Detections
Analytics
Oracle Linux 8 : WALinuxAgent (ELSA-2019-1527)
medium Nessus Plugin ID 127593
Language:
Synopsis
The remote Oracle Linux host is missing a security update.Description
From Red Hat Security Advisory 2019:1527 :An update for WALinuxAgent is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The Windows Azure Linux Agent supports provisioning and running Linux virtual machines in the Microsoft Windows Azure cloud.
Security Fix(es) :
* WALinuxAgent: swapfile created with weak permissions (CVE-2019-0804)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
Update the affected walinuxagent package.See Also
https://oss.oracle.com/pipermail/el-errata/2019-August/008973.html
Plugin Details
Severity: Medium
ID: 127593
File Name: oraclelinux_ELSA-2019-1527.nasl
Version: 1.3
Type: local
Agent: unix
Published: 8/12/2019
Updated: 1/6/2020
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 4
Temporal Score: 3
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:oracle:linux:walinuxagent, cpe:/o:oracle:linux:8
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/OracleLinux
Exploit Ease: No known exploits are available
Patch Publication Date: 8/1/2019
Vulnerability Publication Date: 4/9/2019
Reference Information
CVE: CVE-2019-0804
RHSA: 2019:1527