Vulnerabilities > CVE-2016-0764 - Race Condition vulnerability in Redhat Networkmanager

047910
CVSS 6.2 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
redhat
CWE-362
nessus

Summary

Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes.

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Leveraging Race Conditions
    This attack targets a race condition occurring when multiple processes access and manipulate the same resource concurrently and the outcome of the execution depends on the particular order in which the access takes place. The attacker can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance a race condition can occur while accessing a file, the attacker can trick the system by replacing the original file with his version and cause the system to read the malicious file.
  • Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
    This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. The typical example is the file access. The attacker can leverage a file access race condition by "running the race", meaning that he would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the attacker could do something such as replace the file and cause an escalation of privilege.

Nessus

  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20161103_NETWORKMANAGER_ON_SL7_X.NASL
    descriptionThe following packages have been upgraded to a newer upstream version: NetworkManager (1.4.0), NetworkManager-libreswan (1.2.4), network-manager- applet (1.4.0), libnl3 (3.2.28). Security Fix(es) : - A race condition vulnerability was discovered in NetworkManager. Temporary files were created insecurely when saving or updating connection settings, which could allow local users to read connection secrets such as VPN passwords or WiFi keys. (CVE-2016-0764) Additional Changes :
    last seen2020-03-18
    modified2016-12-15
    plugin id95833
    published2016-12-15
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95833
    titleScientific Linux Security Update : NetworkManager on SL7.x x86_64 (20161103)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(95833);
      script_version("3.5");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/25");
    
      script_cve_id("CVE-2016-0764");
    
      script_name(english:"Scientific Linux Security Update : NetworkManager on SL7.x x86_64 (20161103)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The following packages have been upgraded to a newer upstream version:
    NetworkManager (1.4.0), NetworkManager-libreswan (1.2.4),
    network-manager- applet (1.4.0), libnl3 (3.2.28).
    
    Security Fix(es) :
    
      - A race condition vulnerability was discovered in
        NetworkManager. Temporary files were created insecurely
        when saving or updating connection settings, which could
        allow local users to read connection secrets such as VPN
        passwords or WiFi keys. (CVE-2016-0764)
    
    Additional Changes :"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1612&L=scientific-linux-errata&F=&S=&P=11489
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?cf331f40"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-adsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-bluetooth");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-config-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-dispatcher-routing-rules");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-glib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-glib-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-libnm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-libnm-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-libreswan");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-libreswan-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-libreswan-gnome");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-team");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-tui");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-wifi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:NetworkManager-wwan");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libnl3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libnl3-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libnl3-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libnl3-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libnl3-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libnm-gtk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libnm-gtk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libnma");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libnma-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:network-manager-applet");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:network-manager-applet-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:nm-connection-editor");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/07/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/11/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/15");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-adsl-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-bluetooth-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-config-server-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-debuginfo-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", reference:"NetworkManager-dispatcher-routing-rules-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-glib-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-glib-devel-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-libnm-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-libnm-devel-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-libreswan-1.2.4-1.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-libreswan-debuginfo-1.2.4-1.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-libreswan-gnome-1.2.4-1.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-team-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-tui-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-wifi-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"NetworkManager-wwan-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libnl3-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libnl3-cli-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libnl3-debuginfo-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libnl3-devel-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libnl3-doc-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libnm-gtk-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libnm-gtk-devel-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libnma-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libnma-devel-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"network-manager-applet-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"network-manager-applet-debuginfo-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"nm-connection-editor-1.4.0-2.el7")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_NOTE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "NetworkManager / NetworkManager-adsl / NetworkManager-bluetooth / etc");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-2581.NASL
    descriptionAn update for NetworkManager is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. The following packages have been upgraded to a newer upstream version: NetworkManager (1.4.0), NetworkManager-libreswan (1.2.4), network-manager-applet (1.4.0), libnl3 (3.2.28). (BZ#1264552, BZ#1296058, BZ# 1032717, BZ#1271581) Security Fix(es) : * A race condition vulnerability was discovered in NetworkManager. Temporary files were created insecurely when saving or updating connection settings, which could allow local users to read connection secrets such as VPN passwords or WiFi keys. (CVE-2016-0764) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id94544
    published2016-11-04
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94544
    titleRHEL 7 : NetworkManager (RHSA-2016:2581)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2016:2581. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(94544);
      script_version("2.12");
      script_cvs_date("Date: 2019/10/24 15:35:42");
    
