Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2019-2408.NASLHistoryOct 30, 2019 - 12:00 a.m.
openSUSE Security Update : nfs-utils (openSUSE-2019-2408)
2019-10-3000:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
86.1%
This update for nfs-utils fixes the following issues :
- CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. (bsc#1150733)
This update was imported from the SUSE:SLE-15:Update update project.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2019-2408.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(130387);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/16");
script_cve_id("CVE-2019-3689");
script_name(english:"openSUSE Security Update : nfs-utils (openSUSE-2019-2408)");
script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
script_set_attribute(attribute:"description", value:
"This update for nfs-utils fixes the following issues :
- CVE-2019-3689: Fixed root-owned files stored in insecure
/var/lib/nfs. (bsc#1150733)
This update was imported from the SUSE:SLE-15:Update update project.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1150733");
script_set_attribute(attribute:"solution", value:
"Update the affected nfs-utils packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3689");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/19");
script_set_attribute(attribute:"patch_publication_date", value:"2019/10/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/30");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nfs-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nfs-client-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nfs-kernel-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nfs-kernel-server-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nfs-utils-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nfs-utils-debugsource");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE15.0", reference:"nfs-client-2.1.1-lp150.4.10.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"nfs-client-debuginfo-2.1.1-lp150.4.10.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"nfs-kernel-server-2.1.1-lp150.4.10.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"nfs-kernel-server-debuginfo-2.1.1-lp150.4.10.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"nfs-utils-debuginfo-2.1.1-lp150.4.10.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"nfs-utils-debugsource-2.1.1-lp150.4.10.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nfs-client / nfs-client-debuginfo / nfs-kernel-server / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | nfs-client | p-cpe:/a:novell:opensuse:nfs-client |
| novell | opensuse | nfs-client-debuginfo | p-cpe:/a:novell:opensuse:nfs-client-debuginfo |
| novell | opensuse | nfs-kernel-server | p-cpe:/a:novell:opensuse:nfs-kernel-server |
| novell | opensuse | nfs-kernel-server-debuginfo | p-cpe:/a:novell:opensuse:nfs-kernel-server-debuginfo |
| novell | opensuse | nfs-utils-debuginfo | p-cpe:/a:novell:opensuse:nfs-utils-debuginfo |
| novell | opensuse | nfs-utils-debugsource | p-cpe:/a:novell:opensuse:nfs-utils-debugsource |
| novell | opensuse | 15.0 | cpe:/o:novell:opensuse:15.0 |
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:2771-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for nfs-utils (openSUSE-SU-2019:2435-1)
2020-01-09 00:00:00
Ubuntu: Security Advisory (USN-4400-1)
2020-06-23 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : nfs-utils (SUSE-SU-2019:2782-1)
2019-10-28 00:00:00
EulerOS 2.0 SP8 : nfs-utils (EulerOS-SA-2020-1871)
2020-08-28 00:00:00
EulerOS Virtualization 3.0.2.6 : nfs-utils (EulerOS-SA-2023-1076)
2023-01-06 00:00:00
ubuntu
ubuntu
nfs-utils vulnerability
2020-06-22 00:00:00
ubuntucve
ubuntucve
CVE-2019-3689
2019-09-19 00:00:00
nvd
nvd
CVE-2019-3689
2019-09-19 14:15:10
prion
prion
Design/Logic Flaw
2019-09-19 14:15:00
debiancve
debiancve
CVE-2019-3689
2019-09-19 14:15:10
suse
suse
Security update for nfs-utils (moderate)
2019-11-05 00:00:00
Security update for nfs-utils (moderate)
2019-10-29 00:00:00
redhatcve
redhatcve
CVE-2019-3689
2020-06-23 17:25:33
debian
debian
[SECURITY] [DLA 1965-1] nfs-utils security update
2019-10-19 14:42:04
osv
osv
nfs-utils - security update
2019-10-19 00:00:00
cve
cve
CVE-2019-3689
2019-09-19 14:15:10
cvelist
cvelist
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
86.1%
Related for OPENSUSE-2019-2408.NASL