RHEL 7 : openshift (RHSA-2016:0070)

Critical Nessus Plugin ID 119442

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

Red Hat OpenShift Enterprise release 3.1.1 is now available with updates to packages that fix several security issues, bugs and introduce feature enhancements.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.

The following security issues are addressed with this release :

An authorization flaw was discovered in Kubernetes; the API server did not properly check user permissions when handling certain requests. An authenticated remote attacker could use this flaw to gain additional access to resources such as RAM and disk space. (CVE-2016-1905)

An authorization flaw was discovered in Kubernetes; the API server did not properly check user permissions when handling certain build- configuration strategies. A remote attacker could create build configurations with strategies that violate policy. Although the attacker could not launch the build themselves (launch fails when the policy is violated), if the build configuration files were later launched by other privileged services (such as automated triggers), user privileges could be bypassed allowing attacker escalation.
(CVE-2016-1906)

An update for Jenkins Continuous Integration Server that addresses a large number of security issues including XSS, CSRF, information disclosure and code execution have been addressed as well.
(CVE-2013-2186, CVE-2014-1869, CVE-2014-3661, CVE-2014-3662 CVE-2014-3663, CVE-2014-3664, CVE-2014-3666, CVE-2014-3667 CVE-2014-3680, CVE-2014-3681, CVE-2015-1806, CVE-2015-1807 CVE-2015-1808, CVE-2015-1810, CVE-2015-1812, CVE-2015-1813 CVE-2015-1814, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319 CVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323 CVE-2015-5324, CVE-2015-5325, CVE-2015-5326 ,CVE-2015-7537 CVE-2015-7538, CVE-2015-7539, CVE-2015-8103)

Space precludes documenting all of the bug fixes and enhancements in this advisory. See the OpenShift Enterprise 3.1 Release Notes, which will be updated shortly for release 3.1.1, for details about these changes :

https://docs.openshift.com/enterprise/3.1/release_notes/ ose_3_1_release_notes.html

All OpenShift Enterprise 3 users are advised to upgrade to these updated packages.

Solution

Update the affected packages.

