Vulnerabilities > CVE-2018-1112 - Unspecified vulnerability in Gluster Glusterfs

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
gluster
nessus

Summary

glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.

Vulnerable Configurations

Part Description Count
Application
Gluster
200

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2018-1268.NASL
    descriptionAn update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 6 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Security Fix(es) : * It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way
    last seen2020-06-01
    modified2020-06-02
    plugin id109442
    published2018-05-01
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109442
    titleRHEL 6 : glusterfs (RHSA-2018:1268)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2018:1268. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(109442);
      script_version("1.8");
      script_cvs_date("Date: 2019/10/24 15:35:44");
    
      script_cve_id("CVE-2018-1112");
      script_xref(name:"RHSA", value:"2018:1268");
    
      script_name(english:"RHEL 6 : glusterfs (RHSA-2018:1268)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for glusterfs is now available for Native Client for Red Hat
    Enterprise Linux 6 for Red Hat Storage and Red Hat Gluster Storage 3.3
    for Red Hat Enterprise Linux 6.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    GlusterFS is a key building block of Red Hat Gluster Storage. It is
    based on a stackable user-space design and can deliver exceptional
    performance for diverse workloads. GlusterFS aggregates various
    storage servers over network interconnections into one large, parallel
    network file system.
    
    Security Fix(es) :
    
    * It was found that fix for CVE-2018-1088 introduced a new
    vulnerability in the way 'auth.allow' is implemented in glusterfs
    server. An unauthenticated gluster client could mount gluster storage
    volumes. (CVE-2018-1112)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/articles/3422521"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2018:1268"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-1112"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-api");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-api-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-client-xlators");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-events");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-fuse");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-ganesha");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-geo-replication");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-rdma");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-gluster");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/04/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/01");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2018:1268";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
    
      if (! (rpm_exists(release:"RHEL6", rpm:"glusterfs-3.8.4"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "Red Hat glusterfs 3.8.4");
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-api-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-api-devel-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-cli-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-client-xlators-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-debuginfo-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-devel-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-events-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-fuse-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-ganesha-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-geo-replication-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-libs-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-rdma-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"glusterfs-server-3.8.4-54.9.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"python-gluster-3.8.4-54.9.el6")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glusterfs / glusterfs-api / glusterfs-api-devel / glusterfs-cli / etc");
      }
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2018-1275.NASL
    descriptionAn update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host
    last seen2020-06-01
    modified2020-06-02
    plugin id109568
    published2018-05-04
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109568
    titleRHEL 7 : Virtualization (RHSA-2018:1275)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2018:1275. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(109568);
      script_version("1.7");
      script_cvs_date("Date: 2019/10/24 15:35:44");
    
      script_cve_id("CVE-2018-1088");
      script_xref(name:"RHSA", value:"2018:1275");
    
      script_name(english:"RHEL 7 : Virtualization (RHSA-2018:1275)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for redhat-release-virtualization-host and
    redhat-virtualization-host is now available for Red Hat Virtualization
    4 for Red Hat Enterprise Linux 7.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The redhat-virtualization-host packages provide the Red Hat
    Virtualization Host. These packages include
    redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor.
    Red Hat Virtualization Hosts (RHVH) are installed using a special
    build of Red Hat Enterprise Linux with only the packages required to
    host virtual machines. RHVH features a Cockpit user interface for
    monitoring the host's resources and performing administrative tasks.
    
    The ovirt-node-ng packages provide the Red Hat Virtualization Host.
    These packages include redhat-release-virtualization-host, ovirt-node,
    and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed
    using a special build of Red Hat Enterprise Linux with only the
    packages required to host virtual machines. RHVH features a Cockpit
    user interface for monitoring the host's resources and performing
    administrative tasks.
    
    Security Fix(es) :
    
    * glusterfs: Privilege escalation via gluster_shared_storage when
    snapshot scheduling is enabled (CVE-2018-1088)
    
    * It was found that fix for CVE-2018-1088 introduced new vulnerability
    in the way 'auth.allow' is implemented in glusterfs server. An
    unauthenticated gluster client could mount gluster storage volumes.
    (CVE-2018-1112)
    
    For more details about the security issue(s), including the impact, a
    CVSS score, and other related information, refer to the CVE page(s)
    listed in the References section.
    
