OracleVM 3.3 / 3.4 : file (OVMSA-2016-0050)

high Nessus Plugin ID 91155
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- fix CVE-2014-3538 (unrestricted regular expression matching)

- fix #1284826 - try to read ELF header to detect corrupted one

- fix #1263987 - fix bugs found by coverity in the patch

- fix CVE-2014-3587 (incomplete fix for CVE-2012-1571)

- fix CVE-2014-3710 (out-of-bounds read in elf note headers)

- fix CVE-2014-8116 (multiple DoS issues (resource consumption))

- fix CVE-2014-8117 (denial of service issue (resource consumption))

- fix CVE-2014-9620 (limit the number of ELF notes processed)

- fix CVE-2014-9653 (malformed elf file causes access to uninitialized memory)

- fix #809898 - add support for detection of Python 2.7 byte-compiled files

- fix #1263987 - fix coredump execfn detection on ppc64 and s390

- fix #966953 - include msooxml file in magic.mgc generation

- fix #966953 - increate the strength of MSOOXML magic patterns

- fix #1169509 - add support for Java 1.7 and 1.8

- fix #1243650 - comment out too-sensitive Pascal magic

- fix #1080453 - remove .orig files from magic directory

- fix #1161058 - add support for EPUB

- fix #1162149 - remove parts of patches patching .orig files

- fix #1154802 - fix detection of zip files containing file named mime

- fix #1246073 - fix detection UTF8 and UTF16 encoded XML files

- fix #1263987 - add new execfn to coredump output to show the real name of executable which generated the coredump

- fix #809898 - add support for detection of Python 3.2-3.5 byte-compiled files

- fix #966953 - backport support for MSOOXML

Solution

Update the affected file / file-libs packages.

See Also

https://oss.oracle.com/pipermail/oraclevm-errata/2016-May/000460.html

https://oss.oracle.com/pipermail/oraclevm-errata/2016-May/000464.html

Plugin Details

Severity: High

ID: 91155

File Name: oraclevm_OVMSA-2016-0050.nasl

Version: 2.5

Type: local

Published: 5/16/2016

Updated: 1/4/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:file, p-cpe:/a:oracle:vm:file-libs, cpe:/o:oracle:vm_server:3.3, cpe:/o:oracle:vm_server:3.4

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/13/2016

Vulnerability Publication Date: 7/17/2012

Reference Information

CVE: CVE-2012-1571, CVE-2014-3538, CVE-2014-3587, CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9620, CVE-2014-9653

BID: 52225, 68348, 69325, 70807, 71692, 71700, 71715, 72516