Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.AL2_ALAS-2019-1226.NASL
HistoryJun 14, 2019 - 12:00 a.m.

Amazon Linux 2 : libX11 (ALAS-2019-1226)

2019-06-1400:00:00
This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
JSON

An off-by-one error has been discovered in libX11 in functions XGetFontPath(), XListExtensions(), and XListFonts(). An attacker who can either configure a malicious X server or modify the data coming from one could use this flaw to make the program crash or have other unspecified effects, caused by the memory corruption. (CVE-2018-14599)

It was discovered that libX11 does not properly validate input coming from the server, causing XListExtensions() and XGetFontPath() functions to produce an invalid list of elements that in turn make XFreeExtensionsList() and XFreeFontPath() access invalid memory. An attacker who can either configure a malicious X server or modify the data coming from one, could use this flaw to crash the application using libX11, resulting in a denial of service. (CVE-2018-14598)

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1226.
#

include("compat.inc");

if (description)
{
  script_id(125898);
  script_version("1.2");
  script_cvs_date("Date: 2020/01/10");

  script_cve_id("CVE-2018-14598", "CVE-2018-14599");
  script_xref(name:"ALAS", value:"2019-1226");

  script_name(english:"Amazon Linux 2 : libX11 (ALAS-2019-1226)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux 2 host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"An off-by-one error has been discovered in libX11 in functions
XGetFontPath(), XListExtensions(), and XListFonts(). An attacker who
can either configure a malicious X server or modify the data coming
from one could use this flaw to make the program crash or have other
unspecified effects, caused by the memory corruption. (CVE-2018-14599)

It was discovered that libX11 does not properly validate input coming
from the server, causing XListExtensions() and XGetFontPath()
functions to produce an invalid list of elements that in turn make
XFreeExtensionsList() and XFreeFontPath() access invalid memory. An
attacker who can either configure a malicious X server or modify the
data coming from one, could use this flaw to crash the application
using libX11, resulting in a denial of service. (CVE-2018-14598)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/AL2/ALAS-2019-1226.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Run 'yum update libX11' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libX11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libX11-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libX11-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libX11-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/24");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/06/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/14");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "2")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux 2", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"AL2", reference:"libX11-1.6.5-2.amzn2.0.2")) flag++;
if (rpm_check(release:"AL2", reference:"libX11-common-1.6.5-2.amzn2.0.2")) flag++;
if (rpm_check(release:"AL2", reference:"libX11-debuginfo-1.6.5-2.amzn2.0.2")) flag++;
if (rpm_check(release:"AL2", reference:"libX11-devel-1.6.5-2.amzn2.0.2")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libX11 / libX11-common / libX11-debuginfo / libX11-devel");
}
VendorProductVersionCPE
amazonlinuxlibx11p-cpe:/a:amazon:linux:libx11
amazonlinuxlibx11-commonp-cpe:/a:amazon:linux:libx11-common
amazonlinuxlibx11-debuginfop-cpe:/a:amazon:linux:libx11-debuginfo
amazonlinuxlibx11-develp-cpe:/a:amazon:linux:libx11-devel
amazonlinux2cpe:/o:amazon:linux:2

Related

openvas 17
fedora 1
nessus 29
ibm 4
amazon 2
freebsd 1
gentoo 1
slackware 1
mageia 1
suse 2
osv 3
debian 1
ubuntu 2
cloudfoundry 1
redhatcve 2
cve 2
alpinelinux 2
veracode 2
debiancve 2
ubuntucve 2
prion 2
github 1
redhat 1
centos 1
oraclelinux 1
openvas
openvas
Fedora Update for libX11 FEDORA-2019-6a756fe3a5
2019-04-30 00:00:00
Huawei EulerOS: Security Advisory for libX11 (EulerOS-SA-2019-1948)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libx11 (EulerOS-SA-2019-1884)
2020-01-23 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: libX11-1.6.7-1.fc28
2019-04-30 01:41:08
nessus
nessus
EulerOS Virtualization for ARM 64 3.0.2.0 : libX11 (EulerOS-SA-2019-1948)
2019-09-17 00:00:00
Fedora 28 : libX11 (2019-6a756fe3a5)
2019-04-30 00:00:00
EulerOS 2.0 SP5 : libx11 (EulerOS-SA-2019-1884)
2019-09-16 00:00:00
ibm
ibm
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in X.Org libx11 (CVE-2018-14599 CVE-2018-14598)
2019-04-11 21:00:01
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in xorg-x11-libX11 (CVE-2018-14598 CVE-2018-14599 CVE-2018-14600)
2023-12-07 22:45:02
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in xorg-x11
2023-12-07 22:45:03
amazon
amazon
Medium: libX11
2019-06-11 23:17:00
Medium: xorg-x11-server
2020-06-03 18:21:00
freebsd
freebsd
libX11 -- Multiple vulnerabilities
2018-08-21 00:00:00
gentoo
gentoo
X.Org X11 library: Multiple vulnerabilities
2018-11-09 00:00:00
slackware
slackware
[slackware-security] libX11
2018-08-21 20:09:53
mageia
mageia
Updated libx11 packages fix security vulnerabilities
2018-09-21 02:17:55
suse
suse
Security update for libX11 (moderate)
2018-10-05 12:07:58
Security update for libX11 (important)
2018-08-31 12:07:54
osv
osv
libx11 - security update
2018-08-29 00:00:00
CVE-2018-14598
2018-08-24 19:29:01
CVE-2018-14599
2018-08-24 19:29:01
debian
debian
[SECURITY] [DLA 1482-1] libx11 security update
2018-08-29 22:17:50
ubuntu
ubuntu
libx11 vulnerabilities
2018-08-30 00:00:00
libx11 vulnerabilities
2018-08-30 00:00:00
cloudfoundry
cloudfoundry
USN-3758-1: libx11 vulnerabilities | Cloud Foundry
2018-09-27 00:00:00
redhatcve
redhatcve
CVE-2018-14598
2018-08-28 20:25:00
CVE-2018-14599
2018-08-28 20:51:16
cve
cve
CVE-2018-14598
2018-08-24 19:29:00
CVE-2018-14599
2018-08-24 19:29:00
alpinelinux
alpinelinux
CVE-2018-14598
2018-08-24 19:29:00
CVE-2018-14599
2018-08-24 19:29:00
veracode
veracode
Out-Of-Bounds Write
2018-08-23 03:42:19
Denial Of Service (DoS)
2018-08-27 08:35:54
debiancve
debiancve
CVE-2018-14598
2018-08-24 19:29:00
CVE-2018-14599
2018-08-24 19:29:00
ubuntucve
ubuntucve
CVE-2018-14599
2018-08-24 00:00:00
CVE-2018-14598
2018-08-24 00:00:00
prion
prion
Buffer overflow
2018-08-24 19:29:00
Code injection
2018-08-24 19:29:00
github
github
ICYMI: improved C++ vulnerability coverage and CodeQL support for Lombok
2023-10-19 19:14:39
redhat
redhat
(RHSA-2019:2079) Moderate: Xorg security and bug fix update
2019-08-06 07:58:40
centos
centos
gdm, libX11, libxkbcommon, xorg security update
2019-08-30 02:52:02
oraclelinux
oraclelinux
Xorg security and bug fix update
2019-08-13 00:00:00
JSON
Related for AL2_ALAS-2019-1226.NASL
openvas17fedora1nessus29ibm4amazon2freebsd1gentoo1slackware1mageia1suse2osv3debian1ubuntu2cloudfoundry1redhatcve2cve2alpinelinux2veracode2debiancve2ubuntucve2prion2github1redhat1centos1oraclelinux1