/a:novell:opensuse:slurm-sjstat", "p-cpe:/a:novell:opensuse:slurm-slurmdbd", "p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sql", "p-cpe:/a:novell:opensuse:slurm-sql-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sview", "p-cpe:/a:novell:opensuse:slurm-sview-debuginfo", "p-cpe:/a:novell:opensuse:slurm-torque", "p-cpe:/a:novell:opensuse:slurm-torque-debuginfo", "p-cpe:/a:novell:opensuse:slurm-webdoc", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-96.NASL", "href": "https://www.tenable.com/plugins/nessus/145346", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2021-96.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(145346);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/27\");\n\n script_cve_id(\"CVE-2020-27745\", \"CVE-2020-27746\");\n\n script_name(english:\"openSUSE Security Update : slurm_18_08 (openSUSE-2021-96)\");\n script_summary(english:\"Check for the openSUSE-2021-96 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm_18_08 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2020-27745: Fixed a potential buffer overflow from\n use of unpackmem (bsc#1178890).\n\n - CVE-2020-27746: Fixed a potential leak of the magic\n cookie when sent as an argument to the xauth command\n (bsc#1178891).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1178890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1178891\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected slurm_18_08 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-openlava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-seff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sjstat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libpmi0-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libpmi0-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libslurm33-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libslurm33-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"perl-slurm-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"perl-slurm-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-auth-none-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-auth-none-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-config-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-config-man-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-cray-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-cray-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-debugsource-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-devel-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-hdf5-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-hdf5-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-lua-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-lua-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-munge-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-munge-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-node-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-node-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-openlava-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-pam_slurm-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-pam_slurm-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-plugins-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-plugins-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-seff-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sjstat-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-slurmdbd-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-slurmdbd-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sql-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sql-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sview-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sview-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-torque-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-torque-debuginfo-18.08.9-lp152.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-webdoc-18.08.9-lp152.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpmi0 / libpmi0-debuginfo / libslurm33 / libslurm33-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:52:20", "description": "Update to 20.02.6. Closes security issues CVE-2020-27745 and CVE-2020-27746.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-30T00:00:00", "type": "nessus", "title": "Fedora 33 : slurm (2020-49b97c38e7)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745", "CVE-2020-27746"], "modified": "2020-12-07T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:slurm", "cpe:/o:fedoraproject:fedora:33"], "id": "FEDORA_2020-49B97C38E7.NASL", "href": "https://www.tenable.com/plugins/nessus/143294", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-49b97c38e7.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143294);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/07\");\n\n script_cve_id(\"CVE-2020-27745\", \"CVE-2020-27746\");\n script_xref(name:\"FEDORA\", value:\"2020-49b97c38e7\");\n\n script_name(english:\"Fedora 33 : slurm (2020-49b97c38e7)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Update to 20.02.6. Closes security issues CVE-2020-27745 and\nCVE-2020-27746.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-49b97c38e7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected slurm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:33\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^33([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 33\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC33\", reference:\"slurm-20.02.6-1.fc33\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:53:50", "description": "Update to 19.05.08. Closes security issues CVE-2020-27745 and CVE-2020-27746\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-30T00:00:00", "type": "nessus", "title": "Fedora 32 : slurm (2020-98a5098030)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745", "CVE-2020-27746"], "modified": "2020-12-07T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:slurm", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-98A5098030.NASL", "href": "https://www.tenable.com/plugins/nessus/143309", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-98a5098030.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143309);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/07\");\n\n script_cve_id(\"CVE-2020-27745\", \"CVE-2020-27746\");\n script_xref(name:\"FEDORA\", value:\"2020-98a5098030\");\n\n script_name(english:\"Fedora 32 : slurm (2020-98a5098030)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Update to 19.05.08. Closes security issues CVE-2020-27745 and\nCVE-2020-27746\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-98a5098030\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected slurm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"slurm-19.05.8-1.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:53:12", "description": "This update for slurm fixes the following issues :\n\n - CVE-2020-27745: PMIx - fix potential buffer overflows from use of unpackmem() (bsc#1178890).\n\n - CVE-2020-27746: X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : slurm (openSUSE-2020-2033)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745", "CVE-2020-27746"], "modified": "2020-12-07T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpmi0", "p-cpe:/a:novell:opensuse:libpmi0-debuginfo", "p-cpe:/a:novell:opensuse:libslurm33", "p-cpe:/a:novell:opensuse:libslurm33-debuginfo", "p-cpe:/a:novell:opensuse:perl-slurm", "p-cpe:/a:novell:opensuse:perl-slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm", "p-cpe:/a:novell:opensuse:slurm-auth-none", "p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo", "p-cpe:/a:novell:opensuse:slurm-config", "p-cpe:/a:novell:opensuse:slurm-config-man", "p-cpe:/a:novell:opensuse:slurm-cray", "p-cpe:/a:novell:opensuse:slurm-cray-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debugsource", "p-cpe:/a:novell:opensuse:slurm-devel", "p-cpe:/a:novell:opensuse:slurm-hdf5", "p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo", "p-cpe:/a:novell:opensuse:slurm-lua", "p-cpe:/a:novell:opensuse:slurm-lua-debuginfo", "p-cpe:/a:novell:opensuse:slurm-munge", "p-cpe:/a:novell:opensuse:slurm-munge-debuginfo", "p-cpe:/a:novell:opensuse:slurm-node", "p-cpe:/a:novell:opensuse:slurm-node-debuginfo", "p-cpe:/a:novell:opensuse:slurm-openlava", "p-cpe:/a:novell:opensuse:slurm-pam_slurm", "p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-plugins", "p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo", "p-cpe:/a:novell:opensuse:slurm-seff", "p-cpe:/a:novell:opensuse:slurm-sjstat", "p-cpe:/a:novell:opensuse:slurm-slurmdbd", "p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sql", "p-cpe:/a:novell:opensuse:slurm-sql-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sview", "p-cpe:/a:novell:opensuse:slurm-sview-debuginfo", "p-cpe:/a:novell:opensuse:slurm-torque", "p-cpe:/a:novell:opensuse:slurm-torque-debuginfo", "p-cpe:/a:novell:opensuse:slurm-webdoc", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-2033.NASL", "href": "https://www.tenable.com/plugins/nessus/143348", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-2033.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143348);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/07\");\n\n script_cve_id(\"CVE-2020-27745\", \"CVE-2020-27746\");\n\n script_name(english:\"openSUSE Security Update : slurm (openSUSE-2020-2033)\");\n script_summary(english:\"Check for the openSUSE-2020-2033 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm fixes the following issues :\n\n - CVE-2020-27745: PMIx - fix potential buffer overflows\n from use of unpackmem() (bsc#1178890).\n\n - CVE-2020-27746: X11 forwarding - fix potential leak of\n the magic cookie when sent as an argument to the xauth\n command (bsc#1178891).