Vulnerabilities > CVE-2016-5418 - Improper Input Validation vulnerability in multiple products

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
redhat
oracle
libarchive
CWE-20
nessus

Summary

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Server Side Include (SSI) Injection
    An attacker can use Server Side Include (SSI) Injection to send code to a web application that then gets executed by the web server. Doing so enables the attacker to achieve similar results to Cross Site Scripting, viz., arbitrary code execution and information disclosure, albeit on a more limited scale, since the SSI directives are nowhere near as powerful as a full-fledged scripting language. Nonetheless, the attacker can conveniently gain access to sensitive files, such as password files, and execute shell commands.
  • Cross Zone Scripting
    An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security. In a zone-based model, pages belong to one of a set of zones corresponding to the level of privilege assigned to that page. Pages in an untrusted zone would have a lesser level of access to the system and/or be restricted in the types of executable content it was allowed to invoke. In a cross-zone scripting attack, a page that should be assigned to a less privileged zone is granted the privileges of a more trusted zone. This can be accomplished by exploiting bugs in the browser, exploiting incorrect configuration in the zone controls, through a cross-site scripting attack that causes the attackers' content to be treated as coming from a more trusted page, or by leveraging some piece of system functionality that is accessible from both the trusted and less trusted zone. This attack differs from "Restful Privilege Escalation" in that the latter correlates to the inadequate securing of RESTful access methods (such as HTTP DELETE) on the server, while cross-zone scripting attacks the concept of security zones as implemented by a browser.
  • Cross Site Scripting through Log Files
    An attacker may leverage a system weakness where logs are susceptible to log injection to insert scripts into the system's logs. If these logs are later viewed by an administrator through a thin administrative interface and the log data is not properly HTML encoded before being written to the page, the attackers' scripts stored in the log will be executed in the administrative interface with potentially serious consequences. This attack pattern is really a combination of two other attack patterns: log injection and stored cross site scripting.
  • Command Line Execution through SQL Injection
    An attacker uses standard SQL injection methods to inject data into the command line for execution. This could be done directly through misuse of directives such as MSSQL_xp_cmdshell or indirectly through injection of data into the database that would be interpreted as shell commands. Sometime later, an unscrupulous backend application (or could be part of the functionality of the same application) fetches the injected data stored in the database and uses this data as command line arguments without performing proper validation. The malicious data escapes that data plane by spawning new commands to be executed on the host.

Nessus

  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20160912_LIBARCHIVE_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive
    last seen2020-03-18
    modified2016-09-13
    plugin id93454
    published2016-09-13
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93454
    titleScientific Linux Security Update : libarchive on SL7.x x86_64 (20160912)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(93454);
      script_version("2.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/25");
    
      script_cve_id("CVE-2015-8916", "CVE-2015-8917", "CVE-2015-8919", "CVE-2015-8920", "CVE-2015-8921", "CVE-2015-8922", "CVE-2015-8923", "CVE-2015-8924", "CVE-2015-8925", "CVE-2015-8926", "CVE-2015-8928", "CVE-2015-8930", "CVE-2015-8931", "CVE-2015-8932", "CVE-2015-8934", "CVE-2016-1541", "CVE-2016-4300", "CVE-2016-4302", "CVE-2016-4809", "CVE-2016-5418", "CVE-2016-5844", "CVE-2016-6250", "CVE-2016-7166");
    
      script_name(english:"Scientific Linux Security Update : libarchive on SL7.x x86_64 (20160912)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security Fix(es) :
    
      - A flaw was found in the way libarchive handled hardlink
        archive entries of non-zero size. Combined with flaws in
        libarchive's file system sandboxing, this issue could
        cause an application using libarchive to overwrite
        arbitrary files with arbitrary data from the archive.
        (CVE-2016-5418)
    
      - Multiple out-of-bounds write flaws were found in
        libarchive. Specially crafted ZIP, 7ZIP, or RAR files
        could cause a heap overflow, potentially allowing code
        execution in the context of the application using
        libarchive. (CVE-2016-1541, CVE-2016-4300,
        CVE-2016-4302)
    
      - Multiple out-of-bounds read flaws were found in
        libarchive. Specially crafted LZA/LZH, AR, MTREE, ZIP,
        TAR, or RAR files could cause the application to read
        data out of bounds, potentially disclosing a small
        amount of application memory, or causing an application
        crash. (CVE-2015-8919, CVE-2015-8920, CVE-2015-8921,
        CVE-2015-8923, CVE-2015-8924, CVE-2015-8925,
        CVE-2015-8926, CVE-2015-8928, CVE-2015-8934)
    
