Lucene search

HistoryMay 18, 2021 - 12:00 a.m.

openSUSE Security Update : postsrsd (openSUSE-2021-646)

2021-05-1800:00:00

www.tenable.com

opensuse security update

postsrsd

privilege escalation

endianness

dual stack support

srs separator

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.007

Percentile

80.1%

JSON

This update for postsrsd fixes the following issues :

Update to release 1.11 [boo#1180251]

Drop group privileges as well as user privileges
Fixed: The subprocess that talks to Postfix could be caused to hang with a very long email address.
[CVE-2020-35573]

Update to release 1.6

Fix endianness issue with SHA-1 implementation
Add dual stack support
Make SRS separator configurable

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2021-646.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(149629);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/01");

  script_cve_id("CVE-2020-35573");

  script_name(english:"openSUSE Security Update : postsrsd (openSUSE-2021-646)");

  script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"This update for postsrsd fixes the following issues :

Update to release 1.11 [boo#1180251]

  - Drop group privileges as well as user privileges

  - Fixed: The subprocess that talks to Postfix could be
    caused to hang with a very long email address.
    [CVE-2020-35573]

Update to release 1.6

  - Fix endianness issue with SHA-1 implementation

  - Add dual stack support

  - Make SRS separator configurable");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1180251");
  script_set_attribute(attribute:"solution", value:
"Update the affected postsrsd packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-35573");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/12/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/05/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/05/18");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postsrsd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postsrsd-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postsrsd-debugsource");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.2");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE15.2", reference:"postsrsd-1.11-lp152.4.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"postsrsd-debuginfo-1.11-lp152.4.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"postsrsd-debugsource-1.11-lp152.4.3.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postsrsd / postsrsd-debuginfo / postsrsd-debugsource");
}