Lucene search
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2022-14891-1.NASLHistoryFeb 19, 2022 - 12:00 a.m.
SUSE SLES11 Security Update : cobbler (SUSE-SU-2022:14891-1)
2022-02-1900:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
0.0004 Low
EPSS
Percentile
5.1%
The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2022:14891-1 advisory.
- An issue was discovered in Cobbler before 3.3.1. Files in /etc/cobbler are world readable. Two of those files contain some sensitive information that can be exposed to a local user who has non-privileged access to the server. The users.digest file contains the sha2-512 digest of users in a Cobbler local installation. In the case of an easy-to-guess password, it’s trivial to obtain the plaintext string. The settings.yaml file contains secrets such as the hashed default password. (CVE-2021-45083)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2022:14891-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(158187);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/13");
script_cve_id("CVE-2021-45083");
script_xref(name:"SuSE", value:"SUSE-SU-2022:14891-1");
script_name(english:"SUSE SLES11 Security Update : cobbler (SUSE-SU-2022:14891-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE-
SU-2022:14891-1 advisory.
- An issue was discovered in Cobbler before 3.3.1. Files in /etc/cobbler are world readable. Two of those
files contain some sensitive information that can be exposed to a local user who has non-privileged access
to the server. The users.digest file contains the sha2-512 digest of users in a Cobbler local
installation. In the case of an easy-to-guess password, it's trivial to obtain the plaintext string. The
settings.yaml file contains secrets such as the hashed default password. (CVE-2021-45083)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193671");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195906");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-45083");
# https://lists.suse.com/pipermail/sle-security-updates/2022-February/010255.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fb7697c7");
script_set_attribute(attribute:"solution", value:
"Update the affected koan package.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-45083");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/02/20");
script_set_attribute(attribute:"patch_publication_date", value:"2022/02/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/19");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:koan");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES11" && (! preg(pattern:"^(3|4)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES11 SP3/4", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'koan-2.2.2-0.68.15.1', 'sp':'3', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.3']},
{'reference':'koan-2.2.2-0.68.15.1', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_NOTE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'koan');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | koan | p-cpe:/a:novell:suse_linux:koan |
| novell | suse_linux | 11 | cpe:/o:novell:suse_linux:11 |
Related
ubuntucve
ubuntucve
CVE-2021-45083
2022-02-20 00:00:00
osv
osv
CVE-2021-45083
2022-02-20 18:15:07
PYSEC-2022-38
2022-02-20 18:15:00
Incorrect Default Permissions in Cobbler
2022-02-21 00:00:20
cvelist
cvelist
CVE-2021-45083
2022-02-20 17:56:11
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:14891-1)
2022-02-19 00:00:00
Fedora: Security Advisory for cobbler (FEDORA-2022-0649006be6)
2022-03-23 00:00:00
Fedora: Security Advisory for cobbler (FEDORA-2022-0c6402a6a3)
2022-03-23 00:00:00
veracode
veracode
Information Disclosure
2022-02-21 05:46:45
gitlab
gitlab
Incorrect Default Permissions
2022-02-21 00:00:00
cnvd
cnvd
Cobbler has an unspecified vulnerability (CNVD-2022-18325)
2022-02-22 00:00:00
cve
cve
CVE-2021-45083
2022-02-20 18:15:07
redhatcve
redhatcve
CVE-2021-45083
2022-02-21 07:30:23
nvd
nvd
CVE-2021-45083
2022-02-20 18:15:07
prion
prion
Default credentials
2022-02-20 18:15:00
github
github
Incorrect Default Permissions in Cobbler
2022-02-21 00:00:20
fedora
fedora
[SECURITY] Fedora 34 Update: cobbler-3.2.2-10.fc34
2022-03-11 14:15:55
[SECURITY] Fedora 35 Update: cobbler-3.2.2-10.fc35
2022-03-11 14:47:51
[SECURITY] Fedora 36 Update: cobbler-3.3.1-1.fc36
2022-03-26 15:39:26
suse
suse
Security update for cobbler (important)
2022-03-01 00:00:00
nessus
nessus
Ubuntu 16.04 ESM : Cobbler vulnerabilities (USN-6475-1)
2023-11-13 00:00:00
ubuntu
ubuntu
Cobbler vulnerabilities
2023-11-13 00:00:00
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
0.0004 Low
EPSS
Percentile
5.1%
Related for SUSE_SU-2022-14891-1.NASL