EulerOS 2.0 SP1 : cpio (EulerOS-SA-2016-1041)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote EulerOS host is missing multiple security updates.

Description :

According to the versions of the cpio package installed, the EulerOS
installation on the remote host is affected by the following
vulnerabilities :

- GNU cpio copies files into or out of a cpio or tar
archive. Archives are files which contain a collection
of other files plus information about them, such as
their file name, owner, timestamps, and access
permissions. The archive can be another file on the
disk, a magnetic tape, or a pipe. GNU cpio supports the
following archive formats: binary, old ASCII, new
ASCII, crc, HPUX binary, HPUX old ASCII, old tar and
POSIX.1 tar. By default, cpio creates binary format
archives, so that they are compatible with older cpio
programs. When it is extracting files from archives,
cpio automatically recognizes which kind of archive it
is reading and can read archives created on machines
with a different byte-order.

- Security Fix(es)

- The cpio_safer_name_suffix function in util.c in cpio
2.11 allows remote attackers to cause a denial of
service (out-of-bounds write) via a crafted cpio
file.(CVE-2016-2037)

- cpio 2.11, when using the --no-absolute-filenames
option, allows local users to write to arbitrary files
via a symlink attack on a file in an
archive.(CVE-2015-1197)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?501999ea

Solution :

Update the affected cpio packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: Huawei Local Security Checks

Nessus Plugin ID: 99804 ()

Bugtraq ID: 71914

CVE ID: CVE-2015-1197
CVE-2016-2037

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now