RHEL 6 : openshift (RHSA-2014:1796)

High Nessus Plugin ID 119441

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

Red Hat OpenShift Enterprise release 2.2, which fixes a security issue, several bugs and includes various enhancements, is now available.

Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.

It was reported that OpenShift Enterprise 2.2 did not properly restrict access to services running on different gears. This could allow an attacker to access unprotected network resources running in another user's gear. OpenShift Enterprise 2.2 introduces the oo-gear-firewall command which creates firewall rules and SELinux policy to contain services running on gears to their own internal gear IPs. The command is invoked by default during new installations of OpenShift Enterprise 2.2 to prevent this security issue.
Administrators should run the following on node hosts in existing deployments after upgrading to 2.2 to address this security issue :

# oo-gear-firewall -i enable -s enable

Please see the man page for the oo-gear-firewall command for more details. (CVE-2014-3674)

It was reported that OpenShift Enterprise did not restrict access to the /proc/net/tcp file on gears, which allowed local users to view all listening connections and connected sockets. This could result in remote systems IP or port numbers in use being exposed which may be useful for further targeted attacks. Note that for local listeners, OSE restricts connections to within the gear by default, so even with the knowledge of the local port and IP the attacker is unable to connect. This bug fix updates the SELinux policy on node hosts to prevent this gear information from being accessed by local users.
(CVE-2014-3602)

The OpenShift Enterprise 2.2 Release Notes provide information about new features and notable technical changes in this release, as well as notes on initial installations. For more information about OpenShift Enterprise, see the documentation available at :

https://access.redhat.com/site/documentation/en-US/OpenShift_Enterpris e/2/

All OpenShift Enterprise users are advised to upgrade to release 2.2.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?9bdbd3f6