      script_cve_id("CVE-2016-0764");
      script_xref(name:"RHSA", value:"2016:2581");
    
      script_name(english:"RHEL 7 : NetworkManager (RHSA-2016:2581)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for NetworkManager is now available for Red Hat Enterprise
    Linux 7.
    
    Red Hat Product Security has rated this update as having a security
    impact of Low. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link (s) in the References section.
    
    NetworkManager is a system network service that manages network
    devices and connections, attempting to keep active network
    connectivity when available. Its capabilities include managing
    Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as
    well as providing VPN integration with a variety of different VPN
    services.
    
    The following packages have been upgraded to a newer upstream version:
    NetworkManager (1.4.0), NetworkManager-libreswan (1.2.4),
    network-manager-applet (1.4.0), libnl3 (3.2.28). (BZ#1264552,
    BZ#1296058, BZ# 1032717, BZ#1271581)
    
    Security Fix(es) :
    
    * A race condition vulnerability was discovered in NetworkManager.
    Temporary files were created insecurely when saving or updating
    connection settings, which could allow local users to read connection
    secrets such as VPN passwords or WiFi keys. (CVE-2016-0764)
    
    Additional Changes :
    
    For detailed information on changes in this release, see the Red Hat
    Enterprise Linux 7.3 Release Notes linked from the References section."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2016:2581"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2016-0764"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-adsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-bluetooth");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-config-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-dispatcher-routing-rules");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-glib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-glib-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-libnm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-libnm-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-libreswan");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-libreswan-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-libreswan-gnome");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-team");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-tui");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-wifi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:NetworkManager-wwan");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libnl3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libnl3-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libnl3-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libnl3-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libnl3-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libnm-gtk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libnm-gtk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libnma");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libnma-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:network-manager-applet");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:network-manager-applet-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nm-connection-editor");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.3");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/07/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/11/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2016:2581";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_NOTE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-adsl-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-adsl-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-bluetooth-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-bluetooth-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-config-server-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-config-server-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"NetworkManager-debuginfo-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"NetworkManager-dispatcher-routing-rules-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"NetworkManager-glib-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"NetworkManager-glib-devel-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"NetworkManager-libnm-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"NetworkManager-libnm-devel-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-libreswan-1.2.4-1.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-libreswan-1.2.4-1.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-libreswan-debuginfo-1.2.4-1.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-libreswan-debuginfo-1.2.4-1.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-libreswan-gnome-1.2.4-1.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-libreswan-gnome-1.2.4-1.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-team-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-team-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-tui-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-tui-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-wifi-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-wifi-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"NetworkManager-wwan-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"NetworkManager-wwan-1.4.0-12.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"libnl3-3.2.28-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"libnl3-cli-3.2.28-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"libnl3-debuginfo-3.2.28-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"libnl3-devel-3.2.28-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libnl3-doc-3.2.28-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libnl3-doc-3.2.28-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"libnm-gtk-1.4.0-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"libnm-gtk-devel-1.4.0-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"libnma-1.4.0-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"libnma-devel-1.4.0-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"network-manager-applet-1.4.0-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"network-manager-applet-1.4.0-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"network-manager-applet-debuginfo-1.4.0-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"nm-connection-editor-1.4.0-2.el7")) flag++;
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"nm-connection-editor-1.4.0-2.el7")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_NOTE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "NetworkManager / NetworkManager-adsl / NetworkManager-bluetooth / etc");
      }
    }
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-2581.NASL
    descriptionFrom Red Hat Security Advisory 2016:2581 : An update for NetworkManager is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. The following packages have been upgraded to a newer upstream version: NetworkManager (1.4.0), NetworkManager-libreswan (1.2.4), network-manager-applet (1.4.0), libnl3 (3.2.28). (BZ#1264552, BZ#1296058, BZ# 1032717, BZ#1271581) Security Fix(es) : * A race condition vulnerability was discovered in NetworkManager. Temporary files were created insecurely when saving or updating connection settings, which could allow local users to read connection secrets such as VPN passwords or WiFi keys. (CVE-2016-0764) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id94703
    published2016-11-11
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94703
    titleOracle Linux 7 : NetworkManager (ELSA-2016-2581)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2016:2581 and 
    # Oracle Linux Security Advisory ELSA-2016-2581 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(94703);
      script_version("2.5");
      script_cvs_date("Date: 2019/09/27 13:00:37");
    