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1178890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1178891\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected slurm packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-openlava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-seff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sjstat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpmi0-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpmi0-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libslurm33-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libslurm33-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-slurm-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-slurm-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-auth-none-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-auth-none-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-config-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-config-man-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-cray-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-cray-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-debugsource-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-devel-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-hdf5-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-hdf5-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-lua-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-lua-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-munge-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-munge-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-node-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-node-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-openlava-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-pam_slurm-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-pam_slurm-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-plugins-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-plugins-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-seff-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sjstat-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-slurmdbd-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-slurmdbd-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sql-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sql-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sview-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-sview-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-torque-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-torque-debuginfo-18.08.9-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"slurm-webdoc-18.08.9-lp151.2.14.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpmi0 / libpmi0-debuginfo / libslurm33 / libslurm33-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:52:19", "description": "This update for slurm fixes the following issues :\n\n - Updated to 20.02.6 :\n\n - CVE-2020-27745: PMIx - fix potential buffer overflows from use of unpackmem() (bsc#1178890).\n\n - CVE-2020-27746: X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891).\n\n - Added support for openPMIx (bsc#1173805).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : slurm (openSUSE-2020-2056)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745", "CVE-2020-27746"], "modified": "2020-12-07T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libnss_slurm2", "p-cpe:/a:novell:opensuse:libnss_slurm2-debuginfo", "p-cpe:/a:novell:opensuse:libpmi0", "p-cpe:/a:novell:opensuse:libpmi0-debuginfo", "p-cpe:/a:novell:opensuse:libslurm35", "p-cpe:/a:novell:opensuse:libslurm35-debuginfo", "p-cpe:/a:novell:opensuse:perl-slurm", "p-cpe:/a:novell:opensuse:perl-slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm", "p-cpe:/a:novell:opensuse:slurm-auth-none", "p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo", "p-cpe:/a:novell:opensuse:slurm-config", "p-cpe:/a:novell:opensuse:slurm-config-man", "p-cpe:/a:novell:opensuse:slurm-cray", "p-cpe:/a:novell:opensuse:slurm-cray-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-debugsource", "p-cpe:/a:novell:opensuse:slurm-devel", "p-cpe:/a:novell:opensuse:slurm-hdf5", "p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo", "p-cpe:/a:novell:opensuse:slurm-lua", "p-cpe:/a:novell:opensuse:slurm-lua-debuginfo", "p-cpe:/a:novell:opensuse:slurm-munge", "p-cpe:/a:novell:opensuse:slurm-munge-debuginfo", "p-cpe:/a:novell:opensuse:slurm-node", "p-cpe:/a:novell:opensuse:slurm-node-debuginfo", "p-cpe:/a:novell:opensuse:slurm-openlava", "p-cpe:/a:novell:opensuse:slurm-pam_slurm", "p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:opensuse:slurm-plugins", "p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo", "p-cpe:/a:novell:opensuse:slurm-rest", "p-cpe:/a:novell:opensuse:slurm-rest-debuginfo", "p-cpe:/a:novell:opensuse:slurm-seff", "p-cpe:/a:novell:opensuse:slurm-sjstat", "p-cpe:/a:novell:opensuse:slurm-slurmdbd", "p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sql", "p-cpe:/a:novell:opensuse:slurm-sql-debuginfo", "p-cpe:/a:novell:opensuse:slurm-sview", "p-cpe:/a:novell:opensuse:slurm-sview-debuginfo", "p-cpe:/a:novell:opensuse:slurm-torque", "p-cpe:/a:novell:opensuse:slurm-torque-debuginfo", "p-cpe:/a:novell:opensuse:slurm-webdoc", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-2056.NASL", "href": "https://www.tenable.com/plugins/nessus/143302", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-2056.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143302);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/07\");\n\n script_cve_id(\"CVE-2020-27745\", \"CVE-2020-27746\");\n\n script_name(english:\"openSUSE Security Update : slurm (openSUSE-2020-2056)\");\n script_summary(english:\"Check for the openSUSE-2020-2056 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm fixes the following issues :\n\n - Updated to 20.02.6 :\n\n - CVE-2020-27745: PMIx - fix potential buffer overflows\n from use of unpackmem() (bsc#1178890).\n\n - CVE-2020-27746: X11 forwarding - fix potential leak of\n the magic cookie when sent as an argument to the xauth\n command (bsc#1178891).\n\n - Added support for openPMIx (bsc#1173805).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1178890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1178891\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected slurm packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnss_slurm2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnss_slurm2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libslurm35-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-cray-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-hdf5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-openlava\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-rest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-rest-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-seff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sjstat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:slurm-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnss_slurm2-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libnss_slurm2-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libpmi0-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libpmi0-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libslurm35-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libslurm35-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"perl-slurm-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"perl-slurm-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-auth-none-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-auth-none-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-config-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-config-man-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-cray-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-cray-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-debugsource-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-devel-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-hdf5-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-hdf5-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-lua-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-lua-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-munge-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-munge-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-node-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-node-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-openlava-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-pam_slurm-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-pam_slurm-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-plugins-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-plugins-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-rest-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-rest-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-seff-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sjstat-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-slurmdbd-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-slurmdbd-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sql-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sql-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sview-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-sview-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-torque-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-torque-debuginfo-20.02.6-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"slurm-webdoc-20.02.6-lp152.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libnss_slurm2 / libnss_slurm2-debuginfo / libpmi0 / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:54:39", "description": "This update for slurm_18_08 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2020-27745: Fixed a potential buffer overflow from use of unpackmem (bsc#1178890).\n\nCVE-2020-27746: Fixed a potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-18T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : slurm_18_08 (SUSE-SU-2020:3863-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745", "CVE-2020-27746"], "modified": "2020-12-22T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpmi0_18_08", "p-cpe:/a:novell:suse_linux:libpmi0_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm33", "p-cpe:/a:novell:suse_linux:libslurm33-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm_18_08", "p-cpe:/a:novell:suse_linux:perl-slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08", "p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none", "p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-config", "p-cpe:/a:novell:suse_linux:slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-debugsource", "p-cpe:/a:novell:suse_linux:slurm_18_08-devel", "p-cpe:/a:novell:suse_linux:slurm_18_08-doc", "p-cpe:/a:novell:suse_linux:slurm_18_08-lua", "p-cpe:/a:novell:suse_linux:slurm_18_08-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-munge", "p-cpe:/a:novell:suse_linux:slurm_18_08-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-node", "p-cpe:/a:novell:suse_linux:slurm_18_08-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-plugins", "p-cpe:/a:novell:suse_linux:slurm_18_08-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-sql", "p-cpe:/a:novell:suse_linux:slurm_18_08-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-torque", "p-cpe:/a:novell:suse_linux:slurm_18_08-torque-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-3863-1.NASL", "href": "https://www.tenable.com/plugins/nessus/144438", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3863-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(144438);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/22\");\n\n script_cve_id(\"CVE-2020-27745\", \"CVE-2020-27746\");\n\n script_name(english:\"SUSE SLES12 Security Update : slurm_18_08 (SUSE-SU-2020:3863-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm_18_08 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2020-27745: Fixed a potential buffer overflow from use of\nunpackmem (bsc#1178890).