{"cve": [{"lastseen": "2019-05-29T18:13:04", "bulletinFamily": "NVD", "description": "WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file.", "modified": "2014-01-14T04:26:00", "id": "CVE-2013-3709", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3709", "published": "2013-12-23T23:55:00", "title": "CVE-2013-3709", "type": "cve", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2018-01-24T11:10:01", "bulletinFamily": "scanner", "description": "Check for the Version of Fixes", "modified": "2018-01-24T00:00:00", "published": "2013-12-30T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=850561", "id": "OPENVAS:850561", "title": "SuSE Update for Fixes openSUSE-SU-2013:1961-1 (Fixes)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_1961_1.nasl 8509 2018-01-24 06:57:46Z teissa $\n#\n# SuSE Update for Fixes openSUSE-SU-2013:1961-1 (Fixes)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(850561);\n script_version(\"$Revision: 8509 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 07:57:46 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-30 13:01:24 +0530 (Mon, 30 Dec 2013)\");\n script_cve_id(\"CVE-2013-3709\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Update for Fixes openSUSE-SU-2013:1961-1 (Fixes)\");\n\n tag_insight = \"\n Fixed CVE-2013-3709: make the secret token file\n (secret_token.rb) readable only for the webyast user to\n avoid forging the session cookie (bnc#851116) (reported by\n joernchen of Phenoelit)\";\n\n tag_affected = \"Fixes on openSUSE 13.1\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"openSUSE-SU\", value: \"2013:1961_1\");\n script_tag(name: \"summary\" , value: \"Check for the Version of Fixes\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"webyast-base\", rpm:\"webyast-base~0.3.45.1~2.4.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"webyast-base-branding-default\", rpm:\"webyast-base-branding-default~0.3.45.1~2.4.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"webyast-base-testsuite\", rpm:\"webyast-base-testsuite~0.3.45.1~2.4.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-19T15:08:52", "bulletinFamily": "scanner", "description": "Check for the Version of Fixes", "modified": "2018-01-19T00:00:00", "published": "2013-12-30T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=850563", "id": "OPENVAS:850563", "title": "SuSE Update for Fixes openSUSE-SU-2013:1952-1 (Fixes)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_1952_1.nasl 8466 2018-01-19 06:58:30Z teissa $\n#\n# SuSE Update for Fixes openSUSE-SU-2013:1952-1 (Fixes)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(850563);\n script_version(\"$Revision: 8466 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 07:58:30 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-30 13:03:35 +0530 (Mon, 30 Dec 2013)\");\n script_cve_id(\"CVE-2013-3709\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Update for Fixes openSUSE-SU-2013:1952-1 (Fixes)\");\n\n tag_insight = \"\n Fixed CVE-2013-3709: make the secret token file\n (secret_token.rb) readable only for the webyast user to\n avoid forging the session cookie (bnc#851116)\";\n\n tag_affected = \"Fixes on openSUSE 12.3\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"openSUSE-SU\", value: \"2013:1952_1\");\n script_tag(name: \"summary\" , value: \"Check for the Version of Fixes\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE12.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"webyast-base\", rpm:\"webyast-base~0.3.43.1~1.4.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"webyast-base-branding-default\", rpm:\"webyast-base-branding-default~0.3.43.1~1.4.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"webyast-base-testsuite\", rpm:\"webyast-base-testsuite~0.3.43.1~1.4.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:48", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2013-12-30T00:00:00", "id": "OPENVAS:1361412562310850562", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850562", "title": "SuSE Update for Fixes openSUSE-SU-2013:1954-1 (Fixes)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_1954_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for Fixes openSUSE-SU-2013:1954-1 (Fixes)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850562\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-30 13:02:29 +0530 (Mon, 30 Dec 2013)\");\n script_cve_id(\"CVE-2013-3709\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Update for Fixes openSUSE-SU-2013:1954-1 (Fixes)\");\n script_tag(name:\"affected\", value:\"Fixes on openSUSE 12.2\");\n script_tag(name:\"insight\", value:\"Fixed CVE-2013-3709: make the secret token file\n (secret_token.rb) readable only for the webyast user to\n avoid forging the session cookie (bnc#851116) (reported by\n joernchen of Phenoelit)\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2013:1954_1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Fixes'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE12\\.2\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE12.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"webyast-base\", rpm:\"webyast-base~0.3.19.1~1.8.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"webyast-base-branding-default\", rpm:\"webyast-base-branding-default~0.3.19.1~1.8.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"webyast-base-testsuite\", rpm:\"webyast-base-testsuite~0.3.19.1~1.8.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:23", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2013-12-30T00:00:00", "id": "OPENVAS:1361412562310850563", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850563", "title": "SuSE Update for Fixes openSUSE-SU-2013:1952-1 (Fixes)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_1952_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for Fixes openSUSE-SU-2013:1952-1 (Fixes)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850563\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-30 13:03:35 +0530 (Mon, 30 Dec 2013)\");\n script_cve_id(\"CVE-2013-3709\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Update for Fixes openSUSE-SU-2013:1952-1 (Fixes)\");\n script_tag(name:\"affected\", value:\"Fixes on openSUSE 12.3\");\n script_tag(name:\"insight\", value:\"Fixed CVE-2013-3709: make the secret token file\n (secret_token.rb) readable only for the webyast user to\n avoid forging the session cookie (bnc#851116)\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2013:1952_1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Fixes'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE12\\.3\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE12.