      - Multiple NULL pointer dereference flaws were found in
        libarchive. Specially crafted RAR, CAB, or 7ZIP files
        could cause an application using libarchive to crash.
        (CVE-2015-8916, CVE-2015-8917, CVE-2015-8922)
    
      - Multiple infinite loop / resource exhaustion flaws were
        found in libarchive. Specially crafted GZIP or ISO files
        could cause the application to consume an excessive
        amount of resources, eventually leading to a crash on
        memory exhaustion. (CVE-2016-7166, CVE-2015-8930)
    
      - A denial of service vulnerability was found in
        libarchive. A specially crafted CPIO archive containing
        a symbolic link to a large target path could cause
        memory allocation to fail, causing an application using
        libarchive that attempted to view or extract such
        archive to crash. (CVE-2016-4809)
    
      - An integer overflow flaw, leading to a buffer overflow,
        was found in libarchive's construction of ISO9660
        volumes. Attempting to create an ISO9660 volume with 2
        GB or 4 GB file names could cause the application to
        attempt to allocate 20 GB of memory. If this were to
        succeed, it could lead to an out of bounds write on the
        heap and potential code execution. (CVE-2016-6250)
    
      - Multiple instances of undefined behavior due to
        arithmetic overflow were found in libarchive. Specially
        crafted MTREE archives, Compress streams, or ISO9660
        volumes could potentially cause the application to fail
        to read the archive, or to crash. (CVE-2015-8931,
        CVE-2015-8932, CVE-2016-5844)"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1609&L=scientific-linux-errata&F=&S=&P=1167
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a3fd90f0"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bsdcpio");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bsdtar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libarchive");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libarchive-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libarchive-devel");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/05/07");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/09/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/09/13");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bsdcpio-3.1.2-10.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bsdtar-3.1.2-10.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libarchive-3.1.2-10.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libarchive-debuginfo-3.1.2-10.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libarchive-devel-3.1.2-10.el7_2")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bsdcpio / bsdtar / libarchive / libarchive-debuginfo / etc");
    }
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-1850.NASL
    descriptionFrom Red Hat Security Advisory 2016:1850 : An update for libarchive is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es) : * A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive
    last seen2020-06-01
    modified2020-06-02
    plugin id93447
    published2016-09-13
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93447
    titleOracle Linux 6 : libarchive (ELSA-2016-1850)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2016:1850 and 
    # Oracle Linux Security Advisory ELSA-2016-1850 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(93447);
      script_version("2.8");
      script_cvs_date("Date: 2019/09/27 13:00:37");
    
      script_cve_id("CVE-2015-8920", "CVE-2015-8921", "CVE-2015-8932", "CVE-2016-4809", "CVE-2016-5418", "CVE-2016-5844", "CVE-2016-7166");
      script_xref(name:"RHSA", value:"2016:1850");
    
      script_name(english:"Oracle Linux 6 : libarchive (ELSA-2016-1850)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2016:1850 :
    
    An update for libarchive is now available for Red Hat Enterprise Linux
    6.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The libarchive programming library can create and read several
    different streaming archive formats, including GNU tar, cpio and ISO
    9660 CD-ROM images. Libarchive is used notably in the bsdtar utility,
    scripting language bindings such as python-libarchive, and several
    popular desktop file managers.
    
    Security Fix(es) :
    
    * A flaw was found in the way libarchive handled hardlink archive
    entries of non-zero size. Combined with flaws in libarchive's file
    system sandboxing, this issue could cause an application using
    libarchive to overwrite arbitrary files with arbitrary data from the
    archive. (CVE-2016-5418)
    
    * Multiple out-of-bounds read flaws were found in libarchive.
    Specially crafted AR or MTREE files could cause the application to
    read data out of bounds, potentially disclosing a small amount of
    application memory, or causing an application crash. (CVE-2015-8920,
    CVE-2015-8921)
    
    * A denial of service vulnerability was found in libarchive's handling
    of GZIP streams. A crafted GZIP file could cause libarchive to
    allocate an excessive amount of memory, eventually leading to a crash.
    (CVE-2016-7166)
    
    * A denial of service vulnerability was found in libarchive. A
    specially crafted CPIO archive containing a symbolic link to a large
    target path could cause memory allocation to fail, causing an
    application using libarchive that attempted to view or extract such
    archive to crash. (CVE-2016-4809)
    