\n\nCVE-2020-27746: Fixed a potential leak of the magic cookie when sent\nas an argument to the xauth command (bsc#1178891).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27745/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27746/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203863-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?794b635c\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 12 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-12-2020-3863=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_18_08-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_18_08-debuginfo-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm33-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm33-debuginfo-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_18_08-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_18_08-debuginfo-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-auth-none-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-auth-none-debuginfo-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-config-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-debuginfo-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-debugsource-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-devel-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-doc-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-lua-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-lua-debuginfo-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-munge-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-munge-debuginfo-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-node-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-node-debuginfo-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-pam_slurm-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-pam_slurm-debuginfo-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-plugins-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-plugins-debuginfo-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-slurmdbd-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-slurmdbd-debuginfo-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-sql-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-sql-debuginfo-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-torque-18.08.9-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-torque-debuginfo-18.08.9-3.11.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm_18_08\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:54:37", "description": "This update for slurm fixes the following issues :\n\nCVE-2020-27745: PMIx - fix potential buffer overflows from use of unpackmem() (bsc#1178890).\n\nCVE-2020-27746: X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : slurm (SUSE-SU-2020:3505-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745", "CVE-2020-27746"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpmi0", "p-cpe:/a:novell:suse_linux:libpmi0-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm33", "p-cpe:/a:novell:suse_linux:libslurm33-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm", "p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm", "p-cpe:/a:novell:suse_linux:slurm-auth-none", "p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-config", "p-cpe:/a:novell:suse_linux:slurm-config-man", "p-cpe:/a:novell:suse_linux:slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-debugsource", "p-cpe:/a:novell:suse_linux:slurm-devel", "p-cpe:/a:novell:suse_linux:slurm-doc", "p-cpe:/a:novell:suse_linux:slurm-lua", "p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-munge", "p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-node", "p-cpe:/a:novell:suse_linux:slurm-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-plugins", "p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sql", "p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sview", "p-cpe:/a:novell:suse_linux:slurm-sview-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-torque", "p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-3505-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143834", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3505-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143834);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2020-27745\", \"CVE-2020-27746\");\n\n script_name(english:\"SUSE SLES15 Security Update : slurm (SUSE-SU-2020:3505-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm fixes the following issues :\n\nCVE-2020-27745: PMIx - fix potential buffer overflows from use of\nunpackmem() (bsc#1178890).\n\nCVE-2020-27746: X11 forwarding - fix potential leak of the magic\ncookie when sent as an argument to the xauth command (bsc#1178891).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27745/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27746/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203505-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?15c00d9d\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-15-SP1-2020-3505=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpmi0-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpmi0-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libslurm33-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libslurm33-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"perl-slurm-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"perl-slurm-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-auth-none-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-auth-none-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-config-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-config-man-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-debugsource-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-devel-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-doc-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-lua-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-lua-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-munge-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-munge-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-node-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-node-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-plugins-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-plugins-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-sql-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-sql-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-sview-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-sview-debuginfo-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-torque-18.08.9-3.16.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm-torque-debuginfo-18.08.9-3.16.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:54:55", "description": "This update for slurm fixes the following issues :\n\nUpdated to 20.02.6 :\n\n - CVE-2020-27745: PMIx - fix potential buffer overflows from use of unpackmem() (bsc#1178890).\n\n - CVE-2020-27746: X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891).\n\n - Added support for openPMIx (bsc#1173805).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : slurm (SUSE-SU-2020:3506-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745", "CVE-2020-27746"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libnss_slurm2", "p-cpe:/a:novell:suse_linux:libnss_slurm2-debuginfo", "p-cpe:/a:novell:suse_linux:libpmi0", "p-cpe:/a:novell:suse_linux:libpmi0-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm35", "p-cpe:/a:novell:suse_linux:libslurm35-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm", "p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm", "p-cpe:/a:novell:suse_linux:slurm-auth-none", "p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-config", "p-cpe:/a:novell:suse_linux:slurm-config-man", "p-cpe:/a:novell:suse_linux:slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-debugsource", "p-cpe:/a:novell:suse_linux:slurm-devel", "p-cpe:/a:novell:suse_linux:slurm-doc", "p-cpe:/a:novell:suse_linux:slurm-lua", "p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-munge", "p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-node", "p-cpe:/a:novell:suse_linux:slurm-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-plugins", "p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sql", "p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sview", "p-cpe:/a:novell:suse_linux:slurm-sview-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-torque", "p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-webdoc", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-3506-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143740", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3506-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143740);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2020-27745\", \"CVE-2020-27746\");\n\n script_name(english:\"SUSE SLES15 Security Update : slurm (SUSE-SU-2020:3506-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm fixes the following issues :\n\nUpdated to 20.02.6 :\n\n - CVE-2020-27745: PMIx - fix potential buffer overflows\n from use of unpackmem() (bsc#1178890).\n\n - CVE-2020-27746: X11 forwarding - fix potential leak of\n the magic cookie when sent as an argument to the xauth\n command (bsc#1178891).\n\n - Added support for openPMIx (bsc#1173805).