Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.ALA_ALAS-2020-1436.NASL
HistoryOct 28, 2020 - 12:00 a.m.

Amazon Linux AMI : golang (ALAS-2020-1436)

2020-10-2800:00:00
This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9
JSON

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1436 advisory.

  • The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String. (CVE-2020-14040)

  • Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. (CVE-2020-16845)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable Network Security, Inc.
#                                  
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2020-1436.
##

include('compat.inc');

if (description)
{
  script_id(141969);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/10/29");

  script_cve_id("CVE-2020-14040", "CVE-2020-16845");
  script_xref(name:"ALAS", value:"2020-1436");

  script_name(english:"Amazon Linux AMI : golang (ALAS-2020-1436)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux AMI host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by
multiple vulnerabilities as referenced in the ALAS-2020-1436 advisory.

  - The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the
    UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker
    could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an
    infinite loop if the String function on the Decoder is called, or the Decoder is passed to
    golang.org/x/text/transform.String. (CVE-2020-14040)

  - Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in
    encoding/binary via invalid inputs. (CVE-2020-16845)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2020-1436.html");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-14040");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-16845");
  script_set_attribute(attribute:"solution", value:
"Run 'yum update golang' to update your system.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-16845");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/06/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/10/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/10/28");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang-bin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang-docs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang-misc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang-race");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang-src");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang-tests");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Amazon Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

pkgs = [
    {'reference':'golang-1.13.15-1.59.amzn1', 'cpu':'i686', 'release':'ALA'},
    {'reference':'golang-1.13.15-1.59.amzn1', 'cpu':'x86_64', 'release':'ALA'},
    {'reference':'golang-bin-1.13.15-1.59.amzn1', 'cpu':'i686', 'release':'ALA'},
    {'reference':'golang-bin-1.13.15-1.59.amzn1', 'cpu':'x86_64', 'release':'ALA'},
    {'reference':'golang-docs-1.13.15-1.59.amzn1', 'release':'ALA'},
    {'reference':'golang-misc-1.13.15-1.59.amzn1', 'release':'ALA'},
    {'reference':'golang-race-1.13.15-1.59.amzn1', 'cpu':'x86_64', 'release':'ALA'},
    {'reference':'golang-src-1.13.15-1.59.amzn1', 'release':'ALA'},
    {'reference':'golang-tests-1.13.15-1.59.amzn1', 'release':'ALA'}
];

flag = 0;
foreach package_array ( pkgs ) {
  reference = NULL;
  release = NULL;
  cpu = NULL;
  el_string = NULL;
  rpm_spec_vers_cmp = NULL;
  allowmaj = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) release = package_array['release'];
  if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (reference && release) {
    if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "golang / golang-bin / golang-docs / etc");
}
VendorProductVersionCPE
amazonlinuxgolangp-cpe:/a:amazon:linux:golang
amazonlinuxgolang-binp-cpe:/a:amazon:linux:golang-bin
amazonlinuxgolang-docsp-cpe:/a:amazon:linux:golang-docs
amazonlinuxgolang-miscp-cpe:/a:amazon:linux:golang-misc
amazonlinuxgolang-racep-cpe:/a:amazon:linux:golang-race
amazonlinuxgolang-srcp-cpe:/a:amazon:linux:golang-src
amazonlinuxgolang-testsp-cpe:/a:amazon:linux:golang-tests
amazonlinuxcpe:/o:amazon:linux

