Lucene search

K
nessusThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.AL2_ALAS-2019-1368.NASL
HistoryNov 25, 2019 - 12:00 a.m.

Amazon Linux 2 : python / python3 (ALAS-2019-1368)

2019-11-2500:00:00
This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
25

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340 ; however, this CVE applies to Python more generally.(CVE-2019-16056)

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1368.
#

include("compat.inc");

if (description)
{
  script_id(131237);
  script_version("1.2");
  script_cvs_date("Date: 2019/12/09");

  script_cve_id("CVE-2019-16056");
  script_xref(name:"ALAS", value:"2019-1368");

  script_name(english:"Amazon Linux 2 : python / python3 (ALAS-2019-1368)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux 2 host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"An issue was discovered in Python through 2.7.16, 3.x through 3.5.7,
3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly
parses email addresses that contain multiple @ characters. An
application that uses the email module and implements some kind of
checks on the From/To headers of a message could be tricked into
accepting an email address that should be denied. An attack may be the
same as in CVE-2019-11340 ; however, this CVE applies to Python more
generally.(CVE-2019-16056)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/AL2/ALAS-2019-1368.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Run 'yum update python' to update your system.

Run 'yum update python3' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-tkinter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tkinter");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/11/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/25");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "2")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux 2", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"AL2", reference:"python-2.7.16-4.amzn2")) flag++;
if (rpm_check(release:"AL2", reference:"python-debug-2.7.16-4.amzn2")) flag++;
if (rpm_check(release:"AL2", reference:"python-debuginfo-2.7.16-4.amzn2")) flag++;
if (rpm_check(release:"AL2", reference:"python-devel-2.7.16-4.amzn2")) flag++;
if (rpm_check(release:"AL2", reference:"python-libs-2.7.16-4.amzn2")) flag++;
if (rpm_check(release:"AL2", reference:"python-test-2.7.16-4.amzn2")) flag++;
if (rpm_check(release:"AL2", reference:"python-tools-2.7.16-4.amzn2")) flag++;
if (rpm_check(release:"AL2", reference:"python3-3.7.4-1.amzn2.0.3")) flag++;
if (rpm_check(release:"AL2", reference:"python3-debug-3.7.4-1.amzn2.0.3")) flag++;
if (rpm_check(release:"AL2", reference:"python3-debuginfo-3.7.4-1.amzn2.0.3")) flag++;
if (rpm_check(release:"AL2", reference:"python3-devel-3.7.4-1.amzn2.0.3")) flag++;
if (rpm_check(release:"AL2", reference:"python3-libs-3.7.4-1.amzn2.0.3")) flag++;
if (rpm_check(release:"AL2", reference:"python3-test-3.7.4-1.amzn2.0.3")) flag++;
if (rpm_check(release:"AL2", reference:"python3-tkinter-3.7.4-1.amzn2.0.3")) flag++;
if (rpm_check(release:"AL2", reference:"python3-tools-3.7.4-1.amzn2.0.3")) flag++;
if (rpm_check(release:"AL2", reference:"tkinter-2.7.16-4.amzn2")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python / python-debug / python-debuginfo / python-devel / etc");
}
Related for AL2_ALAS-2019-1368.NASL