Vulnerabilities > CVE-2018-16889 - Unspecified vulnerability in Redhat Ceph

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
redhat
nessus

Summary

Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable.

Vulnerable Configurations

Part Description Count
Application
Redhat
264

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-0499-1.NASL
    descriptionThis update for ceph fixes the following issues : Security issues fixed : CVE-2018-14662: mon: limit caps allowed to access the config store (bsc#1111177) CVE-2018-16846: rgw: enforce bounds on max-keys/max-uploads/max-parts (bsc#1114710) CVE-2018-16889: rgw: sanitize customer encryption keys from log output in v4 auth (bsc#1121567) Non-security issue fixed: os/bluestore: avoid frequent allocator dump on bluefs rebalance failure (bsc#1113246) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122476
    published2019-02-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122476
    titleSUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2019:0499-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2019:0499-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(122476);
      script_version("1.3");
      script_cvs_date("Date: 2020/02/07");
    
      script_cve_id("CVE-2018-14662", "CVE-2018-16846", "CVE-2018-16889");
    
      script_name(english:"SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2019:0499-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for ceph fixes the following issues :
    
    Security issues fixed :
    
    CVE-2018-14662: mon: limit caps allowed to access the config store
    (bsc#1111177)
    
    CVE-2018-16846: rgw: enforce bounds on max-keys/max-uploads/max-parts
    (bsc#1114710)
    
    CVE-2018-16889: rgw: sanitize customer encryption keys from log output
    in v4 auth (bsc#1121567)
    
    Non-security issue fixed: os/bluestore: avoid frequent allocator dump
    on bluefs rebalance failure (bsc#1113246)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1111177"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1113246"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1114710"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1121567"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-14662/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-16846/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-16889/"
      );
      # https://www.suse.com/support/update/announcement/2019/suse-su-20190499-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?b59d5e0c"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t
    patch SUSE-SLE-SDK-12-SP4-2019-499=1
    
    SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t
    patch SUSE-SLE-SDK-12-SP3-2019-499=1
    
    SUSE Linux Enterprise Server 12-SP4:zypper in -t patch
    SUSE-SLE-SERVER-12-SP4-2019-499=1
    
    SUSE Linux Enterprise Server 12-SP3:zypper in -t patch
    SUSE-SLE-SERVER-12-SP3-2019-499=1
    
    SUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch
    SUSE-SLE-DESKTOP-12-SP4-2019-499=1
    
    SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch
    SUSE-SLE-DESKTOP-12-SP3-2019-499=1
    
    SUSE Enterprise Storage 5:zypper in -t patch SUSE-Storage-5-2019-499=1
    
    SUSE CaaS Platform ALL :
    
    To install this update, use the SUSE CaaS Platform Velum dashboard. It
    will inform you if it detects new updates and let you then trigger
    updating of the complete cluster in a controlled way.
    
    SUSE CaaS Platform 3.0 :
    