https://access.redhat.com/errata/RHSA-2014:1796

https://access.redhat.com/security/cve/cve-2014-3674

https://access.redhat.com/security/cve/cve-2014-3602

Plugin Details

Severity: High

ID: 119441

File Name: redhat-RHSA-2014-1796.nasl

Version: 1.1

Type: local

Agent: unix

Published: 2018/12/06

Modified: 2018/12/06

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:CharLS, p-cpe:/a:redhat:enterprise_linux:CharLS-debuginfo, p-cpe:/a:redhat:enterprise_linux:CharLS-devel, p-cpe:/a:redhat:enterprise_linux:ImageMagick-debuginfo, p-cpe:/a:redhat:enterprise_linux:ImageMagick-devel, p-cpe:/a:redhat:enterprise_linux:ImageMagick-doc, p-cpe:/a:redhat:enterprise_linux:ImageMagick-perl, p-cpe:/a:redhat:enterprise_linux:activemq, p-cpe:/a:redhat:enterprise_linux:activemq-client, p-cpe:/a:redhat:enterprise_linux:armadillo, p-cpe:/a:redhat:enterprise_linux:armadillo-debuginfo, p-cpe:/a:redhat:enterprise_linux:armadillo-devel, p-cpe:/a:redhat:enterprise_linux:atlas-debuginfo, p-cpe:/a:redhat:enterprise_linux:atlas-devel, p-cpe:/a:redhat:enterprise_linux:blas-devel, p-cpe:/a:redhat:enterprise_linux:cfitsio, p-cpe:/a:redhat:enterprise_linux:cfitsio-debuginfo, p-cpe:/a:redhat:enterprise_linux:cfitsio-devel, p-cpe:/a:redhat:enterprise_linux:cfitsio-docs, p-cpe:/a:redhat:enterprise_linux:cfitsio-static, p-cpe:/a:redhat:enterprise_linux:facter, p-cpe:/a:redhat:enterprise_linux:freexl, p-cpe:/a:redhat:enterprise_linux:freexl-debuginfo, p-cpe:/a:redhat:enterprise_linux:freexl-devel, p-cpe:/a:redhat:enterprise_linux:gd-debuginfo, p-cpe:/a:redhat:enterprise_linux:gd-devel, p-cpe:/a:redhat:enterprise_linux:gdal, p-cpe:/a:redhat:enterprise_linux:gdal-debuginfo, p-cpe:/a:redhat:enterprise_linux:gdal-devel, p-cpe:/a:redhat:enterprise_linux:gdal-doc, p-cpe:/a:redhat:enterprise_linux:gdal-java, p-cpe:/a:redhat:enterprise_linux:gdal-javadoc, p-cpe:/a:redhat:enterprise_linux:gdal-libs, p-cpe:/a:redhat:enterprise_linux:gdal-perl, p-cpe:/a:redhat:enterprise_linux:gdal-python, p-cpe:/a:redhat:enterprise_linux:gdal-ruby, p-cpe:/a:redhat:enterprise_linux:geos, p-cpe:/a:redhat:enterprise_linux:geos-debuginfo, p-cpe:/a:redhat:enterprise_linux:geos-devel, p-cpe:/a:redhat:enterprise_linux:ghostscript-debuginfo, p-cpe:/a:redhat:enterprise_linux:ghostscript-devel, p-cpe:/a:redhat:enterprise_linux:ghostscript-doc, p-cpe:/a:redhat:enterprise_linux:gpsbabel, p-cpe:/a:redhat:enterprise_linux:gpsbabel-debuginfo, p-cpe:/a:redhat:enterprise_linux:haproxy, p-cpe:/a:redhat:enterprise_linux:haproxy-debuginfo, p-cpe:/a:redhat:enterprise_linux:haproxy15side, p-cpe:/a:redhat:enterprise_linux:haproxy15side-debuginfo, p-cpe:/a:redhat:enterprise_linux:hdf5, p-cpe:/a:redhat:enterprise_linux:hdf5-debuginfo, p-cpe:/a:redhat:enterprise_linux:hdf5-devel, p-cpe:/a:redhat:enterprise_linux:hdf5-mpich2, p-cpe:/a:redhat:enterprise_linux:hdf5-mpich2-devel, p-cpe:/a:redhat:enterprise_linux:hdf5-mpich2-static, p-cpe:/a:redhat:enterprise_linux:hdf5-openmpi, p-cpe:/a:redhat:enterprise_linux:hdf5-openmpi-devel, p-cpe:/a:redhat:enterprise_linux:hdf5-openmpi-static, p-cpe:/a:redhat:enterprise_linux:hdf5-static, p-cpe:/a:redhat:enterprise_linux:icu-debuginfo, p-cpe:/a:redhat:enterprise_linux:jasper-debuginfo, p-cpe:/a:redhat:enterprise_linux:jasper-devel, p-cpe:/a:redhat:enterprise_linux:jboss-eap6-modules, p-cpe:/a:redhat:enterprise_linux:jboss-openshift-metrics-module, p-cpe:/a:redhat:enterprise_linux:jenkins, p-cpe:/a:redhat:enterprise_linux:jenkins-plugin-openshift, p-cpe:/a:redhat:enterprise_linux:js, p-cpe:/a:redhat:enterprise_linux:js-debuginfo, p-cpe:/a:redhat:enterprise_linux:js-devel, p-cpe:/a:redhat:enterprise_linux:json-c, p-cpe:/a:redhat:enterprise_linux:json-c-debuginfo, p-cpe:/a:redhat:enterprise_linux:json-c-devel, p-cpe:/a:redhat:enterprise_linux:json-c-doc, p-cpe:/a:redhat:enterprise_linux:jython, p-cpe:/a:redhat:enterprise_linux:jython-debuginfo, p-cpe:/a:redhat:enterprise_linux:jython-demo, p-cpe:/a:redhat:enterprise_linux:jython-javadoc, p-cpe:/a:redhat:enterprise_linux:jython-manual, p-cpe:/a:redhat:enterprise_linux:lapack-debuginfo, p-cpe:/a:redhat:enterprise_linux:lapack-devel, p-cpe:/a:redhat:enterprise_linux:lcms-debuginfo, p-cpe:/a:redhat:enterprise_linux:lcms-devel, p-cpe:/a:redhat:enterprise_linux:libc-client, p-cpe:/a:redhat:enterprise_linux:libc-client-debuginfo, p-cpe:/a:redhat:enterprise_linux:libc-client-devel, p-cpe:/a:redhat:enterprise_linux:libcgroup-debuginfo, p-cpe:/a:redhat:enterprise_linux:libcgroup-pam, p-cpe:/a:redhat:enterprise_linux:libdap, p-cpe:/a:redhat:enterprise_linux:libdap-debuginfo, p-cpe:/a:redhat:enterprise_linux:libdap-devel, p-cpe:/a:redhat:enterprise_linux:libdap-doc, p-cpe:/a:redhat:enterprise_linux:libestr, p-cpe:/a:redhat:enterprise_linux:libestr-debuginfo, p-cpe:/a:redhat:enterprise_linux:libestr-devel, p-cpe:/a:redhat:enterprise_linux:libev, p-cpe:/a:redhat:enterprise_linux:libev-debuginfo, p-cpe:/a:redhat:enterprise_linux:libev-devel, p-cpe:/a:redhat:enterprise_linux:libffi-debuginfo, p-cpe:/a:redhat:enterprise_linux:libffi-devel, p-cpe:/a:redhat:enterprise_linux:libgeotiff, p-cpe:/a:redhat:enterprise