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"webyast-base\", rpm:\"webyast-base~0.3.43.1~1.4.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"webyast-base-branding-default\", rpm:\"webyast-base-branding-default~0.3.43.1~1.4.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"webyast-base-testsuite\", rpm:\"webyast-base-testsuite~0.3.43.1~1.4.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-12T11:14:20", "bulletinFamily": "scanner", "description": "Check for the Version of Fixes", "modified": "2017-12-08T00:00:00", "published": "2013-12-30T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=850562", "id": "OPENVAS:850562", "title": "SuSE Update for Fixes openSUSE-SU-2013:1954-1 (Fixes)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_1954_1.nasl 8045 2017-12-08 08:39:37Z santu $\n#\n# SuSE Update for Fixes openSUSE-SU-2013:1954-1 (Fixes)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(850562);\n script_version(\"$Revision: 8045 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 09:39:37 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-30 13:02:29 +0530 (Mon, 30 Dec 2013)\");\n script_cve_id(\"CVE-2013-3709\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Update for Fixes openSUSE-SU-2013:1954-1 (Fixes)\");\n\n tag_insight = \"\n Fixed CVE-2013-3709: make the secret token file\n (secret_token.rb) readable only for the webyast user to\n avoid forging the session cookie (bnc#851116) (reported by\n joernchen of Phenoelit)\";\n\n tag_affected = \"Fixes on openSUSE 12.2\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"openSUSE-SU\", value: \"2013:1954_1\");\n script_summary(\"Check for the Version of Fixes\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE12.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"webyast-base\", rpm:\"webyast-base~0.3.19.1~1.8.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"webyast-base-branding-default\", rpm:\"webyast-base-branding-default~0.3.19.1~1.8.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"webyast-base-testsuite\", rpm:\"webyast-base-testsuite~0.3.19.1~1.8.1\", rls:\"openSUSE12.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:13", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2013-12-30T00:00:00", "id": "OPENVAS:1361412562310850561", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850561", "title": "SuSE Update for Fixes openSUSE-SU-2013:1961-1 (Fixes)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_1961_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for Fixes openSUSE-SU-2013:1961-1 (Fixes)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850561\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-30 13:01:24 +0530 (Mon, 30 Dec 2013)\");\n script_cve_id(\"CVE-2013-3709\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Update for Fixes openSUSE-SU-2013:1961-1 (Fixes)\");\n script_tag(name:\"affected\", value:\"Fixes on openSUSE 13.1\");\n script_tag(name:\"insight\", value:\"Fixed CVE-2013-3709: make the secret token file\n (secret_token.rb) readable only for the webyast user to\n avoid forging the session cookie (bnc#851116) (reported by\n joernchen of Phenoelit)\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2013:1961_1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Fixes'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"webyast-base\", rpm:\"webyast-base~0.3.45.1~2.4.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"webyast-base-branding-default\", rpm:\"webyast-base-branding-default~0.3.45.1~2.4.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"webyast-base-testsuite\", rpm:\"webyast-base-testsuite~0.3.45.1~2.4.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:21:38", "bulletinFamily": "unix", "description": "The following security issue has been fixed:\n\n * CVE-2013-3709: webyast: local privilege escalation\n via secret rails tokens execution. This vulnerability was\n reported by joernchen of Phenoelit.\n", "modified": "2013-12-16T19:04:14", "published": "2013-12-16T19:04:14", "id": "SUSE-SU-2013:1894-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00006.html", "title": "Security update for webyast (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:22:57", "bulletinFamily": "unix", "description": "Fixed CVE-2013-3709: make the secret token file\n (secret_token.rb) readable only for the webyast user to\n avoid forging the session cookie (bnc#851116) (reported by\n joernchen of Phenoelit)\n\n", "modified": "2013-12-25T18:08:23", "published": "2013-12-25T18:08:23", "id": "OPENSUSE-SU-2013:1954-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00013.html", "type": "suse", "title": "Fixes a local vulnerability (important)", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:21:42", "bulletinFamily": "unix", "description": "Fixed CVE-2013-3709: make the secret token file\n (secret_token.rb) readable only for the webyast user to\n avoid forging the session cookie (bnc#851116) (reported by\n joernchen of Phenoelit)\n\n", "modified": "2013-12-25T18:10:11", "published": "2013-12-25T18:10:11", "id": "OPENSUSE-SU-2013:1961-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00014.html", "type": "suse", "title": "Fixes a local vulnerability (important)", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:13:39", "bulletinFamily": "unix", "description": "In the past WebYAST was installed with world readable\n secret tokens. Although these were modified on the start\n of the webyast service and so could not be read from\n remote, it was possible for local attackers on the same\n machine to read the secrets and so gain local root access\n via the webyast services. This has been fixed.