    * Multiple instances of undefined behavior due to arithmetic overflow
    were found in libarchive. Specially crafted Compress streams or
    ISO9660 volumes could potentially cause the application to fail to
    read the archive, or to crash. (CVE-2015-8932, CVE-2016-5844)
    
    Red Hat would like to thank Insomnia Security for reporting
    CVE-2016-5418."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2016-September/006332.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libarchive packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libarchive");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libarchive-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/09/20");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/09/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/09/13");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL6", reference:"libarchive-2.8.3-7.el6_8")) flag++;
    if (rpm_check(release:"EL6", reference:"libarchive-devel-2.8.3-7.el6_8")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libarchive / libarchive-devel");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20160912_LIBARCHIVE_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive
    last seen2020-03-18
    modified2016-09-13
    plugin id93453
    published2016-09-13
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93453
    titleScientific Linux Security Update : libarchive on SL6.x i386/x86_64 (20160912)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(93453);
      script_version("2.5");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/25");
    
      script_cve_id("CVE-2015-8920", "CVE-2015-8921", "CVE-2015-8932", "CVE-2016-4809", "CVE-2016-5418", "CVE-2016-5844", "CVE-2016-7166");
    
      script_name(english:"Scientific Linux Security Update : libarchive on SL6.x i386/x86_64 (20160912)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security Fix(es) :
    
      - A flaw was found in the way libarchive handled hardlink
        archive entries of non-zero size. Combined with flaws in
        libarchive's file system sandboxing, this issue could
        cause an application using libarchive to overwrite
        arbitrary files with arbitrary data from the archive.
        (CVE-2016-5418)
    
      - Multiple out-of-bounds read flaws were found in
        libarchive. Specially crafted AR or MTREE files could
        cause the application to read data out of bounds,
        potentially disclosing a small amount of application
        memory, or causing an application crash. (CVE-2015-8920,
        CVE-2015-8921)
    
      - A denial of service vulnerability was found in
        libarchive's handling of GZIP streams. A crafted GZIP
        file could cause libarchive to allocate an excessive
        amount of memory, eventually leading to a crash.
        (CVE-2016-7166)
    
      - A denial of service vulnerability was found in
        libarchive. A specially crafted CPIO archive containing
        a symbolic link to a large target path could cause
        memory allocation to fail, causing an application using
        libarchive that attempted to view or extract such
        archive to crash. (CVE-2016-4809)
    
      - Multiple instances of undefined behavior due to
        arithmetic overflow were found in libarchive. Specially
        crafted Compress streams or ISO9660 volumes could
        potentially cause the application to fail to read the
        archive, or to crash. (CVE-2015-8932, CVE-2016-5844)"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1609&L=scientific-linux-errata&F=&S=&P=750
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?cdda48d4"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected libarchive, libarchive-debuginfo and / or
    libarchive-devel packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libarchive");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libarchive-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libarchive-devel");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/09/20");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/09/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/09/13");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL6", reference:"libarchive-2.8.3-7.el6_8")) flag++;
    if (rpm_check(release:"SL6", reference:"libarchive-debuginfo-2.8.3-7.el6_8")) flag++;
    if (rpm_check(release:"SL6", reference:"libarchive-devel-2.8.3-7.el6_8")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libarchive / libarchive-debuginfo / libarchive-devel");
    }
    
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2017-0010.NASL
    descriptionAn update of [binutils,ntp,libarchive] packages for PhotonOS has been released.
    last seen2019-02-21
    modified2019-02-07
    plugin id111859
    published2018-08-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=111859
    titlePhoton OS 1.0: Binutils / Libarchive / Ntp PHSA-2017-0010 (deprecated)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # @DEPRECATED@
    #
    # Disabled on 2/7/2019
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from VMware Security Advisory PHSA-2017-0010. The text
    # itself is copyright (C) VMware, Inc.
    