_linux:libgeotiff-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgeotiff-devel, p-cpe:/a:redhat:enterprise_linux:libgta, p-cpe:/a:redhat:enterprise_linux:libgta-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgta-devel, p-cpe:/a:redhat:enterprise_linux:libgta-doc, p-cpe:/a:redhat:enterprise_linux:libicu-devel, p-cpe:/a:redhat:enterprise_linux:libmcrypt, p-cpe:/a:redhat:enterprise_linux:libmcrypt-debuginfo, p-cpe:/a:redhat:enterprise_linux:libmcrypt-devel, p-cpe:/a:redhat:enterprise_linux:libmongodb, p-cpe:/a:redhat:enterprise_linux:libreadline-java, p-cpe:/a:redhat:enterprise_linux:libreadline-java-debuginfo, p-cpe:/a:redhat:enterprise_linux:libreadline-java-javadoc, p-cpe:/a:redhat:enterprise_linux:libspatialite, p-cpe:/a:redhat:enterprise_linux:libspatialite-debuginfo, p-cpe:/a:redhat:enterprise_linux:libspatialite-devel, p-cpe:/a:redhat:enterprise_linux:libwebp, p-cpe:/a:redhat:enterprise_linux:libwebp-debuginfo, p-cpe:/a:redhat:enterprise_linux:libwebp-devel, p-cpe:/a:redhat:enterprise_linux:libwebp-java, p-cpe:/a:redhat:enterprise_linux:libwebp-tools, p-cpe:/a:redhat:enterprise_linux:maven3, p-cpe:/a:redhat:enterprise_linux:mod_passenger, p-cpe:/a:redhat:enterprise_linux:mongodb, p-cpe:/a:redhat:enterprise_linux:mongodb-debuginfo, p-cpe:/a:redhat:enterprise_linux:mongodb-server, p-cpe:/a:redhat:enterprise_linux:netcdf, p-cpe:/a:redhat:enterprise_linux:netcdf-debuginfo, p-cpe:/a:redhat:enterprise_linux:netcdf-devel, p-cpe:/a:redhat:enterprise_linux:netcdf-static, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-bignumber.js, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-bson, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-bson-debuginfo, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-buffer-crc32, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-bytes, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-colors, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-commander, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-connect, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-cookie, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-cookie-signature, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-debug, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-express, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-formidable, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-fresh, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-generic-pool, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-keypress, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-methods, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-mongodb, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-mysql, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-node-static, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-optimist, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-options, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-pause, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-pg, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-pg-debuginfo, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-range-parser, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-require-all, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-send, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-supervisor, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-tinycolor, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-wordwrap, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-ws, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-ws-debuginfo, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-release, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-upgrade-broker, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-upgrade-node, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-yum-validator, p-cpe:/a:redhat:enterprise_linux:openshift-origin-broker, p-cpe:/a:redhat:enterprise_linux:openshift-origin-broker-util, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-cron, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-jbosseap, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-jbossews, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-nodejs, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-perl, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-php, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-python, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-ruby, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-jbosseap, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-jbossews, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-nodejs, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-perl, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-php, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-python, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-ruby, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-diy, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-haproxy, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jbosseap, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jbossews, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jenkins, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jenkins-client, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mock, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mock-plugin, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mongodb, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mysql, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-nodejs, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-perl, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-php, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-postgresql, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-python, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-ruby, p-cpe:/a:redhat:enterprise_linux:openshift-origin-console, p-cpe:/a:redhat:enterprise_linux:openshift-origin-logshifter, p-cpe:/a:redhat:enterprise_linux:openshift-origin-msg-common, p-cpe:/a:redhat:enterprise_linux:openshift-origin-msg-node-mcollective, p-cpe:/a:redhat:enterprise_linux:openshift-origin-node-proxy, p-cpe:/a:redhat:enterprise_linux:openshift-origin-node-util, p-cpe:/a:redhat:enterprise_linux:openshift-origin-port-proxy, p-cpe:/a:redhat:enterprise_linux:openshift-origin-util-scl, p-cpe:/a:redhat:enterprise_linux:pam_openshift, p-cpe:/a:redhat:enterprise_linux:pam_openshift-debuginfo, p-cpe:/a:redhat:enterprise_linux:perl-App-cpanminus, p-cpe:/a:redhat:enterprise_linux:perl-Class-Accessor, p-cpe:/a:redhat:enterprise_linux:perl-Class-DBI, p-cpe:/a:redhat:enterprise_linux:perl-Class-DBI-Pg, p-cpe:/a:redhat:enterprise_linux:perl-Class-Data-Inheritable, p-cpe:/a:redhat:enterprise_linux:perl-Class-Factory-Util, p-cpe:/a:redhat:enterprise_linux:perl-Class-Trigger, p-cpe:/a:redhat:enterprise_linux:perl-Clone, p-cpe:/a:redhat:enterprise_linux:perl-Clone-debuginfo, p-cpe:/a:redhat:enterprise_linux:perl-DBIx-ContextualFetch, p-cpe:/a:redhat:enterprise_linux:perl-DateTime-Format-Builder, p-cpe:/a:redhat:enterprise_linux:perl-DateTime-Format-Pg, p-cpe:/a:redhat:enterprise_linux:perl-DateTime-Format-Strptime, p-cpe:/a:redhat:enterprise_linux:perl-IO-stringy, p-cpe:/a:redhat:enterprise_linux:perl-Ima-DBI, p-cpe:/a:redhat:enterprise_linux:perl-JSON, p-cpe:/a:redhat:enterprise_linux:perl-UNIVERSAL-moniker, p-cpe:/a:redhat:enterprise_linux:perl-YAML, p-cpe:/a:redhat:enterprise_linux:php-bcmath, p-cpe:/a:redhat:enterprise_linux:php-debuginfo, p-cpe:/a:redhat:enterprise_linux:php-devel, p-cpe:/a:redhat:enterprise_linux:php-extras-debuginfo, p-cpe:/a:redhat:enterprise_linux:php-fpm, p-cpe:/a:redhat:enterprise_linux:php-imap, p-cpe:/a:redhat:enterprise_linux:php-intl, p-cpe:/a:redhat:enterprise_linux:php-mbstring, p-cpe:/a:redhat:enterprise_linux:php-mcrypt, p-cpe:/a:redhat:enterprise_linux:php-pear-MDB2, p-cpe:/a:redhat:enterprise_linux:php-pear-MDB2-Driver-pgsql, p-cpe:/a:redhat:enterprise_linux:php-pecl-imagick, p-cpe:/a:redhat:enterprise_linux:php-pecl-imagick-debuginfo, p-cpe:/a:redhat:enterprise_linux:php-pecl-mongo, p-cpe:/a:redhat:enterprise_linux:php-pecl-mongo-debuginfo, p-cpe:/a:redhat:enterprise_linux:php-pecl-xdebug, p-cpe:/a:redhat:enterprise_linux:php-pecl-xdebug-debuginfo, p-cpe:/a:redhat:enterprise_linux:php-process, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-imagick, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-imagick-debuginfo, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-mongo, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-mongo-debuginfo, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-xdebug, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-xdebug-debuginfo, p-cpe:/a:redhat:enterprise_linux:postgis, p-cpe:/a:redhat:enterprise_linux:postgis-debuginfo, p-cpe:/a:redhat:enterprise_linux:postgis-docs, p-cpe:/a:redhat:enterprise_linux:postgresql-ip4r, p-cpe:/a:redhat:enterprise_linux:postgresql-ip4r-debuginfo, p-cpe:/a:redhat:enterprise_linux:postgresql92-pgRouting, p-cpe:/a:redhat:enterprise_linux:postgresql92-pgRouting-debuginfo, p-cpe:/a:redhat:enterprise_linux:postgresql92-postgis, p-cpe:/a:redhat:enterprise_linux:postgresql92-postgis-debuginfo, p-cpe:/a:redhat:enterprise_linux:postgresql92-postgis-docs, p-cpe:/a:redhat:enterprise_linux:postgresql92-postgis-utils, p-cpe:/a:redhat:enterprise_linux:proj, p-cpe:/a:redhat:enterprise_linux:proj-debuginfo, p-cpe:/a:redhat:enterprise_linux:proj-devel, p-cpe:/a:redhat:enterprise_linux:proj-nad, p-cpe:/a:redhat:enterprise_linux:python-bson, p-cpe:/a:redhat:enterprise_linux:python-pymongo, p-cpe:/a:redhat:enterprise_linux:python-pymongo-debuginfo, p-cpe:/a:redhat:enterprise_linux:python-pymongo-gridfs, p-cpe:/a:redhat:enterprise_linux:python-virtualenv, p-cpe:/a:redhat:enterprise_linux:python27-mod_wsgi, p-cpe:/a:redhat:enterprise_linux:python27-mod_wsgi-debuginfo, p-cpe:/a:redhat:enterprise_linux:python27-python-pip, p-cpe:/a:redhat:enterprise_linux:python27-python-pip-virtualenv, p-cpe:/a:redhat:enterprise_linux:python33-mod_wsgi, p-cpe:/a:redhat:enterprise_linux:python33-mod_wsgi-debuginfo, p-cpe:/a:redhat:enterprise_linux:quartz, p-cpe:/