Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-3149.NASL
HistoryFeb 03, 2015 - 12:00 a.m.

Debian DSA-3149-1 : condor - security update

2015-02-0300:00:00
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.009 Low

EPSS

Percentile

83.1%

JSON

Florian Weimer, of Red Hat Product Security, discovered an issue in condor, a distributed workload management system. Upon job completion, it can optionally notify a user by sending an email; the mailx invocation used in that process allowed for any authenticated user able to submit jobs, to execute arbitrary code with the privileges of the condor user.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-3149. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(81129);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2014-8126");
  script_bugtraq_id(72019);
  script_xref(name:"DSA", value:"3149");

  script_name(english:"Debian DSA-3149-1 : condor - security update");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Florian Weimer, of Red Hat Product Security, discovered an issue in
condor, a distributed workload management system. Upon job completion,
it can optionally notify a user by sending an email; the mailx
invocation used in that process allowed for any authenticated user
able to submit jobs, to execute arbitrary code with the privileges of
the condor user."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775276"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/wheezy/condor"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2015/dsa-3149"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the condor packages.

For the stable distribution (wheezy), this problem has been fixed in
version 7.8.2~dfsg.1-1+deb7u3.

For the upcoming stable distribution (jessie) and unstable
distribution (sid), this problem has been fixed in version
8.2.3~dfsg.1-6."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:condor");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/01/31");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/02/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/02/03");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"7.0", prefix:"condor", reference:"7.8.2~dfsg.1-1+deb7u3")) flag++;
if (deb_check(release:"7.0", prefix:"condor-dbg", reference:"7.8.2~dfsg.1-1+deb7u3")) flag++;
if (deb_check(release:"7.0", prefix:"condor-dev", reference:"7.8.2~dfsg.1-1+deb7u3")) flag++;
if (deb_check(release:"7.0", prefix:"condor-doc", reference:"7.8.2~dfsg.1-1+deb7u3")) flag++;
if (deb_check(release:"7.0", prefix:"libclassad-dev", reference:"7.8.2~dfsg.1-1+deb7u3")) flag++;
if (deb_check(release:"7.0", prefix:"libclassad3", reference:"7.8.2~dfsg.1-1+deb7u3")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxcondorp-cpe:/a:debian:debian_linux:condor
debiandebian_linux7.0cpe:/o:debian:debian_linux:7.0

Related

redhat 2
openvas 4
fedora 1
securityvulns 2
nessus 4
debian 2
cve 1
ubuntucve 1
cvelist 1
nvd 1
debiancve 1
osv 2
prion 1
ubuntu 1
redhat
redhat
(RHSA-2015:0035) Important: condor security update
2015-01-12 20:11:52
(RHSA-2015:0036) Important: condor security update
2015-01-12 00:00:00
openvas
openvas
Fedora Update for condor FEDORA-2015-10832
2015-07-18 00:00:00
Debian: Security Advisory (DSA-3149-1)
2015-02-01 00:00:00
Debian Security Advisory DSA 3149-1 (condor - security update)
2015-02-02 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: condor-8.3.6-1.fc21
2015-07-18 01:55:50
securityvulns
securityvulns
condor code execution
2015-02-23 00:00:00
[SECURITY] [DSA 3149-1] condor security update
2015-02-23 00:00:00
nessus
nessus
RHEL 6 : condor (RHSA-2015:0035)
2015-01-13 00:00:00
Fedora 21 : condor-8.3.6-1.fc21 (2015-10832)
2015-07-20 00:00:00
RHEL 5 : condor (RHSA-2015:0036)
2015-01-13 00:00:00
debian
debian
[SECURITY] [DSA 3149-1] condor security update
2015-02-02 18:50:06
[SECURITY] [DSA 3149-1] condor security update
2015-02-02 18:50:06
cve
cve
CVE-2014-8126
2020-01-31 22:15:10
ubuntucve
ubuntucve
CVE-2014-8126
2020-01-31 00:00:00
cvelist
cvelist
CVE-2014-8126
2020-01-31 21:39:02
nvd
nvd
CVE-2014-8126
2020-01-31 22:15:10
debiancve
debiancve
CVE-2014-8126
2020-01-31 22:15:10
osv
osv
condor - security update
2015-02-02 00:00:00
condor vulnerabilities
2021-03-15 20:14:57
prion
prion
Code injection
2020-01-31 22:15:00
ubuntu
ubuntu
HTCondor vulnerabilities
2021-03-15 00:00:00

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.009 Low

EPSS

Percentile

83.1%

JSON
Related for DEBIAN_DSA-3149.NASL
redhat2openvas4fedora1securityvulns2nessus4debian2cve1ubuntucve1cvelist1nvd1debiancve1osv2prion1ubuntu1