    include("compat.inc");
    
    if (description)
    {
      script_id(111859);
      script_version("1.2");
      script_cvs_date("Date: 2019/02/07 18:59:50");
    
      script_cve_id(
        "CVE-2014-9939",
        "CVE-2015-8933",
        "CVE-2016-4300",
        "CVE-2016-4301",
        "CVE-2016-4302",
        "CVE-2016-4809",
        "CVE-2016-5418",
        "CVE-2016-5844",
        "CVE-2016-6250",
        "CVE-2016-7166",
        "CVE-2016-8687",
        "CVE-2016-8688",
        "CVE-2016-8689",
        "CVE-2017-5601",
        "CVE-2017-6451",
        "CVE-2017-6452",
        "CVE-2017-6455",
        "CVE-2017-6458",
        "CVE-2017-6460",
        "CVE-2017-6462",
        "CVE-2017-6463",
        "CVE-2017-6464",
        "CVE-2017-6969"
      );
    
      script_name(english:"Photon OS 1.0: Binutils / Libarchive / Ntp PHSA-2017-0010 (deprecated)");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "This plugin has been deprecated.");
      script_set_attribute(attribute:"description", value:
    "An update of [binutils,ntp,libarchive] packages for PhotonOS has been
    released.");
      # https://github.com/vmware/photon/wiki/Security-Updates-34
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5b02cf41");
      script_set_attribute(attribute:"solution", value:"n/a.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-9939");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/04/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/17");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:binutils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:libarchive");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:ntp");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:1.0");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"PhotonOS Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");
    
      exit(0);
    }
    
    exit(0, "This plugin has been deprecated.");
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/PhotonOS/release");
    if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
    if (release !~ "^VMware Photon (?:Linux|OS) 1\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 1.0");
    
    if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);
    
    flag = 0;
    
    pkgs = [
      "binutils-2.25.1-4.ph1",
      "binutils-debuginfo-2.25.1-4.ph1",
      "binutils-devel-2.25.1-4.ph1",
      "libarchive-3.3.1-1.ph1",
      "libarchive-debuginfo-3.3.1-1.ph1",
      "libarchive-devel-3.3.1-1.ph1",
      "ntp-4.2.8p10-1.ph1",
      "ntp-debuginfo-4.2.8p10-1.ph1"
    ];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"PhotonOS-1.0", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "binutils / libarchive / ntp");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1853.NASL
    descriptionAn update for atomic-openshift and heapster is now available for Red Hat OpenShift Enterprise 3.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenShift Enterprise by Red Hat is the company
    last seen2020-06-12
    modified2018-12-04
    plugin id119381
    published2018-12-04
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119381
    titleRHEL 7 : Red Hat OpenShift Enterprise 3.2 (RHSA-2016:1853)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2016:1853. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(119381);
      script_version("1.5");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/11");
    
      script_cve_id("CVE-2016-5418");
      script_xref(name:"RHSA", value:"2016:1853");
    
      script_name(english:"RHEL 7 : Red Hat OpenShift Enterprise 3.2 (RHSA-2016:1853)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "An update for atomic-openshift and heapster is now available for Red
    Hat OpenShift Enterprise 3.2.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    OpenShift Enterprise by Red Hat is the company's cloud computing
    Platform- as-a-Service (PaaS) solution designed for on-premise or
    private cloud deployments.
    
    Security Fix(es) :
    
    * When processing an archive file that contains an archive entry with
    type 1 (hardlink) but also having a non-zero data size a file
    overwrite can occur. This would allow an attacker that can pass data
    to an application that uses libarchive to unpack it to overwrite
    arbitrary files with arbitrary data. (CVE-2016-5418)
    
    Red Hat would like to thank Insomnia Security for reporting this
    issue.
    
    This update also fixes the following bugs :
    
    * Previously, pods that had a resource request of 0 and specified
    limits were classified as BestEffort when they should have been
    classified as Burstable. This bug fix ensures that those pods are
    correctly classified as Burstable.(BZ#1357475)
    
    * Future versions of docker will require containerized installations
    of OpenShift Container Platform to mount /var/lib/origin with the
    `rslave` flag. New installations of OpenShift Container Platform 3.2
    have this value set. However, upgrades from 3.1 did not properly set
    this value. This bug fix ensures that this flag is now set during
    upgrades, ensuring that OpenShift Container Platform works properly
    under future versions of docker. (BZ#1358197)
    
    * The PersistentVolumeLabel admission plug-in is now enabled by
    default. This plug-in labels AWS and GCE volumes with their zone so
    the scheduler can limit the nodes for a pod to only those in the same
    zone as the persistent volumes being used by the pod. (BZ#1365600)
    
    * Previously, heapster incorrectly generated error messages indicating
    that it 'Failed to find node'. This bug fix corrects that error and
    ensures that erroneous warnings are generated.(BZ#1366367)
    
    * The deployment controllers' resync interval can now be configured.
    The previously hard-coded 2-minute default is the likely cause of
    performance regressions when thousands of deploymentconfigs are
    present in the system. Increase the resync interval by setting
    deploymentControllerResyncMinute in
    /etc/origin/master/master-config.yaml.(BZ#1366381)
    
