Oracle Linux 7 : realmd (ELSA-2015-2184)

medium Nessus Plugin ID 181077

Synopsis

The remote Oracle Linux host is missing a security update.

Description

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2184 advisory.

[0.16.1-5]
- Revert 0.16.1-4
- Use samba by default
- Resolves: rhbz#1271618

[0.16.1-4]
- Fix regressions in 0.16.x releases
- Resolves: rhbz#1258745
- Resolves: rhbz#1258488

[0.16.1-3]
- Fix regression accepting DNS domain names
- Resolves: rhbz#1243771

[0.16.1-2]
- Fix discarded patch: ipa-packages.patch

[0.16.1-1]
- Updated to upstream 0.16.1
- Resolves: rhbz#1241832
- Resolves: rhbz#1230941

[0.16.0-1]
- Updated to upstream 0.16.0
- Resolves: rhbz#1174911
- Resolves: rhbz#1142191
- Resolves: rhbz#1142148

[0.14.6-5]
- Don't crash when full_name_format is not in sssd.conf [#1051033] This is a regression from a prior update.

[0.14.6-4]
- Fix full_name_format printf(3) related failure [#1048087]

[0.14.6-3]
- Mass rebuild 2013-12-27

[0.14.6-2]
- Start oddjob after joining a domain [#967023]

[0.14.6-1]
- Update to upstream 0.14.6 point release
- Set 'kerberos method = system keytab' in smb.conf properly [#997580]
- Limit Netbios name to 15 chars when joining AD domain [#1001667]

[0.14.5-1]
- Update to upstream 0.14.5 point release
- Fix regression conflicting --unattended and -U as in --user args [#996223]
- Pass discovered server address to adcli tool [#996995]

[0.14.4-1]
- Update to upstream 0.14.4 point release
- Fix up the [sssd] section in sssd.conf if it's screwed up [#987491]
- Add an --unattended argument to realm command line client [#976593]
- Clearer 'realm permit' manual page example [#985800]

[0.14.3-1]
- Update to upstream 0.14.3 point release
- Populate LoginFormats correctly [#967011]
- Documentation clarifications [#985773] [#967565]
- Set sssd.conf default_shell per domain [#967569]
- Notify in terminal output when installing packages [#984960]
- If joined via adcli, delete computer with adcli too [#967008]
- If input is not a tty, then read from stdin without getpass()
- Configure pam_winbind.conf appropriately [#985819]
- Refer to FreeIPA as IPA [#967019]
- Support use of kerberos ccache to join when winbind [#985817]

[0.14.2-3]
- Run test suite when building the package
- Fix rpmlint errors

[0.14.2-2]
- Install oddjobd and oddjob-mkhomedir when joining domains [#969441]

[0.14.2-1]
- Update to upstream 0.14.2 version
- Discover FreeIPA 3.0 with AD trust correctly [#966148]
- Only allow joining one realm by default [#966650]
- Enable the oddjobd service after joining a domain [#964971]
- Remove sssd.conf allow lists when permitting all [#965760]
- Add dependency on authconfig [#964675]
- Remove glib-networking dependency now that we no longer use SSL.

[0.14.1-1]
- Update to upstream 0.14.1 version
- Fix crasher/regression using passwords with joins [#961435]
- Make second Ctrl-C just quit realm tool [#961325]
- Fix critical warning when leaving IPA realm [#961320]
- Don't print out journalctl command in obvious situations [#961230]
- Document the --all option to 'realm discover' [#961279]
- No need to require sssd-tools package [#961254]
- Enable services even in install mode [#960887]
- Use the AD domain name in sssd.conf directly [#960270]
- Fix critical warning when service Release() method [#961385]

[0.14.0-1]
- Work around broken krb5 with empty passwords [#960001]
- Add manual page for realmd.conf [#959357]
- Update to upstream 0.14.0 version

[0.13.91-1]
- Fix regression when using one time password [#958667]
- Support for permitting logins by group [#887675]

[0.13.90-1]
- Add option to disable package-kit installs [#953852]
- Add option to use unqualified names [#953825]
- Better discovery of domains [#953153]
- Concept of managing parts of the system [#914892]
- Fix problems with cache directory [#913457]
- Clearly explain when realm cannot be joined [#878018]
- Many other upstream enhancements and fixes

[0.13.3-2]
- Add missing glib-networking dependency, currently used for FreeIPA discovery [#953151]

[0.13.3-1]
- Update for upstream 0.13.3 version
- Add dependency on systemd for installing service file

[0.13.2-2]
- Fix problem with sssd not starting after joining

[0.13.2-1]
- Update to upstream 0.13.2 version

[0.13.1-1]
- Update to upstream 0.13.1 version for bug fixes

[0.12-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

[0.12-1]
- Update to upstream 0.12 version for bug fixes

[0.11-1]
- Update to upstream 0.11 version

[0.10-1]
- Update to upstream 0.10 version

[0.9-1]
- Update to upstream 0.9 version

[0.8-2]
- Add openldap-devel build requirement

[0.8-1]
- Update to upstream 0.8 version
- Add support for translations

[0.7-2]
- Build requires gtk-doc

[0.7-1]
- Update to upstream 0.7 version
- Remove files no longer present in upstream version
- Put documentation in its own realmd-devel-docs subpackage
- Update upstream URLs

[0.6-1]
- Update to upstream 0.6 version

[0.5-2]
- Remove missing SssdIpa.service file from the files list.
This file will return upstream in 0.6

[0.5-1]
- Update to upstream 0.5 version

[0.4-1]
- Update to upstream 0.4 version
- Cleanup various rpmlint warnings

[0.3-2]
- Add doc files
- Own directories
- Remove obsolete parts of spec file
- Remove explicit dependencies
- Updated License line to LGPLv2+

[0.3]
- Build fixes

[0.2]
- Initial RPM

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected realmd and / or realmd-devel-docs packages.

See Also

https://linux.oracle.com/errata/ELSA-2015-2184.html

Plugin Details

Severity: Medium

ID: 181077

File Name: oraclelinux_ELSA-2015-2184.nasl

Version: 1.2

Type: local

Agent: unix

Published: 9/7/2023

Updated: 10/22/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2015-2704

CVSS v3

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:realmd, p-cpe:/a:oracle:linux:realmd-devel-docs, cpe:/o:oracle:linux:7

Required KB Items: Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled

Exploit Ease: No known exploits are available

Patch Publication Date: 11/24/2015

Vulnerability Publication Date: 3/26/2015

Reference Information

CVE: CVE-2015-2704