Detections
Analytics
openSUSE 15 Security Update : permissions (openSUSE-SU-2021:1520-1)
high Nessus Plugin ID 155823
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1520-1 advisory.- The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the easy permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Server permissions versions starting from 85c83fef7e017f8ab7f8602d3163786d57344439 to 081d081dcfaf61710bda34bc21c80c66276119aa. (CVE-2019-3687)
- The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary (CVE-2019-3688)
- A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can't be controlled by attackers on default systems, so exploitation is difficult. This issue affects: SUSE Linux Enterprise Server 12 permissions versions prior to 2015.09.28.1626-17.27.1. SUSE Linux Enterprise Server 15 permissions versions prior to 20181116-9.23.1. SUSE Linux Enterprise Server 11 permissions versions prior to 2013.1.7-0.6.12.1. (CVE-2020-8013)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected permissions and / or permissions-zypp-plugin packages.See Also
https://bugzilla.suse.com/1028975
https://bugzilla.suse.com/1029961
https://bugzilla.suse.com/1093414
https://bugzilla.suse.com/1133678
https://bugzilla.suse.com/1148788
https://bugzilla.suse.com/1150345
https://bugzilla.suse.com/1150366
https://bugzilla.suse.com/1151190
https://bugzilla.suse.com/1157498
https://bugzilla.suse.com/1160285
https://bugzilla.suse.com/1160764
https://bugzilla.suse.com/1161335
https://bugzilla.suse.com/1161779
https://bugzilla.suse.com/1163588
https://bugzilla.suse.com/1167163
https://bugzilla.suse.com/1169614
https://bugzilla.suse.com/1171164
https://bugzilla.suse.com/1171173
https://bugzilla.suse.com/1171569
https://bugzilla.suse.com/1171580
https://bugzilla.suse.com/1171686
https://bugzilla.suse.com/1171879
https://bugzilla.suse.com/1171882
https://bugzilla.suse.com/1173221
https://bugzilla.suse.com/1174504
https://bugzilla.suse.com/1175720
https://bugzilla.suse.com/1175867
https://bugzilla.suse.com/1178475
https://bugzilla.suse.com/1178476
https://bugzilla.suse.com/1183669
http://www.nessus.org/u?3818419a
https://www.suse.com/security/cve/CVE-2019-3687
Plugin Details
Severity: High
ID: 155823
File Name: openSUSE-2021-1520.nasl
Version: 1.2
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 12/3/2021
Updated: 12/3/2021
Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.2
CVSS v2
Risk Factor: Medium
Base Score: 6.6
Temporal Score: 4.9
Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:C/A:C
CVSS Score Source: CVE-2019-3688
CVSS v3
Risk Factor: High
Base Score: 7.1
Temporal Score: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:novell:opensuse:15.3, p-cpe:/a:novell:opensuse:permissions, p-cpe:/a:novell:opensuse:permissions-zypp-plugin
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 12/2/2021
Vulnerability Publication Date: 10/7/2019