      script_cve_id("CVE-2016-0764");
      script_xref(name:"RHSA", value:"2016:2581");
    
      script_name(english:"Oracle Linux 7 : NetworkManager (ELSA-2016-2581)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2016:2581 :
    
    An update for NetworkManager is now available for Red Hat Enterprise
    Linux 7.
    
    Red Hat Product Security has rated this update as having a security
    impact of Low. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link (s) in the References section.
    
    NetworkManager is a system network service that manages network
    devices and connections, attempting to keep active network
    connectivity when available. Its capabilities include managing
    Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as
    well as providing VPN integration with a variety of different VPN
    services.
    
    The following packages have been upgraded to a newer upstream version:
    NetworkManager (1.4.0), NetworkManager-libreswan (1.2.4),
    network-manager-applet (1.4.0), libnl3 (3.2.28). (BZ#1264552,
    BZ#1296058, BZ# 1032717, BZ#1271581)
    
    Security Fix(es) :
    
    * A race condition vulnerability was discovered in NetworkManager.
    Temporary files were created insecurely when saving or updating
    connection settings, which could allow local users to read connection
    secrets such as VPN passwords or WiFi keys. (CVE-2016-0764)
    
    Additional Changes :
    
    For detailed information on changes in this release, see the Red Hat
    Enterprise Linux 7.3 Release Notes linked from the References section."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2016-November/006473.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected networkmanager packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-adsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-bluetooth");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-config-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-dispatcher-routing-rules");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-glib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-glib-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-libnm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-libnm-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-libreswan");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-libreswan-gnome");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-team");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-tui");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-wifi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:NetworkManager-wwan");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libnl3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libnl3-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libnl3-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libnl3-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libnm-gtk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libnm-gtk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libnma");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libnma-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:network-manager-applet");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:nm-connection-editor");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/07/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/11/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/11");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 7", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-adsl-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-bluetooth-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-config-server-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-dispatcher-routing-rules-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-glib-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-glib-devel-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-libnm-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-libnm-devel-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-libreswan-1.2.4-1.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-libreswan-gnome-1.2.4-1.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-team-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-tui-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-wifi-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"NetworkManager-wwan-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libnl3-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libnl3-cli-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libnl3-devel-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libnl3-doc-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libnm-gtk-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libnm-gtk-devel-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libnma-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libnma-devel-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"network-manager-applet-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"nm-connection-editor-1.4.0-2.el7")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
      else security_note(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "NetworkManager / NetworkManager-adsl / NetworkManager-bluetooth / etc");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2016-1067.NASL
    descriptionAccording to the version of the libnl3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A race condition vulnerability was discovered in NetworkManager.Temporary files were created insecurely when saving or updating connection settings, which could allow local users to read connection secrets such as VPN passwords or WiFi keys. (CVE-2016-0764) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2017-05-01
    plugin id99829
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99829
    titleEulerOS 2.0 SP1 : libnl3 (EulerOS-SA-2016-1067)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(99829);
      script_version("1.13");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04");
    
      script_cve_id(
        "CVE-2016-0764"
      );
    
      script_name(english:"EulerOS 2.0 SP1 : libnl3 (EulerOS-SA-2016-1067)");
      script_summary(english:"Checks the rpm output for the updated package.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS host is missing a security update.");
      script_set_attribute(attribute:"description", value:
    "According to the version of the libnl3 packages installed, the
    EulerOS installation on the remote host is affected by the following
    vulnerability :
    