a:redhat:enterprise_linux:rhc, p-cpe:/a:redhat:enterprise_linux:rsyslog7-debuginfo, p-cpe:/a:redhat:enterprise_linux:rsyslog7-mmopenshift, p-cpe:/a:redhat:enterprise_linux:ruby-RMagick, p-cpe:/a:redhat:enterprise_linux:ruby-RMagick-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby-mysql, p-cpe:/a:redhat:enterprise_linux:ruby-mysql-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby-nokogiri, p-cpe:/a:redhat:enterprise_linux:ruby-sqlite3, p-cpe:/a:redhat:enterprise_linux:ruby193-facter, p-cpe:/a:redhat:enterprise_linux:ruby193-js, p-cpe:/a:redhat:enterprise_linux:ruby193-js-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-js-devel, p-cpe:/a:redhat:enterprise_linux:ruby193-mcollective, p-cpe:/a:redhat:enterprise_linux:ruby193-mcollective-client, p-cpe:/a:redhat:enterprise_linux:ruby193-mcollective-common, p-cpe:/a:redhat:enterprise_linux:ruby193-mod_passenger, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-mysql, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-mysql-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-selinux, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-selinux-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-wrapper, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bson, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bson_ext, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bson_ext-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-chunky_png, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-commander, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-compass, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-compass-rails, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-daemon_controller, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-daemons, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-dnsruby, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-excon, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-excon-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fastthread, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fastthread-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-file-tail, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-brightbox, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-core, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-json, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-json-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-formatador, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-formatador-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-formtastic, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fssm, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-haml, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-highline, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-httpclient, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-jquery-rails, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json_pure, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-minitest, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-mongo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-mongoid, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-moped, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-ldap, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-scp, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-scp-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-ssh, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-ssh-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-nokogiri, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-nokogiri-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-nokogiri-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-open4, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-origin, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-parallel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-parseconfig, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-devel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-pg, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-pg-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rdiscount, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rdiscount-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-regin, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rest-client, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby2ruby, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby_parser, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-safe_yaml, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sass-twitter-bootstrap, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sexp_processor, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-spruz, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-state_machine, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-stomp, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-syslog-logger, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-systemu, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-term-ansicolor, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-xml-simple, p-cpe:/a:redhat:enterprise_linux:ruby200-mod_passenger, p-cpe:/a:redhat:enterprise_linux:ruby200-rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:ruby200-rubygem-passenger-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby200-rubygem-passenger-devel, p-cpe:/a:redhat:enterprise_linux:ruby200-rubygem-passenger-doc, p-cpe:/a:redhat:enterprise_linux:ruby200-rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:ruby200-rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:rubygem-ParseTree, p-cpe:/a:redhat:enterprise_linux:rubygem-RubyInline, p-cpe:/a:redhat:enterprise_linux:rubygem-ZenTest, p-cpe:/a:redhat:enterprise_linux:rubygem-archive-tar-minitar, p-cpe:/a:redhat:enterprise_linux:rubygem-bson, p-cpe:/a:redhat:enterprise_linux:rubygem-bson_ext, p-cpe:/a:redhat:enterprise_linux:rubygem-bson_ext-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-bundler, p-cpe:/a:redhat:enterprise_linux:rubygem-commander, p-cpe:/a:redhat:enterprise_linux:rubygem-diff-lcs, p-cpe:/a:redhat:enterprise_linux:rubygem-fastthread, p-cpe:/a:redhat:enterprise_linux:rubygem-file-tail, p-cpe:/a:redhat:enterprise_linux:rubygem-highline, p-cpe:/a:redhat:enterprise_linux:rubygem-httpclient, p-cpe:/a:redhat:enterprise_linux:rubygem-json, p-cpe:/a:redhat:enterprise_linux:rubygem-json-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-net-scp, p-cpe:/a:redhat:enterprise_linux:rubygem-net-ssh, p-cpe:/a:redhat:enterprise_linux:rubygem-net-ssh-gateway, p-cpe:/a:redhat:enterprise_linux:rubygem-net-ssh-multi, p-cpe:/a:redhat:enterprise_linux:rubygem-nokogiri, p-cpe:/a:redhat:enterprise_linux:rubygem-nokogiri-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-open4, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-admin-console, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-auth-remote-user, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-common, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-console, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-container-selinux, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-controller, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-dns-dynect, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-dns-fog, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-dns-nsupdate, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-apache-mod-rewrite, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-apache-vhost, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-apachedb, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-haproxy-sni-proxy, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-nodejs-websocket, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-gear-placement, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-msg-broker-mcollective, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-node, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-routing-activemq, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-routing-daemon, p-cpe:/a:redhat:enterprise_linux:rubygem-parseconfig, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-devel, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:rubygem-rack, p-cpe:/a:redhat:enterprise_linux:rubygem-rake, p-cpe:/a:redhat:enterprise_linux:rubygem-regin, p-cpe:/a:redhat:enterprise_linux:rubygem-ruby2ruby, p-cpe:/a:redhat:enterprise_linux:rubygem-ruby_parser, p-cpe:/a:redhat:enterprise_linux:rubygem-sexp_processor, p-cpe:/a:redhat:enterprise_linux:rubygem-spruz, p-cpe:/a:redhat:enterprise_linux:rubygem-sqlite3, p-cpe:/a:redhat:enterprise_linux:rubygem-sqlite3-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-stomp, p-cpe:/a:redhat:enterprise_linux:rubygem-systemu, p-cpe:/a:redhat:enterprise_linux:rubygem-test-unit, p-cpe:/a:redhat:enterprise_linux:rubygem-thor, p-cpe:/a:redhat:enterprise_linux:rubygem-thread-dump, p-cpe:/a:redhat:enterprise_linux:rubygem-thread-dump-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygems, p-cpe:/a:redhat:enterprise_linux:rubygems-devel, p-cpe:/a:redhat:enterprise_linux:shapelib, p-cpe:/a:redhat:enterprise_linux:shapelib-debuginfo, p-cpe:/a:redhat:enterprise_linux:shapelib-devel, p-cpe:/a:redhat:enterprise_linux:socat, p-cpe:/a:redhat:enterprise_linux:socat-debuginfo, p-cpe:/a:redhat:enterprise_linux:ta-lib, p-cpe:/a:redhat:enterprise_linux:ta-lib-debuginfo, p-cpe:/a:redhat:enterprise_linux:ta-lib-devel, p-cpe:/a:redhat:enterprise_linux:uuid-debuginfo, p-cpe:/a:redhat:enterprise_linux:uuid-devel, p-cpe:/a:redhat:enterprise_linux:uuid-pgsql, p-cpe:/a:redhat:enterprise_linux:v8, p-cpe:/a:redhat:enterprise_linux:v8-debuginfo, p-cpe:/a:redhat:enterprise_linux:v8-devel, p-cpe:/a:redhat:enterprise_linux:xerces-c, p-cpe:/a:redhat:enterprise_linux:xerces-c-debuginfo, p-cpe:/a:redhat:enterprise_linux:xerces-c-devel, p-cpe:/a:redhat:enterprise_linux:xerces-c-doc, p-cpe:/a:redhat:enterprise_linux:yum-plugin-priorities, cpe:/o:redhat:enterprise_linux:6

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/11/03

Reference Information

CVE: CVE-2014-3602, CVE-2014-3674

BID: 71090, 71092

RHSA: 2014:1796