var-201903-0122
Vulnerability from variot
A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in a remote denial of service. civetWeb Contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. RedHat Ceph is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. ========================================================================== Ubuntu Security Notice USN-4035-1 June 25, 2019
ceph vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
- Ubuntu 18.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in Ceph.
Software Description: - ceph: distributed storage and file system
Details:
It was discovered that Ceph incorrectly handled read only permissions. An authenticated attacker could use this issue to obtain dm-crypt encryption keys. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-14662)
It was discovered that Ceph incorrectly handled certain OMAPs holding bucket indices. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-16846)
It was discovered that Ceph incorrectly sanitized certain debug logs. A local attacker could possibly use this issue to obtain encryption key information. This issue was only addressed in Ubuntu 18.10 and Ubuntu 19.04. (CVE-2018-16889)
It was discovered that Ceph incorrectly handled certain civetweb requests. This issue only affected Ubuntu 18.10 and Ubuntu 19.04. (CVE-2019-3821)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04: ceph 13.2.4+dfsg1-0ubuntu2.1 ceph-common 13.2.4+dfsg1-0ubuntu2.1
Ubuntu 18.10: ceph 13.2.4+dfsg1-0ubuntu0.18.10.2 ceph-common 13.2.4+dfsg1-0ubuntu0.18.10.2
Ubuntu 16.04 LTS: ceph 10.2.11-0ubuntu0.16.04.2 ceph-common 10.2.11-0ubuntu0.16.04.2
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4035-1 CVE-2018-14662, CVE-2018-16846, CVE-2018-16889, CVE-2019-3821
Package Information: https://launchpad.net/ubuntu/+source/ceph/13.2.4+dfsg1-0ubuntu2.1 https://launchpad.net/ubuntu/+source/ceph/13.2.4+dfsg1-0ubuntu0.18.10.2 https://launchpad.net/ubuntu/+source/ceph/10.2.11-0ubuntu0.16.04.2
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201903-0122", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "18.10" }, { "model": "civetweb", "scope": "lt", "trust": 1.0, "vendor": "ceph", "version": "1.11" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "19.04" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "16.04" }, { "model": "civetweb", "scope": null, "trust": 0.8, "vendor": "civetweb", "version": null }, { "model": "ceph storage", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "0" } ], "sources": [ { "db": "BID", "id": "107021" }, { "db": "JVNDB", "id": "JVNDB-2019-003083" }, { "db": "NVD", "id": "CVE-2019-3821" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:civetweb_project:civetweb", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-003083" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Ubuntu", "sources": [ { "db": "PACKETSTORM", "id": "153428" }, { "db": "CNNVD", "id": "CNNVD-201902-623" } ], "trust": 0.7 }, "cve": "CVE-2019-3821", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2019-3821", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "secalert@redhat.com", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2019-3821", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2019-3821", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-3821", "trust": 1.0, "value": "HIGH" }, { "author": "secalert@redhat.com", "id": "CVE-2019-3821", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-3821", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-201902-623", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-003083" }, { "db": "CNNVD", "id": "CNNVD-201902-623" }, { "db": "NVD", "id": "CVE-2019-3821" }, { "db": "NVD", "id": "CVE-2019-3821" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in a remote denial of service. civetWeb Contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. RedHat Ceph is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause denial-of-service conditions. ==========================================================================\nUbuntu Security Notice USN-4035-1\nJune 25, 2019\n\nceph vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 19.04\n- Ubuntu 18.10\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Ceph. \n\nSoftware Description:\n- ceph: distributed storage and file system\n\nDetails:\n\nIt was discovered that Ceph incorrectly handled read only permissions. An\nauthenticated attacker could use this issue to obtain dm-crypt encryption\nkeys. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-14662)\n\nIt was discovered that Ceph incorrectly handled certain OMAPs holding\nbucket indices. This issue only affected Ubuntu 16.04 LTS. \n(CVE-2018-16846)\n\nIt was discovered that Ceph incorrectly sanitized certain debug logs. A\nlocal attacker could possibly use this issue to obtain encryption key\ninformation. This issue was only addressed in Ubuntu 18.10 and Ubuntu\n19.04. (CVE-2018-16889)\n\nIt was discovered that Ceph incorrectly handled certain civetweb requests. This issue only affected Ubuntu 18.10 and\nUbuntu 19.04. (CVE-2019-3821)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 19.04:\n ceph 13.2.4+dfsg1-0ubuntu2.1\n ceph-common 13.2.4+dfsg1-0ubuntu2.1\n\nUbuntu 18.10:\n ceph 13.2.4+dfsg1-0ubuntu0.18.10.2\n ceph-common 13.2.4+dfsg1-0ubuntu0.18.10.2\n\nUbuntu 16.04 LTS:\n ceph 10.2.11-0ubuntu0.16.04.2\n ceph-common 10.2.11-0ubuntu0.16.04.2\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://usn.ubuntu.com/4035-1\n CVE-2018-14662, CVE-2018-16846, CVE-2018-16889, CVE-2019-3821\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/ceph/13.2.4+dfsg1-0ubuntu2.1\n https://launchpad.net/ubuntu/+source/ceph/13.2.4+dfsg1-0ubuntu0.18.10.2\n https://launchpad.net/ubuntu/+source/ceph/10.2.11-0ubuntu0.16.04.2\n", "sources": [ { "db": "NVD", "id": "CVE-2019-3821" }, { "db": "JVNDB", "id": "JVNDB-2019-003083" }, { "db": "BID", "id": "107021" }, { "db": "PACKETSTORM", "id": "153428" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-3821", "trust": 2.8 }, { "db": "JVNDB", "id": "JVNDB-2019-003083", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "153428", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2019.2301", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.2927", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201902-623", "trust": 0.6 }, { "db": "BID", "id": "107021", "trust": 0.3 } ], "sources": [ { "db": "BID", "id": "107021" }, { "db": "JVNDB", "id": "JVNDB-2019-003083" }, { "db": "PACKETSTORM", "id": "153428" }, { "db": "CNNVD", "id": "CNNVD-201902-623" }, { "db": "NVD", "id": "CVE-2019-3821" } ] }, "id": "VAR-201903-0122", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.23809524 }, "last_update_date": "2024-11-23T19:55:12.170000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Fix file descriptor leak. #33", "trust": 0.8, "url": "https://github.com/ceph/civetweb/pull/33" }, { "title": "ceph Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89410" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-003083" }, { "db": "CNNVD", "id": "CNNVD-201902-623" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-772", "trust": 1.0 }, { "problemtype": "CWE-399", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-003083" }, { "db": "NVD", "id": "CVE-2019-3821" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.2, "url": "https://usn.ubuntu.com/4035-1/" }, { "trust": 1.9, "url": "https://github.com/ceph/civetweb/pull/33" }, { "trust": 1.6, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-3821" }, { "trust": 1.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3821" }, { "trust": 0.9, "url": "https://access.redhat.com/security/cve/cve-2019-3821" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3821" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192049-1.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/153428/ubuntu-security-notice-usn-4035-1.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.2927/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.2301/" }, { "trust": 0.3, "url": "http://ceph.com/" }, { "trust": 0.3, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656852" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/ceph/13.2.4+dfsg1-0ubuntu2.1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-16846" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-16889" }, { "trust": 0.1, "url": "https://usn.ubuntu.com/4035-1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/ceph/13.2.4+dfsg1-0ubuntu0.18.10.2" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/ceph/10.2.11-0ubuntu0.16.04.2" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-14662" } ], "sources": [ { "db": "BID", "id": "107021" }, { "db": "JVNDB", "id": "JVNDB-2019-003083" }, { "db": "PACKETSTORM", "id": "153428" }, { "db": "CNNVD", "id": "CNNVD-201902-623" }, { "db": "NVD", "id": "CVE-2019-3821" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "BID", "id": "107021" }, { "db": "JVNDB", "id": "JVNDB-2019-003083" }, { "db": "PACKETSTORM", "id": "153428" }, { "db": "CNNVD", "id": "CNNVD-201902-623" }, { "db": "NVD", "id": "CVE-2019-3821" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-02-11T00:00:00", "db": "BID", "id": "107021" }, { "date": "2019-05-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-003083" }, { "date": "2019-06-25T23:50:09", "db": "PACKETSTORM", "id": "153428" }, { "date": "2019-02-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201902-623" }, { "date": "2019-03-27T13:29:01.507000", "db": "NVD", "id": "CVE-2019-3821" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-02-11T00:00:00", "db": "BID", "id": "107021" }, { "date": "2019-05-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-003083" }, { "date": "2020-10-22T00:00:00", "db": "CNNVD", "id": "CNNVD-201902-623" }, { "date": "2024-11-21T04:42:36.780000", "db": "NVD", "id": "CVE-2019-3821" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201902-623" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "civetWeb Resource management vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-003083" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201902-623" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.