This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2016-6A0D540088.NASLFedora 23 : 2:docker (2016-6a0d540088)
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
built docker @projectatomic/fedora-1.10.3 commit f476348
built docker @projectatomic/fedora-1.10.3 commit f476348
built docker @projectatomic/fedora-1.10.3 commit 4158ccc
Resolves: #1335649 - enable Red Hat subscription use in Docker containers on Fedora
built docker @projectatomic/fedora-1.10.3 commit 8ecd47f
built docker @projectatomic/fedora-1.10.3 commit 8ecd47f
built docker @projectatomic/fedora-1.10.3 commit 667d6d1
built docker @projectatomic/fedora-1.10.3 commit bba2d6d
built docker @projectatomic/fedora-1.10.3 commit a41254f
built docker @projectatomic/fedora-1.10.3 commit#964eda6
built docker @projectatomic/fedora-1.10.3 commit#ef2fa35
docker package runtime depends on docker-forward-journald
rebuilt to remove dockerroot user creation
rebuilt to remove dockerroot user creation
rebuilt to include dss_libdir directory
built docker @projectatomic/fedora-1.10.2 commit#86e59a5
rebuilt with seccomp enabled
built docker @projectatomic/fedora-1.10.1 commit#6c71d8f
built docker @projectatomic/fedora-1.10.1 commit#6c71d8f
rebuilt, no change
built docker @projectatomic/fedora-1.10.2 commit#0f5ac89
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2016-6a0d540088.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(92105);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2016-3697");
script_xref(name:"FEDORA", value:"2016-6a0d540088");
script_name(english:"Fedora 23 : 2:docker (2016-6a0d540088)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"built docker @projectatomic/fedora-1.10.3 commit f476348
----
built docker @projectatomic/fedora-1.10.3 commit f476348
----
built docker @projectatomic/fedora-1.10.3 commit 4158ccc
----
Resolves: #1335649 - enable Red Hat subscription use in Docker
containers on Fedora
----
built docker @projectatomic/fedora-1.10.3 commit 8ecd47f
----
built docker @projectatomic/fedora-1.10.3 commit 8ecd47f
----
built docker @projectatomic/fedora-1.10.3 commit 667d6d1
----
built docker @projectatomic/fedora-1.10.3 commit bba2d6d
----
built docker @projectatomic/fedora-1.10.3 commit a41254f
----
built docker @projectatomic/fedora-1.10.3 commit#964eda6
----
built docker @projectatomic/fedora-1.10.3 commit#ef2fa35
----
docker package runtime depends on docker-forward-journald
----
rebuilt to remove dockerroot user creation
----
rebuilt to remove dockerroot user creation
----
rebuilt to include dss_libdir directory
----
built docker @projectatomic/fedora-1.10.2 commit#86e59a5
----
rebuilt with seccomp enabled
----
built docker @projectatomic/fedora-1.10.1 commit#6c71d8f
----
built docker @projectatomic/fedora-1.10.1 commit#6c71d8f
----
rebuilt, no change
----
built docker @projectatomic/fedora-1.10.2 commit#0f5ac89
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bodhi.fedoraproject.org/updates/FEDORA-2016-6a0d540088"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected 2:docker package."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:2:docker");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:23");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/01");
script_set_attribute(attribute:"patch_publication_date", value:"2016/06/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/07/14");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^23([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 23", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC23", reference:"docker-1.10.3-24.gitf476348.fc23", epoch:"2")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_NOTE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "2:docker");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fedoraproject | fedora | 2 | p-cpe:/a:fedoraproject:fedora:2:docker |
| fedoraproject | fedora | 23 | cpe:/o:fedoraproject:fedora:23 |
Related
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%