RHEL 7 : openshift (RHSA-2016:0070)

Critical Nessus Plugin ID 119442

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

Red Hat OpenShift Enterprise release 3.1.1 is now available with
updates to packages that fix several security issues, bugs and
introduce feature enhancements.

Red Hat Product Security has rated this update as having Important
security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

OpenShift Enterprise by Red Hat is the company's cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or
private cloud deployments.

The following security issues are addressed with this release :

An authorization flaw was discovered in Kubernetes; the API server did
not properly check user permissions when handling certain requests. An
authenticated remote attacker could use this flaw to gain additional
access to resources such as RAM and disk space. (CVE-2016-1905)

An authorization flaw was discovered in Kubernetes; the API server did
not properly check user permissions when handling certain build-
configuration strategies. A remote attacker could create build
configurations with strategies that violate policy. Although the
attacker could not launch the build themselves (launch fails when the
policy is violated), if the build configuration files were later
launched by other privileged services (such as automated triggers),
user privileges could be bypassed allowing attacker escalation.
(CVE-2016-1906)

An update for Jenkins Continuous Integration Server that addresses a
large number of security issues including XSS, CSRF, information
disclosure and code execution have been addressed as well.
(CVE-2013-2186, CVE-2014-1869, CVE-2014-3661, CVE-2014-3662
CVE-2014-3663, CVE-2014-3664, CVE-2014-3666, CVE-2014-3667
CVE-2014-3680, CVE-2014-3681, CVE-2015-1806, CVE-2015-1807
CVE-2015-1808, CVE-2015-1810, CVE-2015-1812, CVE-2015-1813
CVE-2015-1814, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319
CVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323
CVE-2015-5324, CVE-2015-5325, CVE-2015-5326 ,CVE-2015-7537
CVE-2015-7538, CVE-2015-7539, CVE-2015-8103)

Space precludes documenting all of the bug fixes and enhancements in
this advisory. See the OpenShift Enterprise 3.1 Release Notes, which
will be updated shortly for release 3.1.1, for details about these
changes :

https://docs.openshift.com/enterprise/3.1/release_notes/
ose_3_1_release_notes.html

All OpenShift Enterprise 3 users are advised to upgrade to these
updated packages.

Solution

Update the affected packages.

