Vulnerabilities > CVE-2019-17531 - Deserialization of Untrusted Data vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0160.NASL description An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es) : * undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888) * jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI last seen 2020-06-01 modified 2020-06-02 plugin id 133157 published 2020-01-22 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133157 title RHEL 7 : JBoss EAP (RHSA-2020:0160) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:0160. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(133157); script_version("1.2"); script_cvs_date("Date: 2020/01/24"); script_cve_id("CVE-2019-10219", "CVE-2019-14540", "CVE-2019-14885", "CVE-2019-14888", "CVE-2019-14892", "CVE-2019-14893", "CVE-2019-16335", "CVE-2019-16869", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17267", "CVE-2019-17531"); script_xref(name:"RHSA", value:"2020:0160"); script_name(english:"RHEL 7 : JBoss EAP (RHSA-2020:0160)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es) : * undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888) * jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885) * netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869) * jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariConfig (CVE-2019-14540) * jackson-databind: Serialization gadgets in classes of the commons-dbcp package (CVE-2019-16942) * jackson-databind: Serialization gadgets in classes of the commons-configuration package (CVE-2019-14892) * jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariDataSource (CVE-2019-16335) * jackson-databind: Serialization gadgets in classes of the p6spy package (CVE-2019-16943) * jackson-databind: polymorphic typing issue when enabling default typing for an externally exposed JSON endpoint and having apache-log4j-extra in the classpath leads to code execution (CVE-2019-17531) * jackson-databind: Serialization gadgets in classes of the xalan package (CVE-2019-14893) * hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219) * jackson-databind: Serialization gadgets in classes of the ehcache package (CVE-2019-17267)" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/documentation/en-us/" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:0160" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-10219" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14540" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14885" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14888" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14892" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14893" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16335" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16869" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16942" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16943" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-17267" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-17531" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-rt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-services"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator-cdi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-annotations"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-dataformats-binary"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-dataformats-text"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jdk8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jsr310"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-java8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jberet"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jberet-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jsf-api_2.3_spec"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-netty"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-netty-all"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-undertow"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-undertow-jastow"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-web"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk11"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-java-jdk8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/15"); script_set_attribute(attribute:"patch_publication_date", value:"2020/01/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2020:0160"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (! (rpm_exists(release:"RHEL7", rpm:"eap7-jboss"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "JBoss EAP"); if (rpm_check(release:"RHEL7", reference:"eap7-apache-cxf-3.2.11-1.redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-apache-cxf-rt-3.2.11-1.redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-apache-cxf-services-3.2.11-1.redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-apache-cxf-tools-3.2.11-1.redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-glassfish-jsf-2.3.5-6.SP3_redhat_00004.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-hal-console-3.0.19-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-hibernate-5.3.14-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-hibernate-core-5.3.14-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-hibernate-entitymanager-5.3.14-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-hibernate-envers-5.3.14-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-hibernate-java8-5.3.14-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-hibernate-validator-6.0.18-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-hibernate-validator-cdi-6.0.18-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jackson-annotations-2.9.10-1.redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jackson-core-2.9.10-1.redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jackson-databind-2.9.10.1-1.redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jackson-dataformats-binary-2.9.10-1.redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jackson-dataformats-text-2.9.10-1.redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jackson-datatype-jdk8-2.9.10-1.redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jackson-datatype-jsr310-2.9.10-1.redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jackson-jaxrs-base-2.9.10-1.redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jackson-jaxrs-json-provider-2.9.10-1.redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jackson-module-jaxb-annotations-2.9.10-2.redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jackson-modules-base-2.9.10-2.redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jackson-modules-java8-2.9.10-1.redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jberet-1.3.5-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jberet-core-1.3.5-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-ejb-client-4.0.27-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-jsf-api_2.3_spec-2.3.5-3.SP2_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-cli-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-core-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-eap6.4-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-eap6.4-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-eap7.0-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-eap7.