Detections
Analytics
RHEL 6 : Red Hat OpenShift Enterprise 2.2 Release Advisory (Moderate) (RHSA-2014:1796)
high Nessus Plugin ID 119441
Language:
Synopsis
The remote Red Hat host is missing one or more security updates.Description
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1796 advisory.OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.
It was reported that OpenShift Enterprise 2.2 did not properly restrict access to services running on different gears. This could allow an attacker to access unprotected network resources running in another user's gear.
OpenShift Enterprise 2.2 introduces the oo-gear-firewall command which creates firewall rules and SELinux policy to contain services running on gears to their own internal gear IPs. The command is invoked by default during new installations of OpenShift Enterprise 2.2 to prevent this security issue. Administrators should run the following on node hosts in existing deployments after upgrading to 2.2 to address this security issue:
# oo-gear-firewall -i enable -s enable
Please see the man page for the oo-gear-firewall command for more details.
(CVE-2014-3674)
It was reported that OpenShift Enterprise did not restrict access to the /proc/net/tcp file on gears, which allowed local users to view all listening connections and connected sockets. This could result in remote systems IP or port numbers in use being exposed which may be useful for further targeted attacks. Note that for local listeners, OSE restricts connections to within the gear by default, so even with the knowledge of the local port and IP the attacker is unable to connect. This bug fix updates the SELinux policy on node hosts to prevent this gear information from being accessed by local users. (CVE-2014-3602)
The OpenShift Enterprise 2.2 Release Notes provide information about new features and notable technical changes in this release, as well as notes on initial installations. For more information about OpenShift Enterprise, see the documentation available at:
https://access.redhat.com/site/documentation/en-US/OpenShift_Enterprise/2/
All OpenShift Enterprise users are advised to upgrade to release 2.2.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
http://www.nessus.org/u?4b31cf4f
http://www.nessus.org/u?9bdbd3f6
https://access.redhat.com/errata/RHSA-2014:1796
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1004479
https://bugzilla.redhat.com/show_bug.cgi?id=1093192
https://bugzilla.redhat.com/show_bug.cgi?id=1100102
https://bugzilla.redhat.com/show_bug.cgi?id=1121195
https://bugzilla.redhat.com/show_bug.cgi?id=1123850
https://bugzilla.redhat.com/show_bug.cgi?id=1130347
https://bugzilla.redhat.com/show_bug.cgi?id=1131167
https://bugzilla.redhat.com/show_bug.cgi?id=1131190
https://bugzilla.redhat.com/show_bug.cgi?id=1131680
https://bugzilla.redhat.com/show_bug.cgi?id=1133075
https://bugzilla.redhat.com/show_bug.cgi?id=1134139
https://bugzilla.redhat.com/show_bug.cgi?id=1140289
https://bugzilla.redhat.com/show_bug.cgi?id=1144057
https://bugzilla.redhat.com/show_bug.cgi?id=1144940
https://bugzilla.redhat.com/show_bug.cgi?id=1145810
https://bugzilla.redhat.com/show_bug.cgi?id=1145877
https://bugzilla.redhat.com/show_bug.cgi?id=1146224
https://bugzilla.redhat.com/show_bug.cgi?id=1148170
https://bugzilla.redhat.com/show_bug.cgi?id=1148192
https://bugzilla.redhat.com/show_bug.cgi?id=1150971
https://bugzilla.redhat.com/show_bug.cgi?id=1151244
https://bugzilla.redhat.com/show_bug.cgi?id=1152698
https://bugzilla.redhat.com/show_bug.cgi?id=1152699
https://bugzilla.redhat.com/show_bug.cgi?id=1152700
https://bugzilla.redhat.com/show_bug.cgi?id=1153750
https://bugzilla.redhat.com/show_bug.cgi?id=1154026
https://bugzilla.redhat.com/show_bug.cgi?id=1154471
Plugin Details
Severity: High
ID: 119441
File Name: redhat-RHSA-2014-1796.nasl
Version: 1.11
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 12/6/2018
Updated: 3/24/2025
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.2
Vendor
Vendor Severity: Moderate
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2014-3674
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS Score Source: CVE-2014-3602
Vulnerability Information