    * Previously, AWS-related environment variables were removed from
    /etc/ sysconfig/atomic-openshift-master files during an upgrade if
    these values were not included in the advanced installer's inventory
    file. This bug fix ensures that these variables are now preserved
    during upgrades. (BZ# 1370641)
    
    * Previously, updates to the containerized atomic-openshift-node
    service were not properly reloaded during upgrades. This bug fix
    corrects this error and ensures that the service is reloaded during
    upgrades. (BZ#1371708)
    
    * Previously the installer did not properly configure an environment
    for flannel when openshift_use_flannel was set to `true`. This bug fix
    corrects those errors and the installer will now correctly deploy
    environments using flannel. (BZ#1372026)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2016:1853"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2016-5418"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-dockerregistry");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-recycle");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-tests");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:heapster");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-docs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-filter-plugins");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-lookup-plugins");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-playbooks");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-roles");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tuned-profiles-atomic-openshift-node");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/09/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/09/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/12/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2016:1853";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_exists(rpm:"atomic-openshift-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-3.2.1.15-1.git.0.d84be7f.el7")) flag++;
      if (rpm_exists(rpm:"atomic-openshift-clients-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-clients-3.2.1.15-1.git.0.d84be7f.el7")) flag++;
      if (rpm_exists(rpm:"atomic-openshift-clients-redistributable-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-clients-redistributable-3.2.1.15-1.git.0.d84be7f.el7")) flag++;
      if (rpm_exists(rpm:"atomic-openshift-dockerregistry-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-dockerregistry-3.2.1.15-1.git.0.d84be7f.el7")) flag++;
      if (rpm_exists(rpm:"atomic-openshift-master-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-master-3.2.1.15-1.git.0.d84be7f.el7")) flag++;
      if (rpm_exists(rpm:"atomic-openshift-node-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-node-3.2.1.15-1.git.0.d84be7f.el7")) flag++;
      if (rpm_exists(rpm:"atomic-openshift-pod-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-pod-3.2.1.15-1.git.0.d84be7f.el7")) flag++;
      if (rpm_exists(rpm:"atomic-openshift-recycle-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-recycle-3.2.1.15-1.git.0.d84be7f.el7")) flag++;
      if (rpm_exists(rpm:"atomic-openshift-sdn-ovs-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-sdn-ovs-3.2.1.15-1.git.0.d84be7f.el7")) flag++;
      if (rpm_exists(rpm:"atomic-openshift-tests-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-tests-3.2.1.15-1.git.0.d84be7f.el7")) flag++;
      if (rpm_exists(rpm:"atomic-openshift-utils-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"atomic-openshift-utils-3.2.28-1.git.0.5a85fc5.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"heapster-1.1.0-1.beta2.el7.1")) flag++;
      if (rpm_exists(rpm:"openshift-ansible-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-3.2.28-1.git.0.5a85fc5.el7")) flag++;
      if (rpm_exists(rpm:"openshift-ansible-docs-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-docs-3.2.28-1.git.0.5a85fc5.el7")) flag++;
      if (rpm_exists(rpm:"openshift-ansible-filter-plugins-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-filter-plugins-3.2.28-1.git.0.5a85fc5.el7")) flag++;
      if (rpm_exists(rpm:"openshift-ansible-lookup-plugins-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-lookup-plugins-3.2.28-1.git.0.5a85fc5.el7")) flag++;
      if (rpm_exists(rpm:"openshift-ansible-playbooks-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-playbooks-3.2.28-1.git.0.5a85fc5.el7")) flag++;
      if (rpm_exists(rpm:"openshift-ansible-roles-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-roles-3.2.28-1.git.0.5a85fc5.el7")) flag++;
      if (rpm_exists(rpm:"tuned-profiles-atomic-openshift-node-3.2", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"tuned-profiles-atomic-openshift-node-3.2.1.15-1.git.0.d84be7f.el7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "atomic-openshift / atomic-openshift-clients / etc");
      }
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1470.NASL
    descriptionAccording to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libarchive. A specially crafted MTREE file could cause a small out-of-bounds read, potentially disclosing a small amount of application memory.(CVE-2015-8925) - A vulnerability was found in libarchive. An attempt to create an ISO9660 volume with 2GB or 4GB filenames could cause the application to crash.(CVE-2016-6250) - A vulnerability was found in libarchive. A specially crafted RAR file could cause the application to read memory beyond the end of the decompression buffer.(CVE-2015-8934) - A vulnerability was found in libarchive
    last seen2020-06-01
    modified2020-06-02
    plugin id124794
    published2019-05-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124794
    titleEulerOS Virtualization 3.0.1.0 : libarchive (EulerOS-SA-2019-1470)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1404.NASL