    To install this update, use the SUSE CaaS Platform Velum dashboard. It
    will inform you if it detects new updates and let you then trigger
    updating of the complete cluster in a controlled way."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ceph-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ceph-common-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ceph-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libcephfs2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libcephfs2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librados2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librados2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libradosstriper1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libradosstriper1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librbd1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librbd1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librgw2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librgw2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-cephfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-cephfs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-rados");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-rados-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-rbd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-rbd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-rgw");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-rgw-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/02/26");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/27");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP3/4", os_ver + " SP" + sp);
    if (os_ver == "SLED12" && (! preg(pattern:"^(3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP3/4", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"4", reference:"ceph-common-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"ceph-common-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"ceph-debugsource-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libcephfs2-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libcephfs2-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"librados2-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"librados2-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libradosstriper1-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libradosstriper1-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"librbd1-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"librbd1-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"librgw2-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"librgw2-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-cephfs-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-cephfs-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-rados-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-rados-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-rbd-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-rbd-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-rgw-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-rgw-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"ceph-common-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"ceph-common-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"ceph-debugsource-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libcephfs2-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libcephfs2-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"librados2-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"librados2-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libradosstriper1-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libradosstriper1-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"librbd1-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"librbd1-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"librgw2-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"librgw2-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-cephfs-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-cephfs-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-rados-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-rados-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-rbd-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-rbd-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-rgw-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-rgw-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"ceph-common-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"ceph-common-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"ceph-debugsource-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libcephfs2-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libcephfs2-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"librados2-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"librados2-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libradosstriper1-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libradosstriper1-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"librbd1-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"librbd1-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"librgw2-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"librgw2-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-cephfs-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-cephfs-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-rados-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-rados-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-rbd-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-rbd-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-rgw-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-rgw-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"ceph-common-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"ceph-common-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"ceph-debugsource-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libcephfs2-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libcephfs2-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"librados2-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"librados2-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libradosstriper1-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libradosstriper1-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"librbd1-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"librbd1-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"librgw2-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"librgw2-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-cephfs-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-cephfs-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-rados-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-rados-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-rbd-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-rbd-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-rgw-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-rgw-debuginfo-12.2.10+git.1549630712.bb089269ea-2.27.2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ceph");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-306.NASL
    descriptionThis update for ceph fixes the following issues : Security issues fixed : - CVE-2018-14662: mon: limit caps allowed to access the config store (bsc#1111177) - CVE-2018-16846: rgw: enforce bounds on max-keys/max-uploads/max-parts (bsc#1114710) - CVE-2018-16889: rgw: sanitize customer encryption keys from log output in v4 auth (bsc#1121567) Non-security issue fixed : - os/bluestore: avoid frequent allocator dump on bluefs rebalance failure (bsc#1113246) This update was imported from the SUSE:SLE-12-SP3:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id122742
    published2019-03-11
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122742
    titleopenSUSE Security Update : ceph (openSUSE-2019-306)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2019-306.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(122742);
      script_version("1.2");
      script_cvs_date("Date: 2020/02/05");
    
      script_cve_id("CVE-2018-14662", "CVE-2018-16846", "CVE-2018-16889");
    
      script_name(english:"openSUSE Security Update : ceph (openSUSE-2019-306)");
      script_summary(english:"Check for the openSUSE-2019-306 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for ceph fixes the following issues :
    
    Security issues fixed :
    
      - CVE-2018-14662: mon: limit caps allowed to access the
        config store (bsc#1111177)
    
      - CVE-2018-16846: rgw: enforce bounds on
        max-keys/max-uploads/max-parts (bsc#1114710)
    
      - CVE-2018-16889: rgw: sanitize customer encryption keys
        from log output in v4 auth (bsc#1121567)
    
    Non-security issue fixed :
    
      - os/bluestore: avoid frequent allocator dump on bluefs
        rebalance failure (bsc#1113246)
    
    This update was imported from the SUSE:SLE-12-SP3:Update update
    project."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1111177"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1113246"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1114710"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1121567"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected ceph packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-common-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-fuse");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-fuse-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-mds");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-mds-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-mgr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-mgr-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-mon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-mon-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-osd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-osd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-radosgw");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-radosgw-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-resource-agents");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-test");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-test-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ceph-test-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcephfs-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcephfs2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcephfs2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:librados-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:librados-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:librados2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:librados2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libradosstriper-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libradosstriper1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libradosstriper1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:librbd-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:librbd1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:librbd1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:librgw-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:librgw2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:librgw2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-ceph-compat");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-cephfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-cephfs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-rados");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-rados-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-rbd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-rbd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-rgw");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-rgw-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-ceph-argparse");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-cephfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-cephfs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-rados");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-rados-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-rbd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-rbd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-rgw");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-rgw-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rados-objclass-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rbd-fuse");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rbd-fuse-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rbd-mirror");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rbd-mirror-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rbd-nbd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:rbd-nbd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/03/08");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/11");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-base-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-base-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-common-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-common-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-debugsource-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-fuse-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-fuse-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-mds-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-mds-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-mgr-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-mgr-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-mon-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-mon-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-osd-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-osd-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-radosgw-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-radosgw-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-resource-agents-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-test-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-test-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"ceph-test-debugsource-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libcephfs-devel-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libcephfs2-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libcephfs2-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"librados-devel-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"librados-devel-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"librados2-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"librados2-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libradosstriper-devel-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libradosstriper1-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"libradosstriper1-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"librbd-devel-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"librbd1-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"librbd1-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"librgw-devel-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"librgw2-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"librgw2-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python-ceph-compat-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python-cephfs-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python-cephfs-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python-rados-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python-rados-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python-rbd-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python-rbd-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python-rgw-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python-rgw-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python3-ceph-argparse-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python3-cephfs-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python3-cephfs-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python3-rados-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python3-rados-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python3-rbd-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python3-rbd-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python3-rgw-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"python3-rgw-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"rados-objclass-devel-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"rbd-fuse-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"rbd-fuse-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"rbd-mirror-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"rbd-mirror-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"rbd-nbd-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"rbd-nbd-debuginfo-12.2.10+git.1549630712.bb089269ea-21.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ceph-test / ceph-test-debuginfo / ceph-test-debugsource / ceph / etc");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-6A2E72916A.NASL
    descriptionNew release (1:12.2.11-1) notes=Security fix for CVE-2018-14662, CVE-2018-16846, CVE-2018-16889 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122323
    published2019-02-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122323
    titleFedora 29 : 1:ceph (2019-6a2e72916a)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2019-6a2e72916a.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(122323);
      script_version("1.3");
      script_cvs_date("Date: 2020/02/10");
    
