RHEL 5 / 6 : rhncfg (RHSA-2012:1369)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated rhncfg packages that fix one security issue, two bugs, and add
one enhancement are now available for Red Hat Network Tools for Red
Hat Enterprise Linux 5 and 6; Red Hat Enterprise Linux 5.3 Long Life;
and Red Hat Enterprise Linux 5.6, 6.0, 6.1, and 6.2 Extended Update
Support.

The Red Hat Security Response Team has rated this update as having
moderate security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from
the CVE link in the References section.

Red Hat Network Tools provide programs and libraries that allow your
system to use provisioning, monitoring, and configuration management
capabilities provided by Red Hat Network and Red Hat Network
Satellite.

It was discovered that the Red Hat Network (RHN) Configuration Client
(rhncfg-client) tool set world-readable permissions on the '/var/log/
rhncfg-actions' file, used to store the output of different
rhncfg-client actions (such as diffing and verifying files). This
could possibly allow a local attacker to obtain sensitive information
they would otherwise not have access to. (CVE-2012-2679)

Note: With this update, rhncfg-client cannot create diffs of files
that are not already world-readable, and '/var/log/rhncfg-actions' can
only be read and written to by the root user.

This issue was discovered by Paul Wouters of Red Hat.

This update also fixes the following bugs :

* When the user attempted to use the 'rhncfg-client get' command to
download a backup of deployed configuration files and these
configuration files contained a broken symbolic link, the command
failed with an error. This update ensures that 'rhncfg-client get' no
longer fails in this scenario. (BZ#836445)

* The SYNOPSIS section of the rhn-actions-control(8) manual page has
been updated to include the '--report' command line option as
expected. (BZ# 820517)

As well, this update adds the following enhancement :

* The rhncfg-manager utility now supports a new command line option,
'--selinux-context'. This option can be used to upload files and
directories without setting the Security-Enhanced Linux (SELinux)
context. (BZ#770575)

All users of Red Hat Network Tools are advised to upgrade to these
updated packages, which correct these issues and add this enhancement.

See also :

https://access.redhat.com/errata/RHSA-2012:1369.html
https://www.redhat.com/security/data/cve/CVE-2012-2679.html

Solution :

Update the affected packages.

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 1.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Red Hat Local Security Checks

Nessus Plugin ID: 78937 ()

Bugtraq ID: 55934

CVE ID: CVE-2012-2679

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now