    descriptionThis update for libarchive fixes several issues. These security issues were fixed : - CVE-2016-8687: Buffer overflow when printing a filename (bsc#1005070). - CVE-2016-8689: Heap overflow when reading corrupted 7Zip files (bsc#1005072). - CVE-2016-8688: Use after free because of incorrect calculation in next_line (bsc#1005076). - CVE-2016-5844: Integer overflow in the ISO parser in libarchive allowed remote attackers to cause a denial of service (application crash) via a crafted ISO file (bsc#986566). - CVE-2016-6250: Integer overflow in the ISO9660 writer in libarchive allowed remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow (bsc#989980). - CVE-2016-5418: The sandboxing code in libarchive mishandled hardlink archive entries of non-zero data size, which might allowed remote attackers to write to arbitrary files via a crafted archive file (bsc#998677). This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2016-12-06
    plugin id95558
    published2016-12-06
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/95558
    titleopenSUSE Security Update : libarchive (openSUSE-2016-1404)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1850.NASL
    descriptionAn update for libarchive is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es) : * A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive
    last seen2020-06-01
    modified2020-06-02
    plugin id93451
    published2016-09-13
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93451
    titleRHEL 6 : libarchive (RHSA-2016:1850)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2016-1045.NASL
    descriptionAccording to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive
    last seen2020-05-06
    modified2017-05-01
    plugin id99808
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99808
    titleEulerOS 2.0 SP1 : libarchive (EulerOS-SA-2016-1045)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1405.NASL
    descriptionThis update for libarchive fixes several issues. These security issues were fixed : - CVE-2016-8687: Buffer overflow when printing a filename (bsc#1005070). - CVE-2016-8689: Heap overflow when reading corrupted 7Zip files (bsc#1005072). - CVE-2016-8688: Use after free because of incorrect calculation in next_line (bsc#1005076). - CVE-2016-5844: Integer overflow in the ISO parser in libarchive allowed remote attackers to cause a denial of service (application crash) via a crafted ISO file (bsc#986566). - CVE-2016-6250: Integer overflow in the ISO9660 writer in libarchive allowed remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow (bsc#989980). - CVE-2016-5418: The sandboxing code in libarchive mishandled hardlink archive entries of non-zero data size, which might allowed remote attackers to write to arbitrary files via a crafted archive file (bsc#998677). This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2016-12-06
    plugin id95559
    published2016-12-06
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/95559
    titleopenSUSE Security Update : libarchive (openSUSE-2016-1405)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2017-0010_LIBARCHIVE.NASL
    descriptionAn update of the libarchive package has been released.
    last seen2020-03-17
    modified2019-02-07
    plugin id121677
    published2019-02-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121677
    titlePhoton OS 1.0: Libarchive PHSA-2017-0010
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3225-1.NASL
    descriptionIt was discovered that libarchive incorrectly handled hardlink entries when extracting archives. A remote attacker could possibly use this issue to overwrite arbitrary files. (CVE-2016-5418) Christian Wressnegger, Alwin Maier, and Fabian Yamaguchi discovered that libarchive incorrectly handled filename lengths when writing ISO9660 archives. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-6250) Alexander Cherepanov discovered that libarchive incorrectly handled recursive decompressions. A remote attacker could possibly use this issue to cause libarchive to hang, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-7166) It was discovered that libarchive incorrectly handled non-printable multibyte characters in filenames. A remote attacker could possibly use this issue to cause libarchive to crash, resulting in a denial of service. (CVE-2016-8687) It was discovered that libarchive incorrectly handled line sizes when extracting certain archives. A remote attacker could possibly use this issue to cause libarchive to crash, resulting in a denial of service. (CVE-2016-8688) It was discovered that libarchive incorrectly handled multiple EmptyStream attributes when extracting certain 7zip archives. A remote attacker could possibly use this issue to cause libarchive to crash, resulting in a denial of service. (CVE-2016-8689) Jakub Jirasek discovered that libarchive incorrectly handled memory when extracting certain archives. A remote attacker could possibly use this issue to cause libarchive to crash, resulting in a denial of service. (CVE-2017-5601). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id97660
    published2017-03-10
    reporterUbuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97660
    titleUbuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libarchive vulnerabilities (USN-3225-1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3677.NASL
    descriptionSeveral vulnerabilities were discovered in libarchive, a multi-format archive and compression library, which may lead to denial of service (memory consumption and application crash), bypass of sandboxing restrictions and overwrite arbitrary files with arbitrary data from an archive, or the execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id93695
    published2016-09-26
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93695
    titleDebian DSA-3677-1 : libarchive - security update
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-1850.NASL
    descriptionAn update for libarchive is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es) : * A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive
    last seen2020-06-01
    modified2020-06-02
    plugin id93542
    published2016-09-16
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93542
