Vulnerabilities > CVE-2018-1112 - Unspecified vulnerability in Gluster Glusterfs
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
Vulnerable Configurations
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1268.NASL description An update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 6 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Security Fix(es) : * It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way last seen 2020-06-01 modified 2020-06-02 plugin id 109442 published 2018-05-01 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109442 title RHEL 6 : glusterfs (RHSA-2018:1268) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2018:1268. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(109442); script_version("1.8"); script_cvs_date("Date: 2019/10/24 15:35:44"); script_cve_id("CVE-2018-1112"); script_xref(name:"RHSA", value:"2018:1268"); script_name(english:"RHEL 6 : glusterfs (RHSA-2018:1268)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 6 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Security Fix(es) : * It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way 'auth.allow' is implemented in glusterfs server. An unauthenticated gluster client could mount gluster storage volumes. (CVE-2018-1112)" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/articles/3422521" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1268" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-1112" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-api-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-client-xlators"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-events"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-fuse"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-ganesha"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-geo-replication"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-rdma"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-gluster"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/25"); script_set_attribute(attribute:"patch_publication_date", value:"2018/04/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2018:1268"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (! (rpm_exists(release:"RHEL6", rpm:"glusterfs-3.8.4"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "Red Hat glusterfs 3.8.4"); if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-api-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-api-devel-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-cli-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-client-xlators-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-debuginfo-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-devel-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-events-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-fuse-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-ganesha-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-geo-replication-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-libs-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-rdma-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-server-3.8.4-54.9.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"python-gluster-3.8.4-54.9.el6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glusterfs / glusterfs-api / glusterfs-api-devel / glusterfs-cli / etc"); } }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1275.NASL description An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host last seen 2020-06-01 modified 2020-06-02 plugin id 109568 published 2018-05-04 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109568 title RHEL 7 : Virtualization (RHSA-2018:1275) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2018:1275. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(109568); script_version("1.7"); script_cvs_date("Date: 2019/10/24 15:35:44"); script_cve_id("CVE-2018-1088"); script_xref(name:"RHSA", value:"2018:1275"); script_name(english:"RHEL 7 : Virtualization (RHSA-2018:1275)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Security Fix(es) : * glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled (CVE-2018-1088) * It was found that fix for CVE-2018-1088 introduced new vulnerability in the way 'auth.allow' is implemented in glusterfs server. An unauthenticated gluster client could mount gluster storage volumes. (CVE-2018-1112) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by John Strunk (Red Hat)." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1275" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-1088" ); script_set_attribute( attribute:"solution", value: "Update the affected redhat-release-virtualization-host, redhat-virtualization-host-image-update and / or redhat-virtualization-host-image-update-placeholder packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:redhat-release-virtualization-host"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update-placeholder"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/18"); script_set_attribute(attribute:"patch_publication_date", value:"2018/05/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/04"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2018:1275"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (! (rpm_exists(release:"RHEL7", rpm:"qemu-kvm-rhev-2.10.0"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "Virtualization"); if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"redhat-release-virtualization-host-4.1-11.0.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"redhat-virtualization-host-image-update-4.1-20180426.0.el7_5")) flag++; if (rpm_check(release:"RHEL7", reference:"redhat-virtualization-host-image-update-placeholder-4.1-11.0.el7")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "redhat-release-virtualization-host / etc"); } }NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1185.NASL description According to the versions of the glusterfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A privilege escalation flaw was found in gluster snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.(CVE-2018-1088) - It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way last seen 2020-05-06 modified 2018-07-03 plugin id 110849 published 2018-07-03 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110849 title EulerOS 2.0 SP3 : glusterfs (EulerOS-SA-2018-1185) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(110849); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04"); script_cve_id( "CVE-2018-1088", "CVE-2018-1112" ); script_name(english:"EulerOS 2.0 SP3 : glusterfs (EulerOS-SA-2018-1185)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the glusterfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A privilege escalation flaw was found in gluster snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.(CVE-2018-1088) - It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way 'auth.allow' is implemented in glusterfs server. An unauthenticated gluster client could mount gluster storage volumes.(CVE-2018-1112) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1185 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a7f37bbd"); script_set_attribute(attribute:"solution", value: "Update the affected glusterfs packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"patch_publication_date", value:"2018/06/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/07/03"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glusterfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glusterfs-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glusterfs-client-xlators"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glusterfs-fuse"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glusterfs-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glusterfs-rdma"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) || sp !~ "^(3)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["glusterfs-3.8.4-54.8", "glusterfs-api-3.8.4-54.8", "glusterfs-client-xlators-3.8.4-54.8", "glusterfs-fuse-3.8.4-54.8", "glusterfs-libs-3.8.4-54.8", "glusterfs-rdma-3.8.4-54.8"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"3", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glusterfs"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1269.NASL description An update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 7 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Security Fix(es) : * It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way last seen 2020-06-01 modified 2020-06-02 plugin id 109443 published 2018-05-01 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109443 title RHEL 7 : glusterfs (RHSA-2018:1269) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2018:1269. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(109443); script_version("1.7"); script_cvs_date("Date: 2019/10/24 15:35:44"); script_cve_id("CVE-2018-1112"); script_xref(name:"RHSA", value:"2018:1269"); script_name(english:"RHEL 7 : glusterfs (RHSA-2018:1269)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 7 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Security Fix(es) : * It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way 'auth.allow' is implemented in glusterfs server. An unauthenticated gluster client could mount gluster storage volumes. (CVE-2018-1112)" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/articles/3422521" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1269" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-1112" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-api-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-client-xlators"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-events"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-fuse"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-ganesha"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-geo-replication"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-rdma"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-resource-agents"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-gluster"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/25"); script_set_attribute(attribute:"patch_publication_date", value:"2018/04/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2018:1269"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-api-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-api-devel-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-cli-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-client-xlators-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-debuginfo-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-devel-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-events-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-fuse-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-ganesha-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-geo-replication-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-libs-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-rdma-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"glusterfs-resource-agents-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-server-3.8.4-54.8.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"python-gluster-3.8.4-54.8.el7")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glusterfs / glusterfs-api / glusterfs-api-devel / glusterfs-cli / etc"); } }NASL family SuSE Local Security Checks NASL id OPENSUSE-2020-79.NASL description This update for glusterfs fixes the following issues : glusterfs was update to release 3.12.15 : - Fixed a number of bugs and security issues : - CVE-2018-1088, CVE-2018-1112 [boo#1090084], CVE-2018-10904 [boo#1107018], CVE-2018-10907 [boo#1107019], CVE-2018-10911 [boo#1107020], CVE-2018-10913 [boo#1107021], CVE-2018-10914 [boo#1107022], CVE-2018-10923 [boo#1107023], CVE-2018-10924 [boo#1107024], CVE-2018-10926 [boo#1107025], CVE-2018-10927 [boo#1107026], CVE-2018-10928 [boo#1107027], CVE-2018-10928 [boo#1107027], CVE-2018-10929 [boo#1107028], CVE-2018-10930 [boo#1107029], boo#1105776 . last seen 2020-06-01 modified 2020-06-02 plugin id 133132 published 2020-01-21 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133132 title openSUSE Security Update : glusterfs (openSUSE-2020-79) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2020-79. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(133132); script_version("1.2"); script_cvs_date("Date: 2020/01/23"); script_cve_id("CVE-2018-1088", "CVE-2018-10904", "CVE-2018-10907", "CVE-2018-10911", "CVE-2018-10913", "CVE-2018-10914", "CVE-2018-10923", "CVE-2018-10924", "CVE-2018-10926", "CVE-2018-10927", "CVE-2018-10928", "CVE-2018-10929", "CVE-2018-10930", "CVE-2018-1112"); script_name(english:"openSUSE Security Update : glusterfs (openSUSE-2020-79)"); script_summary(english:"Check for the openSUSE-2020-79 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for glusterfs fixes the following issues : glusterfs was update to release 3.12.15 : - Fixed a number of bugs and security issues : - CVE-2018-1088, CVE-2018-1112 [boo#1090084], CVE-2018-10904 [boo#1107018], CVE-2018-10907 [boo#1107019], CVE-2018-10911 [boo#1107020], CVE-2018-10913 [boo#1107021], CVE-2018-10914 [boo#1107022], CVE-2018-10923 [boo#1107023], CVE-2018-10924 [boo#1107024], CVE-2018-10926 [boo#1107025], CVE-2018-10927 [boo#1107026], CVE-2018-10928 [boo#1107027], CVE-2018-10928 [boo#1107027], CVE-2018-10929 [boo#1107028], CVE-2018-10930 [boo#1107029], boo#1105776 ." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1090084" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1105776" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107018" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107019" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107020" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107021" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107022" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107023" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107024" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107025" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107026" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107027" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107028" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107029" ); script_set_attribute( attribute:"solution", value:"Update the affected glusterfs packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glusterfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glusterfs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glusterfs-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glusterfs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfapi0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfapi0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfchangelog0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfchangelog0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfdb0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfdb0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfrpc0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfrpc0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfxdr0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfxdr0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libglusterfs0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libglusterfs0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-gluster"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/18"); script_set_attribute(attribute:"patch_publication_date", value:"2020/01/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/21"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.1", reference:"glusterfs-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"glusterfs-debuginfo-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"glusterfs-debugsource-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"glusterfs-devel-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libgfapi0-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libgfapi0-debuginfo-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libgfchangelog0-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libgfchangelog0-debuginfo-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libgfdb0-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libgfdb0-debuginfo-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libgfrpc0-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libgfrpc0-debuginfo-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libgfxdr0-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libgfxdr0-debuginfo-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libglusterfs0-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libglusterfs0-debuginfo-3.12.15-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"python-gluster-3.12.15-lp151.3.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glusterfs / glusterfs-debuginfo / glusterfs-debugsource / etc"); }
Redhat
| advisories |
| ||||||||
| rpms |
|
References
- https://review.gluster.org/#/c/19899/1..2
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1112
- https://access.redhat.com/articles/3422521
- https://access.redhat.com/errata/RHSA-2018:1269
- https://access.redhat.com/errata/RHSA-2018:1268
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html