Lucene search
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.ALA_ALAS-2022-1567.NASLHistoryFeb 19, 2022 - 12:00 a.m.
Amazon Linux AMI : vim (ALAS-2022-1567)
2022-02-1900:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
41
7.3 High
AI Score
Confidence
Low
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1567 advisory.
-
vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2022-0158, CVE-2022-0213)
-
vim is vulnerable to Use After Free (CVE-2022-0156)
-
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359)
-
Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)
-
Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
(CVE-2022-0351)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2022-1567.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(158195);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/20");
script_cve_id(
"CVE-2021-3778",
"CVE-2021-3872",
"CVE-2021-3875",
"CVE-2022-0156",
"CVE-2022-0158",
"CVE-2022-0213",
"CVE-2022-0261",
"CVE-2022-0318",
"CVE-2022-0351",
"CVE-2022-0359"
);
script_xref(name:"ALAS", value:"2022-1567");
script_name(english:"Amazon Linux AMI : vim (ALAS-2022-1567)");
script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux AMI host is missing a security update.");
script_set_attribute(attribute:"description", value:
"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1567 advisory.
- vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875,
CVE-2022-0158, CVE-2022-0213)
- vim is vulnerable to Use After Free (CVE-2022-0156)
- Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359)
- Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)
- Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
(CVE-2022-0351)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2022-1567.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2021-3778.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2021-3872.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2021-3875.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2022-0156.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2022-0158.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2022-0213.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2022-0261.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2022-0318.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2022-0351.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2022-0359.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/faqs.html");
script_set_attribute(attribute:"solution", value:
"Run 'yum update vim' to update your system.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-0318");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/01/10");
script_set_attribute(attribute:"patch_publication_date", value:"2022/02/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/19");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:vim-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:vim-data");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:vim-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:vim-enhanced");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:vim-filesystem");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:vim-minimal");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Amazon Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var alas_release = get_kb_item("Host/AmazonLinux/release");
if (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, "Amazon Linux");
var os_ver = pregmatch(pattern: "^AL(A|\d+|-\d+)", string:alas_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var pkgs = [
{'reference':'vim-common-8.2.4314-1.1.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-common-8.2.4314-1.1.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-data-8.2.4314-1.1.amzn1', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-debuginfo-8.2.4314-1.1.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-debuginfo-8.2.4314-1.1.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-enhanced-8.2.4314-1.1.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-enhanced-8.2.4314-1.1.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-filesystem-8.2.4314-1.1.amzn1', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-minimal-8.2.4314-1.1.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'vim-minimal-8.2.4314-1.1.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "vim-common / vim-data / vim-debuginfo / etc");
}| Vendor | Product | Version | CPE |
|---|---|---|---|
| amazon | linux | vim-common | p-cpe:/a:amazon:linux:vim-common |
| amazon | linux | vim-data | p-cpe:/a:amazon:linux:vim-data |
| amazon | linux | vim-debuginfo | p-cpe:/a:amazon:linux:vim-debuginfo |
