ID ASA-202009-12 Type archlinux Reporter ArchLinux Modified 2020-09-26T00:00:00
Description
Arch Linux Security Advisory ASA-202009-12
Severity: Medium
Date : 2020-09-26
CVE-ID : CVE-2020-8927
Package : lib32-brotli
Type : denial of service
Remote : Yes
Link : https://security.archlinux.org/AVG-1231
Summary
The package lib32-brotli before version 1.0.9-1 is vulnerable to denial
of service.
Resolution
Upgrade to 1.0.9-1.
pacman -Syu "lib32-brotli>=1.0.9-1"
The problem has been fixed upstream in version 1.0.9.
Workaround
None.
Description
A buffer overflow exists in the Brotli library < 1.0.8, where an
attacker controlling the input length of a "one-shot" decompression
request to a script can trigger a crash, which happens when copying
over chunks of data larger than 2 GiB. It is recommended to update your
Brotli library to 1.0.8 or later. If one cannot update, we recommend to
use the "streaming" API as opposed to the "one-shot" API, and impose
chunk size limits.
Impact
A remote attacker might be able to cause a crash via crafted content.
{"id": "ASA-202009-12", "type": "archlinux", "bulletinFamily": "unix", "title": "[ASA-202009-12] lib32-brotli: denial of service", "description": "Arch Linux Security Advisory ASA-202009-12\n==========================================\n\nSeverity: Medium\nDate : 2020-09-26\nCVE-ID : CVE-2020-8927\nPackage : lib32-brotli\nType : denial of service\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1231\n\nSummary\n=======\n\nThe package lib32-brotli before version 1.0.9-1 is vulnerable to denial\nof service.\n\nResolution\n==========\n\nUpgrade to 1.0.9-1.\n\n# pacman -Syu \"lib32-brotli>=1.0.9-1\"\n\nThe problem has been fixed upstream in version 1.0.9.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nA buffer overflow exists in the Brotli library < 1.0.8, where an\nattacker controlling the input length of a \"one-shot\" decompression\nrequest to a script can trigger a crash, which happens when copying\nover chunks of data larger than 2 GiB. It is recommended to update your\nBrotli library to 1.0.8 or later. If one cannot update, we recommend to\nuse the \"streaming\" API as opposed to the \"one-shot\" API, and impose\nchunk size limits.\n\nImpact\n======\n\nA remote attacker might be able to cause a crash via crafted content.\n\nReferences\n==========\n\nhttps://github.com/google/brotli/releases/tag/v1.0.9\nhttps://github.com/google/brotli/commit/223d80cfbec8fd346e32906c732c8ede21f0cea6\nhttps://security.archlinux.org/CVE-2020-8927", "published": "2020-09-26T00:00:00", "modified": "2020-09-26T00:00:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "href": "https://security.archlinux.org/ASA-202009-12", "reporter": "ArchLinux", "references": ["https://security.archlinux.org/AVG-1231", "https://github.com/google/brotli/releases/tag/v1.0.9", "https://github.com/google/brotli/commit/223d80cfbec8fd346e32906c732c8ede21f0cea6", "https://security.archlinux.org/CVE-2020-8927"], "cvelist": ["CVE-2020-8927"], "lastseen": "2020-11-06T11:39:41", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2020-8927"]}, {"type": "nessus", "idList": ["FEDORA_2020-22D278923A.NASL", "EULEROS_SA-2020-2173.NASL", "FEDORA_2020-C663FBC46C.NASL", "FEDORA_2020-E21BD401AD.NASL", "EULEROS_SA-2020-2163.NASL", "FEDORA_2020-9336B65F82.NASL", "DEBIAN_DLA-2476.NASL", "FEDORA_2020-BC9A739F0C.NASL", "OPENSUSE-2020-1578.NASL", "DEBIAN_DSA-4801.NASL"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:1578-1"]}, {"type": "fedora", "idList": ["FEDORA:7A904309DE1B", "FEDORA:00A0230BBF90", "FEDORA:F23FE31401E3", "FEDORA:05C0C3052E9A", "FEDORA:2DF1B315B329", "FEDORA:E910330B50BA"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4801-1:69ED7", "DEBIAN:DLA-2476-1:BF3F0"]}, {"type": "ubuntu", "idList": ["USN-4568-1"]}, {"type": "archlinux", "idList": ["ASA-202009-13"]}], "modified": "2020-11-06T11:39:41", "rev": 2}, "score": {"value": 5.5, "vector": "NONE", "modified": "2020-11-06T11:39:41", "rev": 2}, "vulnersScore": 5.5}, "affectedPackage": [{"OS": "ArchLinux", "OSVersion": "any", "arch": "any", "packageName": "lib32-brotli", "packageVersion": "1.0.9-1", "packageFilename": "UNKNOWN", "operator": "lt"}]}
{"cve": [{"lastseen": "2021-02-02T07:37:14", "description": "A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a \"one-shot\" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the \"streaming\" API as opposed to the \"one-shot\" API, and impose chunk size limits.", "edition": 15, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 2.5}, "published": "2020-09-15T10:15:00", "title": "CVE-2020-8927", "type": "cve", "cwe": ["CWE-120"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8927"], "modified": "2020-12-02T12:15:00", "cpe": [], "id": "CVE-2020-8927", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8927", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": []}], "fedora": [{"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8927"], "description": " This package is a brotli compressor and decompressor implemented in Go. It was translated from the reference implementation (https://github.com/google/bro