Detections
Analytics

OracleVM 3.2 : sos (OVMSA-2016-0078)

high Nessus Plugin ID 91754

Language:

Synopsis

The remote OracleVM host is missing a security update.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

 - add patch to remove all sysrq echo commands from sysreport.legacy (John Sobecki) [orabug 11061754]

 - comment out rh-upload-core and README.rh-upload-core in specfile

 - Strip passwords from grub.conf and /etc/fstab Resolves:
 bz1107751

 - Limit the default set of logs collected for directory server Resolves: bz1086736

 - Set global[locking_type=0] when calling lvm2 commands Resolves: bz916937

 - Force LC_ALL=C for external commands Resolves: bz1099520

 - Do not verify cluster.conf for each mounted gfs2 file system Resolves: bz1098793

 - Fix insecure temporary files usage in gfs2 plugin Resolves: bz1099151

 - Suppress libxml2 debug output in gfs2 plugin Resolves:
 bz1098793

 - Use PATH when calling the klist command Resolves:
 bz1029017

 - Add SSSD plugin to collect configuration and logs Resolves: bz1018407

 - Update sos UI text to match later releases Resolves:
 bz1065468

 - Free libxml2 bindings in cluster plugin Resolves:
 bz773350

 - Suppress libxml2 debug output in cluster plugin Resolves: bz782588

 - Update URLs in README and RPM metadata Resolves:
 bz783423

 - Collect mcelog in hardware plugin Resolves: bz810701

 - Add brctl show and brctl showstp output to networking Resolves: bz833406

 - Fix installed-rpms formatting for long package names Resolves: bz978444

 - Make ethernet interface detection more robust Resolves:
 bz980177

 - Do not collect kerberos keytab files Resolves: bz1029017

 - Restrict wbinfo to local domain in samba plug-in Resolves: bz986975

 - Collect /etc/yaboot.conf in bootloader module Resolves:
 bz977187

 - Sanitize hostname when constructing tar archive names Resolves: bz976242

 - Remove anaconda-ks.cfg collection from general plug-in Resolves: bz857304

 - Check that the up2date hardware script exists before running it Resolves: bz782218

 - Ignore empty globs passed to addCopySpecLimit Resolves:
 bz782247

 - Collect /proc/iomem in the hardware module Resolves:
 bz840981

 - Elide passwords in anaconda-ks.cfg and yum.repos.d Resolves: bz857304

 - Fix collection of SELinux data when disabled Resolves:
 bz868008

 - Handle ENOSPC more gracefully Resolves: bz891155

 - Limit size of default sar log file collection Resolves:
 bz891155

 - Do not collect archived process accounting files by default Resolves: bz906071

 - Collect /etc/modprobe.d in kernel plug-in Resolves:
 bz958346

 - Collect /etc/idmapd.conf for NFS clients and servers Resolves: bz907876

 - Always log plugin exceptions that are not raised to the interpreter Resolves: bz717480

 - Ensure relative symlink targets are correctly handled when copying Resolves: bz717962

 - Correctly handle libxml2 parser exceptions when reading cluster.conf Resolves: bz750573

 - Update Red Hat Certificate System plugin for current versions Resolves: bz627416

 - Make single threaded operation default and add
 --multithread to override Resolves: bz708346

 - Support multiple possible locations of VRTSexplorer script Resolves: bz565996

 - Collect wallaby dump and inventory information in mrggrid plugin Resolves: bz641020

 - Add ethtool pause, coalesce and ring (-a, -c, -g) options to network plugin Resolves: bz726421

 - Update MRG grid plugin to collect additional logs and configuration Resolves: bz641020

 - Fix collection of symlink destinations when copying directory trees Resolves: bz717962

 - Allow plugins to specify non-root symlinks for collected command output Resolves: bz716987

 - Ensure custom rsyslog destinations are captured and log size limits applied Resolves: bz717167

 - Add basic plugin for Veritas products Resolves: bz565996

 - Do not collect subscription manager keys in general plugin Resolves: bz750606

 - Fix gfs2 plugin use of callExtProg API Resolves:
 bz667783

 - Fix exceptions and file naming in gfs2 plugin Resolves:
 bz667783

 - Fix translation for fr locale Resolves: bz641020

 - Add basic Infiniband plugin Resolves: bz673246

 - Add plugin for scsi-target-utils iSCSI target Resolves:
 bz677123

 - Fix handling of TMP environment variable Resolves:
 bz733133

 - Correctly determine kernel version in cluster plugin Resolves: bz742567

 - Add libvirt plugin Resolves: bz568635

 - Add gfs2 plugin to supplement cluster data collection Resolves: bz667783

 - Add support for collecting Red Hat Subscrition Manager configuration Resolves: bz714296

 - Fix rhelVersion and convert all in-tree users to use it Resolves: bz710567

 - Add support for --tmp-dir command line option Resolves:
 bz562283

 - Add support for collecting entitlement certificates Resolves: bz678666

 - Collect non-standard syslog and rsyslog log files Resolves: bz596970

 - Fix up2dateclient path in hardware plugin Resolves:
 bz572353

 - Add plugin to collect rsyslog configuration Resolves:
 bz548616

 - Collect /etc/sysconfig/selinux in SELinux plugin Resolves: bz674717

 - Fix parted and dumpe2fs output on s390 Resolves:
 bz645507

 - Truncate files that exceed specified size limit Resolves: bz636472

 - Update cluster plugin for group_tool and lockdump changes Resolves: bz584060

 - Fix satellite and proxy package detection in rhn plugin Resolves: bz590389

 - Add plugin to collect certificate system and pki data Resolves: bz635966

Solution

Update the affected sos package.

See Also

https://oss.oracle.com/pipermail/oraclevm-errata/2016-June/000494.html

Plugin Details

Severity: High

ID: 91754

File Name: oraclevm_OVMSA-2016-0078.nasl

Version: 2.4

Type: local

Published: 6/22/2016

Updated: 1/4/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:sos, cpe:/o:oracle:vm_server:3.2

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Patch Publication Date: 6/21/2016

Vulnerability Publication Date: 6/21/2016