Test ID:	1.3.6.1.4.1.25623.1.1.12.2024.6559.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-6559-1)
Summary:	The remote host is missing an update for the 'zookeeper' package(s) announced via the USN-6559-1 advisory.
Description:	Summary: The remote host is missing an update for the 'zookeeper' package(s) announced via the USN-6559-1 advisory. Vulnerability Insight: It was discovered that ZooKeeper incorrectly handled authorization for the getACL() command. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-0201) Damien Diederen discovered that ZooKeeper incorrectly handled authorization if SASL Quorum Peer authentication is enabled. An attacker could possibly use this issue to bypass ZooKeeper's authorization system. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-44981) Affected Software/OS: 'zookeeper' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 23.04, Ubuntu 23.10. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-0201 BugTraq ID: 108427 http://www.securityfocus.com/bid/108427 Bugtraq: 20190612 [SECURITY] [DSA 4461-1] zookeeper security update (Google Search) https://seclists.org/bugtraq/2019/Jun/13 https://security.netapp.com/advisory/ntap-20190619-0001/ https://zookeeper.apache.org/security.html#CVE-2019-0201 Debian Security Information: DSA-4461 (Google Search) https://www.debian.org/security/2019/dsa-4461 https://issues.apache.org/jira/browse/ZOOKEEPER-1392 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://lists.apache.org/thread.html/5d9a1cf41a5880557bf680b7321b4ab9a4d206c601ffb15fef6f196a@%3Ccommits.accumulo.apache.org%3E https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/f6112882e30a31992a79e0a8c31ac179e9d0de7c708de3a9258d4391@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2019/05/msg00033.html https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/r40f32125c1d97ad82404cc918171d9e0fcf78e534256674e9da1eb4b@%3Ccommon-issues.hadoop.apache.org%3E RedHat Security Advisories: RHSA-2019:3140 https://access.redhat.com/errata/RHSA-2019:3140 RedHat Security Advisories: RHSA-2019:3892 https://access.redhat.com/errata/RHSA-2019:3892 RedHat Security Advisories: RHSA-2019:4352 https://access.redhat.com/errata/RHSA-2019:4352 Common Vulnerability Exposure (CVE) ID: CVE-2023-44981 Debian Security Information: DSA-5544 (Google Search) https://www.debian.org/security/2023/dsa-5544 https://lists.apache.org/thread/wf0yrk84dg1942z1o74kd8nycg6pgm5b https://lists.debian.org/debian-lts-announce/2023/10/msg00029.html http://www.openwall.com/lists/oss-security/2023/10/11/4
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.