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27745/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27746/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203506-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?88a88181\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-15-SP2-2020-3506=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libnss_slurm2-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libnss_slurm2-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libpmi0-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libpmi0-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libslurm35-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libslurm35-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"perl-slurm-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"perl-slurm-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-auth-none-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-auth-none-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-config-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-config-man-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-debugsource-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-devel-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-doc-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-lua-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-lua-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-munge-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-munge-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-node-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-node-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-pam_slurm-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-plugins-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-plugins-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-slurmdbd-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-sql-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-sql-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-sview-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-sview-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-torque-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-torque-debuginfo-20.02.6-3.3.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"slurm-webdoc-20.02.6-3.3.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:55:27", "description": "This update for slurm_20_02 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2020-27745: Fixed a potential buffer overflow from use of unpackmem (bsc#1178890).\n\nCVE-2020-27746: Fixed a potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891).\n\nNon-security issues fixed :\n\nUpdated to 20.02.6. Full log and details available at :\n\n - https://lists.schedmd.com/pipermail/slurm-announce/2020/000045.html\n\nUpdated to 20.02.5, changes :\n\n - Fix leak of TRESRunMins when job time is changed with\n --time-min\n\n - pam_slurm - explicitly initialize slurm config to support configless mode.\n\n - scontrol - Fix exit code when creating/updating reservations with wrong Flags.\n\n - When a GRES has a no_consume flag, report 0 for allocated.\n\n - Fix cgroup cleanup by jobacct_gather/cgroup.\n\n - When creating reservations/jobs don't allow counts on a feature unless using an XOR.\n\n - Improve number of boards discovery\n\n - Fix updating a reservation NodeCnt on a zero-count reservation.\n\n - slurmrestd - provide an explicit error messages when PSK auth fails.\n\n - cons_tres - fix job requesting single gres per-node getting two or more nodes with less CPUs than requested per-task.\n\n - cons_tres - fix calculation of cores when using gres and cpus-per-task.\n\n - cons_tres - fix job not getting access to socket without GPU or with less than --gpus-per-socket when not enough cpus available on required socket and not using\n --gres-flags=enforce binding.\n\n - Fix HDF5 type version build error.\n\n - Fix creation of CoreCnt only reservations when the first node isn't available.\n\n - Fix wrong DBD Agent queue size in sdiag when using accounting_storage/none.\n\n - Improve job constraints XOR option logic.\n\n - Fix preemption of hetjobs when needed nodes not in leader component.\n\n - Fix wrong bit_or() messing potential preemptor jobs node bitmap, causing bad node deallocations and even allocation of nodes from other partitions.\n\n - Fix double-deallocation of preempted non-leader hetjob components.\n\n - slurmdbd - prevent truncation of the step nodelists over 4095.\n\n - Fix nodes remaining in drain state state after rebooting with ASAP option.\n\n - changes from 20.02.4 :\n\n - srun - suppress job step creation warning message when waiting on PrologSlurmctld.\n\n - slurmrestd - fix incorrect return values in data_list_for_each() functions.\n\n - mpi/pmix - fix issue where HetJobs could fail to launch.\n\n - slurmrestd - set content-type header in responses.\n\n - Fix cons_res GRES overallocation for\n --gres-flags=disable-binding.\n\n - Fix cons_res incorrectly filtering cores with respect to GRES locality for\n\n --gres-flags=disable-binding requests.\n\n - Fix regression where a dependency on multiple jobs in a single array using underscores would only add the first job.\n\n - slurmrestd - fix corrupted output due to incorrect use of memcpy().\n\n - slurmrestd - address a number of minor Coverity warnings.\n\n - Handle retry failure when slurmstepd is communicating with srun correctly.\n\n - Fix jobacct_gather possibly duplicate stats when\n _is_a_lwp error shows up.\n\n - Fix tasks binding to GRES which are closest to the allocated CPUs.\n\n - Fix AMD GPU ROCM 3.5 support.\n\n - Fix handling of job arrays in sacct when querying specific steps.\n\n - slurmrestd - avoid fallback to local socket authentication if JWT authentication is ill-formed.\n\n - slurmrestd - restrict ability of requests to use different authentication plugins.\n\n - slurmrestd - unlink named unix sockets before closing.\n\n - slurmrestd - fix invalid formatting in openapi.json.\n\n - Fix batch jobs stuck in CF state on FrontEnd mode.\n\n - Add a separate explicit error message when rejecting changes to active node features.\n\n - cons_common/job_test - fix slurmctld SIGABRT due to double-free.\n\n - Fix updating reservations to set the duration correctly if updating the start time.\n\n - Fix update reservation to promiscuous mode.\n\n - Fix override of job tasks count to max when ntasks-per-node present.\n\n - Fix min CPUs per node not being at least CPUs per task requested.\n\n - Fix CPUs allocated to match CPUs requested when requesting GRES and threads per core equal to one.\n\n - Fix NodeName config parsing with Boards and without CPUs.\n\n - Ensure SLURM_JOB_USER and SLURM_JOB_UID are set in SrunProlog/Epilog.\n\n - Fix error messages for certain invalid salloc/sbatch/srun options.\n\n - pmi2 - clean up sockets at step termination.\n\n - Fix 'scontrol hold' to work with 'JobName'.\n\n - sbatch - handle --uid/--gid in #SBATCH directives properly.\n\n - Fix race condition in job termination on slurmd.\n\n - Print specific error messages if trying to run use certain priority/multifactor factors that cannot work without SlurmDBD.\n\n - Avoid partial GRES allocation when --gpus-per-job is not satisfied.\n\n - Cray - Avoid referencing a variable outside of it's correct scope when dealing with creating steps within a het job.\n\n - slurmrestd - correctly handle larger addresses from accept().\n\n - Avoid freeing wrong pointer with SlurmctldParameters=max_dbd_msg_action with another option after that.\n\n - Restore MCS label when suspended job is resumed.\n\n - Fix insufficient lock levels.\n\n - slurmrestd - use errno from job submission.\n\n - Fix 'user' filter for sacctmgr show transactions.\n\n - Fix preemption logic.\n\n - Fix no_consume GRES for exclusive (whole node) requests.\n\n - Fix regression in 20.02 that caused an infinite loop in slurmctld when requesting --distribution=plane for the job.\n\n - Fix parsing of the --distribution option.\n\n - Add CONF READ_LOCK to _handle_fed_send_job_sync.\n\n - prep/script - always call slurmctld PrEp callback in\n _run_script().\n\n - Fix node estimation for jobs that use GPUs or\n --cpus-per-task.\n\n - Fix jobcomp, job_submit and cli_filter Lua implementation plugins causing slurmctld and/or job submission CLI tools segfaults due to bad return handling when the respective Lua script failed to load.\n\n - Fix propagation of gpu options through hetjob components.\n\n - Add SLURM_CLUSTERS environment variable to scancel.\n\n - Fix packing/unpacking of 'unlinked' jobs.\n\n - Connect slurmstepd's stderr to srun for steps launched with --pty.\n\n - Handle MPS correctly when doing exclusive allocations.\n\n - slurmrestd - fix compiling against libhttpparser in a non-default path.\n\n - slurmrestd - avoid compilation issues with libhttpparser < 2.6.\n\n - Fix compile issues when compiling slurmrestd without\n --enable-debug.\n\n - Reset idle time on a reservation that is getting purged.\n\n - Fix reoccurring reservations that have Purge_comp= to keep correct duration if they are purged.\n\n - scontrol - changed the 'PROMISCUOUS' flag to 'MAGNETIC'\n\n - Early return from epilog_set_env in case of no_consume.\n\n - Fix cons_common/job_test start time discovery logic to prevent skewed results between 'will run test' executions.\n\n - Ensure TRESRunMins limits are maintained during 'scontrol reconfigure'.\n\n - Improve error message when host lookup fails.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-22T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : slurm_20_02 (SUSE-SU-2020:3892-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745", "CVE-2020-27746"], "modified": "2020-12-24T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02", "p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:libpmi0_20_02", "p-cpe:/a:novell:suse_linux:libpmi0_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm35", "p-cpe:/a:novell:suse_linux:libslurm35-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm_20_02", "p-cpe:/a:novell:suse_linux:perl-slurm_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02", "p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none", "p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-config", "p-cpe:/a:novell:suse_linux:slurm_20_02-config-man", "p-cpe:/a:novell:suse_linux:slurm_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-debugsource", "p-cpe:/a:novell:suse_linux:slurm_20_02-devel", "p-cpe:/a:novell:suse_linux:slurm_20_02-doc", "p-cpe:/a:novell:suse_linux:slurm_20_02-lua", "p-cpe:/a:novell:suse_linux:slurm_20_02-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-munge", "p-cpe:/a:novell:suse_linux:slurm_20_02-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-node", "p-cpe:/a:novell:suse_linux:slurm_20_02-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-plugins", "p-cpe:/a:novell:suse_linux:slurm_20_02-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-sql", "p-cpe:/a:novell:suse_linux:slurm_20_02-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-sview", "p-cpe:/a:novell:suse_linux:slurm_20_02-sview-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-torque", "p-cpe:/a:novell:suse_linux:slurm_20_02-torque-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-3892-1.NASL", "href": "https://www.tenable.com/plugins/nessus/144535", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3892-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(144535);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/24\");\n\n script_cve_id(\"CVE-2020-27745\", \"CVE-2020-27746\");\n\n script_name(english:\"SUSE SLES12 Security Update : slurm_20_02 (SUSE-SU-2020:3892-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm_20_02 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2020-27745: Fixed a potential buffer overflow from use of\nunpackmem (bsc#1178890).\n\nCVE-2020-27746: Fixed a potential leak of the magic cookie when sent\nas an argument to the xauth command (bsc#1178891).\n\nNon-security issues fixed :\n\nUpdated to 20.02.6. Full log and details available at :\n\n - https://lists.schedmd.com/pipermail/slurm-announce/2020/000045.html\n\nUpdated to 20.02.5, changes :\n\n - Fix leak of TRESRunMins when job time is changed with\n --time-min\n\n - pam_slurm - explicitly initialize slurm config to\n support configless mode.\n\n - scontrol - Fix exit code when creating/updating\n reservations with wrong Flags.\n\n - When a GRES has a no_consume flag, report 0 for\n allocated.\n\n - Fix cgroup cleanup by jobacct_gather/cgroup.\n\n - When creating reservations/jobs don't allow counts on a\n feature unless using an XOR.\n\n - Improve number of boards discovery\n\n - Fix updating a reservation NodeCnt on a zero-count\n reservation.\n\n - slurmrestd - provide an explicit error messages when PSK\n auth fails.\n\n - cons_tres - fix job requesting single gres per-node\n getting two or more nodes with less CPUs than requested\n per-task.\n\n - cons_tres - fix calculation of cores when using gres and\n cpus-per-task.\n\n - cons_tres - fix job not getting access to socket without\n GPU or with less than --gpus-per-socket when not enough\n cpus available on required socket and not using\n --gres-flags=enforce binding.\n\n - Fix HDF5 type version build error.\n\n - Fix creation of CoreCnt only reservations when the first\n node isn't available.\n\n - Fix wrong DBD Agent queue size in sdiag when using\n accounting_storage/none.\n\n - Improve job constraints XOR option logic.\n\n - Fix preemption of hetjobs when needed nodes not in\n leader component.\n\n - Fix wrong bit_or() messing potential preemptor jobs node\n bitmap, causing bad node deallocations and even\n allocation of nodes from other partitions.\n\n - Fix double-deallocation of preempted non-leader hetjob\n components.\n\n - slurmdbd - prevent truncation of the step nodelists over\n 4095.\n\n - Fix nodes remaining in drain state state after rebooting\n with ASAP option.\n\n - changes from 20.02.4 :\n\n - srun - suppress job step creation warning message when\n waiting on PrologSlurmctld.\n\n - slurmrestd - fix incorrect return values in\n data_list_for_each() functions.\n\n - mpi/pmix - fix issue where HetJobs could fail to launch.\n\n - slurmrestd - set content-type header in responses.\n\n - Fix cons_res GRES overallocation for\n --gres-flags=disable-binding.\n\n - Fix cons_res incorrectly filtering cores with respect to\n GRES locality for\n\n --gres-flags=disable-binding requests.\n\n - Fix regression where a dependency on multiple jobs in a\n single array using underscores would only add the first\n job.\n\n - slurmrestd - fix corrupted output due to incorrect use\n of memcpy().\n\n - slurmrestd - address a number of minor Coverity\n warnings.\n\n - Handle retry failure when slurmstepd is communicating\n with srun correctly.\n\n - Fix jobacct_gather possibly duplicate stats when\n _is_a_lwp error shows up.\n\n - Fix tasks binding to GRES which are closest to the\n allocated CPUs.\n\n - Fix AMD GPU ROCM 3.5 support.\n\n - Fix handling of job arrays in sacct when querying\n specific steps.\n\n - slurmrestd - avoid fallback to local socket\n authentication if JWT authentication is ill-formed.\n\n - slurmrestd - restrict ability of requests to use\n different authentication plugins.\n\n - slurmrestd - unlink named unix sockets before closing.\n\n - slurmrestd - fix invalid formatting in openapi.json.\n\n - Fix batch jobs stuck in CF state on FrontEnd mode.\n\n - Add a separate explicit error message when rejecting\n changes to active node features.\n\n - cons_common/job_test - fix slurmctld SIGABRT due to\n double-free.\n\n - Fix updating reservations to set the duration correctly\n if updating the start time.\n\n - Fix update reservation to promiscuous mode.\n\n - Fix override of job tasks count to max when\n ntasks-per-node present.\n\n - Fix min CPUs per node not being at least CPUs per task\n requested.\n\n - Fix CPUs allocated to match CPUs requested when\n requesting GRES and threads per core equal to one.\n\n - Fix NodeName config parsing with Boards and without\n CPUs.\n\n - Ensure SLURM_JOB_USER and SLURM_JOB_UID are set in\n SrunProlog/Epilog.\n\n - Fix error messages for certain invalid\n salloc/sbatch/srun options.\n\n - pmi2 - clean up sockets at step termination.\n\n - Fix 'scontrol hold' to work with 'JobName'.\n\n - sbatch - handle --uid/--gid in #SBATCH directives\n properly.\n\n - Fix race condition in job termination on slurmd.\n\n - Print specific error messages if trying to run use\n certain priority/multifactor factors that cannot work\n without SlurmDBD.\n\n - Avoid partial GRES allocation when --gpus-per-job is not\n satisfied.\n\n - Cray - Avoid referencing a variable outside of it's\n correct scope when dealing with creating steps within a\n het job.\n\n - slurmrestd - correctly handle larger addresses from\n accept().\n\n - Avoid freeing wrong pointer with\n SlurmctldParameters=max_dbd_msg_action with another\n option after that.\n\n - Restore MCS label when suspended job is resumed.\n\n - Fix insufficient lock levels.\n\n - slurmrestd - use errno from job submission.\n\n - Fix 'user' filter for sacctmgr show transactions.\n\n - Fix preemption logic.\n\n - Fix no_consume GRES for exclusive (whole node) requests.\n\n - Fix regression in 20.02 that caused an infinite loop in\n slurmctld when requesting --distribution=plane for the\n job.\n\n - Fix parsing of the --distribution option.\n\n - Add CONF READ_LOCK to _handle_fed_send_job_sync.\n\n - prep/script - always call slurmctld PrEp callback in\n _run_script().\n\n - Fix node estimation for jobs that use GPUs or\n --cpus-per-task.\n\n - Fix jobcomp, job_submit and cli_filter Lua\n implementation plugins causing slurmctld and/or job\n submission CLI tools segfaults due to bad return\n handling when the respective Lua script failed to load.\n\n - Fix propagation of gpu options through hetjob\n components.\n\n - Add SLURM_CLUSTERS environment variable to scancel.\n\n - Fix packing/unpacking of 'unlinked' jobs.\n\n - Connect slurmstepd's stderr to srun for steps launched\n with --pty.\n\n - Handle MPS correctly when doing exclusive allocations.\n\n - slurmrestd - fix compiling against libhttpparser in a\n non-default path.\n\n - slurmrestd - avoid compilation issues with libhttpparser\n < 2.6.\n\n - Fix compile issues when compiling slurmrestd without\n --enable-debug.\n\n - Reset idle time on a reservation that is getting purged.\n\n - Fix reoccurring reservations that have Purge_comp= to\n keep correct duration if they are purged.\n\n - scontrol - changed the 'PROMISCUOUS' flag to 'MAGNETIC'\n\n - Early return from epilog_set_env in case of no_consume.\n\n - Fix cons_common/job_test start time discovery logic to\n prevent skewed results between 'will run test'\n executions.\n\n - Ensure TRESRunMins limits are maintained during\n 'scontrol reconfigure'.\n\n - Improve error message when host lookup fails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.schedmd.com/pipermail/slurm-announce/2020/000045.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27745/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27746/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203892-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44c01572\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 12 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-12-2020-3892=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libnss_slurm2_20_02-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libnss_slurm2_20_02-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_20_02-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_20_02-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm35-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm35-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_20_02-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_20_02-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-auth-none-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-auth-none-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-config-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-config-man-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-debugsource-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-devel-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-doc-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-lua-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-lua-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-munge-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-munge-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-node-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-node-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-pam_slurm-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-pam_slurm-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-plugins-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-plugins-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-slurmdbd-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-slurmdbd-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-sql-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-sql-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-sview-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-sview-debuginfo-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-torque-20.02.6-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_20_02-torque-debuginfo-20.02.6-3.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm_20_02\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:56:03", "description": "This update for slurm_17_11 fixes the following issues :\n\nCVE-2020-27745: Fixed potential buffer overflows from use of unpackmem() (bsc#1178890).\n\nCVE-2020-27746: Fixed a potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891).\n\nFixed %posttrans macro _res_update to cope with added newline (bsc#1153259).\n\nFixed permissions of slurmdbd.conf (bsc#1155784).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-21T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : slurm_17_11 (SUSE-SU-2020:3878-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745", "CVE-2020-27746"], "modified": "2020-12-23T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libslurm32", "p-cpe:/a:novell:suse_linux:libslurm32-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-3878-1.NASL", "href": "https://www.tenable.com/plugins/nessus/144499", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3878-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(144499);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/23\");\n\n script_cve_id(\"CVE-2020-27745\", \"CVE-2020-27746\");\n\n script_name(english:\"SUSE SLES15 Security Update : slurm_17_11 (SUSE-SU-2020:3878-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm_17_11 fixes the following issues :\n\nCVE-2020-27745: Fixed potential buffer overflows from use of\nunpackmem() (bsc#1178890).\n\nCVE-2020-27746: Fixed a potential leak of the magic cookie when sent\nas an argument to the xauth command (bsc#1178891).\n\nFixed %posttrans macro _res_update to cope with added newline\n(bsc#1153259).\n\nFixed permissions of slurmdbd.conf (bsc#1155784).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155784\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27745/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27746/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203878-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?776ba56f\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-15-SP1-2020-3878=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-3878=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-3878=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm32-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libslurm32-17.11.13-6.34.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libslurm32-debuginfo-17.11.13-6.34.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm_17_11\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-09T15:10:47", "description": "This update for slurm_20_02 fixes the following issues :\n\nUpdated to 20.02.6, addresses two security fixes :\n\n - PMIx - fix potential buffer overflows from use of unpackmem(). CVE-2020-27745 (bsc#1178890)\n\n - X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command.\n CVE-2020-27746 (bsc#1178891)\n\nAnd many other bugfixes, full log and details available at :\n\n - https://lists.schedmd.com/pipermail/slurm-announce/2020/000045.html\n\nUpdated to 20.02.5, changes :\n\n - Fix leak of TRESRunMins when job time is changed with\n --time-min\n\n - pam_slurm - explicitly initialize slurm config to support configless mode.\n\n - scontrol - Fix exit code when creating/updating reservations with wrong Flags.\n\n - When a GRES has a no_consume flag, report 0 for allocated.\n\n - Fix cgroup cleanup by jobacct_gather/cgroup.\n\n - When creating reservations/jobs don't allow counts on a feature unless using an XOR.\n\n - Improve number of boards discovery\n\n - Fix updating a reservation NodeCnt on a zero-count reservation.\n\n - slurmrestd - provide an explicit error messages when PSK auth fails.\n\n - cons_tres - fix job requesting single gres per-node getting two or more nodes with less CPUs than requested per-task.\n\n - cons_tres - fix calculation of cores when using gres and cpus-per-task.\n\n - cons_tres - fix job not getting access to socket without GPU or with less than --gpus-per-socket when not enough cpus available on required socket and not using\n --gres-flags=enforce binding.\n\n - Fix HDF5 type version build error.\n\n - Fix creation of CoreCnt only reservations when the first node isn't available.\n\n - Fix wrong DBD Agent queue size in sdiag when using accounting_storage/none.\n\n - Improve job constraints XOR option logic.\n\n - Fix preemption of hetjobs when needed nodes not in leader component.\n\n - Fix wrong bit_or() messing potential preemptor jobs node bitmap, causing bad node deallocations and even allocation of nodes from other partitions.\n\n - Fix double-deallocation of preempted non-leader hetjob components.\n\n - slurmdbd - prevent truncation of the step nodelists over 4095.\n\n - Fix nodes remaining in drain state state after rebooting with ASAP option.\n\nchanges from 20.02.4 :\n\n - srun - suppress job step creation warning message when waiting on PrologSlurmctld.\n\n - slurmrestd - fix incorrect return values in data_list_for_each() functions.\n\n - mpi/pmix - fix issue where HetJobs could fail to launch.\n\n - slurmrestd - set content-type header in responses.\n\n - Fix cons_res GRES overallocation for\n --gres-flags=disable-binding.\n\n - Fix cons_res incorrectly filtering cores with respect to GRES locality for\n\n --gres-flags=disable-binding requests.\n\n - Fix regression where a dependency on multiple jobs in a single array using underscores would only add the first job.\n\n - slurmrestd - fix corrupted output due to incorrect use of memcpy().\n\n - slurmrestd - address a number of minor Coverity warnings.\n\n - Handle retry failure when slurmstepd is communicating with srun correctly.\n\n - Fix jobacct_gather possibly duplicate stats when\n _is_a_lwp error shows up.\n\n - Fix tasks binding to GRES which are closest to the allocated CPUs.\n\n - Fix AMD GPU ROCM 3.5 support.\n\n - Fix handling of job arrays in sacct when querying specific steps.\n\n - slurmrestd - avoid fallback to local socket authentication if JWT authentication is ill-formed.\n\n - slurmrestd - restrict ability of requests to use different authentication plugins.\n\n - slurmrestd - unlink named unix sockets before closing.\n\n - slurmrestd - fix invalid formatting in openapi.json.\n\n - Fix batch jobs stuck in CF state on FrontEnd mode.\n\n - Add a separate explicit error message when rejecting changes to active node features.\n\n - cons_common/job_test - fix slurmctld SIGABRT due to double-free.\n\n - Fix updating reservations to set the duration correctly if updating the start time.\n\n - Fix update reservation to promiscuous mode.\n\n - Fix override of job tasks count to max when ntasks-per-node present.\n\n - Fix min CPUs per node not being at least CPUs per task requested.\n\n - Fix CPUs allocated to match CPUs requested when requesting GRES and threads per core equal to one.\n\n - Fix NodeName config parsing with Boards and without CPUs.\n\n - Ensure SLURM_JOB_USER and SLURM_JOB_UID are set in SrunProlog/Epilog.\n\n - Fix error messages for certain invalid salloc/sbatch/srun options.\n\n - pmi2 - clean up sockets at step termination.\n\n - Fix 'scontrol hold' to work with 'JobName'.\n\n - sbatch - handle --uid/--gid in #SBATCH directives properly.\n\n - Fix race condition in job termination on slurmd.\n\n - Print specific error messages if trying to run use certain priority/multifactor factors that cannot work without SlurmDBD.\n\n - Avoid partial GRES allocation when --gpus-per-job is not satisfied.\n\n - Cray - Avoid referencing a variable outside of it's correct scope when dealing with creating steps within a het job.\n\n - slurmrestd - correctly handle larger addresses from accept().\n\n - Avoid freeing wrong pointer with SlurmctldParameters=max_dbd_msg_action with another option after that.\n\n - Restore MCS label when suspended job is resumed.\n\n - Fix insufficient lock levels.\n\n - slurmrestd - use errno from job submission.\n\n - Fix 'user' filter for sacctmgr show transactions.\n\n - Fix preemption logic.\n\n - Fix no_consume GRES for exclusive (whole node) requests.\n\n - Fix regression in 20.02 that caused an infinite loop in slurmctld when requesting --distribution=plane for the job.\n\n - Fix parsing of the --distribution option.\n\n - Add CONF READ_LOCK to _handle_fed_send_job_sync.\n\n - prep/script - always call slurmctld PrEp callback in\n _run_script().\n\n - Fix node estimation for jobs that use GPUs or\n --cpus-per-task.\n\n - Fix jobcomp, job_submit and cli_filter Lua implementation plugins causing slurmctld and/or job submission CLI tools segfaults due to bad return handling when the respective Lua script failed to load.\n\n - Fix propagation of gpu options through hetjob components.\n\n - Add SLURM_CLUSTERS environment variable to scancel.\n\n - Fix packing/unpacking of 'unlinked' jobs.\n\n - Connect slurmstepd's stderr to srun for steps launched with --pty.\n\n - Handle MPS correctly when doing exclusive allocations.\n\n - slurmrestd - fix compiling against libhttpparser in a non-default path.\n\n - slurmrestd - avoid compilation issues with libhttpparser < 2.6.\n\n - Fix compile issues when compiling slurmrestd without\n --enable-debug.\n\n - Reset idle time on a reservation that is getting purged.\n\n - Fix reoccurring reservations that have Purge_comp= to keep correct duration if they are purged.\n\n - scontrol - changed the 'PROMISCUOUS' flag to 'MAGNETIC'\n\n - Early return from epilog_set_env in case of no_consume.\n\n - Fix cons_common/job_test start time discovery logic to prevent skewed results between 'will run test' executions.\n\n - Ensure TRESRunMins limits are maintained during 'scontrol reconfigure'.\n\n - Improve error message when host lookup fails.