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-eap7.1-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-eap7.1-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-eap7.2-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly10.0-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly10.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly10.1-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly10.1-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly11.0-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly11.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly12.0-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly12.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly13.0-server-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly14.0-server-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly8.2-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly8.2-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly9.0-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-server-migration-wildfly9.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-jboss-xnio-base-3.7.6-3.SP2_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-netty-4.1.42-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-netty-all-4.1.42-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-picketlink-bindings-2.5.5-21.SP12_redhat_00010.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-picketlink-wildfly8-2.5.5-21.SP12_redhat_00010.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-undertow-2.0.28-2.SP1_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-undertow-jastow-2.0.8-1.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-weld-core-3.0.6-3.Final_redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-weld-core-impl-3.0.6-3.Final_redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-weld-core-jsf-3.0.6-3.Final_redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-weld-ejb-3.0.6-3.Final_redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-weld-jta-3.0.6-3.Final_redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-weld-probe-core-3.0.6-3.Final_redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-weld-web-3.0.6-3.Final_redhat_00003.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-wildfly-7.2.6-5.GA_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-wildfly-http-client-common-1.0.18-2.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-wildfly-http-ejb-client-1.0.18-2.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-wildfly-http-naming-client-1.0.18-2.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-wildfly-http-transaction-client-1.0.18-2.Final_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-wildfly-java-jdk11-7.2.6-5.GA_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-wildfly-java-jdk8-7.2.6-5.GA_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-wildfly-javadocs-7.2.6-5.GA_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-wildfly-modules-7.2.6-5.GA_redhat_00001.1.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"eap7-wildfly-transaction-client-1.1.8-1.Final_redhat_00001.1.el7")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "eap7-apache-cxf / eap7-apache-cxf-rt / eap7-apache-cxf-services / etc"); } }NASL family Debian Local Security Checks NASL id DEBIAN_DLA-2030.NASL description More deserialization flaws were discovered in jackson-databind which could allow an unauthenticated user to perform remote code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization. For Debian 8 last seen 2020-06-01 modified 2020-06-02 plugin id 131963 published 2019-12-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131963 title Debian DLA-2030-1 : jackson-databind security update code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DLA-2030-1. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(131963); script_version("1.2"); script_cvs_date("Date: 2019/12/16"); script_cve_id("CVE-2019-17267", "CVE-2019-17531"); script_name(english:"Debian DLA-2030-1 : jackson-databind security update"); script_summary(english:"Checks dpkg output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security update." ); script_set_attribute( attribute:"description", value: "More deserialization flaws were discovered in jackson-databind which could allow an unauthenticated user to perform remote code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization. For Debian 8 'Jessie', these problems have been fixed in version 2.4.2-2+deb8u10. We recommend that you upgrade your jackson-databind packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/jessie/jackson-databind" ); script_set_attribute(attribute:"solution", value:"Upgrade the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libjackson2-databind-java"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/10/07"); script_set_attribute(attribute:"patch_publication_date", value:"2019/12/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"8.0", prefix:"libjackson2-databind-java", reference:"2.4.2-2+deb8u10")) flag++; if (deb_check(release:"8.0", prefix:"libjackson2-databind-java-doc", reference:"2.4.2-2+deb8u10")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0159.NASL description An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es) : * undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888) * jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI last seen 2020-06-01 modified 2020-06-02 plugin id 133156 published 2020-01-22 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133156 title RHEL 6 : JBoss EAP (RHSA-2020:0159) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:0159. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(133156); script_version("1.2"); script_cvs_date("Date: 2020/01/24"); script_cve_id("CVE-2019-10219", "CVE-2019-14540", "CVE-2019-14885", "CVE-2019-14888", "CVE-2019-14892", "CVE-2019-14893", "CVE-2019-16335", "CVE-2019-16869", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17267", "CVE-2019-17531"); script_xref(name:"RHSA", value:"2020:0159"); script_name(english:"RHEL 6 : JBoss EAP (RHSA-2020:0159)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es) : * undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888) * jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885) * netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869) * jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariConfig (CVE-2019-14540) * jackson-databind: Serialization gadgets in classes of the commons-dbcp package (CVE-2019-16942) * jackson-databind: Serialization gadgets in classes of the commons-configuration package (CVE-2019-14892) * jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariDataSource (CVE-2019-16335) * jackson-databind: Serialization gadgets in classes of the p6spy package (CVE-2019-16943) * jackson-databind: polymorphic typing issue when enabling default typing for an externally exposed JSON endpoint and having apache-log4j-extra in the classpath leads to code execution (CVE-2019-17531) * jackson-databind: Serialization gadgets in classes of the xalan package (CVE-2019-14893) * hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219) * jackson-databind: Serialization gadgets in classes of the ehcache package (CVE-2019-17267)" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/documentation/en-us/" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:0159" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-10219" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14540" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14885" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14888" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14892" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14893" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16335" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16869" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16942" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16943" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-17267" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-17531" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-rt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-services"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator-cdi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-annotations"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-dataformats-binary"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-dataformats-text"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jdk8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jsr310"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-java8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jberet"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jberet-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jsf-api_2.3_spec"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-netty"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-netty-all"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-undertow"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-undertow-jastow"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-web"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/15"); script_set_attribute(attribute:"patch_publication_date", value:"2020/01/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2020:0159"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (! (rpm_exists(release:"RHEL6", rpm:"eap7-jboss"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "JBoss EAP"); if (rpm_check(release:"RHEL6", reference:"eap7-apache-cxf-3.2.11-1.redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-apache-cxf-rt-3.2.11-1.redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-apache-cxf-services-3.2.11-1.redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-apache-cxf-tools-3.2.11-1.redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-glassfish-jsf-2.3.5-6.SP3_redhat_00004.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-hal-console-3.0.19-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-hibernate-5.3.14-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-hibernate-core-5.3.14-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-hibernate-entitymanager-5.3.14-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-hibernate-envers-5.3.14-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-hibernate-java8-5.3.14-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-hibernate-validator-6.0.18-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-hibernate-validator-cdi-6.0.18-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jackson-annotations-2.9.10-1.redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jackson-core-2.9.10-1.redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jackson-databind-2.9.10.1-1.redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jackson-dataformats-binary-2.9.10-1.redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jackson-dataformats-text-2.9.10-1.redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jackson-datatype-jdk8-2.9.10-1.redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jackson-datatype-jsr310-2.9.10-1.redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jackson-jaxrs-base-2.9.10-1.redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jackson-jaxrs-json-provider-2.9.10-1.redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jackson-module-jaxb-annotations-2.9.10-2.redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jackson-modules-base-2.9.10-2.redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jackson-modules-java8-2.9.10-1.redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jberet-1.3.5-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jberet-core-1.3.5-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-ejb-client-4.0.27-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-jsf-api_2.3_spec-2.3.5-3.SP2_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-cli-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-core-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-eap6.4-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-eap6.4-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-eap7.0-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-eap7.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-eap7.1-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-eap7.1-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-eap7.2-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly10.0-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly10.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly10.1-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly10.1-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly11.0-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly11.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly12.0-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly12.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly13.0-server-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly14.0-server-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly8.2-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly8.2-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly9.0-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-server-migration-wildfly9.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-jboss-xnio-base-3.7.6-3.SP2_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-netty-4.1.42-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-netty-all-4.1.42-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-picketlink-bindings-2.5.5-21.SP12_redhat_00010.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-picketlink-wildfly8-2.5.5-21.SP12_redhat_00010.