Detections
Analytics

Amazon Linux 2 : filesystem (ALAS-2019-1175)

high Nessus Plugin ID 122861

Language:

Synopsis

The remote Amazon Linux 2 host is missing a security update.

Description

Images built for the Amazon Linux 2.0.20190218 release included system files with incorrect permissions applied.

Incorrect permissions were applied to files including :

/etc/fstab

/etc/localtime

/etc/image-id

/etc/sysconfig/i18n

/etc/sysconfig/clock

/etc/sysconfig/keyboard

/etc/sysctl.d/99-amazon.conf

/var/lib/rpm/Packages

All users should upgrade to this updated package which corrects permissions for these files if they are not already in the expected state. The latest Amazon Linux 2 AMIs, on-premises VM images, and Docker Hub listings already include these updates.

Solution

Run 'yum update filesystem' to update your system.

See Also

https://alas.aws.amazon.com/AL2/ALAS-2019-1175.html

Plugin Details

Severity: High

ID: 122861

File Name: al2_ALAS-2019-1175.nasl

Version: 1.1

Type: local

Agent: unix

Published: 3/15/2019

Updated: 3/15/2019

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:filesystem, p-cpe:/a:amazon:linux:filesystem-content, cpe:/o:amazon:linux:2

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Patch Publication Date: 3/14/2019

Vulnerability Publication Date: 3/14/2019

Reference Information

ALAS: 2019-1175