\n (CVE-2013-3709)\n", "modified": "2014-01-06T16:04:13", "published": "2014-01-06T16:04:13", "id": "SUSE-SU-2014:0022-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00001.html", "type": "suse", "title": "Security update for WebYaST (important)", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-11-01T03:00:33", "bulletinFamily": "scanner", "description": "Fixed CVE-2013-3709: make the secret token file (secret_token.rb)\nreadable only for the webyast user to avoid forging the session cookie\n(bnc#851116)", "modified": "2019-11-02T00:00:00", "id": "OPENSUSE-2013-1028.NASL", "href": "https://www.tenable.com/plugins/nessus/74872", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : webyast (openSUSE-SU-2013:1952-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-1028.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74872);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:50:00\");\n\n script_cve_id(\"CVE-2013-3709\");\n\n script_name(english:\"openSUSE Security Update : webyast (openSUSE-SU-2013:1952-1)\");\n script_summary(english:\"Check for the openSUSE-2013-1028 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixed CVE-2013-3709: make the secret token file (secret_token.rb)\nreadable only for the webyast user to avoid forging the session cookie\n(bnc#851116)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=851116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-12/msg00114.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webyast packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webyast-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webyast-base-branding-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webyast-base-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"webyast-base-0.3.43.1-1.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"webyast-base-branding-default-0.3.43.1-1.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"webyast-base-testsuite-0.3.43.1-1.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webyast-base / webyast-base-branding-default / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T03:00:33", "bulletinFamily": "scanner", "description": "Fixed CVE-2013-3709: make the secret token file (secret_token.rb)\nreadable only for the webyast user to avoid forging the session cookie\n(bnc#851116) (reported by joernchen of Phenoelit)", "modified": "2019-11-02T00:00:00", "id": "OPENSUSE-2013-1029.NASL", "href": "https://www.tenable.com/plugins/nessus/74873", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : webyast (openSUSE-SU-2013:1961-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-1029.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74873);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:50:00\");\n\n script_cve_id(\"CVE-2013-3709\");\n script_bugtraq_id(64521);\n\n script_name(english:\"openSUSE Security Update : webyast (openSUSE-SU-2013:1961-1)\");\n script_summary(english:\"Check for the openSUSE-2013-1029 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixed CVE-2013-3709: make the secret token file (secret_token.rb)\nreadable only for the webyast user to avoid forging the session cookie\n(bnc#851116) (reported by joernchen of Phenoelit)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=851116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-12/msg00123.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webyast packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webyast-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webyast-base-branding-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webyast-base-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"webyast-base-0.3.45.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"webyast-base-branding-default-0.3.45.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"webyast-base-testsuite-0.3.45.1-2.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webyast-base / webyast-base-branding-default / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T03:00:33", "bulletinFamily": "scanner", "description": "Fixed CVE-2013-3709: make the secret token file (secret_token.rb)\nreadable only for the webyast user to avoid forging the session cookie\n(bnc#851116) (reported by joernchen of Phenoelit)", "modified": "2019-11-02T00:00:00", "id": "OPENSUSE-2013-1027.NASL", "href": "https://www.tenable.com/plugins/nessus/74871", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : webyast (openSUSE-SU-2013:1954-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-1027.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74871);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:50:00\");\n\n script_cve_id(\"CVE-2013-3709\");\n\n script_name(english:\"openSUSE Security Update : webyast (openSUSE-SU-2013:1954-1)\");\n script_summary(english:\"Check for the openSUSE-2013-1027 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixed CVE-2013-3709: make the secret token file (secret_token.rb)\nreadable only for the webyast user to avoid forging the session cookie\n(bnc#851116) (reported by joernchen of Phenoelit)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=851116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-12/msg00116.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webyast packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webyast-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webyast-base-branding-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webyast-base-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"webyast-base-0.3.19.1-1.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"webyast-base-branding-default-0.3.19.1-1.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"webyast-base-testsuite-0.3.19.1-1.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webyast-base / webyast-base-branding-default / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