tli) with the c2go tool at https://github.com/andybalholm/c2go. ", "modified": "2020-10-06T00:17:46", "published": "2020-10-06T00:17:46", "id": "FEDORA:2DF1B315B329", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update:\n golang-github-andybalholm-brotli-1.0.1-1.fc33", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8927"], "description": " This package is a brotli compressor and decompressor implemented in Go. It was translated from the reference implementation (https://github.com/google/bro tli) with the c2go tool at https://github.com/andybalholm/c2go. ", "modified": "2020-10-10T21:59:05", "published": "2020-10-10T21:59:05", "id": "FEDORA:00A0230BBF90", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 32 Update:\n golang-github-andybalholm-brotli-1.0.1-1.fc32", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8927"], "description": " This package is a brotli compressor and decompressor implemented in Go. It was translated from the reference implementation (https://github.com/google/bro tli) with the c2go tool at https://github.com/andybalholm/c2go. ", "modified": "2020-10-10T22:07:18", "published": "2020-10-10T22:07:18", "id": "FEDORA:7A904309DE1B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 31 Update:\n golang-github-andybalholm-brotli-1.0.1-1.fc31", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8927"], "description": "Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It is similar in speed with deflate but offers more dense compression. ", "modified": "2020-10-17T14:09:30", "published": "2020-10-17T14:09:30", "id": "FEDORA:E910330B50BA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: brotli-1.0.9-3.fc32", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8927"], "description": "Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It is similar in speed with deflate but offers more dense compression. ", "modified": "2020-10-17T14:24:49", "published": "2020-10-17T14:24:49", "id": "FEDORA:05C0C3052E9A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: brotli-1.0.9-3.fc31", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8927"], "description": "Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It is similar in speed with deflate but offers more dense compression. ", "modified": "2020-10-23T22:23:15", "published": "2020-10-23T22:23:15", "id": "FEDORA:F23FE31401E3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: brotli-1.0.9-3.fc33", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "nessus": [{"lastseen": "2020-10-08T08:21:14", "description": "This update for brotli fixes the following issues :\n\nbrotli was updated to 1.0.9 :\n\n - CVE-2020-8927: Fix integer overflow when input chunk is\n longer than 2GiB [boo#1175825]\n\n - `brotli -v` now reports raw / compressed size\n\n - decoder: minor speed / memory usage improvements\n\n - encoder: fix rare access to uninitialized data in\n ring-buffer", "edition": 2, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2020-10-05T00:00:00", "title": "openSUSE Security Update : brotli (openSUSE-2020-1578)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8927"], "modified": "2020-10-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libbrotlienc1-debuginfo", "cpe:/o:novell:opensuse:15.2", "p-cpe:/a:novell:opensuse:libbrotlicommon1-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libbrotlienc1-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libbrotlidec1-32bit", "p-cpe:/a:novell:opensuse:libbrotlienc1", "p-cpe:/a:novell:opensuse:libbrotlicommon1-debuginfo", "p-cpe:/a:novell:opensuse:libbrotlicommon1", "p-cpe:/a:novell:opensuse:brotli-debuginfo", "p-cpe:/a:novell:opensuse:libbrotli-devel", "p-cpe:/a:novell:opensuse:libbrotlidec1", "p-cpe:/a:novell:opensuse:libbrotlicommon1-32bit", "p-cpe:/a:novell:opensuse:libbrotlidec1-debuginfo", "p-cpe:/a:novell:opensuse:brotli", "p-cpe:/a:novell:opensuse:brotli-debugsource", "p-cpe:/a:novell:opensuse:libbrotlienc1-32bit", "p-cpe:/a:novell:opensuse:libbrotlidec1-32bit-debuginfo"], "id": "OPENSUSE-2020-1578.NASL", "href": "https://www.tenable.com/plugins/nessus/141158", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1578.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141158);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/07\");\n\n script_cve_id(\"CVE-2020-8927\");\n\n script_name(english:\"openSUSE Security Update : brotli (openSUSE-2020-1578)\");\n script_summary(english:\"Check for the openSUSE-2020-1578 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for brotli fixes the following issues :\n\nbrotli was updated to 1.0.9 :\n\n - CVE-2020-8927: Fix integer overflow when input chunk is\n longer than 2GiB [boo#1175825]\n\n - `brotli -v` now reports raw / compressed size\n\n - decoder: minor speed / memory usage improvements\n\n - encoder: fix rare access to uninitialized data in\n ring-buffer\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1175825\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected brotli packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:brotli-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:brotli-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotli-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotlicommon1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotlicommon1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotlicommon1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotlicommon1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotlidec1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotlidec1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotlidec1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotlidec1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotlienc1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotlienc1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotlienc1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libbrotlienc1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"brotli-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"brotli-debuginfo-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"brotli-debugsource-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libbrotli-devel-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libbrotlicommon1-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libbrotlicommon1-debuginfo-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libbrotlidec1-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libbrotlidec1-debuginfo-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libbrotlienc1-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libbrotlienc1-debuginfo-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libbrotlicommon1-32bit-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libbrotlicommon1-32bit-debuginfo-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libbrotlidec1-32bit-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libbrotlidec1-32bit-debuginfo-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libbrotlienc1-32bit-1.0.9-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libbrotlienc1-32bit-debuginfo-1.0.9-lp152.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"brotli / brotli-debuginfo / brotli-debugsource / libbrotli-devel / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-10-13T06:13:11", "description": "Security fix for CVE-2020-8927\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 2, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2020-10-08T00:00:00", "title": "Fedora 33 : golang-github-andybalholm-brotli (2020-22d278923a)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8927"], "modified": "2020-10-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:golang-github-andybalholm-brotli", "cpe:/o:fedoraproject:fedora:33"], "id": "FEDORA_2020-22D278923A.NASL", "href": "https://www.tenable.com/plugins/nessus/141283", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-22d278923a.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141283);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/12\");\n\n script_cve_id(\"CVE-2020-8927\");\n script_xref(name:\"FEDORA\", value:\"2020-22d278923a\");\n\n script_name(english:\"Fedora 33 : golang-github-andybalholm-brotli (2020-22d278923a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security fix for CVE-2020-8927\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-22d278923a\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected golang-github-andybalholm-brotli package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:golang-github-andybalholm-brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:33\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^33([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 33\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC33\", reference:\"golang-github-andybalholm-brotli-1.0.1-1.fc33\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang-github-andybalholm-brotli\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-10-22T06:19:08", "description": "Update to 1.0.9, fixes CVE-2020-8927\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 2, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2020-10-19T00:00:00", "title": "Fedora 32 : brotli (2020-9336b65f82)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8927"], "modified": "2020-10-19T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:brotli", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-9336B65F82.NASL", "href": "https://www.tenable.com/plugins/nessus/141526", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-9336b65f82.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141526);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/21\");\n\n script_cve_id(\"CVE-2020-8927\");\n script_xref(name:\"FEDORA\", value:\"2020-9336b65f82\");\n\n script_name(english:\"Fedora 32 : brotli (2020-9336b65f82)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Update to 1.0.9, fixes CVE-2020-8927\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-9336b65f82\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected brotli package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"brotli-1.0.9-3.