    This issue was discovered by John Strunk (Red Hat)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2018:1275"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-1088"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected redhat-release-virtualization-host,
    redhat-virtualization-host-image-update and / or
    redhat-virtualization-host-image-update-placeholder packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:redhat-release-virtualization-host");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update-placeholder");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/05/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2018:1275";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
    
      if (! (rpm_exists(release:"RHEL7", rpm:"qemu-kvm-rhev-2.10.0"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "Virtualization");
    
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"redhat-release-virtualization-host-4.1-11.0.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"redhat-virtualization-host-image-update-4.1-20180426.0.el7_5")) flag++;
      if (rpm_check(release:"RHEL7", reference:"redhat-virtualization-host-image-update-placeholder-4.1-11.0.el7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "redhat-release-virtualization-host / etc");
      }
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2018-1185.NASL
    descriptionAccording to the versions of the glusterfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A privilege escalation flaw was found in gluster snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.(CVE-2018-1088) - It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way
    last seen2020-05-06
    modified2018-07-03
    plugin id110849
    published2018-07-03
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110849
    titleEulerOS 2.0 SP3 : glusterfs (EulerOS-SA-2018-1185)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(110849);
      script_version("1.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04");
    
      script_cve_id(
        "CVE-2018-1088",
        "CVE-2018-1112"
      );
    
      script_name(english:"EulerOS 2.0 SP3 : glusterfs (EulerOS-SA-2018-1185)");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "According to the versions of the glusterfs packages installed, the
    EulerOS installation on the remote host is affected by the following
    vulnerabilities :
    
      - A privilege escalation flaw was found in gluster
        snapshot scheduler. Any gluster client allowed to mount
        gluster volumes could also mount shared gluster storage
        volume and escalate privileges by scheduling malicious
        cronjob via symlink.(CVE-2018-1088)
    
      - It was found that fix for CVE-2018-1088 introduced a
        new vulnerability in the way 'auth.allow' is
        implemented in glusterfs server. An unauthenticated
        gluster client could mount gluster storage
        volumes.(CVE-2018-1112)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1185
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a7f37bbd");
      script_set_attribute(attribute:"solution", value:
    "Update the affected glusterfs packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2018/06/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/07/03");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glusterfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glusterfs-api");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glusterfs-client-xlators");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glusterfs-fuse");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glusterfs-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:glusterfs-rdma");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
      script_exclude_keys("Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
    
    sp = get_kb_item("Host/EulerOS/sp");
    if (isnull(sp) || sp !~ "^(3)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3");
    
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3", "EulerOS UVP " + uvp);
    
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
    
    flag = 0;
    
    pkgs = ["glusterfs-3.8.4-54.8",
            "glusterfs-api-3.8.4-54.8",
            "glusterfs-client-xlators-3.8.4-54.8",
            "glusterfs-fuse-3.8.4-54.8",
            "glusterfs-libs-3.8.4-54.8",
            "glusterfs-rdma-3.8.4-54.8"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", sp:"3", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glusterfs");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2018-1269.NASL
    descriptionAn update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 7 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Security Fix(es) : * It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way
    last seen2020-06-01
    modified2020-06-02
    plugin id109443
    published2018-05-01
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109443
    titleRHEL 7 : glusterfs (RHSA-2018:1269)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2018:1269. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(109443);
      script_version("1.7");
      script_cvs_date("Date: 2019/10/24 15:35:44");
    
      script_cve_id("CVE-2018-1112");
      script_xref(name:"RHSA", value:"2018:1269");
    
      script_name(english:"RHEL 7 : glusterfs (RHSA-2018:1269)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for glusterfs is now available for Native Client for Red Hat
    Enterprise Linux 7 for Red Hat Storage and Red Hat Gluster Storage 3.3
    for Red Hat Enterprise Linux 7.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    GlusterFS is a key building block of Red Hat Gluster Storage. It is
    based on a stackable user-space design and can deliver exceptional
    performance for diverse workloads. GlusterFS aggregates various
    storage servers over network interconnections into one large, parallel
    network file system.
    