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-undertow-2.0.28-2.SP1_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-undertow-jastow-2.0.8-1.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-weld-core-3.0.6-3.Final_redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-weld-core-impl-3.0.6-3.Final_redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-weld-core-jsf-3.0.6-3.Final_redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-weld-ejb-3.0.6-3.Final_redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-weld-jta-3.0.6-3.Final_redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-weld-probe-core-3.0.6-3.Final_redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-weld-web-3.0.6-3.Final_redhat_00003.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-wildfly-7.2.6-5.GA_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-wildfly-http-client-common-1.0.18-2.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-wildfly-http-ejb-client-1.0.18-2.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-wildfly-http-naming-client-1.0.18-2.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-wildfly-http-transaction-client-1.0.18-2.Final_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-wildfly-javadocs-7.2.6-5.GA_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-wildfly-modules-7.2.6-5.GA_redhat_00001.1.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"eap7-wildfly-transaction-client-1.1.8-1.Final_redhat_00001.1.el6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "eap7-apache-cxf / eap7-apache-cxf-rt / eap7-apache-cxf-services / etc"); } }NASL family CGI abuses NASL id ORACLE_PRIMAVERA_GATEWAY_CPU_APR_2020.NASL description The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by the following vulnerabilities as referenced in the April 2020 CPU advisory: - In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. However, this characteristic of the PropertyUtilsBean was not used by default. (CVE-2019-10086) - The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress. (CVE-2019-12402) - A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling. (CVE-2019-16943) - Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass. (CVE-2019-17195) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-05-08 modified 2020-04-15 plugin id 135583 published 2020-04-15 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135583 title Oracle Primavera Gateway (Apr 2020 CPU) code # # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(135583); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/06"); script_cve_id( "CVE-2019-10086", "CVE-2019-12402", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17195", "CVE-2019-17531" ); script_xref(name:"IAVA", value:"2020-A-0140"); script_name(english:"Oracle Primavera Gateway (Apr 2020 CPU)"); script_set_attribute(attribute:"synopsis", value: "The remote host is affected by multiple vulnerabilities"); script_set_attribute(attribute:"description", value: "The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by the following vulnerabilities as referenced in the April 2020 CPU advisory: - In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. However, this characteristic of the PropertyUtilsBean was not used by default. (CVE-2019-10086) - The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress. (CVE-2019-12402) - A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling. (CVE-2019-16943) - Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass. (CVE-2019-17195) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuapr2020.html"); script_set_attribute(attribute:"solution", value: "Apply the appropriate patch according to the April 2020 Oracle Critical Patch Update advisory."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-16943"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/14"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/15"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"x-cpe:/a:oracle:primavera_gateway"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CGI abuses"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("oracle_primavera_gateway.nbin"); script_require_keys("installed_sw/Oracle Primavera Gateway"); script_require_ports("Services/www", 8006); exit(0); } include('http.inc'); include('vcf.inc'); get_install_count(app_name:'Oracle Primavera Gateway', exit_if_zero:TRUE); port = get_http_port(default:8006); app_info = vcf::get_app_info(app:'Oracle Primavera Gateway', port:port); vcf::check_granularity(app_info:app_info, sig_segments:2); constraints = [ { 'min_version' : '16.2.0', 'max_version' : '16.2.11', 'fixed_display' : 'Upgrade to the latest version or contact customer support for more information.' }, { 'min_version' : '17.12.0', 'fixed_version' : '17.12.7' }, { 'min_version' : '18.8.0', 'fixed_version' : '18.8.8.9' }, { 'min_version' : '19.12.0', 'fixed_version' : '19.12.4' } ]; vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0161.NASL description An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es) : * undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888) * jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI last seen 2020-06-01 modified 2020-06-02 plugin id 133158 published 2020-01-22 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133158 title RHEL 8 : JBoss EAP (RHSA-2020:0161) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:0161. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(133158); script_version("1.2"); script_cvs_date("Date: 2020/01/24"); script_cve_id("CVE-2019-10219", "CVE-2019-14540", "CVE-2019-14885", "CVE-2019-14888", "CVE-2019-14892", "CVE-2019-14893", "CVE-2019-16335", "CVE-2019-16869", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17267", "CVE-2019-17531"); script_xref(name:"RHSA", value:"2020:0161"); script_name(english:"RHEL 8 : JBoss EAP (RHSA-2020:0161)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es) : * undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888) * jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885) * netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869) * jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariConfig (CVE-2019-14540) * jackson-databind: Serialization gadgets in classes of the commons-dbcp package (CVE-2019-16942) * jackson-databind: Serialization gadgets in classes of the commons-configuration package (CVE-2019-14892) * jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariDataSource (CVE-2019-16335) * jackson-databind: Serialization gadgets in classes of the p6spy package (CVE-2019-16943) * jackson-databind: polymorphic typing issue when enabling default typing for an externally exposed JSON endpoint and having apache-log4j-extra in the classpath leads to code execution (CVE-2019-17531) * jackson-databind: Serialization gadgets in classes of the xalan package (CVE-2019-14893) * hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219) * jackson-databind: Serialization gadgets in classes of the ehcache package (CVE-2019-17267)" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:0161" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-10219" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14540" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14885" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14888" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14892" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14893" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16335" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16869" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16942" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-16943" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-17267" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-17531" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-rt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-services"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hal-console"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-validator-cdi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-annotations"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-dataformats-binary"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-dataformats-text"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jdk8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jsr310"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-java8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jberet"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jberet-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jsf-api_2.3_spec"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0-to-eap7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jboss-xnio-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-netty"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-netty-all"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-undertow"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-undertow-jastow"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-weld-web"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/15"); script_set_attribute(attribute:"patch_publication_date", value:"2020/01/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 8.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2020:0161"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (! (rpm_exists(release:"RHEL8", rpm:"eap7-jboss"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "JBoss EAP"); if (rpm_check(release:"RHEL8", reference:"eap7-apache-cxf-3.2.11-1.redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-apache-cxf-rt-3.2.11-1.redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-apache-cxf-services-3.2.11-1.redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-apache-cxf-tools-3.2.11-1.redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-glassfish-jsf-2.3.5-6.SP3_redhat_00004.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-hal-console-3.0.19-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-hibernate-5.3.14-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-hibernate-core-5.3.14-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-hibernate-entitymanager-5.3.14-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-hibernate-envers-5.3.14-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-hibernate-java8-5.3.14-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-hibernate-validator-6.0.18-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-hibernate-validator-cdi-6.0.18-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jackson-annotations-2.9.10-1.redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jackson-core-2.9.10-1.redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jackson-databind-2.9.10.1-1.redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jackson-dataformats-binary-2.9.10-1.redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jackson-dataformats-text-2.9.10-1.redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jackson-datatype-jdk8-2.9.10-1.redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jackson-datatype-jsr310-2.9.10-1.redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jackson-jaxrs-base-2.9.10-1.redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jackson-jaxrs-json-provider-2.9.10-1.redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jackson-module-jaxb-annotations-2.9.10-2.redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jackson-modules-base-2.9.10-2.redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jackson-modules-java8-2.9.10-1.redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jberet-1.3.5-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jberet-core-1.3.5-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-ejb-client-4.0.27-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-jsf-api_2.3_spec-2.3.5-3.SP2_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-cli-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-core-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-eap6.4-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-eap6.4-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-eap7.0-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-eap7.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-eap7.1-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-eap7.1-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-eap7.2-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly10.0-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly10.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly10.1-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly10.1-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly11.0-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly11.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly12.0-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly12.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly13.0-server-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly14.0-server-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly8.2-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly8.2-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly9.0-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-server-migration-wildfly9.0-to-eap7.2-1.3.1-7.Final_redhat_00007.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-jboss-xnio-base-3.7.6-3.SP2_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-netty-4.1.42-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-netty-all-4.1.42-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-picketlink-bindings-2.5.5-21.SP12_redhat_00010.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-picketlink-wildfly8-2.5.5-21.SP12_redhat_00010.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-undertow-2.0.28-2.SP1_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-undertow-jastow-2.0.8-1.