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-20T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : slurm_20_02 (SUSE-SU-2021:0139-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27745", "CVE-2020-27746"], "modified": "2021-01-22T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02", "p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:libpmi0_20_02", "p-cpe:/a:novell:suse_linux:libpmi0_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm35", "p-cpe:/a:novell:suse_linux:libslurm35-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm_20_02", "p-cpe:/a:novell:suse_linux:perl-slurm_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02", "p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none", "p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-config", "p-cpe:/a:novell:suse_linux:slurm_20_02-config-man", "p-cpe:/a:novell:suse_linux:slurm_20_02-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-debugsource", "p-cpe:/a:novell:suse_linux:slurm_20_02-devel", "p-cpe:/a:novell:suse_linux:slurm_20_02-doc", "p-cpe:/a:novell:suse_linux:slurm_20_02-lua", "p-cpe:/a:novell:suse_linux:slurm_20_02-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-munge", "p-cpe:/a:novell:suse_linux:slurm_20_02-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-node", "p-cpe:/a:novell:suse_linux:slurm_20_02-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-plugins", "p-cpe:/a:novell:suse_linux:slurm_20_02-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-sql", "p-cpe:/a:novell:suse_linux:slurm_20_02-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-sview", "p-cpe:/a:novell:suse_linux:slurm_20_02-sview-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-torque", "p-cpe:/a:novell:suse_linux:slurm_20_02-torque-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_20_02-webdoc", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-0139-1.NASL", "href": "https://www.tenable.com/plugins/nessus/145156", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:0139-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(145156);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/22\");\n\n script_cve_id(\"CVE-2020-27745\", \"CVE-2020-27746\");\n\n script_name(english:\"SUSE SLES15 Security Update : slurm_20_02 (SUSE-SU-2021:0139-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for slurm_20_02 fixes the following issues :\n\nUpdated to 20.02.6, addresses two security fixes :\n\n - PMIx - fix potential buffer overflows from use of\n unpackmem(). CVE-2020-27745 (bsc#1178890)\n\n - X11 forwarding - fix potential leak of the magic cookie\n when sent as an argument to the xauth command.\n CVE-2020-27746 (bsc#1178891)\n\nAnd many other bugfixes, full log and details available at :\n\n - https://lists.schedmd.com/pipermail/slurm-announce/2020/000045.html\n\nUpdated to 20.02.5, changes :\n\n - Fix leak of TRESRunMins when job time is changed with\n --time-min\n\n - pam_slurm - explicitly initialize slurm config to\n support configless mode.\n\n - scontrol - Fix exit code when creating/updating\n reservations with wrong Flags.\n\n - When a GRES has a no_consume flag, report 0 for\n allocated.\n\n - Fix cgroup cleanup by jobacct_gather/cgroup.\n\n - When creating reservations/jobs don't allow counts on a\n feature unless using an XOR.\n\n - Improve number of boards discovery\n\n - Fix updating a reservation NodeCnt on a zero-count\n reservation.\n\n - slurmrestd - provide an explicit error messages when PSK\n auth fails.\n\n - cons_tres - fix job requesting single gres per-node\n getting two or more nodes with less CPUs than requested\n per-task.\n\n - cons_tres - fix calculation of cores when using gres and\n cpus-per-task.\n\n - cons_tres - fix job not getting access to socket without\n GPU or with less than --gpus-per-socket when not enough\n cpus available on required socket and not using\n --gres-flags=enforce binding.\n\n - Fix HDF5 type version build error.\n\n - Fix creation of CoreCnt only reservations when the first\n node isn't available.\n\n - Fix wrong DBD Agent queue size in sdiag when using\n accounting_storage/none.\n\n - Improve job constraints XOR option logic.\n\n - Fix preemption of hetjobs when needed nodes not in\n leader component.\n\n - Fix wrong bit_or() messing potential preemptor jobs node\n bitmap, causing bad node deallocations and even\n allocation of nodes from other partitions.\n\n - Fix double-deallocation of preempted non-leader hetjob\n components.\n\n - slurmdbd - prevent truncation of the step nodelists over\n 4095.\n\n - Fix nodes remaining in drain state state after rebooting\n with ASAP option.\n\nchanges from 20.02.4 :\n\n - srun - suppress job step creation warning message when\n waiting on PrologSlurmctld.\n\n - slurmrestd - fix incorrect return values in\n data_list_for_each() functions.\n\n - mpi/pmix - fix issue where HetJobs could fail to launch.\n\n - slurmrestd - set content-type header in responses.\n\n - Fix cons_res GRES overallocation for\n --gres-flags=disable-binding.\n\n - Fix cons_res incorrectly filtering cores with respect to\n GRES locality for\n\n --gres-flags=disable-binding requests.\n\n - Fix regression where a dependency on multiple jobs in a\n single array using underscores would only add the first\n job.\n\n - slurmrestd - fix corrupted output due to incorrect use\n of memcpy().\n\n - slurmrestd - address a number of minor Coverity\n warnings.\n\n - Handle retry failure when slurmstepd is communicating\n with srun correctly.\n\n - Fix jobacct_gather possibly duplicate stats when\n _is_a_lwp error shows up.\n\n - Fix tasks binding to GRES which are closest to the\n allocated CPUs.\n\n - Fix AMD GPU ROCM 3.5 support.\n\n - Fix handling of job arrays in sacct when querying\n specific steps.\n\n - slurmrestd - avoid fallback to local socket\n authentication if JWT authentication is ill-formed.\n\n - slurmrestd - restrict ability of requests to use\n different authentication plugins.\n\n - slurmrestd - unlink named unix sockets before closing.\n\n - slurmrestd - fix invalid formatting in openapi.json.\n\n - Fix batch jobs stuck in CF state on FrontEnd mode.\n\n - Add a separate explicit error message when rejecting\n changes to active node features.\n\n - cons_common/job_test - fix slurmctld SIGABRT due to\n double-free.\n\n - Fix updating reservations to set the duration correctly\n if updating the start time.\n\n - Fix update reservation to promiscuous mode.\n\n - Fix override of job tasks count to max when\n ntasks-per-node present.\n\n - Fix min CPUs per node not being at least CPUs per task\n requested.\n\n - Fix CPUs allocated to match CPUs requested when\n requesting GRES and threads per core equal to one.\n\n - Fix NodeName config parsing with Boards and without\n CPUs.\n\n - Ensure SLURM_JOB_USER and SLURM_JOB_UID are set in\n SrunProlog/Epilog.\n\n - Fix error messages for certain invalid\n salloc/sbatch/srun options.\n\n - pmi2 - clean up sockets at step termination.\n\n - Fix 'scontrol hold' to work with 'JobName'.\n\n - sbatch - handle --uid/--gid in #SBATCH directives\n properly.\n\n - Fix race condition in job termination on slurmd.\n\n - Print specific error messages if trying to run use\n certain priority/multifactor factors that cannot work\n without SlurmDBD.\n\n - Avoid partial GRES allocation when --gpus-per-job is not\n satisfied.\n\n - Cray - Avoid referencing a variable outside of it's\n correct scope when dealing with creating steps within a\n het job.\n\n - slurmrestd - correctly handle larger addresses from\n accept().\n\n - Avoid freeing wrong pointer with\n SlurmctldParameters=max_dbd_msg_action with another\n option after that.\n\n - Restore MCS label when suspended job is resumed.\n\n - Fix insufficient lock levels.\n\n - slurmrestd - use errno from job submission.\n\n - Fix 'user' filter for sacctmgr show transactions.\n\n - Fix preemption logic.\n\n - Fix no_consume GRES for exclusive (whole node) requests.\n\n - Fix regression in 20.02 that caused an infinite loop in\n slurmctld when requesting --distribution=plane for the\n job.\n\n - Fix parsing of the --distribution option.\n\n - Add CONF READ_LOCK to _handle_fed_send_job_sync.\n\n - prep/script - always call slurmctld PrEp callback in\n _run_script().\n\n - Fix node estimation for jobs that use GPUs or\n --cpus-per-task.\n\n - Fix jobcomp, job_submit and cli_filter Lua\n implementation plugins causing slurmctld and/or job\n submission CLI tools segfaults due to bad return\n handling when the respective Lua script failed to load.\n\n - Fix propagation of gpu options through hetjob\n components.\n\n - Add SLURM_CLUSTERS environment variable to scancel.\n\n - Fix packing/unpacking of 'unlinked' jobs.\n\n - Connect slurmstepd's stderr to srun for steps launched\n with --pty.\n\n - Handle MPS correctly when doing exclusive allocations.\n\n - slurmrestd - fix compiling against libhttpparser in a\n non-default path.\n\n - slurmrestd - avoid compilation issues with libhttpparser\n < 2.6.\n\n - Fix compile issues when compiling slurmrestd without\n --enable-debug.\n\n - Reset idle time on a reservation that is getting purged.\n\n - Fix reoccurring reservations that have Purge_comp= to\n keep correct duration if they are purged.\n\n - scontrol - changed the 'PROMISCUOUS' flag to 'MAGNETIC'\n\n - Early return from epilog_set_env in case of no_consume.\n\n - Fix cons_common/job_test start time discovery logic to\n prevent skewed results between 'will run test'\n executions.\n\n - Ensure TRESRunMins limits are maintained during\n 'scontrol reconfigure'.\n\n - Improve error message when host lookup fails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.schedmd.com/pipermail/slurm-announce/2020/000045.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27745/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27746/\"\n );\n # https://www.suse.com/support/update/announcement/2021/suse-su-20210139-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?24a2a39b\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-15-SP1-2021-139=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libnss_slurm2_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm35-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_20_02-webdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libnss_slurm2_20_02-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libnss_slurm2_20_02-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpmi0_20_02-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpmi0_20_02-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libslurm35-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libslurm35-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"perl-slurm_20_02-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"perl-slurm_20_02-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-auth-none-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-auth-none-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-config-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-config-man-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-debugsource-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-devel-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-doc-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-lua-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-lua-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-munge-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-munge-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-node-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-node-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-pam_slurm-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-pam_slurm-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-plugins-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-plugins-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-slurmdbd-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-slurmdbd-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-sql-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-sql-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-sview-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-sview-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-torque-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-torque-debuginfo-20.02.6-3.