      script_cve_id("CVE-2018-14662", "CVE-2018-16846", "CVE-2018-16889");
      script_xref(name:"FEDORA", value:"2019-6a2e72916a");
    
      script_name(english:"Fedora 29 : 1:ceph (2019-6a2e72916a)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "New release (1:12.2.11-1) notes=Security fix for CVE-2018-14662,
    CVE-2018-16846, CVE-2018-16889
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-6a2e72916a"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected 1:ceph package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:1:ceph");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/02/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/20");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^29([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC29", reference:"ceph-12.2.11-1.fc29", epoch:"1")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "1:ceph");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2538.NASL
    descriptionAn update is now available for Red Hat Ceph Storage 3.3 on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Security Fix(es) : * ceph: ListBucket max-keys has no defined limit in the RGW codebase (CVE-2018-16846) * ceph: debug logging for v4 auth does not sanitize encryption keys (CVE-2018-16889) * ceph: authenticated user with read only permissions can steal dm-crypt / LUKS key (CVE-2018-14662) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) and Enhancement(s) : For detailed information on changes in this release, see the Red Hat Ceph Storage 3.3 Release Notes available at : https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/3.3 /html/ release_notes/index
    last seen2020-03-18
    modified2019-08-23
    plugin id128106
    published2019-08-23
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128106
    titleRHEL 7 : Red Hat Ceph Storage 3.3 (RHSA-2019:2538)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2019:2538. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(128106);
      script_version("1.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/06");
    
      script_cve_id("CVE-2018-14662", "CVE-2018-16846", "CVE-2018-16889");
      script_xref(name:"RHSA", value:"2019:2538");
    
      script_name(english:"RHEL 7 : Red Hat Ceph Storage 3.3 (RHSA-2019:2538)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update is now available for Red Hat Ceph Storage 3.3 on Red Hat
    Enterprise Linux 7.
    
    Red Hat Product Security has rated this update as having a security
    impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    Red Hat Ceph Storage is a scalable, open, software-defined storage
    platform that combines the most stable version of the Ceph storage
    system with a Ceph management platform, deployment utilities, and
    support services.
    
    Security Fix(es) :
    
    * ceph: ListBucket max-keys has no defined limit in the RGW codebase
    (CVE-2018-16846)
    
    * ceph: debug logging for v4 auth does not sanitize encryption keys
    (CVE-2018-16889)
    
    * ceph: authenticated user with read only permissions can steal
    dm-crypt / LUKS key (CVE-2018-14662)
    
    For more details about the security issue(s), including the impact, a
    CVSS score, acknowledgments, and other related information, refer to
    the CVE page(s) listed in the References section.
    
    Bug Fix(es) and Enhancement(s) :
    
    For detailed information on changes in this release, see the Red Hat
    Ceph Storage 3.3 Release Notes available at :
    
    https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/3.3
    /html/ release_notes/index"
      );
      # https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/3.3/html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a6dfbf61"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2019:2538"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-14662"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-16846"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-16889"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ceph-ansible");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ceph-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ceph-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ceph-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ceph-fuse");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ceph-iscsi-config");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ceph-mds");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ceph-mgr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ceph-mon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ceph-radosgw");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ceph-selinux");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ceph-test");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:cephmetrics-ansible");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libcephfs-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libcephfs2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libntirpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libntirpc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librados-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librados2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libradosstriper1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librbd-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librbd1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librgw-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librgw2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nfs-ganesha");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nfs-ganesha-ceph");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nfs-ganesha-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nfs-ganesha-rgw");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-cephfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-crypto-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-rados");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-rbd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-rgw");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python2-crypto");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rbd-mirror");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/08/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/23");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2019:2538";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
    