Related

amazon 2
nessus 49
redhat 41
fedora 6
oraclelinux 8
github 3
osv 18
prion 3
wolfi 1
ibm 29
veracode 2
debiancve 3
freebsd 1
ubuntucve 3
cve 3
cbl_mariner 1
altlinux 2
ubuntu 3
redhatcve 2
suse 4
photon 5
alpinelinux 1
gitlab 2
cgr 1
mageia 1
debian 3
rocky 1
almalinux 1
amazon
amazon
Medium: golang
2020-09-28 20:57:00
Medium: golang
2020-10-26 18:04:00
nessus
nessus
Amazon Linux 2 : golang (ALAS-2020-1494)
2020-10-01 00:00:00
Fedora 32 : golang (2020-a55f130272)
2020-09-08 00:00:00
RHEL 8 : go-toolset:rhel8 (RHSA-2020:3665)
2020-09-08 00:00:00
redhat
redhat
(RHSA-2020:5606) Moderate: Red Hat OpenShift Container Storage 4.6 bug fix and enhancement update
2020-12-17 05:34:15
(RHSA-2020:3665) Moderate: go-toolset:rhel8 security update
2020-09-08 08:39:09
(RHSA-2020:4214) Moderate: go-toolset-1.13-golang security and bug fix update
2020-10-08 10:31:52
fedora
fedora
[SECURITY] Fedora 32 Update: golang-1.14.7-1.fc32
2020-09-07 17:14:54
[SECURITY] Fedora 31 Update: golang-github-ulikunitz-xz-0.5.8-1.fc31
2020-08-28 14:58:12
[SECURITY] Fedora 31 Update: golang-1.13.15-1.fc31
2020-09-09 14:20:25
oraclelinux
oraclelinux
go-toolset:ol8 security update
2020-09-11 00:00:00
coredns cri-o cri-tools etcd flannel kata kata-agent kata-image kata-ksm-throttler kata-proxy kata-runtime kata-shim kubernetes kubernetes-cni kubernetes-cni-plugins kubernetes-dashboard olcne yq security update
2020-08-31 00:00:00
kubernetes kubeadm-ha-setup kubernetes-cni kubernetes-cni-plugins security update
2020-08-24 00:00:00
github
github
golang.org/x/text Infinite loop
2021-05-18 18:34:35
Infinite loop in xz
2021-12-16 19:16:40
github.com/ulikunitz/xz fixes readUvarint denial of service
2021-05-25 18:39:37
osv
osv
Infinite loop when decoding some inputs in golang.org/x/text
2021-04-14 20:04:52
Infinite loop in xz
2021-12-16 19:16:40
golang-1.13 vulnerability
2023-05-23 13:10:08
prion
prion
Design/Logic Flaw
2020-06-17 20:15:00
Design/Logic Flaw
2020-08-06 18:15:00
Format string
2021-04-28 19:15:00
wolfi
wolfi
CVE-2020-14040 vulnerabilities
2024-04-19 09:07:40
ibm
ibm
Security Bulletin: A security vulnerability in GO affects IBM Cloud Pak for Multicloud Management Managed Service.
2020-12-14 18:05:09
Security Bulletin: Security Vulnerabilities affect IBM Cloud Pak for Data - Golang (CVE-2020-16845)
2020-10-28 16:21:54
Security Bulletin: A vulnerabilty in encoding/unicode in the UTF-16 decoder has been found in x/text package before v0.3.3 for Go that could lead to an infinite loop and denial of service, affecting IBM Cloud Pak for Applications
2021-08-02 17:36:34
veracode
veracode
Denial Of Service (DoS)
2020-08-13 04:32:40
Denial Of Service (DoS)
2020-06-17 03:55:36
debiancve
debiancve
CVE-2020-14040
2020-06-17 20:15:00
CVE-2020-16845
2020-08-06 18:15:00
CVE-2021-29482
2021-04-28 19:15:00
freebsd
freebsd
go -- encoding/binary: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
2020-08-06 00:00:00
ubuntucve
ubuntucve
CVE-2020-16845
2020-08-06 00:00:00
CVE-2020-14040
2020-06-17 00:00:00
CVE-2021-29482
2021-04-28 00:00:00
cve
cve
CVE-2020-14040
2020-06-17 20:15:00
CVE-2020-16845
2020-08-06 18:15:00
CVE-2021-29482
2021-04-28 19:15:00
cbl_mariner
cbl_mariner
CVE-2020-16845 affecting package golang 1.13.11-
2021-07-08 21:56:48
altlinux
altlinux
Security fix for the ALT Linux 9 package golang version 1.14.7-alt1
2020-08-19 00:00:00
Security fix for the ALT Linux 10 package golang version 1.14.7-alt1
2020-08-10 00:00:00
ubuntu
ubuntu
Go vulnerability
2023-05-23 00:00:00
Go vulnerability
2022-11-15 00:00:00
Go Text vulnerabilities
2023-02-16 00:00:00
redhatcve
redhatcve
CVE-2020-16845
2022-05-14 11:32:38
CVE-2020-14040
2021-06-27 12:24:34
suse
suse
Security update for go1.13 (moderate)
2020-08-12 00:00:00
Security update for go1.13 (moderate)
2020-08-11 00:00:00
Security update for go1.14 (important)
2020-09-11 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0276
2020-08-25 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0316
2020-08-25 00:00:00
Important Photon OS Security Update - PHSA-2020-0316
2020-08-25 00:00:00
alpinelinux
alpinelinux
CVE-2020-16845
2020-08-06 18:15:00
gitlab
gitlab
Loop with Unreachable Exit Condition ('Infinite Loop')
2021-05-18 00:00:00
Loop with Unreachable Exit Condition (Infinite Loop)
2020-06-17 00:00:00
cgr
cgr
CVE-2020-14040 vulnerabilities
2024-04-19 09:08:06
mageia
mageia
Updated golang packages fix security vulnerability
2020-08-18 20:41:27
debian
debian
[SECURITY] [DLA 2459-1] golang-1.7 security update
2020-11-21 16:15:56
[SECURITY] [DLA 2460-1] golang-1.8 security update
2020-11-21 16:41:04
[SECURITY] [DSA 4848-1] golang-1.11 security update
2021-02-08 21:24:09
rocky
rocky
container-tools:rhel8 security, bug fix, and enhancement update
2020-11-03 12:27:37
almalinux
almalinux
Moderate: container-tools:rhel8 security, bug fix, and enhancement update
2020-11-03 12:27:37
JSON
Related for ALA_ALAS-2020-1436.NASL
amazon2nessus49redhat41fedora6oraclelinux8github3osv18prion3wolfi1ibm29veracode2debiancve3freebsd1ubuntucve3cve3cbl_mariner1altlinux2ubuntu3redhatcve2suse4photon5alpinelinux1gitlab2cgr1mageia1debian3rocky1almalinux1