openSUSE Security Update : sysconfig (openSUSE-2012-74)

high Nessus Plugin ID 74794

Synopsis

The remote openSUSE host is missing a security update.

Description

- Fixed to quote config / interface variables in ifservices script and cleaned up content of the ESSID which gets appended to them by NetworkManager dispatcher hook (bnc#735394, CVE-2011-4182). Fixed also to return proper exit code 0 in NM dispatcher hooks.

- Changed to call ip addr flush in ifdown, but after ip link set down as it does not cause ipv6 sysctl tree side effects then at least with more recent kernels (bnc#580018,bnc#559170).

- Explicitly disabled posix mode in all bash scripts as we are using several features not supported in posix mode (bnc#739338).

- Fixed ipv6 dad / link ready wait time calculation (1/10 of the specified time) and replaced useless up flag check loop with link_ready_wait to avoid send errors from dhclient6 (bnc#697929).

- Added to require vlan, bridge-utils and tunctl packages via spec, that are often required in base networking configurations and are missed otherwise in 2nd installation stage, that may be unable to install them for some reason (bnc#733118).

- Added X-Systemd-RemainAfterExit: true LSB header (bnc#727771)

- Do not suggest dhcp6c client from dropped dhcpv6 package in ifup-dhcp, marked dhcp6c as deprecated in network/dhcp and changed to use dhclient6 as first choice (bnc#734723).

Solution

Update the affected sysconfig packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=559170

https://bugzilla.novell.com/show_bug.cgi?id=580018

https://bugzilla.novell.com/show_bug.cgi?id=697929

https://bugzilla.novell.com/show_bug.cgi?id=727771

https://bugzilla.novell.com/show_bug.cgi?id=733118

https://bugzilla.novell.com/show_bug.cgi?id=734723

https://bugzilla.novell.com/show_bug.cgi?id=735394

https://bugzilla.novell.com/show_bug.cgi?id=739338

Plugin Details

Severity: High

ID: 74794

File Name: openSUSE-2012-74.nasl

Version: 1.5

Type: local

Agent: unix

Published: 6/13/2014

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:sysconfig, p-cpe:/a:novell:opensuse:sysconfig-debuginfo, p-cpe:/a:novell:opensuse:sysconfig-debugsource, cpe:/o:novell:opensuse:12.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 1/20/2012

Reference Information

CVE: CVE-2011-4182