      if (! (rpm_exists(release:"RHEL7", rpm:"librados2-12.*\.el7cp"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "Ceph Storage");
    
      if (rpm_check(release:"RHEL7", reference:"ceph-ansible-3.2.24-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ceph-base-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ceph-common-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ceph-debuginfo-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ceph-fuse-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"ceph-iscsi-config-2.6-19.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ceph-mds-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ceph-mgr-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ceph-mon-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ceph-radosgw-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ceph-selinux-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ceph-test-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"cephmetrics-ansible-2.0.6-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libcephfs-devel-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libcephfs2-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libntirpc-1.7.4-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libntirpc-debuginfo-1.7.4-1.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"librados-devel-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"librados2-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libradosstriper1-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"librbd-devel-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"librbd1-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"librgw-devel-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"librgw2-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"nfs-ganesha-2.7.4-10.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"nfs-ganesha-ceph-2.7.4-10.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"nfs-ganesha-debuginfo-2.7.4-10.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"nfs-ganesha-rgw-2.7.4-10.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"python-cephfs-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"python-crypto-debuginfo-2.6.1-16.el7ost")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"python-rados-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"python-rbd-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"python-rgw-12.2.12-45.el7")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"python2-crypto-2.6.1-16.el7ost")) flag++;
      if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"rbd-mirror-12.2.12-45.el7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ceph-ansible / ceph-base / ceph-common / ceph-debuginfo / ceph-fuse / etc");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2364-1.NASL
    descriptionThis update for ceph to version 12.2.12-594-g02236657ca fixes the following issues : Security issues fixed : CVE-2018-16889: Fixed missing sanitation of customer encryption keys from log output in v4 auth. (bsc#1121567) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id128871
    published2019-09-16
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128871
    titleSUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2019:2364-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2019:2364-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(128871);
      script_version("1.2");
      script_cvs_date("Date: 2019/12/27");
    
      script_cve_id("CVE-2018-16889");
    
      script_name(english:"SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2019:2364-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for ceph to version 12.2.12-594-g02236657ca fixes the
    following issues :
    
    Security issues fixed :
    
    CVE-2018-16889: Fixed missing sanitation of customer encryption keys
    from log output in v4 auth. (bsc#1121567)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1121567"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1149961"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-16889/"
      );
      # https://www.suse.com/support/update/announcement/2019/suse-su-20192364-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?6885f1e8"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t
    patch SUSE-SLE-SDK-12-SP4-2019-2364=1
    
    SUSE Linux Enterprise Server 12-SP4:zypper in -t patch
    SUSE-SLE-SERVER-12-SP4-2019-2364=1
    
    SUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch
    SUSE-SLE-DESKTOP-12-SP4-2019-2364=1
    
    SUSE Enterprise Storage 5:zypper in -t patch
    SUSE-Storage-5-2019-2364=1
    
    SUSE CaaS Platform 3.0 :
    
