Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.ALA_ALAS-2019-1307.NASLHistoryOct 11, 2019 - 12:00 a.m.
Amazon Linux AMI : sssd (ALAS-2019-1307)
2019-10-1100:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
CVSS3
5.2
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
47.3%
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.(CVE-2018-16838)
A vulnerability was found in sssd where, if a user was configured with no home directory set, sssd would return ‘/’ (the root directory) instead of ‘’ (the empty string / no home directory). This could impact services that restrict the user’s filesystem access to within their home directory through chroot().(CVE-2019-3811)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1307.
#
include('compat.inc');
if (description)
{
script_id(129797);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/18");
script_cve_id("CVE-2018-16838", "CVE-2019-3811");
script_xref(name:"ALAS", value:"2019-1307");
script_name(english:"Amazon Linux AMI : sssd (ALAS-2019-1307)");
script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux AMI host is missing a security update.");
script_set_attribute(attribute:"description", value:
"A flaw was found in sssd Group Policy Objects implementation. When the
GPO is not readable by SSSD due to a too strict permission settings on
the server side, SSSD will allow all authenticated users to login
instead of denying access.(CVE-2018-16838)
A vulnerability was found in sssd where, if a user was configured with
no home directory set, sssd would return '/' (the root directory)
instead of '' (the empty string / no home directory). This could
impact services that restrict the user's filesystem access to within
their home directory through chroot().(CVE-2019-3811)");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2019-1307.html");
script_set_attribute(attribute:"solution", value:
"Run 'yum update sssd' to update your system.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-16838");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/15");
script_set_attribute(attribute:"patch_publication_date", value:"2019/10/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/11");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libipa_hbac");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libipa_hbac-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libsss_autofs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libsss_certmap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libsss_certmap-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libsss_idmap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libsss_idmap-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libsss_nss_idmap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libsss_nss_idmap-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libsss_simpleifp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libsss_simpleifp-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libsss_sudo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python27-libipa_hbac");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python27-libsss_nss_idmap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python27-sss");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python27-sss-murmur");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python27-sssdconfig");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-ad");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-common-pac");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-dbus");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-ipa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-krb5");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-krb5-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-ldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-libwbclient");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-libwbclient-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-proxy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:sssd-winbind-idmap");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Amazon Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (rpm_check(release:"ALA", reference:"libipa_hbac-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"libipa_hbac-devel-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"libsss_autofs-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"libsss_certmap-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"libsss_certmap-devel-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"libsss_idmap-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"libsss_idmap-devel-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"libsss_nss_idmap-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"libsss_nss_idmap-devel-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"libsss_simpleifp-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"libsss_simpleifp-devel-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"libsss_sudo-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"python27-libipa_hbac-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"python27-libsss_nss_idmap-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"python27-sss-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"python27-sss-murmur-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"python27-sssdconfig-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-ad-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-client-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-common-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-common-pac-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-dbus-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-debuginfo-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-ipa-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-krb5-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-krb5-common-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-ldap-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-libwbclient-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-libwbclient-devel-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-proxy-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-tools-1.16.4-21.25.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"sssd-winbind-idmap-1.16.4-21.25.amzn1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libipa_hbac / libipa_hbac-devel / libsss_autofs / libsss_certmap / etc");
}
Related
amazon
amazon
Medium: sssd
2019-10-08 21:07:00
Medium: sssd
2019-10-28 17:45:00
nessus
nessus
Oracle Linux 7 : sssd (ELSA-2019-2177)
2023-09-07 00:00:00
Scientific Linux Security Update : sssd on SL7.x x86_64 (20190806)
2019-08-27 00:00:00
oraclelinux
oraclelinux
sssd security, bug fix, and enhancement update
2019-08-13 00:00:00
sssd security, bug fix, and enhancement update
2019-11-14 00:00:00
redhat
redhat
(RHSA-2019:2177) Moderate: sssd security, bug fix, and enhancement update
2019-08-06 08:10:08
(RHSA-2019:3651) Low: sssd security, bug fix, and enhancement update
2019-11-05 18:11:07
(RHSA-2019:2437) Important: Red Hat Virtualization security update
2019-08-12 10:51:59
centos
centos
osv
osv
libipa_hbac-devel-2.9.3-2.1 on GA media
2024-06-15 00:00:00
sssd - security update
2023-05-29 00:00:00
sssd vulnerabilities
2021-09-08 11:40:23
openvas
openvas
Debian: Security Advisory (DLA-3436-1)
2023-05-30 00:00:00
Ubuntu: Security Advisory (USN-5067-1)
2021-09-09 00:00:00
openSUSE: Security Advisory for sssd (openSUSE-SU-2019:1589-1)
2019-06-20 00:00:00
ubuntu
ubuntu
SSSD vulnerabilities
2021-09-08 00:00:00
debian
debian
[SECURITY] [DLA 3436-1] sssd security update
2023-05-29 13:43:53
[SECURITY] [DLA 1635-1] sssd security update
2019-01-17 12:34:29
nvd
nvd
CVE-2018-16838
2019-03-25 18:29:00
CVE-2019-3811
2019-01-15 15:29:00
prion
prion
Design/Logic Flaw
2019-03-25 18:29:00
Design/Logic Flaw
2019-01-15 15:29:00
redhatcve
redhatcve
CVE-2018-16838
2019-02-04 09:20:11
CVE-2019-3811
2019-01-11 18:26:42
debiancve
debiancve
CVE-2018-16838
2019-03-25 18:29:00
CVE-2019-3811
2019-01-15 15:29:00
cve
cve
CVE-2018-16838
2019-03-25 18:29:00
CVE-2019-3811
2019-01-15 15:29:00
suse
suse
Security update for sssd (moderate)
2019-06-18 00:00:00
Security update for sssd (moderate)
2019-06-19 00:00:00
Recommended update for adcli, sssd (moderate)
2019-04-08 00:00:00
veracode
veracode
Improper Access Restriction
2019-08-08 00:07:55
Unauthorised Access
2019-08-08 00:07:55
cvelist
cvelist
CVE-2018-16838
2019-03-25 17:41:18
CVE-2019-3811
2019-01-15 15:00:00
mageia
mageia
Updated sssd packages fix security vulnerability
2019-12-19 16:44:26
Updated ldb packages fix security vulnerability
2019-05-08 00:38:09
ubuntucve
ubuntucve
CVE-2018-16838
2019-03-25 00:00:00
CVE-2019-3811
2019-01-15 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1977
2021-07-02 18:10:53
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
CVSS3
5.2
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
47.3%
Related for ALA_ALAS-2019-1307.NASL