See Also

https://access.redhat.com/errata/RHSA-2016:0070

https://access.redhat.com/security/cve/cve-2013-2186

https://access.redhat.com/security/cve/cve-2014-1869

https://access.redhat.com/security/cve/cve-2014-3661

https://access.redhat.com/security/cve/cve-2014-3662

https://access.redhat.com/security/cve/cve-2014-3663

https://access.redhat.com/security/cve/cve-2014-3664

https://access.redhat.com/security/cve/cve-2014-3666

https://access.redhat.com/security/cve/cve-2014-3667

https://access.redhat.com/security/cve/cve-2014-3680

https://access.redhat.com/security/cve/cve-2014-3681

https://access.redhat.com/security/cve/cve-2015-1806

https://access.redhat.com/security/cve/cve-2015-1807

https://access.redhat.com/security/cve/cve-2015-1808

https://access.redhat.com/security/cve/cve-2015-1810

https://access.redhat.com/security/cve/cve-2015-1812

https://access.redhat.com/security/cve/cve-2015-1813

https://access.redhat.com/security/cve/cve-2015-1814

https://access.redhat.com/security/cve/cve-2015-5317

https://access.redhat.com/security/cve/cve-2015-5318

https://access.redhat.com/security/cve/cve-2015-5319

https://access.redhat.com/security/cve/cve-2015-5320

https://access.redhat.com/security/cve/cve-2015-5321

https://access.redhat.com/security/cve/cve-2015-5322

https://access.redhat.com/security/cve/cve-2015-5323

https://access.redhat.com/security/cve/cve-2015-5324

https://access.redhat.com/security/cve/cve-2015-5325

https://access.redhat.com/security/cve/cve-2015-5326

https://access.redhat.com/security/cve/cve-2015-7537

https://access.redhat.com/security/cve/cve-2015-7538

https://access.redhat.com/security/cve/cve-2015-7539

https://access.redhat.com/security/cve/cve-2015-8103

https://access.redhat.com/security/cve/cve-2016-1905

https://access.redhat.com/security/cve/cve-2016-1906

https://www.tenable.com/security/research/tra-2016-23

Plugin Details

Severity: Critical

ID: 119442

File Name: redhat-RHSA-2016-0070.nasl

Version: 1.1

Type: local

Agent: unix

Published: 2018/12/06

Modified: 2018/12/06

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:atomic-openshift, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-dockerregistry, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-recycle, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs, p-cpe:/a:redhat:enterprise_linux:atomic-openshift-utils, p-cpe:/a:redhat:enterprise_linux:heapster, p-cpe:/a:redhat:enterprise_linux:jenkins, p-cpe:/a:redhat:enterprise_linux:nodejs-align-text, p-cpe:/a:redhat:enterprise_linux:nodejs-ansi-green, p-cpe:/a:redhat:enterprise_linux:nodejs-ansi-wrap, p-cpe:/a:redhat:enterprise_linux:nodejs-anymatch, p-cpe:/a:redhat:enterprise_linux:nodejs-arr-diff, p-cpe:/a:redhat:enterprise_linux:nodejs-arr-flatten, p-cpe:/a:redhat:enterprise_linux:nodejs-array-unique, p-cpe:/a:redhat:enterprise_linux:nodejs-arrify, p-cpe:/a:redhat:enterprise_linux:nodejs-async-each, p-cpe:/a:redhat:enterprise_linux:nodejs-binary-extensions, p-cpe:/a:redhat:enterprise_linux:nodejs-braces, p-cpe:/a:redhat:enterprise_linux:nodejs-capture-stack-trace, p-cpe:/a:redhat:enterprise_linux:nodejs-chokidar, p-cpe:/a:redhat:enterprise_linux:nodejs-configstore, p-cpe:/a:redhat:enterprise_linux:nodejs-create-error-class, p-cpe:/a:redhat:enterprise_linux:nodejs-deep-extend, p-cpe:/a:redhat:enterprise_linux:nodejs-duplexer, p-cpe:/a:redhat:enterprise_linux:nodejs-duplexify, p-cpe:/a:redhat:enterprise_linux:nodejs-end-of-stream, p-cpe:/a:redhat:enterprise_linux:nodejs-error-ex, p-cpe:/a:redhat:enterprise_linux:nodejs-es6-promise, p-cpe:/a:redhat:enterprise_linux:nodejs-event-stream, p-cpe:/a:redhat:enterprise_linux:nodejs-expand-brackets, p-cpe:/a:redhat:enterprise_linux:nodejs-expand-range, p-cpe:/a:redhat:enterprise_linux:nodejs-extglob, p-cpe:/a:redhat:enterprise_linux:nodejs-filename-regex, p-cpe:/a:redhat:enterprise_linux:nodejs-fill-range, p-cpe:/a:redhat:enterprise_linux:nodejs-for-in, p-cpe:/a:redhat:enterprise_linux:nodejs-for-own, p-cpe:/a:redhat:enterprise_linux:nodejs-from, p-cpe:/a:redhat:enterprise_linux:nodejs-glob-base, p-cpe:/a:redhat:enterprise_linux:nodejs-glob-parent, p-cpe:/a:redhat:enterprise_linux:nodejs-got, p-cpe:/a:redhat:enterprise_linux:nodejs-graceful-fs, p-cpe:/a:redhat:enterprise_linux:nodejs-ini, p-cpe:/a:redhat:enterprise_linux:nodejs-is-binary-path, p-cpe:/a:redhat:enterprise_linux:nodejs-is-dotfile, p-cpe:/a:redhat:enterprise_linux:nodejs-is-equal-shallow, p-cpe:/a:redhat:enterprise_linux:nodejs-is-extendable, p-cpe:/a:redhat:enterprise_linux:nodejs-is-extglob, p-cpe:/a:redhat:enterprise_linux:nodejs-is-glob, p-cpe:/a:redhat:enterprise_linux:nodejs-is-npm, p-cpe:/a:redhat:enterprise_linux:nodejs-is-number, p-cpe:/a:redhat:enterprise_linux:nodejs-is-plain-obj, p-cpe:/a:redhat:enterprise_linux:nodejs-is-primitive, p-cpe:/a:redhat:enterprise_linux:nodejs-is-redirect, p-cpe:/a:redhat:enterprise_linux:nodejs-is-stream, p-cpe:/a:redhat:enterprise_linux:nodejs-isobject, p-cpe:/a:redhat:enterprise_linux:nodejs-kind-of, p-cpe:/a:redhat:enterprise_linux:nodejs-latest-version, p-cpe:/a:redhat:enterprise_linux:nodejs-lazy-cache, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.assign, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.baseassign, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.basecopy, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.bindcallback, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.createassigner, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.defaults, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.getnative, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.isarguments, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.isarray, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.isiterateecall, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.keys, p-cpe:/a:redhat:enterprise_linux:nodejs-lodash.restparam, p-cpe:/a:redhat:enterprise_linux:nodejs-lowercase-keys, p-cpe:/a:redhat:enterprise_linux:nodejs-map-stream, p-cpe:/a:redhat:enterprise_linux:nodejs-micromatch, p-cpe:/a:redhat:enterprise_linux:nodejs-mkdirp, p-cpe:/a:redhat:enterprise_linux:nodejs-node-status-codes, p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon, p-cpe:/a:redhat:enterprise_linux:nodejs-normalize-path, p-cpe:/a:redhat:enterprise_linux:nodejs-object-assign, p-cpe:/a:redhat:enterprise_linux:nodejs-object.omit, p-cpe:/a:redhat:enterprise_linux:nodejs-optimist, p-cpe:/a:redhat:enterprise_linux:nodejs-os-homedir, p-cpe:/a:redhat:enterprise_linux:nodejs-os-tmpdir, p-cpe:/a:redhat:enterprise_linux:nodejs-osenv, p-cpe:/a:redhat:enterprise_linux:nodejs-package-json, p-cpe:/a:redhat:enterprise_linux:nodejs-parse-glob, p-cpe:/a:redhat:enterprise_linux:nodejs-parse-json, p-cpe:/a:redhat:enterprise_linux:nodejs-pause-stream, p-cpe:/a:redhat:enterprise_linux:nodejs-pinkie, p-cpe:/a:redhat:enterprise_linux:nodejs-pinkie-promise, p-cpe:/a:redhat:enterprise_linux:nodejs-prepend-http, p-cpe:/a:redhat:enterprise_linux:nodejs-preserve, p-cpe:/a:redhat:enterprise_linux:nodejs-ps-tree, p-cpe:/a:redhat:enterprise_linux:nodejs-randomatic, p-cpe:/a:redhat:enterprise_linux:nodejs-rc, p-cpe:/a:redhat:enterprise_linux:nodejs-read-all-stream, p-cpe:/a:redhat:enterprise_linux:nodejs-readdirp, p-cpe:/a:redhat:enterprise_linux:nodejs-regex-cache, p-cpe:/a:redhat:enterprise_linux:nodejs-registry-url, p-cpe:/a:redhat:enterprise_linux:nodejs-repeat-element, p-cpe:/a:redhat:enterprise_linux:nodejs-semver, p-cpe:/a:redhat:enterprise_linux:nodejs-semver-diff, p-cpe:/a:redhat:enterprise_linux:nodejs-slide, p-cpe:/a:redhat:enterprise_linux:nodejs-split, p-cpe:/a:redhat:enterprise_linux:nodejs-stream-combiner, p-cpe:/a:redhat:enterprise_linux:nodejs-string-length, p-cpe:/a:redhat:enterprise_linux:nodejs-strip-json-comments, p-cpe:/a:redhat:enterprise_linux:nodejs-success-symbol, p-cpe:/a:redhat:enterprise_linux:nodejs-through, p-cpe:/a:redhat:enterprise_linux:nodejs-timed-out, p-cpe:/a:redhat:enterprise_linux:nodejs-touch, p-cpe:/a:redhat:enterprise_linux:nodejs-undefsafe, p-cpe:/a:redhat:enterprise_linux:nodejs-unzip-response, p-cpe:/a:redhat:enterprise_linux:nodejs-update-notifier, p-cpe:/a:redhat:enterprise_linux:nodejs-url-parse-lax, p-cpe:/a:redhat:enterprise_linux:nodejs-uuid, p-cpe:/a:redhat:enterprise_linux:nodejs-write-file-atomic, p-cpe:/a:redhat:enterprise_linux:nodejs-xdg-basedir, p-cpe:/a:redhat:enterprise_linux:nss_wrapper, p-cpe:/a:redhat:enterprise_linux:nss_wrapper-debuginfo, p-cpe:/a:redhat:enterprise_linux:openshift-ansible, p-cpe:/a:redhat:enterprise_linux:openshift-ansible-docs, p-cpe:/a:redhat:enterprise_linux:openshift-ansible-filter-plugins, p-cpe:/a:redhat:enterprise_linux:openshift-ansible-lookup-plugins, p-cpe:/a:redhat:enterprise_linux:openshift-ansible-playbooks, p-cpe:/a:redhat:enterprise_linux:openshift-ansible-roles, p-cpe:/a:redhat:enterprise_linux:openvswitch, p-cpe:/a:redhat:enterprise_linux:openvswitch-debuginfo, p-cpe:/a:redhat:enterprise_linux:openvswitch-devel, p-cpe:/a:redhat:enterprise_linux:openvswitch-test, p-cpe:/a:redhat:enterprise_linux:origin-kibana, p-cpe:/a:redhat:enterprise_linux:python-openvswitch, p-cpe:/a:redhat:enterprise_linux:tuned-profiles-atomic-openshift-node, cpe:/o:redhat:enterprise_linux:7

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/01/26

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (OpenNMS Java Object Unserialization Remote Code Execution)

Reference Information

CVE: CVE-2013-2186, CVE-2014-1869, CVE-2014-3661, CVE-2014-3662, CVE-2014-3663, CVE-2014-3664, CVE-2014-3666, CVE-2014-3667, CVE-2014-3680, CVE-2014-3681, CVE-2015-1806, CVE-2015-1807, CVE-2015-1808, CVE-2015-1810, CVE-2015-1812, CVE-2015-1813, CVE-2015-1814, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319, CVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323, CVE-2015-5324, CVE-2015-5325, CVE-2015-5326, CVE-2015-7537, CVE-2015-7538, CVE-2015-7539, CVE-2015-8103, CVE-2016-1905, CVE-2016-1906