pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p9/ALT-PU-2018-1562/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

212 lines
8.1 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20181562",
"Version": "oval:org.altlinux.errata:def:20181562",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2018-1562: package `collectd` update to version 5.8.0-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p9"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2018-1562",
"RefURL": "https://errata.altlinux.org/ALT-PU-2018-1562",
"Source": "ALTPU"
},
{
"RefID": "CVE-2017-18240",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-18240",
"Source": "CVE"
}
],
"Description": "This update upgrades collectd to version 5.8.0-alt1. \nSecurity Fix(es):\n\n * CVE-2017-18240: The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL (when the service is stopped).",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2018-04-09"
},
"Updated": {
"Date": "2018-04-09"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2017-18240",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-18240",
"Impact": "Low",
"Public": "20180319"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:9",
"cpe:/o:alt:workstation:9",
"cpe:/o:alt:server:9",
"cpe:/o:alt:server-v:9",
"cpe:/o:alt:education:9",
"cpe:/o:alt:slinux:9",
"cpe:/o:alt:starterkit:p9"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:1001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20181562001",
"Comment": "collectd is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562002",
"Comment": "collectd-apache is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562003",
"Comment": "collectd-bind is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562004",
"Comment": "collectd-cgi is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562005",
"Comment": "collectd-cgi-apache2 is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562006",
"Comment": "collectd-cgi-nginx is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562007",
"Comment": "collectd-cluster is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562008",
"Comment": "collectd-curl is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562009",
"Comment": "collectd-dbi is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562010",
"Comment": "collectd-full is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562011",
"Comment": "collectd-ipmi is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562012",
"Comment": "collectd-memcached is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562013",
"Comment": "collectd-mysql is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562014",
"Comment": "collectd-nginx is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562015",
"Comment": "collectd-notify_desktop is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562016",
"Comment": "collectd-notify_email is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562017",
"Comment": "collectd-nut is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562018",
"Comment": "collectd-ping is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562019",
"Comment": "collectd-postgresql is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562020",
"Comment": "collectd-rrdcached is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562021",
"Comment": "collectd-rrdtool is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562022",
"Comment": "collectd-sensors is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562023",
"Comment": "collectd-snmp is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562024",
"Comment": "collectd-tokyotyrant is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562025",
"Comment": "collectd-virt is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562026",
"Comment": "collectd-xmms is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562027",
"Comment": "libcollectdclient is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562028",
"Comment": "libcollectdclient-devel is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562029",
"Comment": "nagios-plugins-collectd is earlier than 0:5.8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181562030",
"Comment": "perl-Collectd is earlier than 0:5.8.0-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink