SUSE SLES15 Security Update : SUSE Manager Proxy 4.3 (SUSE-SU-2022:3750-1)

critical Nessus Plugin ID 181673

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3750-1 advisory.

- The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character. (CVE-2021-42740)

- In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution. (CVE-2021-43138)

- moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input. (CVE-2022-31129)

- drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability. (CVE-2021-41411)

- Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2. (CVE-2022-0860)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1191857

https://bugzilla.suse.com/1195624

https://bugzilla.suse.com/1196729

https://bugzilla.suse.com/1197027

https://bugzilla.suse.com/1198168

https://bugzilla.suse.com/1198903

https://bugzilla.suse.com/1199726

https://bugzilla.suse.com/1200480

https://bugzilla.suse.com/1200573

https://bugzilla.suse.com/1200629

https://bugzilla.suse.com/1201210

https://bugzilla.suse.com/1201220

https://bugzilla.suse.com/1201260

https://bugzilla.suse.com/1201589

https://bugzilla.suse.com/1201626

https://bugzilla.suse.com/1201753

https://bugzilla.suse.com/1201788

https://bugzilla.suse.com/1201913

https://bugzilla.suse.com/1201918

https://bugzilla.suse.com/1202271

https://bugzilla.suse.com/1202272

https://bugzilla.suse.com/1202367

https://bugzilla.suse.com/1202455

https://bugzilla.suse.com/1202464

https://bugzilla.suse.com/1202602

https://bugzilla.suse.com/1202728

https://bugzilla.suse.com/1202729

https://bugzilla.suse.com/1202805

https://bugzilla.suse.com/1202899

https://bugzilla.suse.com/1203026

https://bugzilla.suse.com/1203049

https://bugzilla.suse.com/1203056

https://bugzilla.suse.com/1203169

https://bugzilla.suse.com/1203287

https://bugzilla.suse.com/1203288

https://bugzilla.suse.com/1203385

https://bugzilla.suse.com/1203406

https://bugzilla.suse.com/1203422

https://bugzilla.suse.com/1203449

https://bugzilla.suse.com/1203478

https://bugzilla.suse.com/1203484

https://bugzilla.suse.com/1203564

https://bugzilla.suse.com/1203585

https://bugzilla.suse.com/1203611

https://bugzilla.suse.com/1204208

http://www.nessus.org/u?d6abe831

https://www.suse.com/security/cve/CVE-2021-41411

https://www.suse.com/security/cve/CVE-2021-42740

https://www.suse.com/security/cve/CVE-2021-43138

https://www.suse.com/security/cve/CVE-2022-0860

https://www.suse.com/security/cve/CVE-2022-31129

Plugin Details

Severity: Critical

ID: 181673

File Name: suse_SU-2022-3750-1.nasl

Version: 1.0

Type: local

Agent: unix

Published: 9/20/2023

Updated: 9/20/2023

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2021-42740

