RHEL 7 : collectd (RHSA-2017:1285)

high Nessus Plugin ID 100454

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

An update for collectd is now available for RHEV 4.X RHEV-H and Agents for RHEL-7 and RHEV Engine version 4.1.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

collectd is a small C-language daemon, which reads various system metrics periodically and updates RRD files (creating them if necessary). Because the daemon does not start up each time it updates files, it has a low system footprint.

The following packages have been upgraded to a newer upstream version:
collectd (5.7.1). (BZ#1446472)

Security Fix(es) :

* collectd contains an infinite loop due to how the parse_packet() and parse_part_sign_sha256() functions interact. If an instance of collectd is configured with 'SecurityLevel None' and with empty 'AuthFile' options an attacker can send crafted UDP packets that trigger the infinite loop, causing a denial of service.
(CVE-2017-7401)

Solution

Update the affected packages.

See Also

https://access.redhat.com/errata/RHSA-2017:1285

https://access.redhat.com/security/cve/cve-2017-7401

Plugin Details

Severity: High

ID: 100454

File Name: redhat-RHSA-2017-1285.nasl

Version: 3.12

Type: local

Agent: unix

Published: 5/26/2017

Updated: 10/24/2019

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:collectd-iptables, p-cpe:/a:redhat:enterprise_linux:collectd-nginx, p-cpe:/a:redhat:enterprise_linux:collectd-curl_xml, p-cpe:/a:redhat:enterprise_linux:collectd-drbd, p-cpe:/a:redhat:enterprise_linux:collectd-dbi, p-cpe:/a:redhat:enterprise_linux:collectd-ping, p-cpe:/a:redhat:enterprise_linux:collectd-apache, p-cpe:/a:redhat:enterprise_linux:collectd-utils, p-cpe:/a:redhat:enterprise_linux:collectd-debuginfo, p-cpe:/a:redhat:enterprise_linux:collectd-disk, p-cpe:/a:redhat:enterprise_linux:collectd-smart, p-cpe:/a:redhat:enterprise_linux:collectd-write_tsdb, p-cpe:/a:redhat:enterprise_linux:collectd-snmp, p-cpe:/a:redhat:enterprise_linux:collectd-notify_email, p-cpe:/a:redhat:enterprise_linux:collectd-ceph, p-cpe:/a:redhat:enterprise_linux:collectd-bind, p-cpe:/a:redhat:enterprise_linux:collectd-zookeeper, p-cpe:/a:redhat:enterprise_linux:collectd-write_http, p-cpe:/a:redhat:enterprise_linux:collectd-email, p-cpe:/a:redhat:enterprise_linux:collectd-lvm, p-cpe:/a:redhat:enterprise_linux:collectd-netlink, p-cpe:/a:redhat:enterprise_linux:collectd-notify_desktop, p-cpe:/a:redhat:enterprise_linux:collectd-ascent, p-cpe:/a:redhat:enterprise_linux:collectd-rrdtool, p-cpe:/a:redhat:enterprise_linux:collectd-write_sensu, p-cpe:/a:redhat:enterprise_linux:collectd-ipvs, p-cpe:/a:redhat:enterprise_linux:collectd-mysql, p-cpe:/a:redhat:enterprise_linux:collectd-rrdcached, p-cpe:/a:redhat:enterprise_linux:libcollectdclient, p-cpe:/a:redhat:enterprise_linux:collectd-generic-jmx, p-cpe:/a:redhat:enterprise_linux:collectd-chrony, p-cpe:/a:redhat:enterprise_linux:collectd-ipmi, p-cpe:/a:redhat:enterprise_linux:collectd-openldap, p-cpe:/a:redhat:enterprise_linux:collectd-postgresql, p-cpe:/a:redhat:enterprise_linux:collectd-log_logstash, p-cpe:/a:redhat:enterprise_linux:collectd-turbostat, p-cpe:/a:redhat:enterprise_linux:collectd-sensors, cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:collectd-curl, p-cpe:/a:redhat:enterprise_linux:libcollectdclient-devel, p-cpe:/a:redhat:enterprise_linux:collectd-java, p-cpe:/a:redhat:enterprise_linux:collectd-hugepages, p-cpe:/a:redhat:enterprise_linux:collectd-virt, p-cpe:/a:redhat:enterprise_linux:collectd-curl_json, p-cpe:/a:redhat:enterprise_linux:collectd-write_riemann, p-cpe:/a:redhat:enterprise_linux:collectd, p-cpe:/a:redhat:enterprise_linux:collectd-dns

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 7/17/2017

Vulnerability Publication Date: 4/3/2017

Reference Information

CVE: CVE-2017-7401

RHSA: 2017:1285