Vulnerabilities > CVE-2019-3816
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server.
Vulnerable Configurations
Nessus
NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0061_OPENWSMAN.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openwsman packages installed that are affected by a vulnerability: - Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server. (CVE-2019-3816) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127254 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127254 title NewStart CGSL CORE 5.04 / MAIN 5.04 : openwsman Vulnerability (NS-SA-2019-0061) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from ZTE advisory NS-SA-2019-0061. The text # itself is copyright (C) ZTE, Inc. include("compat.inc"); if (description) { script_id(127254); script_version("1.2"); script_cvs_date("Date: 2019/10/17 14:31:04"); script_cve_id("CVE-2019-3816"); script_bugtraq_id(107368); script_name(english:"NewStart CGSL CORE 5.04 / MAIN 5.04 : openwsman Vulnerability (NS-SA-2019-0061)"); script_set_attribute(attribute:"synopsis", value: "The remote machine is affected by a vulnerability."); script_set_attribute(attribute:"description", value: "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openwsman packages installed that are affected by a vulnerability: - Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server. (CVE-2019-3816) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"http://security.gd-linux.com/notice/NS-SA-2019-0061"); script_set_attribute(attribute:"solution", value: "Upgrade the vulnerable CGSL openwsman packages. Note that updated packages may not be available yet. Please contact ZTE for more information."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3816"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/14"); script_set_attribute(attribute:"patch_publication_date", value:"2019/07/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12"); script_set_attribute(attribute:"plugin_type", value:"local"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"NewStart CGSL Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/ZTE-CGSL/release"); if (isnull(release) || release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, "NewStart Carrier Grade Server Linux"); if (release !~ "CGSL CORE 5.04" && release !~ "CGSL MAIN 5.04") audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04'); if (!get_kb_item("Host/ZTE-CGSL/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "NewStart Carrier Grade Server Linux", cpu); flag = 0; pkgs = { "CGSL CORE 5.04": [ "libwsman-devel-2.6.3-6.git4391e5c.el7_6", "libwsman1-2.6.3-6.git4391e5c.el7_6", "openwsman-client-2.6.3-6.git4391e5c.el7_6", "openwsman-debuginfo-2.6.3-6.git4391e5c.el7_6", "openwsman-perl-2.6.3-6.git4391e5c.el7_6", "openwsman-python-2.6.3-6.git4391e5c.el7_6", "openwsman-ruby-2.6.3-6.git4391e5c.el7_6", "openwsman-server-2.6.3-6.git4391e5c.el7_6" ], "CGSL MAIN 5.04": [ "libwsman-devel-2.6.3-6.git4391e5c.el7_6", "libwsman1-2.6.3-6.git4391e5c.el7_6", "openwsman-client-2.6.3-6.git4391e5c.el7_6", "openwsman-debuginfo-2.6.3-6.git4391e5c.el7_6", "openwsman-perl-2.6.3-6.git4391e5c.el7_6", "openwsman-python-2.6.3-6.git4391e5c.el7_6", "openwsman-ruby-2.6.3-6.git4391e5c.el7_6", "openwsman-server-2.6.3-6.git4391e5c.el7_6" ] }; pkg_list = pkgs[release]; foreach (pkg in pkg_list) if (rpm_check(release:"ZTE " + release, reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openwsman"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-1111.NASL description This update for openwsman fixes the following issues : Security issues fixed : - CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure (bsc#1122623). - CVE-2019-3833: Fixed a vulnerability in process_connection() which could allow an attacker to trigger an infinite loop which leads to Denial of Service (bsc#1122623). Other issues addressed : - Added OpenSSL 1.1 compatibility - Compilation in debug mode fixed - Directory listing without authentication fixed (bsc#1092206). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 123658 published 2019-04-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123658 title openSUSE Security Update : openwsman (openSUSE-2019-1111) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-1111. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(123658); script_version("1.2"); script_cvs_date("Date: 2020/01/27"); script_cve_id("CVE-2019-3816", "CVE-2019-3833"); script_name(english:"openSUSE Security Update : openwsman (openSUSE-2019-1111)"); script_summary(english:"Check for the openSUSE-2019-1111 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for openwsman fixes the following issues : Security issues fixed : - CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure (bsc#1122623). - CVE-2019-3833: Fixed a vulnerability in process_connection() which could allow an attacker to trigger an infinite loop which leads to Denial of Service (bsc#1122623). Other issues addressed : - Added OpenSSL 1.1 compatibility - Compilation in debug mode fixed - Directory listing without authentication fixed (bsc#1092206). This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1092206" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1122623" ); script_set_attribute( attribute:"solution", value:"Update the affected openwsman packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwsman-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwsman3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwsman3-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwsman_clientpp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwsman_clientpp1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwsman_clientpp1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openwsman-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openwsman-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openwsman-java"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openwsman-perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openwsman-perl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openwsman-ruby"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openwsman-ruby-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openwsman-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openwsman-server-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openwsman-server-plugin-ruby"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openwsman-server-plugin-ruby-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-openwsman"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-openwsman-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:winrs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/14"); script_set_attribute(attribute:"patch_publication_date", value:"2019/04/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/03"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"libwsman-devel-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libwsman3-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libwsman3-debuginfo-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libwsman_clientpp-devel-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libwsman_clientpp1-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libwsman_clientpp1-debuginfo-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"openwsman-debuginfo-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"openwsman-debugsource-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"openwsman-java-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"openwsman-perl-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"openwsman-perl-debuginfo-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"openwsman-ruby-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"openwsman-ruby-debuginfo-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"openwsman-server-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"openwsman-server-debuginfo-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"openwsman-server-plugin-ruby-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"openwsman-server-plugin-ruby-debuginfo-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python3-openwsman-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python3-openwsman-debuginfo-2.6.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"winrs-2.6.7-lp150.2.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libwsman-devel / libwsman3 / libwsman3-debuginfo / etc"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-1217.NASL description This update for openwsman fixes the following issues : Security issues fixed : - CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure (bsc#1122623). - CVE-2019-3833: Fixed a vulnerability in process_connection() which could allow an attacker to trigger an infinite loop which leads to Denial of Service (bsc#1122623). Other issues addressed : - Directory listing without authentication fixed (bsc#1092206). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 124108 published 2019-04-17 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124108 title openSUSE Security Update : openwsman (openSUSE-2019-1217) NASL family Amazon Linux Local Security Checks NASL id AL2_ALAS-2019-1196.NASL description Earlier versions of Openwsman are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server. (CVE-2019-3816) last seen 2020-06-01 modified 2020-06-02 plugin id 124302 published 2019-04-26 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124302 title Amazon Linux 2 : openwsman (ALAS-2019-1196) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-0972.NASL description An update for openwsman is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Openwsman is a project intended to provide an open source implementation of the Web Services Management specification (WS-Management) and to expose system management information on the Linux operating system using the WS-Management protocol. WS-Management is based on a suite of web services specifications and usage requirements that cover all system management aspects. Security Fix(es) : * openwsman: Disclosure of arbitrary files outside of the registered URIs (CVE-2019-3816) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 124665 published 2019-05-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124665 title RHEL 8 : openwsman (RHSA-2019:0972) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2019-0638.NASL description An update for openwsman is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Openwsman is a project intended to provide an open source implementation of the Web Services Management specification (WS-Management) and to expose system management information on the Linux operating system using the WS-Management protocol. WS-Management is based on a suite of web services specifications and usage requirements that cover all system management aspects. Security Fix(es) : * openwsman: Disclosure of arbitrary files outside of the registered URIs (CVE-2019-3816) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 124414 published 2019-05-01 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124414 title CentOS 7 : openwsman (CESA-2019:0638) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-13981-1.NASL description This update for openwsman fixes the following issues : Security issues fixed : CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure (bsc#1122623). CVE-2019-3833: Fixed a vulnerability in process_connection() which could allow an attacker to trigger an infinite loop which leads to Denial of Service (bsc#1122623). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 122945 published 2019-03-19 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122945 title SUSE SLES11 Security Update : openwsman (SUSE-SU-2019:13981-1) NASL family Fedora Local Security Checks NASL id FEDORA_2019-348166F7FD.NASL description Security fixes for CVE-2019-3816 and CVE-2019-3833 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 123473 published 2019-03-29 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123473 title Fedora 28 : openwsman (2019-348166f7fd) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1329.NASL description According to the version of the openwsman packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server. (CVE-2019-3816) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2019-05-06 plugin id 124615 published 2019-05-06 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124615 title EulerOS 2.0 SP2 : openwsman (EulerOS-SA-2019-1329) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1331.NASL description According to the version of the openwsman packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server. (CVE-2019-3816) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2019-05-06 plugin id 124617 published 2019-05-06 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124617 title EulerOS 2.0 SP5 : openwsman (EulerOS-SA-2019-1331) NASL family Scientific Linux Local Security Checks NASL id SL_20190326_OPENWSMAN_ON_SL7_X.NASL description Security Fix(es) : - openwsman: Disclosure of arbitrary files outside of the registered URIs (CVE-2019-3816) last seen 2020-03-18 modified 2019-03-27 plugin id 123147 published 2019-03-27 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123147 title Scientific Linux Security Update : openwsman on SL7.x x86_64 (20190326) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1330.NASL description According to the version of the openwsman packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server. (CVE-2019-3816) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2019-05-06 plugin id 124616 published 2019-05-06 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124616 title EulerOS 2.0 SP3 : openwsman (EulerOS-SA-2019-1330) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-0656-1.NASL description This update for openwsman fixes the following issues : Security issues fixed : CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure (bsc#1122623). CVE-2019-3833: Fixed a vulnerability in process_connection() which could allow an attacker to trigger an infinite loop which leads to Denial of Service (bsc#1122623). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 122998 published 2019-03-21 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122998 title SUSE SLED12 / SLES12 Security Update : openwsman (SUSE-SU-2019:0656-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2019-0638.NASL description From Red Hat Security Advisory 2019:0638 : An update for openwsman is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Openwsman is a project intended to provide an open source implementation of the Web Services Management specification (WS-Management) and to expose system management information on the Linux operating system using the WS-Management protocol. WS-Management is based on a suite of web services specifications and usage requirements that cover all system management aspects. Security Fix(es) : * openwsman: Disclosure of arbitrary files outside of the registered URIs (CVE-2019-3816) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 123122 published 2019-03-26 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123122 title Oracle Linux 7 : openwsman (ELSA-2019-0638) NASL family Fedora Local Security Checks NASL id FEDORA_2019-AF0CD1B8F7.NASL description Security fixes for CVE-2019-3816 and CVE-2019-3833 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 124531 published 2019-05-02 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124531 title Fedora 30 : openwsman (2019-af0cd1b8f7) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-0638.NASL description An update for openwsman is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Openwsman is a project intended to provide an open source implementation of the Web Services Management specification (WS-Management) and to expose system management information on the Linux operating system using the WS-Management protocol. WS-Management is based on a suite of web services specifications and usage requirements that cover all system management aspects. Security Fix(es) : * openwsman: Disclosure of arbitrary files outside of the registered URIs (CVE-2019-3816) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 123123 published 2019-03-26 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123123 title RHEL 7 : openwsman (RHSA-2019:0638) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-0654-1.NASL description This update for openwsman fixes the following issues : Security issues fixed : CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure (bsc#1122623). CVE-2019-3833: Fixed a vulnerability in process_connection() which could allow an attacker to trigger an infinite loop which leads to Denial of Service (bsc#1122623). Other issues addressed: Added OpenSSL 1.1 compatibility Compilation in debug mode fixed Directory listing without authentication fixed (bsc#1092206). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 122996 published 2019-03-21 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122996 title SUSE SLED15 / SLES15 Security Update : openwsman (SUSE-SU-2019:0654-1)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://bugzilla.suse.com/show_bug.cgi?id=1122623
- http://bugzilla.suse.com/show_bug.cgi?id=1122623
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00065.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00065.html
- http://www.securityfocus.com/bid/107368
- http://www.securityfocus.com/bid/107368
- http://www.securityfocus.com/bid/107409
- http://www.securityfocus.com/bid/107409
- https://access.redhat.com/errata/RHSA-2019:0638
- https://access.redhat.com/errata/RHSA-2019:0638
- https://access.redhat.com/errata/RHSA-2019:0972
- https://access.redhat.com/errata/RHSA-2019:0972
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3816
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3816
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V5HJ355RSKMFQ7GRJAHRZNDVXASF7TA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V5HJ355RSKMFQ7GRJAHRZNDVXASF7TA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B2HEZ7D7GF3HDF36JLGYXIK5URR66DS4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B2HEZ7D7GF3HDF36JLGYXIK5URR66DS4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CXQP7UDPRZIZ4LM7FEJCTC2EDUYVOR2J/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CXQP7UDPRZIZ4LM7FEJCTC2EDUYVOR2J/