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-weld-core-3.0.6-3.Final_redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-weld-core-impl-3.0.6-3.Final_redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-weld-core-jsf-3.0.6-3.Final_redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-weld-ejb-3.0.6-3.Final_redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-weld-jta-3.0.6-3.Final_redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-weld-probe-core-3.0.6-3.Final_redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-weld-web-3.0.6-3.Final_redhat_00003.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-wildfly-7.2.6-5.GA_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-wildfly-http-client-common-1.0.18-2.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-wildfly-http-ejb-client-1.0.18-2.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-wildfly-http-naming-client-1.0.18-2.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-wildfly-http-transaction-client-1.0.18-2.Final_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-wildfly-javadocs-7.2.6-5.GA_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-wildfly-modules-7.2.6-5.GA_redhat_00001.1.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"eap7-wildfly-transaction-client-1.1.8-1.Final_redhat_00001.1.el8")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "eap7-apache-cxf / eap7-apache-cxf-rt / eap7-apache-cxf-services / etc"); } }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1644.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1644 advisory. - jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig (CVE-2019-14540) - jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource (CVE-2019-16335) - jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* (CVE-2019-16942) - jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource (CVE-2019-16943) - jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* (CVE-2019-17531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-05-21 modified 2020-04-28 plugin id 136041 published 2020-04-28 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136041 title RHEL 8 : pki-core:10.6 and pki-deps:10.6 (RHSA-2020:1644) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:1644. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(136041); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/20"); script_cve_id( "CVE-2019-14540", "CVE-2019-16335", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17531" ); script_xref(name:"RHSA", value:"2020:1644"); script_name(english:"RHEL 8 : pki-core:10.6 and pki-deps:10.6 (RHSA-2020:1644)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing one or more security updates."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1644 advisory. - jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig (CVE-2019-14540) - jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource (CVE-2019-16335) - jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* (CVE-2019-16942) - jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource (CVE-2019-16943) - jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* (CVE-2019-17531) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/502.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/200.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/502.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/200.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/502.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/200.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/502.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/200.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/20.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1644"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-14540"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-16335"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-16942"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-16943"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-17531"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1755831"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1755849"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1758187"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1758191"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1775293"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-17531"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_cwe_id(20, 200, 502); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/15"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/28"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:enterprise_linux:8"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:enterprise_linux:8::appstream"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-lang"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bea-stax-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glassfish-fastinfoset"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-runtime"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-txw2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jackson-annotations"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jackson-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jackson-databind"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jackson-jaxrs-json-provider"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jackson-jaxrs-providers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jackson-module-jaxb-annotations"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:javassist"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:javassist-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jss-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jss-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ldapjdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ldapjdk-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pki-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pki-base-java"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pki-ca"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pki-core-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pki-kra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pki-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pki-servlet-4.0-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pki-servlet-engine"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pki-symkey"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pki-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-nss-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-nss-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-nss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-pki"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:relaxngDatatype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:resteasy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:slf4j"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:slf4j-jdk14"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:stax-ex"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcatjss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:velocity"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xalan-j2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xerces-j2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xml-commons-apis"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xml-commons-resolver"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xmlstreambuffer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xsom"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); appstreams = { 'pki-deps:10.6': [ {'reference':'apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25', 'release':'8'}, {'reference':'jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25', 'release':'8'}, {'reference':'jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25', 'release':'8'}, {'reference':'jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d', 'release':'8'}, {'reference':'jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d', 'release':'8'}, {'reference':'jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c', 'release':'8', 'epoch':'1'}, {'reference':'javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'pki-servlet-4.0-api-9.0.7-16.module+el8.1.0+3366+6dfb954c', 'release':'8', 'epoch':'1'}, {'reference':'pki-servlet-engine-9.0.7-16.module+el8.1.0+3366+6dfb954c', 'release':'8', 'epoch':'1'}, {'reference':'python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c', 'cpu':'aarch64', 'release':'8'}, {'reference':'python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c', 'cpu':'s390x', 'release':'8'}, {'reference':'python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c', 'cpu':'x86_64', 'release':'8'}, {'reference':'python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c', 'cpu':'aarch64', 'release':'8'}, {'reference':'python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c', 'cpu':'s390x', 'release':'8'}, {'reference':'python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c', 'cpu':'x86_64', 'release':'8'}, {'reference':'python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c', 'cpu':'aarch64', 'release':'8'}, {'reference':'python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c', 'cpu':'s390x', 'release':'8'}, {'reference':'python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c', 'cpu':'x86_64', 'release':'8'}, {'reference':'relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'resteasy-3.0.26-3.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'stax-ex-1.7.7-8.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'velocity-1.7-24.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'xmlstreambuffer-1.5.4-8.module+el8.1.0+3366+6dfb954c', 'release':'8'}, {'reference':'xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c', 'release':'8'} ], 'pki-core:10.6': [ {'reference':'jss-4.6.2-4.module+el8.2.0+6123+b4678599', 'cpu':'aarch64', 'release':'8'}, {'reference':'jss-4.6.2-4.module+el8.2.0+6123+b4678599', 'cpu':'s390x', 'release':'8'}, {'reference':'jss-4.6.2-4.module+el8.2.0+6123+b4678599', 'cpu':'x86_64', 'release':'8'}, {'reference':'jss-debugsource-4.6.2-4.module+el8.2.0+6123+b4678599', 'cpu':'aarch64', 'release':'8'}, {'reference':'jss-debugsource-4.6.2-4.module+el8.2.0+6123+b4678599', 'cpu':'s390x', 'release':'8'}, {'reference':'jss-debugsource-4.6.2-4.module+el8.2.0+6123+b4678599', 'cpu':'x86_64', 'release':'8'}, {'reference':'jss-javadoc-4.6.2-4.module+el8.2.0+6123+b4678599', 'cpu':'aarch64', 'release':'8'}, {'reference':'jss-javadoc-4.6.2-4.module+el8.2.0+6123+b4678599', 'cpu':'s390x', 'release':'8'}, {'reference':'jss-javadoc-4.6.2-4.module+el8.2.0+6123+b4678599', 'cpu':'x86_64', 'release':'8'}, {'reference':'ldapjdk-4.21.0-2.module+el8.2.0+4573+c3c38c7b', 'release':'8'}, {'reference':'ldapjdk-javadoc-4.21.0-2.module+el8.2.0+4573+c3c38c7b', 'release':'8'}, {'reference':'pki-base-10.8.3-1.module+el8.2.0+5925+bad5981a', 'release':'8'}, {'reference':'pki-base-java-10.8.3-1.module+el8.2.0+5925+bad5981a', 'release':'8'}, {'reference':'pki-ca-10.8.3-1.module+el8.2.0+5925+bad5981a', 'release':'8'}, {'reference':'pki-core-debugsource-10.8.3-1.module+el8.2.0+5925+bad5981a', 'cpu':'aarch64', 'release':'8'}, {'reference':'pki-core-debugsource-10.8.3-1.module+el8.2.0+5925+bad5981a', 'cpu':'s390x', 'release':'8'}, {'reference':'pki-core-debugsource-10.8.3-1.module+el8.2.0+5925+bad5981a', 'cpu':'x86_64', 'release':'8'}, {'reference':'pki-kra-10.8.3-1.module+el8.2.0+5925+bad5981a', 'release':'8'}, {'reference':'pki-server-10.8.3-1.module+el8.2.0+5925+bad5981a', 'release':'8'}, {'reference':'pki-symkey-10.8.3-1.module+el8.2.0+5925+bad5981a', 'cpu':'aarch64', 'release':'8'}, {'reference':'pki-symkey-10.8.3-1.module+el8.2.0+5925+bad5981a', 'cpu':'s390x', 'release':'8'}, {'reference':'pki-symkey-10.8.3-1.module+el8.2.0+5925+bad5981a', 'cpu':'x86_64', 'release':'8'}, {'reference':'pki-tools-10.8.3-1.module+el8.2.0+5925+bad5981a', 'cpu':'aarch64', 'release':'8'}, {'reference':'pki-tools-10.8.3-1.module+el8.2.0+5925+bad5981a', 'cpu':'s390x', 'release':'8'}, {'reference':'pki-tools-10.8.3-1.module+el8.2.0+5925+bad5981a', 'cpu':'x86_64', 'release':'8'}, {'reference':'python3-pki-10.8.3-1.module+el8.2.0+5925+bad5981a', 'release':'8'}, {'reference':'tomcatjss-7.4.1-2.module+el8.2.0+4573+c3c38c7b', 'release':'8'} ], }; flag = 0; appstreams_found = 0; foreach module (keys(appstreams)) { appstream = NULL; appstream_name = NULL; appstream_version = NULL; appstream_split = split(module, sep:':', keep:FALSE); if (!empty_or_null(appstream_split)) { appstream_name = appstream_split[0]; appstream_version = appstream_split[1]; appstream = get_kb_item('Host/RedHat/appstream/' + appstream_name); } if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') { appstreams_found++; foreach package_array ( appstreams[module] ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (reference && release) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++; } } } } if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module pki-core:10.6 / pki-deps:10.6'); if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache-commons-collections / apache-commons-lang / bea-stax-api / etc'); }
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- https://github.com/FasterXML/jackson-databind/issues/2498
- https://security.netapp.com/advisory/ntap-20191024-0005/
- https://access.redhat.com/errata/RHSA-2019:4192
- https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html
- https://www.oracle.com/security-alerts/cpujan2020.html
- https://access.redhat.com/errata/RHSA-2020:0164
- https://access.redhat.com/errata/RHSA-2020:0159
- https://access.redhat.com/errata/RHSA-2020:0160
- https://access.redhat.com/errata/RHSA-2020:0161
- https://access.redhat.com/errata/RHSA-2020:0445
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5%40%3Ccommits.pulsar.apache.org%3E
- https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f%40%3Ccommits.druid.apache.org%3E
- https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
- https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E