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"brotli\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-11-25T15:14:36", "description": "The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as\nreferenced in the USN-4568-1 advisory.\n\n - A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the\n input length of a one-shot decompression request to a script can trigger a crash, which happens when\n copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or\n later. If one cannot update, we recommend to use the streaming API as opposed to the one-shot API, and\n impose chunk size limits. (CVE-2020-8927)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 2, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2020-10-05T00:00:00", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Brotli vulnerability (USN-4568-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8927"], "modified": "2020-10-05T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-brotli", "p-cpe:/a:canonical:ubuntu_linux:python3-brotli", "cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libbrotli-dev", "p-cpe:/a:canonical:ubuntu_linux:brotli", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libbrotli1"], "id": "UBUNTU_USN-4568-1.NASL", "href": "https://www.tenable.com/plugins/nessus/141179", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4568-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141179);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/24\");\n\n script_cve_id(\"CVE-2020-8927\");\n script_xref(name:\"USN\", value:\"4568-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Brotli vulnerability (USN-4568-1)\");\n script_summary(english:\"Checks the dpkg output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as\nreferenced in the USN-4568-1 advisory.\n\n - A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the\n input length of a one-shot decompression request to a script can trigger a crash, which happens when\n copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or\n later. If one cannot update, we recommend to use the streaming API as opposed to the one-shot API, and\n impose chunk size limits. (CVE-2020-8927)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4568-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8927\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbrotli-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libbrotli1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-brotli\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04 / 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '16.04', 'pkgname': 'brotli', 'pkgver': '1.0.3-1ubuntu1~16.04.2'},\n {'osver': '16.04', 'pkgname': 'libbrotli-dev', 'pkgver': '1.0.3-1ubuntu1~16.04.2'},\n {'osver': '16.04', 'pkgname': 'libbrotli1', 'pkgver': '1.0.3-1ubuntu1~16.04.2'},\n {'osver': '16.04', 'pkgname': 'python-brotli', 'pkgver': '1.0.3-1ubuntu1~16.04.2'},\n {'osver': '16.04', 'pkgname': 'python3-brotli', 'pkgver': '1.0.3-1ubuntu1~16.04.2'},\n {'osver': '18.04', 'pkgname': 'brotli', 'pkgver': '1.0.3-1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libbrotli-dev', 'pkgver': '1.0.3-1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'libbrotli1', 'pkgver': '1.0.3-1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'python-brotli', 'pkgver': '1.0.3-1ubuntu1.3'},\n {'osver': '18.04', 'pkgname': 'python3-brotli', 'pkgver': '1.0.3-1ubuntu1.3'},\n {'osver': '20.04', 'pkgname': 'brotli', 'pkgver': '1.0.7-6ubuntu0.1'},\n {'osver': '20.04', 'pkgname': 'libbrotli-dev', 'pkgver': '1.0.7-6ubuntu0.1'},\n {'osver': '20.04', 'pkgname': 'libbrotli1', 'pkgver': '1.0.7-6ubuntu0.1'},\n {'osver': '20.04', 'pkgname': 'python3-brotli', 'pkgver': '1.0.7-6ubuntu0.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'brotli / libbrotli-dev / libbrotli1 / python-brotli / python3-brotli');\n}", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-10-16T06:19:45", "description": "Security fix for CVE-2020-8927\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 2, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2020-10-12T00:00:00", "title": "Fedora 32 : golang-github-andybalholm-brotli (2020-c663fbc46c)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8927"], "modified": "2020-10-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:golang-github-andybalholm-brotli", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-C663FBC46C.NASL", "href": "https://www.tenable.com/plugins/nessus/141375", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-c663fbc46c.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141375);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/15\");\n\n script_cve_id(\"CVE-2020-8927\");\n script_xref(name:\"FEDORA\", value:\"2020-c663fbc46c\");\n\n script_name(english:\"Fedora 32 : golang-github-andybalholm-brotli (2020-c663fbc46c)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security fix for CVE-2020-8927\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-c663fbc46c\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected golang-github-andybalholm-brotli package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:golang-github-andybalholm-brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"golang-github-andybalholm-brotli-1.0.1-1.