    Security Fix(es) :
    
    * It was found that fix for CVE-2018-1088 introduced a new
    vulnerability in the way 'auth.allow' is implemented in glusterfs
    server. An unauthenticated gluster client could mount gluster storage
    volumes. (CVE-2018-1112)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/articles/3422521"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2018:1269"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-1112"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-api");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-api-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-client-xlators");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-events");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-fuse");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-ganesha");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-geo-replication");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-rdma");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-resource-agents");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glusterfs-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-gluster");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/04/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/01");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2018:1269";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-api-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-api-devel-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-cli-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-client-xlators-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-debuginfo-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-devel-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-events-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-fuse-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-ganesha-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-geo-replication-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-libs-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-rdma-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"glusterfs-resource-agents-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"glusterfs-server-3.8.4-54.8.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"python-gluster-3.8.4-54.8.el7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glusterfs / glusterfs-api / glusterfs-api-devel / glusterfs-cli / etc");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2020-79.NASL
    descriptionThis update for glusterfs fixes the following issues : glusterfs was update to release 3.12.15 : - Fixed a number of bugs and security issues : - CVE-2018-1088, CVE-2018-1112 [boo#1090084], CVE-2018-10904 [boo#1107018], CVE-2018-10907 [boo#1107019], CVE-2018-10911 [boo#1107020], CVE-2018-10913 [boo#1107021], CVE-2018-10914 [boo#1107022], CVE-2018-10923 [boo#1107023], CVE-2018-10924 [boo#1107024], CVE-2018-10926 [boo#1107025], CVE-2018-10927 [boo#1107026], CVE-2018-10928 [boo#1107027], CVE-2018-10928 [boo#1107027], CVE-2018-10929 [boo#1107028], CVE-2018-10930 [boo#1107029], boo#1105776 .
    last seen2020-06-01
    modified2020-06-02
    plugin id133132
    published2020-01-21
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133132
    titleopenSUSE Security Update : glusterfs (openSUSE-2020-79)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2020-79.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(133132);
      script_version("1.2");
      script_cvs_date("Date: 2020/01/23");
    
      script_cve_id("CVE-2018-1088", "CVE-2018-10904", "CVE-2018-10907", "CVE-2018-10911", "CVE-2018-10913", "CVE-2018-10914", "CVE-2018-10923", "CVE-2018-10924", "CVE-2018-10926", "CVE-2018-10927", "CVE-2018-10928", "CVE-2018-10929", "CVE-2018-10930", "CVE-2018-1112");
    
      script_name(english:"openSUSE Security Update : glusterfs (openSUSE-2020-79)");
      script_summary(english:"Check for the openSUSE-2020-79 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for glusterfs fixes the following issues :
    
    glusterfs was update to release 3.12.15 :
    
      - Fixed a number of bugs and security issues :
    
      - CVE-2018-1088, CVE-2018-1112 [boo#1090084],
        CVE-2018-10904 [boo#1107018], CVE-2018-10907
        [boo#1107019], CVE-2018-10911 [boo#1107020],
        CVE-2018-10913 [boo#1107021], CVE-2018-10914
        [boo#1107022], CVE-2018-10923 [boo#1107023],
        CVE-2018-10924 [boo#1107024], CVE-2018-10926
        [boo#1107025], CVE-2018-10927 [boo#1107026],
        CVE-2018-10928 [boo#1107027], CVE-2018-10928
        [boo#1107027], CVE-2018-10929 [boo#1107028],
        CVE-2018-10930 [boo#1107029], boo#1105776 ."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1090084"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1105776"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107018"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107019"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107020"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107021"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107022"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107023"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107024"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107025"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107026"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107027"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107028"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1107029"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected glusterfs packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glusterfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glusterfs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glusterfs-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glusterfs-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfapi0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfapi0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfchangelog0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfchangelog0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfdb0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfdb0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfrpc0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfrpc0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfxdr0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgfxdr0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libglusterfs0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libglusterfs0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-gluster");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/01/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/21");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE15.1", reference:"glusterfs-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"glusterfs-debuginfo-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"glusterfs-debugsource-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"glusterfs-devel-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"libgfapi0-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"libgfapi0-debuginfo-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"libgfchangelog0-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"libgfchangelog0-debuginfo-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"libgfdb0-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"libgfdb0-debuginfo-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"libgfrpc0-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"libgfrpc0-debuginfo-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"libgfxdr0-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"libgfxdr0-debuginfo-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"libglusterfs0-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"libglusterfs0-debuginfo-3.12.15-lp151.3.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"python-gluster-3.12.15-lp151.3.3.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glusterfs / glusterfs-debuginfo / glusterfs-debugsource / etc");
    }
    