CPE: p-cpe:/a:redhat:enterprise_linux:perl-class-factory-util, p-cpe:/a:redhat:enterprise_linux:atlas-devel, p-cpe:/a:redhat:enterprise_linux:php-fpm, p-cpe:/a:redhat:enterprise_linux:python33-mod_wsgi, p-cpe:/a:redhat:enterprise_linux:v8, p-cpe:/a:redhat:enterprise_linux:gdal-libs, p-cpe:/a:redhat:enterprise_linux:jasper, p-cpe:/a:redhat:enterprise_linux:php-bcmath, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-ssh-doc, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-range-parser, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-open4, p-cpe:/a:redhat:enterprise_linux:openshift-origin-util-scl, p-cpe:/a:redhat:enterprise_linux:php, p-cpe:/a:redhat:enterprise_linux:gdal-python, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-nodejs, p-cpe:/a:redhat:enterprise_linux:rsyslog7, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-connect, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-python, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-ruby, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-json, p-cpe:/a:redhat:enterprise_linux:libdap-doc, p-cpe:/a:redhat:enterprise_linux:proj-devel, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-mysql, p-cpe:/a:redhat:enterprise_linux:lcms, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-send, p-cpe:/a:redhat:enterprise_linux:lcms-devel, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-cookie-signature, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-moped, p-cpe:/a:redhat:enterprise_linux:postgresql92-postgis-utils, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-python, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jenkins, p-cpe:/a:redhat:enterprise_linux:perl-universal-moniker, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-console, p-cpe:/a:redhat:enterprise_linux:jython-manual, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-dns-fog, p-cpe:/a:redhat:enterprise_linux:rubygems-devel, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-apachedb, p-cpe:/a:redhat:enterprise_linux:rubygem-ruby2ruby, p-cpe:/a:redhat:enterprise_linux:libcgroup-pam, p-cpe:/a:redhat:enterprise_linux:imagemagick-devel, p-cpe:/a:redhat:enterprise_linux:openshift-origin-logshifter, p-cpe:/a:redhat:enterprise_linux:rubygem-net-ssh-gateway, p-cpe:/a:redhat:enterprise_linux:rubygem-rake, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-diy, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-wrapper, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bson_ext, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-jquery-rails, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby_parser, p-cpe:/a:redhat:enterprise_linux:gdal-ruby, p-cpe:/a:redhat:enterprise_linux:openshift-origin-broker-util, p-cpe:/a:redhat:enterprise_linux:php-pear-mdb2-driver-pgsql, p-cpe:/a:redhat:enterprise_linux:libgta-devel, p-cpe:/a:redhat:enterprise_linux:perl-class-trigger, p-cpe:/a:redhat:enterprise_linux:atlas, p-cpe:/a:redhat:enterprise_linux:jython-javadoc, p-cpe:/a:redhat:enterprise_linux:gdal-javadoc, p-cpe:/a:redhat:enterprise_linux:rubygem-highline, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-php, p-cpe:/a:redhat:enterprise_linux:freexl, p-cpe:/a:redhat:enterprise_linux:armadillo-devel, p-cpe:/a:redhat:enterprise_linux:php-extras, p-cpe:/a:redhat:enterprise_linux:libdap-devel, p-cpe:/a:redhat:enterprise_linux:ta-lib, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-bignumber.js, p-cpe:/a:redhat:enterprise_linux:libev-devel, p-cpe:/a:redhat:enterprise_linux:ruby200-rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-fresh, p-cpe:/a:redhat:enterprise_linux:python-pymongo-gridfs, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jbossews, p-cpe:/a:redhat:enterprise_linux:rubygem-net-ssh, p-cpe:/a:redhat:enterprise_linux:libcgroup, p-cpe:/a:redhat:enterprise_linux:socat, p-cpe:/a:redhat:enterprise_linux:rubygem-rack, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-express, p-cpe:/a:redhat:enterprise_linux:python27-python-pip-virtualenv, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-chunky_png, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-optimist, p-cpe:/a:redhat:enterprise_linux:openshift-origin-msg-common, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-jbosseap, p-cpe:/a:redhat:enterprise_linux:cfitsio, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-keypress, p-cpe:/a:redhat:enterprise