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang-github-andybalholm-brotli\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-08T01:53:43", "description": "A buffer overflow was discovered in Brotli, a generic-purpose lossless\ncompression suite.", "edition": 2, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2020-12-02T00:00:00", "title": "Debian DSA-4801-1 : brotli - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8927"], "modified": "2020-12-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:brotli", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4801.NASL", "href": "https://www.tenable.com/plugins/nessus/143439", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4801. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143439);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/07\");\n\n script_cve_id(\"CVE-2020-8927\");\n script_xref(name:\"DSA\", value:\"4801\");\n\n script_name(english:\"Debian DSA-4801-1 : brotli - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A buffer overflow was discovered in Brotli, a generic-purpose lossless\ncompression suite.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/brotli\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/brotli\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4801\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the brotli packages.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1.0.7-2+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"brotli\", reference:\"1.0.7-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libbrotli-dev\", reference:\"1.0.7-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libbrotli1\", reference:\"1.0.7-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"python-brotli\", reference:\"1.0.7-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"python3-brotli\", reference:\"1.0.7-2+deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-10-16T06:19:59", "description": "Security fix for CVE-2020-8927\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 2, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2020-10-12T00:00:00", "title": "Fedora 31 : golang-github-andybalholm-brotli (2020-e21bd401ad)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8927"], "modified": "2020-10-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:golang-github-andybalholm-brotli", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-E21BD401AD.NASL", "href": "https://www.tenable.com/plugins/nessus/141381", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-e21bd401ad.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141381);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/15\");\n\n script_cve_id(\"CVE-2020-8927\");\n script_xref(name:\"FEDORA\", value:\"2020-e21bd401ad\");\n\n script_name(english:\"Fedora 31 : golang-github-andybalholm-brotli (2020-e21bd401ad)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security fix for CVE-2020-8927\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-e21bd401ad\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected golang-github-andybalholm-brotli package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:golang-github-andybalholm-brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"golang-github-andybalholm-brotli-1.0.1-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang-github-andybalholm-brotli\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-01-07T09:07:09", "description": "According to the version of the brotli package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A buffer overflow exists in the Brotli library versions\n prior to 1.0.8 where an attacker controlling the input\n length of a 'one-shot' decompression request to a\n script can trigger a crash, which happens when copying\n over chunks of data larger than 2 GiB. It is\n recommended to update your Brotli library to 1.0.8 or\n later. If one cannot update, we recommend to use the\n 'streaming' API as opposed to the 'one-shot' API, and\n impose chunk size limits.(CVE-2020-8927)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 3, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2020-12-14T00:00:00", "title": "EulerOS 2.0 SP8 : brotli (EulerOS-SA-2020-2508)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8927"], "modified": "2020-12-14T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:brotli", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-2508.NASL", "href": "https://www.tenable.com/plugins/nessus/144131", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144131);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2020-8927\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : brotli (EulerOS-SA-2020-2508)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the brotli package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A buffer overflow exists in the Brotli library versions\n prior to 1.0.8 where an attacker controlling the input\n length of a 'one-shot' decompression request to a\n script can trigger a crash, which happens when copying\n over chunks of data larger than 2 GiB. It is\n recommended to update your Brotli library to 1.0.8 or\n later. If one cannot update, we recommend to use the\n 'streaming' API as opposed to the 'one-shot' API, and\n impose chunk size limits.