Redhat

advisories
  • rhsa
    idRHSA-2018:1268
  • rhsa
    idRHSA-2018:1269
rpms
  • glusterfs-0:3.8.4-54.9.el6
  • glusterfs-0:3.8.4-54.9.el6rhs
  • glusterfs-api-0:3.8.4-54.9.el6
  • glusterfs-api-0:3.8.4-54.9.el6rhs
  • glusterfs-api-devel-0:3.8.4-54.9.el6
  • glusterfs-api-devel-0:3.8.4-54.9.el6rhs
  • glusterfs-cli-0:3.8.4-54.9.el6
  • glusterfs-cli-0:3.8.4-54.9.el6rhs
  • glusterfs-client-xlators-0:3.8.4-54.9.el6
  • glusterfs-client-xlators-0:3.8.4-54.9.el6rhs
  • glusterfs-debuginfo-0:3.8.4-54.9.el6
  • glusterfs-debuginfo-0:3.8.4-54.9.el6rhs
  • glusterfs-devel-0:3.8.4-54.9.el6
  • glusterfs-devel-0:3.8.4-54.9.el6rhs
  • glusterfs-events-0:3.8.4-54.9.el6rhs
  • glusterfs-fuse-0:3.8.4-54.9.el6
  • glusterfs-fuse-0:3.8.4-54.9.el6rhs
  • glusterfs-ganesha-0:3.8.4-54.9.el6rhs
  • glusterfs-geo-replication-0:3.8.4-54.9.el6rhs
  • glusterfs-libs-0:3.8.4-54.9.el6
  • glusterfs-libs-0:3.8.4-54.9.el6rhs
  • glusterfs-rdma-0:3.8.4-54.9.el6
  • glusterfs-rdma-0:3.8.4-54.9.el6rhs
  • glusterfs-server-0:3.8.4-54.9.el6rhs
  • python-gluster-0:3.8.4-54.9.el6
  • python-gluster-0:3.8.4-54.9.el6rhs
  • glusterfs-0:3.8.4-54.8.el7
  • glusterfs-0:3.8.4-54.8.el7rhgs
  • glusterfs-api-0:3.8.4-54.8.el7
  • glusterfs-api-0:3.8.4-54.8.el7rhgs
  • glusterfs-api-devel-0:3.8.4-54.8.el7
  • glusterfs-api-devel-0:3.8.4-54.8.el7rhgs
  • glusterfs-cli-0:3.8.4-54.8.el7
  • glusterfs-cli-0:3.8.4-54.8.el7rhgs
  • glusterfs-client-xlators-0:3.8.4-54.8.el7
  • glusterfs-client-xlators-0:3.8.4-54.8.el7rhgs
  • glusterfs-debuginfo-0:3.8.4-54.8.el7
  • glusterfs-debuginfo-0:3.8.4-54.8.el7rhgs
  • glusterfs-devel-0:3.8.4-54.8.el7
  • glusterfs-devel-0:3.8.4-54.8.el7rhgs
  • glusterfs-events-0:3.8.4-54.8.el7rhgs
  • glusterfs-fuse-0:3.8.4-54.8.el7
  • glusterfs-fuse-0:3.8.4-54.8.el7rhgs
  • glusterfs-ganesha-0:3.8.4-54.8.el7rhgs
  • glusterfs-geo-replication-0:3.8.4-54.8.el7rhgs
  • glusterfs-libs-0:3.8.4-54.8.el7
  • glusterfs-libs-0:3.8.4-54.8.el7rhgs
  • glusterfs-rdma-0:3.8.4-54.8.el7
  • glusterfs-rdma-0:3.8.4-54.8.el7rhgs
  • glusterfs-resource-agents-0:3.8.4-54.8.el7rhgs
  • glusterfs-server-0:3.8.4-54.8.el7rhgs
  • python-gluster-0:3.8.4-54.8.el7
  • python-gluster-0:3.8.4-54.8.el7rhgs