    titleCentOS 6 : libarchive (CESA-2016:1850)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1844.NASL
    descriptionAn update for libarchive is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es) : * A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive
    last seen2020-06-01
    modified2020-06-02
    plugin id93450
    published2016-09-13
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93450
    titleRHEL 7 : libarchive (RHSA-2016:1844)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-1844.NASL
    descriptionFrom Red Hat Security Advisory 2016:1844 : An update for libarchive is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es) : * A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive
    last seen2020-06-01
    modified2020-06-02
    plugin id93446
    published2016-09-13
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93446
    titleOracle Linux 7 : libarchive (ELSA-2016-1844)
  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL35246595.NASL
    descriptionThe sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file. (CVE-2016-5418)
    last seen2020-06-01
    modified2020-06-02
    plugin id95718
    published2016-12-12
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95718
    titleF5 Networks BIG-IP : libarchive vulnerability (K35246595)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2911-1.NASL
    descriptionThis update for libarchive fixes several issues. These security issues were fixed : - CVE-2016-8687: Buffer overflow when printing a filename (bsc#1005070). - CVE-2016-8689: Heap overflow when reading corrupted 7Zip files (bsc#1005072). - CVE-2016-8688: Use after free because of incorrect calculation in next_line (bsc#1005076). - CVE-2016-5844: Integer overflow in the ISO parser in libarchive allowed remote attackers to cause a denial of service (application crash) via a crafted ISO file (bsc#986566). - CVE-2016-6250: Integer overflow in the ISO9660 writer in libarchive allowed remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow (bsc#989980). - CVE-2016-5418: The sandboxing code in libarchive mishandled hardlink archive entries of non-zero data size, which might allowed remote attackers to write to arbitrary files via a crafted archive file (bsc#998677). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id95367
    published2016-11-28
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95367
    titleSUSE SLED12 / SLES12 Security Update : libarchive (SUSE-SU-2016:2911-1)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-1844.NASL
    descriptionAn update for libarchive is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es) : * A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive
    last seen2020-06-01
    modified2020-06-02
    plugin id93541
    published2016-09-16
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93541
    titleCentOS 7 : libarchive (CESA-2016:1844)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201701-03.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201701-03 (libarchive: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in libarchive. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted archive file possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id96234
    published2017-01-03
    reporterThis script is Copyright (C) 2017 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/96234
    titleGLSA-201701-03 : libarchive: Multiple vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1852.NASL
    descriptionAn update for Red Hat OpenShift Enterprise 3.1 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenShift Enterprise by Red Hat is the company
    last seen2020-06-12
    modified2018-12-04
    plugin id119380
    published2018-12-04
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119380
    titleRHEL 7 : Red Hat OpenShift Enterprise 3.1 (RHSA-2016:1852)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-657.NASL
    descriptionIt was found that libarchive mishandled hardlink archive entries of non-zero data size, possibly allowing remote attackers to to write to arbitrary files via especially crafted archives. For Debian 7
    last seen2020-03-17
    modified2016-10-17
    plugin id94077
    published2016-10-17
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/94077
    titleDebian DLA-657-1 : libarchive security update
  • NASL familyCGI abuses
    NASL idSPLUNK_652.NASL
    descriptionAccording to its self-reported version number, the version of Splunk Enterprise hosted on the remote web server is 5.0.x prior to 5.0.17, 6.0.x prior to 6.0.13, 6.1.x prior to 6.1.12, 6.2.x prior to 6.2.13, 6.3.x prior to 6.3.9, 6.4.x prior to 6.4.5, or 6.5.x prior to 6.5.2; or else it is Splunk Light prior to 6.5.2. It is, therefore, affected by multiple vulnerabilities : - A security bypass vulnerability exists in the libarchive component due to a failure to properly check hardlinks that contain payload data. An unauthenticated, remote attacker can exploit this to bypass sandbox restrictions. (CVE-2016-5418) - An out-of-bounds write error exists in the libarchive component in the get_line_size() function in archive_read_support_format_mtree.c that is triggered when parsing lines. An unauthenticated, remote attacker can exploit this to crash the library or disclose memory contents. (CVE-2016-8688) - An information disclosure vulnerability exists in Splunk Light due to various system information being assigned to the global window property
    last seen2020-06-01
    modified2020-06-02
    plugin id97100
    published2017-02-10
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97100
    titleSplunk Enterprise < 5.0.17 / 6.0.13 / 6.1.12 / 6.2.13 / 6.3.9 / 6.4.5 / 6.5.2 or Splunk Light < 6.5.2 Multiple Vulnerabilities
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2016-743.NASL
    descriptionA flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive
    last seen2020-06-01
    modified2020-06-02
    plugin id93744
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93744
    titleAmazon Linux AMI : libarchive (ALAS-2016-743)

Redhat

advisories
  • rhsa
    idRHSA-2016:1844
  • rhsa
    idRHSA-2016:1850
  • rhsa
    idRHSA-2016:1852
  • rhsa
    idRHSA-2016:1853
rpms
  • bsdcpio-0:3.1.2-10.el7_2
  • bsdtar-0:3.1.2-10.el7_2
  • libarchive-0:3.1.2-10.el7_2
  • libarchive-debuginfo-0:3.1.2-10.el7_2
  • libarchive-devel-0:3.1.2-10.el7_2
  • libarchive-0:2.8.3-7.el6_8
  • libarchive-debuginfo-0:2.8.3-7.el6_8
  • libarchive-devel-0:2.8.3-7.el6_8
  • atomic-openshift-0:3.1.1.7-1.git.0.65f396b.el7aos
  • atomic-openshift-clients-0:3.1.1.7-1.git.0.65f396b.el7aos
  • atomic-openshift-clients-redistributable-0:3.1.1.7-1.git.0.65f396b.el7aos
  • atomic-openshift-dockerregistry-0:3.1.1.7-1.git.0.65f396b.el7aos
  • atomic-openshift-master-0:3.1.1.7-1.git.0.65f396b.el7aos
  • atomic-openshift-node-0:3.1.1.7-1.git.0.65f396b.el7aos
  • atomic-openshift-pod-0:3.1.1.7-1.git.0.65f396b.el7aos
  • atomic-openshift-recycle-0:3.1.1.7-1.git.0.65f396b.el7aos
  • atomic-openshift-sdn-ovs-0:3.1.1.7-1.git.0.65f396b.el7aos
  • tuned-profiles-atomic-openshift-node-0:3.1.1.7-1.git.0.65f396b.el7aos
  • atomic-openshift-0:3.2.1.15-1.git.0.d84be7f.el7
  • atomic-openshift-clients-0:3.2.1.15-1.git.0.d84be7f.el7
  • atomic-openshift-clients-redistributable-0:3.2.1.15-1.git.0.d84be7f.el7
  • atomic-openshift-dockerregistry-0:3.2.1.15-1.git.0.d84be7f.el7
  • atomic-openshift-master-0:3.2.1.15-1.git.0.d84be7f.el7
  • atomic-openshift-node-0:3.2.1.15-1.git.0.d84be7f.el7
  • atomic-openshift-pod-0:3.2.1.15-1.git.0.d84be7f.el7
  • atomic-openshift-recycle-0:3.2.1.15-1.git.0.d84be7f.el7
  • atomic-openshift-sdn-ovs-0:3.2.1.15-1.git.0.d84be7f.el7
  • atomic-openshift-tests-0:3.2.1.15-1.git.0.d84be7f.el7
  • atomic-openshift-utils-0:3.2.28-1.git.0.5a85fc5.el7
  • heapster-0:1.1.0-1.beta2.el7.1
  • openshift-ansible-0:3.2.28-1.git.0.5a85fc5.el7
  • openshift-ansible-docs-0:3.2.28-1.git.0.5a85fc5.el7
  • openshift-ansible-filter-plugins-0:3.2.28-1.git.0.5a85fc5.el7
  • openshift-ansible-lookup-plugins-0:3.2.28-1.git.0.5a85fc5.el7
  • openshift-ansible-playbooks-0:3.2.28-1.git.0.5a85fc5.el7
  • openshift-ansible-roles-0:3.2.28-1.git.0.5a85fc5.el7
  • tuned-profiles-atomic-openshift-node-0:3.2.1.15-1.git.0.d84be7f.el7