(CVE-2020-8927)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2508\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7c8a0f7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected brotli package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"brotli-1.0.5-1.h2.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"brotli\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-01-07T09:06:34", "description": "According to the version of the brotli package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A buffer overflow exists in the Brotli library versions\n prior to 1.0.8 where an attacker controlling the input\n length of a 'one-shot' decompression request to a\n script can trigger a crash, which happens when copying\n over chunks of data larger than 2 GiB. It is\n recommended to update your Brotli library to 1.0.8 or\n later. If one cannot update, we recommend to use the\n 'streaming' API as opposed to the 'one-shot' API, and\n impose chunk size limits.(CVE-2020-8927)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 4, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2020-10-09T00:00:00", "title": "EulerOS : brotli (EulerOS-SA-2020-2173)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8927"], "modified": "2020-10-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:brotli", "cpe:/o:huawei:euleros:"], "id": "EULEROS_SA-2020-2173.NASL", "href": "https://www.tenable.com/plugins/nessus/141338", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141338);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2020-8927\"\n );\n\n script_name(english:\"EulerOS : brotli (EulerOS-SA-2020-2173)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the brotli package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A buffer overflow exists in the Brotli library versions\n prior to 1.0.8 where an attacker controlling the input\n length of a 'one-shot' decompression request to a\n script can trigger a crash, which happens when copying\n over chunks of data larger than 2 GiB. It is\n recommended to update your Brotli library to 1.0.8 or\n later. If one cannot update, we recommend to use the\n 'streaming' API as opposed to the 'one-shot' API, and\n impose chunk size limits.(CVE-2020-8927)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2173\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e0eb96aa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected brotli package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release (\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS \");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"brotli-1.0.7-2.h1.eulerosv2r9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"brotli\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-08T01:36:39", "description": "A buffer overflow was discovered in Brotli, a generic-purpose lossless\ncompression suite.\n\nFor Debian 9 stretch, this problem has been fixed in version\n0.5.2+dfsg-2+deb9u1.\n\nWe recommend that you upgrade your brotli packages.\n\nFor the detailed security status of brotli please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/brotli\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 2, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2020-12-02T00:00:00", "title": "Debian DLA-2476-1 : brotli security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8927"], "modified": "2020-12-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:brotli", "p-cpe:/a:debian:debian_linux:python-brotli", "p-cpe:/a:debian:debian_linux:python3-brotli", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2476.NASL", "href": "https://www.tenable.com/plugins/nessus/143435", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2476-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143435);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/07\");\n\n script_cve_id(\"CVE-2020-8927\");\n\n script_name(english:\"Debian DLA-2476-1 : brotli security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A buffer overflow was discovered in Brotli, a generic-purpose lossless\ncompression suite.\n\nFor Debian 9 stretch, this problem has been fixed in version\n0.5.2+dfsg-2+deb9u1.\n\nWe recommend that you upgrade your brotli packages.