      - A race condition vulnerability was discovered in
        NetworkManager.Temporary files were created insecurely
        when saving or updating connection settings, which
        could allow local users to read connection secrets such
        as VPN passwords or WiFi keys. (CVE-2016-0764)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1067
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e00730c6");
      script_set_attribute(attribute:"solution", value:
    "Update the affected libnl3 package.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/11/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libnl3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libnl3-cli");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
      script_exclude_keys("Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
    
    sp = get_kb_item("Host/EulerOS/sp");
    if (isnull(sp) || sp !~ "^(1)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1");
    
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1", "EulerOS UVP " + uvp);
    
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
    
    flag = 0;
    
    pkgs = ["libnl3-3.2.28-2.h1",
            "libnl3-cli-3.2.28-2.h1"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", sp:"1", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_NOTE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libnl3");
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-2581.NASL
    descriptionAn update for NetworkManager is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. The following packages have been upgraded to a newer upstream version: NetworkManager (1.4.0), NetworkManager-libreswan (1.2.4), network-manager-applet (1.4.0), libnl3 (3.2.28). (BZ#1264552, BZ#1296058, BZ# 1032717, BZ#1271581) Security Fix(es) : * A race condition vulnerability was discovered in NetworkManager. Temporary files were created insecurely when saving or updating connection settings, which could allow local users to read connection secrets such as VPN passwords or WiFi keys. (CVE-2016-0764) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id95328
    published2016-11-28
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95328
    titleCentOS 7 : NetworkManager / NetworkManager-libreswan / libnl3 / network-manager-applet (CESA-2016:2581)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2016:2581 and 
    # CentOS Errata and Security Advisory 2016:2581 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(95328);
      script_version("3.7");
      script_cvs_date("Date: 2020/01/02");
    
      script_cve_id("CVE-2016-0764");
      script_xref(name:"RHSA", value:"2016:2581");
    
      script_name(english:"CentOS 7 : NetworkManager / NetworkManager-libreswan / libnl3 / network-manager-applet (CESA-2016:2581)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for NetworkManager is now available for Red Hat Enterprise
    Linux 7.
    
    Red Hat Product Security has rated this update as having a security
    impact of Low. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link (s) in the References section.
    
    NetworkManager is a system network service that manages network
    devices and connections, attempting to keep active network
    connectivity when available. Its capabilities include managing
    Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as
    well as providing VPN integration with a variety of different VPN
    services.
    
    The following packages have been upgraded to a newer upstream version:
    NetworkManager (1.4.0), NetworkManager-libreswan (1.2.4),
    network-manager-applet (1.4.0), libnl3 (3.2.28). (BZ#1264552,
    BZ#1296058, BZ# 1032717, BZ#1271581)
    
    Security Fix(es) :
    
    * A race condition vulnerability was discovered in NetworkManager.
    Temporary files were created insecurely when saving or updating
    connection settings, which could allow local users to read connection
    secrets such as VPN passwords or WiFi keys. (CVE-2016-0764)
    
    Additional Changes :
    