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"slurm_20_02-webdoc-20.02.6-3.16.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm_20_02\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-01T14:28:55", "description": "This update for slurm_18_08 fixes the following issues :\n\nFix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user to launch a process as an arbitrary user. Add :\n\nFix-Authentication-Bypass-when-Message-Aggregation-is-enabled-CVE-2020\n-1269 3.patch (CVE-2020-12693, bsc#1172004).\n\nRemove unneeded build dependency to postgresql-devel.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-09-11T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : slurm_18_08 (SUSE-SU-2020:2600-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1269", "CVE-2020-12693"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpmi0_18_08", "p-cpe:/a:novell:suse_linux:libpmi0_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm33", "p-cpe:/a:novell:suse_linux:libslurm33-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm_18_08", "p-cpe:/a:novell:suse_linux:perl-slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08", "p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none", "p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-config", "p-cpe:/a:novell:suse_linux:slurm_18_08-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-debugsource", "p-cpe:/a:novell:suse_linux:slurm_18_08-devel", "p-cpe:/a:novell:suse_linux:slurm_18_08-doc", "p-cpe:/a:novell:suse_linux:slurm_18_08-lua", "p-cpe:/a:novell:suse_linux:slurm_18_08-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-munge", "p-cpe:/a:novell:suse_linux:slurm_18_08-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-node", "p-cpe:/a:novell:suse_linux:slurm_18_08-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-plugins", "p-cpe:/a:novell:suse_linux:slurm_18_08-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-sql", "p-cpe:/a:novell:suse_linux:slurm_18_08-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm_18_08-torque", "p-cpe:/a:novell:suse_linux:slurm_18_08-torque-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-2600-1.NASL", "href": "https://www.tenable.com/plugins/nessus/140513", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2600-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140513);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-1269\", \"CVE-2020-12693\");\n\n script_name(english:\"SUSE SLES12 Security Update : slurm_18_08 (SUSE-SU-2020:2600-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for slurm_18_08 fixes the following issues :\n\nFix Authentication Bypass when Message Aggregation is enabled\nCVE-2020-12693 This fixes and issue where authentication could be\nbypassed via an alternate path or channel when message Aggregation was\nenabled. A race condition allowed a user to launch a process as an\narbitrary user. Add :\n\nFix-Authentication-Bypass-when-Message-Aggregation-is-enabled-CVE-2020\n-1269 3.patch (CVE-2020-12693, bsc#1172004).\n\nRemove unneeded build dependency to postgresql-devel.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-12693/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202600-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fd3ec399\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 12 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-12-2020-2600=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-1269\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-12693\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-torque\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm_18_08-torque-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_18_08-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpmi0_18_08-debuginfo-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm33-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"libslurm33-debuginfo-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_18_08-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"perl-slurm_18_08-debuginfo-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-auth-none-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-auth-none-debuginfo-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-config-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-debuginfo-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-debugsource-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-devel-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-doc-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-lua-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-lua-debuginfo-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-munge-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-munge-debuginfo-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-node-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-node-debuginfo-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-pam_slurm-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-pam_slurm-debuginfo-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-plugins-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-plugins-debuginfo-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-slurmdbd-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-slurmdbd-debuginfo-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-sql-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-sql-debuginfo-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-torque-18.08.9-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"slurm_18_08-torque-debuginfo-18.08.9-3.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"slurm_18_08\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-14T14:59:29", "description": "This update for slurm fixes the following issues :\n\nFix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user to launch a process as an arbitrary user. Add :\n\nFix-Authentication-Bypass-when-Message-Aggregation-is-enabled-CVE-2020\n-1269 3.patch (CVE-2020-12693, bsc#1172004).\n\nRemove unneeded build dependency to postgresql-devel.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-09-11T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : slurm (SUSE-SU-2020:2598-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1269", "CVE-2020-12693"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpmi0", "p-cpe:/a:novell:suse_linux:libpmi0-debuginfo", "p-cpe:/a:novell:suse_linux:libslurm33", "p-cpe:/a:novell:suse_linux:libslurm33-debuginfo", "p-cpe:/a:novell:suse_linux:perl-slurm", "p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm", "p-cpe:/a:novell:suse_linux:slurm-auth-none", "p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-config", "p-cpe:/a:novell:suse_linux:slurm-config-man", "p-cpe:/a:novell:suse_linux:slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-debugsource", "p-cpe:/a:novell:suse_linux:slurm-devel", "p-cpe:/a:novell:suse_linux:slurm-doc", "p-cpe:/a:novell:suse_linux:slurm-lua", "p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-munge", "p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-node", "p-cpe:/a:novell:suse_linux:slurm-node-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm", "p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-plugins", "p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd", "p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sql", "p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-sview", "p-cpe:/a:novell:suse_linux:slurm-sview-debuginfo", "p-cpe:/a:novell:suse_linux:slurm-torque", "p-cpe:/a:novell:suse_linux:slurm-torque-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-2598-1.NASL", "href": "https://www.tenable.com/plugins/nessus/140512", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2598-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140512);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-1269\", \"CVE-2020-12693\");\n\n script_name(english:\"SUSE SLES15 Security Update : slurm (SUSE-SU-2020:2598-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for slurm fixes the following issues :\n\nFix Authentication Bypass when Message Aggregation is enabled\nCVE-2020-12693 This fixes and issue where authentication could be\nbypassed via an alternate path or channel when message Aggregation was\nenabled. A race condition allowed a user to launch a process as an\narbitrary user. Add :\n\nFix-Authentication-Bypass-when-Message-Aggregation-is-enabled-CVE-2020\n-1269 3.patch (CVE-2020-12693, bsc#1172004).\n\nRemove unneeded build dependency to postgresql-devel.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-12693/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202598-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e477ba03\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for HPC 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-HPC-15-SP1-2020-2598=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-1269\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-12693\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpmi0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libslurm33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-auth-none-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-config-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-lua-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-munge-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-node-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-pam_slurm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-slurmdbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:slurm-sview-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:
slurm-llnl - security update