See Also

https://access.redhat.com/errata/RHSA-2016:0070

https://access.redhat.com/security/cve/cve-2013-2186

https://access.redhat.com/security/cve/cve-2014-1869

https://access.redhat.com/security/cve/cve-2014-3661

https://access.redhat.com/security/cve/cve-2014-3662

https://access.redhat.com/security/cve/cve-2014-3663

https://access.redhat.com/security/cve/cve-2014-3664

https://access.redhat.com/security/cve/cve-2014-3666

https://access.redhat.com/security/cve/cve-2014-3667

https://access.redhat.com/security/cve/cve-2014-3680

https://access.redhat.com/security/cve/cve-2014-3681

https://access.redhat.com/security/cve/cve-2015-1806

https://access.redhat.com/security/cve/cve-2015-1807

https://access.redhat.com/security/cve/cve-2015-1808

https://access.redhat.com/security/cve/cve-2015-1810

https://access.redhat.com/security/cve/cve-2015-1812

https://access.redhat.com/security/cve/cve-2015-1813

https://access.redhat.com/security/cve/cve-2015-1814

https://access.redhat.com/security/cve/cve-2015-5317

https://access.redhat.com/security/cve/cve-2015-5318

https://access.redhat.com/security/cve/cve-2015-5319

https://access.redhat.com/security/cve/cve-2015-5320

https://access.redhat.com/security/cve/cve-2015-5321

https://access.redhat.com/security/cve/cve-2015-5322

https://access.redhat.com/security/cve/cve-2015-5323

https://access.redhat.com/security/cve/cve-2015-5324

https://access.redhat.com/security/cve/cve-2015-5325

https://access.redhat.com/security/cve/cve-2015-5326

https://access.redhat.com/security/cve/cve-2015-7537

https://access.redhat.com/security/cve/cve-2015-7538

https://access.redhat.com/security/cve/cve-2015-7539

https://access.redhat.com/security/cve/cve-2015-8103

https://access.redhat.com/security/cve/cve-2016-1905

https://access.redhat.com/security/cve/cve-2016-1906

https://www.tenable.com/security/research/tra-2016-23

Plugin Details

Severity: Critical

ID: 119442

File Name: redhat-RHSA-2016-0070.nasl

Version: 1.1

Type: local

Agent: unix

Published: 2018/12/06

Modified: 2018/12/06

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:atomic-openshift, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-dockerregistry, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-recycle, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-utils, p-cpe:/a:redhat:enterprise_linux:heapster, p-cpe:/a:redhat:enterprise_linux:jenkins, p-cpe:/a:redhat:enterprise_linux:nodejs-align-text, p-cpe:/a:redhat:enterprise_linux:nodejs-ansi-green, p-cpe:/a:redhat:enterprise_linux:nodejs-ansi-wrap, p-cpe:/a:redhat:enterprise_linux:nodejs-anymatch, p-cpe:/a:redhat:enterprise_linux:nodejs-arr-diff, p-cpe:/a:redhat:enterprise_linux:nodejs-arr-flatten, p-cpe:/a:redhat:enterprise_linux:nodejs-array-unique, p-cpe:/a:redhat:enterprise_linux:nodejs-arrify, p-cpe:/a:redhat:enterprise_linux:nodejs-async-each, p-cpe:/a:redhat:enterprise_linux:nodejs-binary-extensions, p-cpe:/a:redhat:enterprise_linux:nodejs-braces, p-cpe:/a:redhat:enterprise_linux:nodejs-capture-stack-trace, p-cpe:/a:redhat:enterprise_linux:nodejs-chokidar, p-cpe:/a:redhat:enterprise_linux:nodejs-configstore, p-cpe:/a:redhat:enterprise_linux:nodejs-create-error-class, p-cpe:/a:redhat:enterprise_linux:nodejs-deep-extend, p-cpe:/a:redhat:enterprise_linux:nodejs-duplexer, p-cpe:/a:redhat:enterprise_linux:nodejs-duplexify, p-cpe:/a:redhat:enterprise_linux:nodejs-end-of-stream, p-cpe:/a:redhat:enterprise_linux:nodejs-error-ex, p-cpe:/a:redhat:enterprise_linux:nodejs-es6-promise, p-cpe:/a:redhat:enterprise_linux:nodejs-event-stream, p-cpe:/a:redhat:enterprise_linux:nodejs-expand-brackets, p-cpe:/a:redhat:enterprise_linux:nodejs-expand-range, p-cpe:/a:redhat:enterprise_linux:nodejs-extglob, p-cpe:/a:redhat:enterprise_linux:nodejs-filename-regex, p-cpe:/a:redhat:enterprise_linux:nodejs-fill-range, p-cpe:/a:redhat:enterprise_linux:nodejs-for-in, p-cpe:/a:redhat:enterprise_linux:nodejs-for-own, p-cpe:/a:redhat:enterprise_linux:nodejs-from, p-cpe:/a:redhat:enterprise_linux:nodejs-glob-base, p-cpe:/a:redhat:enterprise_linux:nodejs-glob-parent, p-cpe:/a:redhat:enterprise_linux:nodejs-got, p-cpe:/a:redhat:enterprise_linux:nodejs-graceful-fs, p-cpe:/a:redhat:enterprise_linux:nodejs-ini, p-cpe:/a:redhat:enterprise_linux:nodejs-is-binary-path, p-cpe:/a:redhat:enterprise_linux:nodejs-is-dotfile, p-cpe:/a:redhat:enterprise_linux:nodejs-is-equal-shallow, p-cpe:/a:redhat:enterprise_linux:nodejs-is-extendable, p-cpe:/a:redhat:enterprise_linux:nodejs-is-extglob, p-cpe:/a:redhat:enterprise_linux:nodejs-is-glob, p-cpe:/a:redhat:enterprise_linux:nodejs-is-npm, p-cpe:/a:redhat:enterprise_linux:nodejs-is-number, p-cpe:/a:redhat:enterprise_linux:nodejs-is-plain-obj, p-cpe:/a:redhat:enterprise_linux:nodejs-is-primitive, p-cpe:/a:redhat:enterprise_linux:nodejs-is-redirect, p-cpe:/a:redhat:enterprise_linux:nodejs-is-stream, p-cpe:/a:redhat:enterprise_linux:nodejs-isobject, p-cpe:/a:redhat:enterprise_linux:nodejs-kind-of, p-cpe:/a:redhat:enterprise_linux:nodejs-latest-version, p-cpe:/a:redhat:enterprise_linux:nodejs-lazy-cache, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.assign, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.baseassign, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.basecopy, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.bindcallback, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.createassigner, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.defaults, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.getnative, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.isarguments, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.isarray, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.isiterateecall, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.keys, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.restparam, p-cpe:/a:redhat:enterprise_linux:nodejs-lowercase-keys, p-cpe:/a:redhat:enterprise_linux:nodejs-map-stream, p-cpe:/a:redhat:enterprise_linux:nodejs-micromatch, p-cpe:/a:redhat:enterprise_linux:nodejs-mkdirp, p-cpe:/a:redhat:enterprise_linux:nodejs-node-status-codes, p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon, p-cpe:/a:redhat:enterprise_linux:nodejs-normalize-path, p-cpe:/a:redhat:enterprise_linux:nodejs-object-assign, p-cpe:/a:redhat:enterprise_linux:nodejs-object.omit, p-cpe:/a:redhat:enterprise_linux:nodejs-optimist, p-cpe:/a:redhat:enterprise_linux:nodejs-os-homedir, p-cpe:/a:redhat:enterprise_linux:nodejs-os-tmpdir, p-cpe:/a:redhat:enterprise_linux:nodejs-osenv, p-cpe:/a:redhat:enterprise_linux:nodejs-package-json, p-cpe:/a:redhat:enterprise_linux:nodejs-parse-glob, p-cpe:/a:redhat:enterprise_linux:nodejs-parse-json, p-cpe:/a:redhat:enterprise_linux:nodejs-pause-stream, p-cpe:/a:redhat:enterprise_linux:nodejs-pinkie, p-cpe:/a:redhat:enterprise_linux:nodejs-pinkie-promise, p-cpe:/a:redhat:enterprise_linux:nodejs-prepend-http, p-cpe:/a:redhat:enterprise_linux:nodejs-preserve, p-cpe:/a:redhat:enterprise_linux:nodejs-ps-tree, p-cpe:/a:redhat:enterprise_linux:nodejs-randomatic, p-cpe:/a:redhat:enterprise_linux:nodejs-rc, p-cpe:/a:redhat:enterprise_linux:nodejs-read-all-stream, p-cpe:/a:redhat:enterprise_linux:nodejs-readdirp, p-cpe:/a:redhat:enterprise_linux:nodejs-regex-cache, p-cpe:/a:redhat:enterprise_linux:nodejs-registry-url, p-cpe:/a:redhat:enterprise_linux:nodejs-repeat-element, p-cpe:/a:redhat:enterprise_linux:nodejs-semver, p-cpe:/a:redhat:enterprise_linux:nodejs-semver-diff, p-cpe:/a:redhat:enterprise_linux:nodejs-slide, p-cpe:/a:redhat:enterprise_linux:nodejs-split, p-cpe:/a:redhat:enterprise_linux:nodejs-stream-combiner, p-cpe:/a:redhat:enterprise_linux:nodejs-string-length, p-cpe:/a:redhat:enterprise_linux:nodejs-strip-json-comments, p-cpe:/a:redhat:enterprise_linux:nodejs-success-symbol, p-cpe:/a:redhat:enterprise_linux:nodejs-through, p-cpe:/a:redhat:enterprise_linux:nodejs-timed-out, p-cpe:/a:redhat:enterprise_linux:nodejs-touch, p-cpe:/a:redhat:enterprise_linux:nodejs-undefsafe, p-cpe:/a:redhat:enterprise_linux:nodejs-unzip-response, p-cpe:/a:redhat:enterprise_linux:nodejs-update-notifier, p-cpe:/a:redhat:enterprise_linux:nodejs-url-parse-lax, p-cpe:/a:redhat:enterprise_linux:nodejs-uuid, p-cpe:/a:redhat:enterprise_linux:nodejs-write-file-atomic, p-cpe:/a:redhat:enterprise_linux:nodejs-xdg-basedir, p-cpe:/a:redhat:enterprise_linux:nss_wrapper, p-cpe:/a:redhat:enterprise_linux:nss_wrapper-debuginfo, p-cpe:/a:redhat:enterprise_linux:openshift-ansible, p-cpe:/a:redhat:enterprise_linux:openshift-ansible-docs, p-cpe:/a:redhat:enterprise_linux:openshift-ansible-filter-plugins, p-cpe:/a:redhat:enterprise_linux:openshift-ansible-lookup-plugins, p-cpe:/a:redhat:enterprise_linux:openshift-ansible-playbooks, p-cpe:/a:redhat:enterprise_linux:openshift-ansible-roles, p-cpe:/a:redhat:enterprise_linux:openvswitch, p-cpe:/a:redhat:enterprise_linux:openvswitch-debuginfo, p-cpe:/a:redhat:enterprise_linux:openvswitch-devel, p-cpe:/a:redhat:enterprise_linux:openvswitch-test, p-cpe:/a:redhat:enterprise_linux:origin-kibana, p-cpe:/a:redhat:enterprise_linux:python-openvswitch, p-cpe:/a:redhat:enterprise_linux:tuned-profiles-atomic-openshift-node, cpe:/o:redhat:enterprise_linux:7

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/01/26

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (OpenNMS Java Object Unserialization Remote Code Execution)

Reference Information

CVE: CVE-2013-2186, CVE-2014-1869, CVE-2014-3661, CVE-2014-3662, CVE-2014-3663, CVE-2014-3664, CVE-2014-3666, CVE-2014-3667, CVE-2014-3680, CVE-2014-3681, CVE-2015-1806, CVE-2015-1807, CVE-2015-1808, CVE-2015-1810, CVE-2015-1812, CVE-2015-1813, CVE-2015-1814, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319, CVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323, CVE-2015-5324, CVE-2015-5325, CVE-2015-5326, CVE-2015-7537, CVE-2015-7538, CVE-2015-7539, CVE-2015-8103, CVE-2016-1905, CVE-2016-1906