| amazon | linux | vim-enhanced | p-cpe:/a:amazon:linux:vim-enhanced |
| amazon | linux | vim-filesystem | p-cpe:/a:amazon:linux:vim-filesystem |
| amazon | linux | vim-minimal | p-cpe:/a:amazon:linux:vim-minimal |
| amazon | linux | cpe:/o:amazon:linux |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3778
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3872
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3875
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0156
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0158
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0213
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0261
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0318
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359
alas.aws.amazon.com/ALAS-2022-1567.html
alas.aws.amazon.com/cve/html/CVE-2021-3778.html
alas.aws.amazon.com/cve/html/CVE-2021-3872.html
alas.aws.amazon.com/cve/html/CVE-2021-3875.html
alas.aws.amazon.com/cve/html/CVE-2022-0156.html
alas.aws.amazon.com/cve/html/CVE-2022-0158.html
alas.aws.amazon.com/cve/html/CVE-2022-0213.html
alas.aws.amazon.com/cve/html/CVE-2022-0261.html
alas.aws.amazon.com/cve/html/CVE-2022-0318.html
alas.aws.amazon.com/cve/html/CVE-2022-0351.html
alas.aws.amazon.com/cve/html/CVE-2022-0359.html
alas.aws.amazon.com/faqs.html
Related
amazon
amazon
nessus
nessus
Amazon Linux 2 : vim (ALAS-2022-1751)
2022-02-21 00:00:00
EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-1217)
2022-02-25 00:00:00
EulerOS Virtualization 3.0.6.0 : vim (EulerOS-SA-2022-1054)
2022-02-11 00:00:00
openvas
openvas
Fedora: Security Advisory for vim (FEDORA-2022-f05f9c155b)
2022-01-30 00:00:00
Fedora: Security Advisory for vim (FEDORA-2022-7e9e1ae1fb)
2022-02-04 00:00:00
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2021-2817)
2021-12-26 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: vim-8.2.4232-1.fc35
2022-01-30 01:44:14
[SECURITY] Fedora 34 Update: vim-8.2.4232-1.fc34
2022-02-04 01:24:30
[SECURITY] Fedora 33 Update: vim-8.2.3512-1.fc33
2021-10-23 03:25:44
mageia
mageia
Updated vim packages fix security vulnerability
2022-01-18 22:29:46
rosalinux
rosalinux
Advisory ROSA-SA-2023-2214
2023-08-15 09:10:06
cloudlinux
cloudlinux
Fix of CVE: CVE-2022-0261, CVE-2022-0213
2022-01-31 14:48:28
Fix of CVE: CVE-2021-3903, CVE-2021-3875, CVE-2021-3872
2021-11-23 13:12:30
Fix of CVE: CVE-2021-3875, CVE-2021-3872, CVE-2021-3903
2021-11-10 18:26:51
osv
osv
Moderate: vim security update
2022-03-15 09:11:53
Moderate: vim security update
2022-03-15 09:11:53
vim vulnerabilities
2022-06-02 12:21:05
rocky
rocky
vim security update
2022-03-15 09:11:53
redhat
redhat
(RHSA-2022:0894) Moderate: vim security update
2022-03-15 09:11:53
oraclelinux
oraclelinux
vim security update
2022-03-16 00:00:00
almalinux
almalinux
Moderate: vim security update
2022-03-15 09:11:53
photon
photon
Important Photon OS Security Update - PHSA-2021-3.0-0322
2021-10-30 00:00:00
Important Photon OS Security Update - PHSA-2021-0121
2021-10-28 00:00:00
Important Photon OS Security Update - PHSA-2021-4.0-0121
2021-10-29 00:00:00
redhatcve
redhatcve
ubuntucve
ubuntucve
ubuntu
ubuntu
Vim vulnerabilities
2022-06-02 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-09-30 13:39:13
Heap-based Buffer Overflow
2022-04-07 09:28:26
Denial Of Service (DoS)
2021-11-03 14:03:57
prion
prion
Heap overflow
2021-09-15 08:15:00
Heap overflow
2021-10-15 14:15:00
Design/Logic Flaw
2022-01-25 18:15:00
huntr
huntr
Heap-based Buffer Overflow in vim/vim
2021-09-07 13:40:20
Heap-based Buffer Overflow in vim/vim
2022-01-18 07:23:55
Heap-based Buffer Overflow in vim/vim
2021-10-05 13:53:31
debiancve
debiancve
cve
cve
alpinelinux
alpinelinux
cbl_mariner
cbl_mariner
CVE-2021-3778 affecting package vim 8.1.1667-1
2021-11-03 19:21:17
CVE-2022-0261 affecting package vim 8.2.4081-1
2022-02-08 03:14:30
CVE-2022-0158 affecting package vim for versions less than 8.2.4081-1
2022-04-09 06:51:50
f5
f5
K29855410 : Vim vulnerabilities CVE-2022-0261, CVE-2022-0318, CVE-2022-0361, CVE-2022-0392, and CVE-2022-0413
2022-04-04 00:00:00
K08827426 : Vim vulnerability CVE-2022-0359
2022-04-04 00:00:00
cnvd
cnvd
vim resource management error vulnerability (CNVD-2022-05043)
2022-01-14 00:00:00
An unspecified vulnerability exists in vim (CNVD-2022-20698)
2022-01-21 00:00:00
vim buffer overflow vulnerability (CNVD-2022-20799)
2022-01-27 00:00:00
suse
suse
Security update for vim (important)
2022-03-04 00:00:00
cloudfoundry
cloudfoundry
USN-6195-1: Vim vulnerabilities | Cloud Foundry
2023-08-16 00:00:00
USN-6026-1: Vim vulnerabilities | Cloud Foundry
2023-04-24 00:00:00