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:cobbler, p-cpe:/a:novell:suse_linux:drools, p-cpe:/a:novell:suse_linux:image-sync-formula, p-cpe:/a:novell:suse_linux:inter-server-sync, p-cpe:/a:novell:suse_linux:locale-formula, p-cpe:/a:novell:suse_linux:mgr-daemon, p-cpe:/a:novell:suse_linux:python3-magic, p-cpe:/a:novell:suse_linux:python3-schema, p-cpe:/a:novell:suse_linux:python3-spacewalk-certs-tools, p-cpe:/a:novell:suse_linux:python3-spacewalk-check, p-cpe:/a:novell:suse_linux:python3-spacewalk-client-setup, p-cpe:/a:novell:suse_linux:python3-spacewalk-client-tools, p-cpe:/a:novell:suse_linux:python3-urlgrabber, p-cpe:/a:novell:suse_linux:python3-uyuni-common-libs, p-cpe:/a:novell:suse_linux:reprepro, p-cpe:/a:novell:suse_linux:saltboot-formula, p-cpe:/a:novell:suse_linux:spacecmd, p-cpe:/a:novell:suse_linux:spacewalk-admin, p-cpe:/a:novell:suse_linux:spacewalk-backend, p-cpe:/a:novell:suse_linux:spacewalk-backend-app, p-cpe:/a:novell:suse_linux:spacewalk-backend-applet, p-cpe:/a:novell:suse_linux:spacewalk-backend-config-files, p-cpe:/a:novell:suse_linux:spacewalk-backend-config-files-common, p-cpe:/a:novell:suse_linux:spacewalk-backend-config-files-tool, p-cpe:/a:novell:suse_linux:spacewalk-backend-iss, p-cpe:/a:novell:suse_linux:spacewalk-backend-iss-export, p-cpe:/a:novell:suse_linux:spacewalk-backend-package-push-server, p-cpe:/a:novell:suse_linux:spacewalk-backend-server, p-cpe:/a:novell:suse_linux:spacewalk-backend-sql, p-cpe:/a:novell:suse_linux:spacewalk-backend-sql-postgresql, p-cpe:/a:novell:suse_linux:spacewalk-backend-tools, p-cpe:/a:novell:suse_linux:spacewalk-backend-xml-export-libs, p-cpe:/a:novell:suse_linux:spacewalk-backend-xmlrpc, p-cpe:/a:novell:suse_linux:spacewalk-base, p-cpe:/a:novell:suse_linux:spacewalk-base-minimal, p-cpe:/a:novell:suse_linux:spacewalk-base-minimal-config, p-cpe:/a:novell:suse_linux:spacewalk-certs-tools, p-cpe:/a:novell:suse_linux:spacewalk-check, p-cpe:/a:novell:suse_linux:spacewalk-client-setup, p-cpe:/a:novell:suse_linux:spacewalk-client-tools, p-cpe:/a:novell:suse_linux:spacewalk-html, p-cpe:/a:novell:suse_linux:spacewalk-java, p-cpe:/a:novell:suse_linux:spacewalk-java-config, p-cpe:/a:novell:suse_linux:spacewalk-java-lib, p-cpe:/a:novell:suse_linux:spacewalk-java-postgresql, p-cpe:/a:novell:suse_linux:spacewalk-search, p-cpe:/a:novell:suse_linux:spacewalk-setup, p-cpe:/a:novell:suse_linux:spacewalk-taskomatic, p-cpe:/a:novell:suse_linux:spacewalk-utils, p-cpe:/a:novell:suse_linux:spacewalk-utils-extras, p-cpe:/a:novell:suse_linux:subscription-matcher, p-cpe:/a:novell:suse_linux:susemanager, p-cpe:/a:novell:suse_linux:susemanager-build-keys, p-cpe:/a:novell:suse_linux:susemanager-build-keys-web, p-cpe:/a:novell:suse_linux:susemanager-docs_en, p-cpe:/a:novell:suse_linux:susemanager-docs_en-pdf, p-cpe:/a:novell:suse_linux:susemanager-schema, p-cpe:/a:novell:suse_linux:susemanager-schema-utility, p-cpe:/a:novell:suse_linux:susemanager-sls, p-cpe:/a:novell:suse_linux:susemanager-sync-data, p-cpe:/a:novell:suse_linux:susemanager-tftpsync, p-cpe:/a:novell:suse_linux:susemanager-tftpsync-recv, p-cpe:/a:novell:suse_linux:susemanager-tools, p-cpe:/a:novell:suse_linux:uyuni-config-modules, p-cpe:/a:novell:suse_linux:uyuni-reportdb-schema, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/26/2022

Vulnerability Publication Date: 10/21/2021

Reference Information

CVE: CVE-2021-41411, CVE-2021-42740, CVE-2021-43138, CVE-2022-0860, CVE-2022-31129

SuSE: SUSE-SU-2022:3750-1