\n\nFor the detailed security status of brotli please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/brotli\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/12/msg00003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/brotli\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/brotli\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-brotli\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"brotli\", reference:\"0.5.2+dfsg-2+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-brotli\", reference:\"0.5.2+dfsg-2+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python3-brotli\", reference:\"0.5.2+dfsg-2+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-10-05T21:16:35", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8927"], "description": "It was discovered that Brotli incorrectly handled certain inputs. \nAn attacker could possibly use this issue to cause a crash.", "edition": 1, "modified": "2020-10-05T00:00:00", "published": "2020-10-05T00:00:00", "id": "USN-4568-1", "href": "https://ubuntu.com/security/notices/USN-4568-1", "title": "Brotli vulnerability", "type": "ubuntu", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "archlinux": [{"lastseen": "2020-11-06T11:39:41", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8927"], "description": "Arch Linux Security Advisory ASA-202009-13\n==========================================\n\nSeverity: Medium\nDate : 2020-09-26\nCVE-ID : CVE-2020-8927\nPackage : brotli\nType : denial of service\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1230\n\nSummary\n=======\n\nThe package brotli before version 1.0.9-1 is vulnerable to denial of\nservice.\n\nResolution\n==========\n\nUpgrade to 1.0.9-1.\n\n# pacman -Syu \"brotli>=1.0.9-1\"\n\nThe problem has been fixed upstream in version 1.0.9.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nA buffer overflow exists in the Brotli library < 1.0.8, where an\nattacker controlling the input length of a \"one-shot\" decompression\nrequest to a script can trigger a crash, which happens when copying\nover chunks of data larger than 2 GiB. It is recommended to update your\nBrotli library to 1.0.8 or later. If one cannot update, we recommend to\nuse the \"streaming\" API as opposed to the \"one-shot\" API, and impose\nchunk size limits.\n\nImpact\n======\n\nA remote attacker might be able to cause a crash via crafted content.\n\nReferences\n==========\n\nhttps://github.com/google/brotli/releases/tag/v1.0.9\nhttps://github.com/google/brotli/commit/223d80cfbec8fd346e32906c732c8ede21f0cea6\nhttps://security.archlinux.org/CVE-2020-8927", "modified": "2020-09-26T00:00:00", "published": "2020-09-26T00:00:00", "id": "ASA-202009-13", "href": "https://security.archlinux.org/ASA-202009-13", "type": "archlinux", "title": "[ASA-202009-13] brotli: denial of service", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "suse": [{"lastseen": "2020-09-30T02:42:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8927"], "description": "This update for brotli fixes the following issues:\n\n brotli was updated to 1.0.9:\n\n * CVE-2020-8927: Fix integer overflow when input chunk is longer than 2GiB\n [boo#1175825]\n * `brotli -v` now reports raw / compressed size\n * decoder: minor speed / memory usage improvements\n * encoder: fix rare access to uninitialized data in ring-buffer\n\n", "edition": 1, "modified": "2020-09-30T00:15:09", "published": "2020-09-30T00:15:09", "id": "OPENSUSE-SU-2020:1578-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00108.html", "title": "Security update for brotli (moderate)", "type": "suse", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "debian": [{"lastseen": "2020-12-02T01:16:38", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8927"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4801-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nDecember 01, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : brotli\nCVE ID : CVE-2020-8927\n\nA buffer overflow was discovered in Brotli, a generic-purpose lossless\ncompression suite.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1.0.7-2+deb10u1.\n\nWe recommend that you upgrade your brotli packages.\n\nFor the detailed security status of brotli please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/brotli\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 1, "modified": "2020-12-01T21:49:59", "published": "2020-12-01T21:49:59", "id": "DEBIAN:DSA-4801-1:69ED7", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2020/msg00208.html", "title": "[SECURITY] [DSA 4801-1] brotli security update", "type": "debian", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-25T13:16:06", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8927"], "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2476-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Roberto C. S\u00e1nchez\nDecember 01, 2020 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : brotli\nVersion : 0.5.2+dfsg-2+deb9u1\nCVE ID : CVE-2020-8927\n\nA buffer overflow was discovered in Brotli, a generic-purpose lossless\ncompression suite.\n\nFor Debian 9 stretch, this problem has been fixed in version\n0.5.2+dfsg-2+deb9u1.\n\nWe recommend that you upgrade your brotli packages.\n\nFor the detailed security status of brotli please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/brotli\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2020-12-01T22:58:35", "published": "2020-12-01T22:58:35", "id": "DEBIAN:DLA-2476-1:BF3F0", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202012/msg00003.html", "title": "[SECURITY] [DLA 2476-1] brotli security update", "type": "debian", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}]}