    For detailed information on changes in this release, see the Red Hat
    Enterprise Linux 7.3 Release Notes linked from the References section."
      );
      # https://lists.centos.org/pipermail/centos-cr-announce/2016-November/003307.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?72064b3c"
      );
      # https://lists.centos.org/pipermail/centos-cr-announce/2016-November/003631.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?7f3c2189"
      );
      # https://lists.centos.org/pipermail/centos-cr-announce/2016-November/003632.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?d8314888"
      );
      # https://lists.centos.org/pipermail/centos-cr-announce/2016-November/003633.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?251780e2"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-0764");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-adsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-bluetooth");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-config-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-dispatcher-routing-rules");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-glib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-glib-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-libnm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-libnm-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-libreswan");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-libreswan-gnome");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-team");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-tui");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-wifi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:NetworkManager-wwan");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libnl3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libnl3-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libnl3-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libnl3-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libnm-gtk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libnm-gtk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libnma");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libnma-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:network-manager-applet");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:nm-connection-editor");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/07/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/11/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/28");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 7.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-adsl-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-bluetooth-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-config-server-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-dispatcher-routing-rules-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-glib-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-glib-devel-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-libnm-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-libnm-devel-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-libreswan-1.2.4-1.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-libreswan-gnome-1.2.4-1.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-team-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-tui-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-wifi-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"NetworkManager-wwan-1.4.0-12.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libnl3-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libnl3-cli-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libnl3-devel-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libnl3-doc-3.2.28-2.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libnm-gtk-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libnm-gtk-devel-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libnma-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libnma-devel-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"network-manager-applet-1.4.0-2.el7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"nm-connection-editor-1.4.0-2.el7")) flag++;
    
    
    if (flag)
    {
      cr_plugin_caveat = '\n' +
        'NOTE: The security advisory associated with this vulnerability has a\n' +
        'fixed package version that may only be available in the continuous\n' +
        'release (CR) repository for CentOS, until it is present in the next\n' +
        'point release of CentOS.\n\n' +
    
        'If an equal or higher package level does not exist in the baseline\n' +
        'repository for your major version of CentOS, then updates from the CR\n' +
        'repository will need to be applied in order to address the\n' +
        'vulnerability.\n';
      security_report_v4(
        port       : 0,
        severity   : SECURITY_NOTE,
        extra      : rpm_report_get() + cr_plugin_caveat
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "NetworkManager / NetworkManager-adsl / NetworkManager-bluetooth / etc");
    }
    

Redhat

advisories
bugzilla
id1378809
titleinstallation of 1.4.0 NM is possible onto 7.2 but it's not working w/o newer glib2
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 7 is installed
      ovaloval:com.redhat.rhba:tst:20150364027
    • OR
      • AND
        • commentNetworkManager-libreswan is earlier than 0:1.2.4-1.el7
          ovaloval:com.redhat.rhsa:tst:20162581001
        • commentNetworkManager-libreswan is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315020
      • AND
        • commentNetworkManager-libreswan-gnome is earlier than 0:1.2.4-1.el7
          ovaloval:com.redhat.rhsa:tst:20162581003
        • commentNetworkManager-libreswan-gnome is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315022
      • AND
        • commentlibnl3-devel is earlier than 0:3.2.28-2.el7
          ovaloval:com.redhat.rhsa:tst:20162581005
        • commentlibnl3-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20162581006
      • AND
        • commentlibnl3-doc is earlier than 0:3.2.28-2.el7
          ovaloval:com.redhat.rhsa:tst:20162581007
        • commentlibnl3-doc is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20162581008
      • AND
        • commentlibnl3 is earlier than 0:3.2.28-2.el7
          ovaloval:com.redhat.rhsa:tst:20162581009
        • commentlibnl3 is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20162581010
      • AND
        • commentlibnl3-cli is earlier than 0:3.2.28-2.el7
          ovaloval:com.redhat.rhsa:tst:20162581011
        • commentlibnl3-cli is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20162581012
      • AND
        • commentlibnma-devel is earlier than 0:1.4.0-2.el7
          ovaloval:com.redhat.rhsa:tst:20162581013
        • commentlibnma-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20162581014
      • AND
        • commentnetwork-manager-applet is earlier than 0:1.4.0-2.el7
          ovaloval:com.redhat.rhsa:tst:20162581015
        • commentnetwork-manager-applet is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315016
      • AND
        • commentlibnm-gtk-devel is earlier than 0:1.4.0-2.el7
          ovaloval:com.redhat.rhsa:tst:20162581017
        • commentlibnm-gtk-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315018
      • AND
        • commentnm-connection-editor is earlier than 0:1.4.0-2.el7
          ovaloval:com.redhat.rhsa:tst:20162581019
        • commentnm-connection-editor is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315012
      • AND
        • commentlibnm-gtk is earlier than 0:1.4.0-2.el7
          ovaloval:com.redhat.rhsa:tst:20162581021
        • commentlibnm-gtk is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315014
      • AND
        • commentlibnma is earlier than 0:1.4.0-2.el7
          ovaloval:com.redhat.rhsa:tst:20162581023
        • commentlibnma is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20162581024
      • AND
        • commentNetworkManager-bluetooth is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581025
        • commentNetworkManager-bluetooth is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315028
      • AND
        • commentNetworkManager-libnm is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581027
        • commentNetworkManager-libnm is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315032
      • AND
        • commentNetworkManager-wifi is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581029
        • commentNetworkManager-wifi is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315038
      • AND
        • commentNetworkManager-adsl is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581031
        • commentNetworkManager-adsl is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315024
      • AND
        • commentNetworkManager-glib is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581033
        • commentNetworkManager-glib is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20110930002
      • AND
        • commentNetworkManager is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581035
        • commentNetworkManager is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20110930004
      • AND
        • commentNetworkManager-config-server is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581037
        • commentNetworkManager-config-server is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315050
      • AND
        • commentNetworkManager-team is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581039
        • commentNetworkManager-team is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315036
      • AND
        • commentNetworkManager-tui is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581041
        • commentNetworkManager-tui is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315040
      • AND
        • commentNetworkManager-wwan is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581043
        • commentNetworkManager-wwan is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315030
      • AND
        • commentNetworkManager-dispatcher-routing-rules is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581045
        • commentNetworkManager-dispatcher-routing-rules is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20162581046
      • AND
        • commentNetworkManager-libnm-devel is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581047
        • commentNetworkManager-libnm-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20152315048
      • AND
        • commentNetworkManager-glib-devel is earlier than 1:1.4.0-12.el7
          ovaloval:com.redhat.rhsa:tst:20162581049
        • commentNetworkManager-glib-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20110930006
rhsa
idRHSA-2016:2581
released2016-11-03
severityLow
titleRHSA-2016:2581: NetworkManager security, bug fix, and enhancement update (Low)
rpms
  • NetworkManager-1:1.4.0-12.el7
  • NetworkManager-adsl-1:1.4.0-12.el7
  • NetworkManager-bluetooth-1:1.4.0-12.el7
  • NetworkManager-config-server-1:1.4.0-12.el7
  • NetworkManager-debuginfo-1:1.4.0-12.el7
  • NetworkManager-dispatcher-routing-rules-1:1.4.0-12.el7
  • NetworkManager-glib-1:1.4.0-12.el7
  • NetworkManager-glib-devel-1:1.4.0-12.el7
  • NetworkManager-libnm-1:1.4.0-12.el7
  • NetworkManager-libnm-devel-1:1.4.0-12.el7
  • NetworkManager-libreswan-0:1.2.4-1.el7
  • NetworkManager-libreswan-debuginfo-0:1.2.4-1.el7
  • NetworkManager-libreswan-gnome-0:1.2.4-1.el7
  • NetworkManager-team-1:1.4.0-12.el7
  • NetworkManager-tui-1:1.4.0-12.el7
  • NetworkManager-wifi-1:1.4.0-12.el7
  • NetworkManager-wwan-1:1.4.0-12.el7
  • libnl3-0:3.2.28-2.el7
  • libnl3-cli-0:3.2.28-2.el7
  • libnl3-debuginfo-0:3.2.28-2.el7
  • libnl3-devel-0:3.2.28-2.el7
  • libnl3-doc-0:3.2.28-2.el7
  • libnm-gtk-0:1.4.0-2.el7
  • libnm-gtk-devel-0:1.4.0-2.el7
  • libnma-0:1.4.0-2.el7
  • libnma-devel-0:1.4.0-2.el7
  • network-manager-applet-0:1.4.0-2.el7
  • network-manager-applet-debuginfo-0:1.4.0-2.el7
  • nm-connection-editor-0:1.4.0-2.el7