    To install this update, use the SUSE CaaS Platform Velum dashboard. It
    will inform you if it detects new updates and let you then trigger
    updating of the complete cluster in a controlled way."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ceph-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ceph-common-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ceph-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libcephfs2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libcephfs2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librados2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librados2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libradosstriper1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libradosstriper1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librbd1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librbd1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librgw2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librgw2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-cephfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-cephfs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-rados");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-rados-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-rbd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-rbd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-rgw");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-rgw-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/28");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/16");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP4", os_ver + " SP" + sp);
    if (os_ver == "SLED12" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP4", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"4", reference:"ceph-common-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"ceph-common-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"ceph-debugsource-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libcephfs2-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libcephfs2-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"librados2-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"librados2-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libradosstriper1-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libradosstriper1-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"librbd1-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"librbd1-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"librgw2-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"librgw2-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-cephfs-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-cephfs-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-rados-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-rados-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-rbd-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-rbd-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-rgw-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-rgw-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"ceph-common-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"ceph-common-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"ceph-debugsource-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libcephfs2-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libcephfs2-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"librados2-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"librados2-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libradosstriper1-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libradosstriper1-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"librbd1-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"librbd1-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"librgw2-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"librgw2-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-cephfs-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-cephfs-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-rados-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-rados-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-rbd-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-rbd-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-rgw-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-rgw-debuginfo-12.2.12+git.1568024032.02236657ca-2.39.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ceph");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2049-1.NASL
    descriptionThis update for ceph fixes the following issues : Security issues fixed : CVE-2019-3821: civetweb: fix file descriptor leak (bsc#1125080) CVE-2018-16889: rgw: sanitize customer encryption keys from log output in v4 auth (bsc#1121567) Non-security issues fixed: install grafana dashboards world readable (bsc#1136110) upgrade results in cluster outage (bsc#1132396) ceph status reports
    last seen2020-06-01
    modified2020-06-02
    plugin id127765
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127765
    titleSUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2019:2049-1)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-2_0-0154_CEPH.NASL
    descriptionAn update of the ceph package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id125078
    published2019-05-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125078
    titlePhoton OS 2.0: Ceph PHSA-2019-2.0-0154
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4035-1.NASL
    descriptionIt was discovered that Ceph incorrectly handled read only permissions. An authenticated attacker could use this issue to obtain dm-crypt encryption keys. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-14662) It was discovered that Ceph incorrectly handled certain OMAPs holding bucket indices. An authenticated attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-16846) It was discovered that Ceph incorrectly sanitized certain debug logs. A local attacker could possibly use this issue to obtain encryption key information. This issue was only addressed in Ubuntu 18.10 and Ubuntu 19.04. (CVE-2018-16889) It was discovered that Ceph incorrectly handled certain civetweb requests. A remote attacker could possibly use this issue to consume resources, leading to a denial of service. This issue only affected Ubuntu 18.10 and Ubuntu 19.04. (CVE-2019-3821). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126255
    published2019-06-26
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126255
    titleUbuntu 16.04 LTS / 18.10 / 19.04 : ceph vulnerabilities (USN-4035-1)

Redhat

advisories
  • rhsa
    idRHSA-2019:2538
  • rhsa
    idRHSA-2019:2541
rpms
  • ceph-ansible-0:3.2.24-1.el7cp
  • ceph-base-2:12.2.12-45.el7cp
  • ceph-common-2:12.2.12-45.el7cp
  • ceph-debuginfo-2:12.2.12-45.el7cp
  • ceph-fuse-2:12.2.12-45.el7cp
  • ceph-iscsi-config-0:2.6-19.el7cp
  • ceph-mds-2:12.2.12-45.el7cp
  • ceph-mgr-2:12.2.12-45.el7cp
  • ceph-mon-2:12.2.12-45.el7cp
  • ceph-osd-2:12.2.12-45.el7cp
  • ceph-radosgw-2:12.2.12-45.el7cp
  • ceph-selinux-2:12.2.12-45.el7cp
  • ceph-test-2:12.2.12-45.el7cp
  • cephmetrics-ansible-0:2.0.6-1.el7cp
  • libcephfs-devel-2:12.2.12-45.el7cp
  • libcephfs2-2:12.2.12-45.el7cp
  • libntirpc-0:1.7.4-1.el7cp
  • libntirpc-debuginfo-0:1.7.4-1.el7cp
  • librados-devel-2:12.2.12-45.el7cp
  • librados2-2:12.2.12-45.el7cp
  • libradosstriper1-2:12.2.12-45.el7cp
  • librbd-devel-2:12.2.12-45.el7cp
  • librbd1-2:12.2.12-45.el7cp
  • librgw-devel-2:12.2.12-45.el7cp
  • librgw2-2:12.2.12-45.el7cp
  • nfs-ganesha-0:2.7.4-10.el7cp
  • nfs-ganesha-ceph-0:2.7.4-10.el7cp
  • nfs-ganesha-debuginfo-0:2.7.4-10.el7cp
  • nfs-ganesha-rgw-0:2.7.4-10.el7cp
  • python-cephfs-2:12.2.12-45.el7cp
  • python-crypto-debuginfo-0:2.6.1-16.el7ost
  • python-rados-2:12.2.12-45.el7cp
  • python-rbd-2:12.2.12-45.el7cp
  • python-rgw-2:12.2.12-45.el7cp
  • python2-crypto-0:2.6.1-16.el7ost
  • rbd-mirror-2:12.2.12-45.el7cp