_linux:libgta, p-cpe:/a:redhat:enterprise_linux:cfitsio-devel, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-formidable, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-devel, p-cpe:/a:redhat:enterprise_linux:libwebp-devel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sass-twitter-bootstrap, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json, p-cpe:/a:redhat:enterprise_linux:perl-app-cpanminus, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-pg, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-haproxy, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-nodejs-websocket, p-cpe:/a:redhat:enterprise_linux:blas-devel, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mock-plugin, p-cpe:/a:redhat:enterprise_linux:ruby193-mcollective-client, p-cpe:/a:redhat:enterprise_linux:jasper-devel, p-cpe:/a:redhat:enterprise_linux:libreadline-java-javadoc, p-cpe:/a:redhat:enterprise_linux:mongodb-server, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-httpclient, p-cpe:/a:redhat:enterprise_linux:hdf5-openmpi-static, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog, p-cpe:/a:redhat:enterprise_linux:libc-client, p-cpe:/a:redhat:enterprise_linux:rubygem-zentest, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-tinycolor, p-cpe:/a:redhat:enterprise_linux:rubygem-test-unit, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-require-all, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-pg, p-cpe:/a:redhat:enterprise_linux:rubygem-json, p-cpe:/a:redhat:enterprise_linux:js, p-cpe:/a:redhat:enterprise_linux:rubygem-bson_ext, p-cpe:/a:redhat:enterprise_linux:geos, p-cpe:/a:redhat:enterprise_linux:ruby-nokogiri, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-doc, p-cpe:/a:redhat:enterprise_linux:postgis-docs, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-formatador, p-cpe:/a:redhat:enterprise_linux:python27-mod_wsgi, p-cpe:/a:redhat:enterprise_linux:ruby193-mod_passenger, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-routing-daemon, p-cpe:/a:redhat:enterprise_linux:imagemagick, p-cpe:/a:redhat:enterprise_linux:jboss-eap6-modules, p-cpe:/a:redhat:enterprise_linux:gdal, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fssm, p-cpe:/a:redhat:enterprise_linux:libmcrypt-devel, p-cpe:/a:redhat:enterprise_linux:perl-ima-dbi, p-cpe:/a:redhat:enterprise_linux:perl-datetime-format-strptime, p-cpe:/a:redhat:enterprise_linux:python-bson, p-cpe:/a:redhat:enterprise_linux:cfitsio-static, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-upgrade-broker, p-cpe:/a:redhat:enterprise_linux:js-devel, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-mongodb, p-cpe:/a:redhat:enterprise_linux:gdal-devel, p-cpe:/a:redhat:enterprise_linux:hdf5, p-cpe:/a:redhat:enterprise_linux:rubygem-fastthread, p-cpe:/a:redhat:enterprise_linux:v8-devel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-xml-simple, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-admin-console, p-cpe:/a:redhat:enterprise_linux:gdal-perl, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-release, p-cpe:/a:redhat:enterprise_linux:perl-datetime-format-builder, p-cpe:/a:redhat:enterprise_linux:ruby-sqlite3, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-devel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-formatador-doc, p-cpe:/a:redhat:enterprise_linux:shapelib, p-cpe:/a:redhat:enterprise_linux:rubygem-spruz, p-cpe:/a:redhat:enterprise_linux:rubygem-sqlite3, p-cpe:/a:redhat:enterprise_linux:xerces-c-doc, p-cpe:/a:redhat:enterprise_linux:libev, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bson, p-cpe:/a:redhat:enterprise_linux:netcdf-static, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jbosseap, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-excon, p-cpe:/a:redhat:enterprise_linux:perl-json, p-cpe:/a:redhat:enterprise_linux:postgresql92-postgis-docs, p-cpe:/a:redhat:enterprise_linux:lapack-devel, p-cpe:/a:redhat:enterprise_linux:ruby-rmagick, p-cpe:/a:redhat:enterprise_linux:jython-demo, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-python, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-jbossews, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-ruby, p-cpe:/a:redhat:enterprise_linux:libicu-devel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-daemons, p-cpe:/a:redhat:enterprise_linux:rubygem-ruby_parser, p-cpe:/a:redhat:enterprise_linux:lapack, p-cpe:/a:redhat:enterprise_linux:activemq-client, p-cpe:/a:redhat:enterprise_linux:netcdf, p-cpe:/a:redhat:enterprise_linux:rubygem-diff-lcs, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-ssh, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-dns-dynect, p-cpe:/a:redhat:enterprise_linux:libwebp, p-cpe:/a:redhat:enterprise_linux:php-pecl-xdebug, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-state_machine, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-ws, p-cpe:/a:redhat:enterprise_linux:mongodb, p-cpe:/a:redhat:enterprise_linux:maven3, p-cpe:/a:redhat:enterprise_linux:rubygem-commander, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-highline, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-nokogiri-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-term-ansicolor, p-cpe:/a:redhat:enterprise_linux:rubygem-nokogiri, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-formtastic, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-upgrade, p-cpe:/a:redhat:enterprise_linux:hdf5-mpich2-static, p-cpe:/a:redhat:enterprise_linux:shapelib-devel, p-cpe:/a:redhat:enterprise_linux:openshift-origin-broker, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-buffer-crc32, p-cpe:/a:redhat:enterprise_linux:rubygem-archive-tar-minitar, p-cpe:/a:redhat:enterprise_linux:imagemagick-perl, p-cpe:/a:redhat:enterprise_linux:rubygem-parseconfig, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mysql, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-mongo, p-cpe:/a:redhat:enterprise_linux:ruby200-rubygem-passenger-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-scp-doc, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-apache-vhost, p-cpe:/a:redhat:enterprise_linux:rubygems, p-cpe:/a:redhat:enterprise_linux:rubygem-thor, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-regin, p-cpe:/a:redhat:enterprise_linux:yum-utils, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-parseconfig, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-cron, p-cpe:/a:redhat:enterprise_linux:openshift-origin-node-proxy, p-cpe:/a:redhat:enterprise_linux:postgis, p-cpe:/a:redhat:enterprise_linux:gdal-java, p-cpe:/a:redhat:enterprise_linux:rubygem-stomp, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-scp, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-upgrade-node, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-mongoid, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-imagick, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-mongo, p-cpe:/a:redhat:enterprise_linux:freexl-devel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-origin, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-dns-nsupdate, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-supervisor, p-cpe:/a:redhat:enterprise_linux:openshift-origin-port-proxy, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-mysql, p-cpe:/a:redhat:enterprise_linux:libc-client-devel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-file-tail, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-routing-activemq, p-cpe:/a:redhat:enterprise_linux:php-mbstring, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby2ruby, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-perl, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-safe_yaml, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-bytes, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-daemon_controller, p-cpe:/a:redhat:enterprise_linux:rhc, p-cpe:/a:redhat:enterprise_linux:ta-lib-devel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-core, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json_pure, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mongodb, p-cpe:/a:redhat:enterprise_linux:php-pear-mdb2, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-syslog-logger, p-cpe:/a:redhat:enterprise_linux:python-virtualenv, p-cpe:/a:redhat:enterprise_linux:postgresql92-pgrouting, p-cpe:/a:redhat:enterprise_linux:libffi, p-cpe:/a:redhat:enterprise_linux:rubygem-bundler, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mock, p-cpe:/a:redhat:enterprise_linux:php-mcrypt, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jenkins-client, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-stomp, p-cpe:/a:redhat:enterprise_linux:rubygem-httpclient, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-ldap, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-nodejs, p-cpe:/a:redhat:enterprise_linux:rubygem-regin, p-cpe:/a:redhat:enterprise_linux:rubygem-bson, p-cpe:/a:redhat:enterprise_linux:ruby193-facter, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-minitest, p-cpe:/a:redhat:enterprise_linux:ghostscript-devel, p-cpe:/a:redhat:enterprise_linux:perl-io-stringy, p-cpe:/a:redhat:enterprise_linux:openshift-origin-node-util, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-apache-mod-rewrite, p-cpe:/a:redhat:enterprise_linux:hdf5-devel, p-cpe:/a:redhat:enterprise_linux:libgta-doc, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-commander, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-node, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-selinux, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-haml, p-cpe:/a:redhat:enterprise_linux:json-c-doc, p-cpe:/a:redhat:enterprise_linux:rubygem-open4, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-yum-validator, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-ruby, p-cpe:/a:redhat:enterprise_linux:perl-class-data-inheritable, p-cpe:/a:redhat:enterprise_linux:perl-yaml, p-cpe:/a:redhat:enterprise_linux:libspatialite, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-node-static, p-cpe:/a:redhat:enterprise_linux:perl-class-dbi, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-auth-remote-user, p-cpe:/a:redhat:enterprise_linux:ghostscript, p-cpe:/a:redhat:enterprise_linux:python27-python-pip, p-cpe:/a:redhat:enterprise_linux:perl-clone, p-cpe:/a:redhat:enterprise_linux:proj, p-cpe:/a:redhat:enterprise_linux:php-imap, p-cpe:/a:redhat:enterprise_linux:libgeotiff-devel, p-cpe:/a:redhat:enterprise_linux:perl-dbix-contextualfetch, p-cpe:/a:redhat:enterprise_linux:jython, p-cpe:/a:redhat:enterprise_linux:activemq, p-cpe:/a:redhat:enterprise_linux:mod_passenger, p-cpe:/a:redhat:enterprise_linux:imagemagick-doc, p-cpe:/a:redhat:enterprise_linux:libwebp-java, p-cpe:/a:redhat:enterprise_linux:rubygem-file-tail, p-cpe:/a:redhat:enterprise_linux:rubygem-parsetree, p-cpe:/a:redhat:enterprise_linux:cfitsio-docs, p-cpe:/a:redhat:enterprise_linux:postgresql-ip4r, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-postgresql, p-cpe:/a:redhat:enterprise_linux:ghostscript-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-compass, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-perl, p-cpe:/a:redhat:enterprise_linux:ruby193-js, p-cpe:/a:redhat:enterprise_linux:hdf5-openmpi-devel, p-cpe:/a:redhat:enterprise_linux:ruby193-js-devel, p-cpe:/a:redhat:enterprise_linux:ruby-mysql, p-cpe:/a:redhat:enterprise_linux:xerces-c-devel, p-cpe:/a:redhat:enterprise_linux:php-process, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-nodejs, p-cpe:/a:redhat:enterprise_linux:openshift-origin-console, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-nokogiri, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-debug, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-perl, cpe:/o:redhat:enterprise_linux:6, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-haproxy-sni-proxy, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-commander, p-cpe:/a:redhat:enterprise_linux:hdf5-mpich2-devel, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-options, p-cpe:/a:redhat:enterprise_linux:json-c-devel, p-cpe:/a:redhat:enterprise_linux:rubygem-thread-dump, p-cpe:/a:redhat:enterprise_linux:geos-devel, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-methods, p-cpe:/a:redhat:enterprise_linux:rubygem-net-scp, p-cpe:/a:redhat:enterprise_linux:libdap, p-cpe:/a:redhat:enterprise_linux:gd, p-cpe:/a:redhat:enterprise_linux:hdf5-mpich2, p-cpe:/a:redhat:enterprise_linux:gdal-doc, p-cpe:/a:redhat:enterprise_linux:gd-devel, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-cookie, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-parallel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-systemu, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fastthread, p-cpe:/a:redhat:enterprise_linux:charls, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-compass-rails, p-cpe:/a:redhat:enterprise_linux:json-c, p-cpe:/a:redhat:enterprise_linux:libestr-devel, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-controller, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-common, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-wordwrap, p-cpe:/a:redhat:enterprise_linux:ruby200-rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:rubygem-rubyinline, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-php, p-cpe:/a:redhat:enterprise_linux:rubygem-net-ssh-multi, p-cpe:/a:redhat:enterprise_linux:uuid-devel, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-bson, p-cpe:/a:redhat:enterprise_linux:yum-plugin-priorities, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rdiscount, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-dnsruby, p-cpe:/a:redhat:enterprise_linux:ruby200-rubygem-passenger-devel, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-php, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-spruz, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-brightbox, p-cpe:/a:redhat:enterprise_linux:rubygem-systemu, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-jbosseap, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-generic-pool, p-cpe:/a:redhat:enterprise_linux:hdf5-openmpi, p-cpe:/a:redhat:enterprise_linux:haproxy, p-cpe:/a:redhat:enterprise_linux:haproxy15side, p-cpe:/a:redhat:enterprise_linux:jenkins-plugin-openshift, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rest-client, p-cpe:/a:redhat:enterprise_linux:libgeotiff, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-gear-placement, p-cpe:/a:redhat:enterprise_linux:libmcrypt, p-cpe:/a:redhat:enterprise_linux:libwebp-tools, p-cpe:/a:redhat:enterprise_linux:libmongodb, p-cpe:/a:redhat:enterprise_linux:uuid, p-cpe:/a:redhat:enterprise_linux:perl-datetime-format-pg, p-cpe:/a:redhat:enterprise_linux:php-pecl-mongo, p-cpe:/a:redhat:enterprise_linux:php-pecl-imagick, p-cpe:/a:redhat:enterprise_linux:hdf5-static, p-cpe:/a:redhat:enterprise_linux:ruby200-rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:postgresql92-postgis, p-cpe:/a:redhat:enterprise_linux:ruby200-mod_passenger, p-cpe:/a:redhat:enterprise_linux:armadillo, p-cpe:/a:redhat:enterprise_linux:rubygem-sexp_processor, p-cpe:/a:redhat:enterprise_linux:rsyslog7-mmopenshift, p-cpe:/a:redhat:enterprise_linux:jenkins, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:pam_openshift, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-pause, p-cpe:/a:redhat:enterprise_linux:python-pymongo, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-jbossews, p-cpe:/a:redhat:enterprise_linux:php-devel, p-cpe:/a:redhat:enterprise_linux:jboss-openshift-metrics-module, p-cpe:/a:redhat:enterprise_linux:netcdf-devel, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-msg-broker-mcollective, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-colors, p-cpe:/a:redhat:enterprise_linux:libreadline-java, p-cpe:/a:redhat:enterprise_linux:openshift-origin-msg-node-mcollective, p-cpe:/a:redhat:enterprise_linux:quartz, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-json-doc, p-cpe:/a:redhat:enterprise_linux:gpsbabel, p-cpe:/a:redhat:enterprise_linux:perl-class-accessor, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-excon-doc, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-container-selinux, p-cpe:/a:redhat:enterprise_linux:libestr, p-cpe:/a:redhat:enterprise_linux:ruby193-mcollective, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sexp_processor, p-cpe:/a:redhat:enterprise_linux:charls-devel, p-cpe:/a:redhat:enterprise_linux:uuid-pgsql, p-cpe:/a:redhat:enterprise_linux:perl-class-dbi-pg, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-xdebug, p-cpe:/a:redhat:enterprise_linux:facter, p-cpe:/a:redhat:enterprise_linux:php-intl, p-cpe:/a:redhat:enterprise_linux:libffi-devel, p-cpe:/a:redhat:enterprise_linux:icu, p-cpe:/a:redhat:enterprise_linux:xerces-c, p-cpe:/a:redhat:enterprise_linux:libspatialite-devel, p-cpe:/a:redhat:enterprise_linux:proj-nad, p-cpe:/a:redhat:enterprise_linux:ruby193-mcollective-common
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Ease: No known exploits are available
Patch Publication Date: 11/3/2014
Vulnerability Publication Date: 11/13/2014
Reference Information
CVE: CVE-2014-3602, CVE-2014-3674