Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.ALA_ALAS-2023-1662.NASLHistoryJan 24, 2023 - 12:00 a.m.
Amazon Linux AMI : exim (ALAS-2023-1662)
2023-01-2400:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
amazon linux ami
exim
vulnerability
alas-2023-1662
regex handler
use after free
patch
cve-2022-3559
nessus
0.007 Low
EPSS
Percentile
80.3%
The version of exim installed on the remote host is prior to 4.92-1.34. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1662 advisory.
- A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability. (CVE-2022-3559)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2023-1662.
##
include('compat.inc');
if (description)
{
script_id(170547);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/06");
script_cve_id("CVE-2022-3559");
script_xref(name:"IAVA", value:"2022-A-0338-S");
script_name(english:"Amazon Linux AMI : exim (ALAS-2023-1662)");
script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux AMI host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The version of exim installed on the remote host is prior to 4.92-1.34. It is, therefore, affected by a vulnerability as
referenced in the ALAS-2023-1662 advisory.
- A vulnerability was found in Exim and classified as problematic. This issue affects some unknown
processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch
is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The
identifier VDB-211073 was assigned to this vulnerability. (CVE-2022-3559)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2023-1662.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2022-3559.html");
script_set_attribute(attribute:"solution", value:
"Run 'yum update exim' to update your system.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-3559");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/08/25");
script_set_attribute(attribute:"patch_publication_date", value:"2023/01/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/01/24");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:exim");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:exim-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:exim-greylist");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:exim-mon");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:exim-mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:exim-pgsql");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Amazon Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var alas_release = get_kb_item("Host/AmazonLinux/release");
if (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, "Amazon Linux");
var os_ver = pregmatch(pattern: "^AL(A|\d+|-\d+)", string:alas_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var pkgs = [
{'reference':'exim-4.92-1.34.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'exim-4.92-1.34.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'exim-debuginfo-4.92-1.34.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'exim-debuginfo-4.92-1.34.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'exim-greylist-4.92-1.34.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'exim-greylist-4.92-1.34.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'exim-mon-4.92-1.34.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'exim-mon-4.92-1.34.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'exim-mysql-4.92-1.34.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'exim-mysql-4.92-1.34.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'exim-pgsql-4.92-1.34.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
{'reference':'exim-pgsql-4.92-1.34.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "exim / exim-debuginfo / exim-greylist / etc");
}| Vendor | Product | Version | CPE |
|---|---|---|---|
| amazon | linux | exim-mon | p-cpe:/a:amazon:linux:exim-mon |
| amazon | linux | exim-mysql | p-cpe:/a:amazon:linux:exim-mysql |
| amazon | linux | exim-pgsql | p-cpe:/a:amazon:linux:exim-pgsql |
| amazon | linux | cpe:/o:amazon:linux | |
| amazon | linux | exim | p-cpe:/a:amazon:linux:exim |
| amazon | linux | exim-debuginfo | p-cpe:/a:amazon:linux:exim-debuginfo |
| amazon | linux | exim-greylist | p-cpe:/a:amazon:linux:exim-greylist |
Related
nessus
nessus
Fedora 35 : exim (2022-ebb3db782c)
2022-12-22 00:00:00
Fedora 36 : exim (2022-6125582f45)
2022-12-23 00:00:00
openSUSE 15 Security Update : exim (openSUSE-SU-2022:10168-1)
2022-11-01 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-11-16 23:58:58
suse
suse
Security update for exim (important)
2022-11-09 00:00:00
Security update for exim (important)
2022-10-30 00:00:00
cve
cve
CVE-2022-3559
2022-10-17 18:15:12
cvelist
cvelist
CVE-2022-3559 Exim Regex use after free
2022-10-17 00:00:00
amazon
amazon
Important: exim
2023-01-18 20:56:00
nvd
nvd
CVE-2022-3559
2022-10-17 18:15:12
fedora
fedora
[SECURITY] Fedora 35 Update: exim-4.96-4.fc35
2022-10-28 11:45:46
[SECURITY] Fedora 36 Update: exim-4.96-4.fc36
2022-10-28 11:16:14
[SECURITY] Fedora 37 Update: exim-4.96-5.fc37
2022-11-10 22:57:16
cloudlinux
cloudlinux
exim: Fix of CVE-2022-3559
2023-11-13 20:42:23
osv
osv
exim4 vulnerability
2022-11-24 14:02:15
ubuntucve
ubuntucve
CVE-2022-3559
2022-10-17 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5741-1)
2022-11-25 00:00:00
Exim 4.87 - 4.96 Use After Free Vulnerability
2022-10-19 00:00:00
Fedora: Security Advisory for exim (FEDORA-2022-90e08c08e6)
2022-11-11 00:00:00
ubuntu
ubuntu
Exim vulnerability
2022-11-24 00:00:00
debiancve
debiancve
CVE-2022-3559
2022-10-17 18:15:12
prion
prion
Design/Logic Flaw
2022-10-17 18:15:00
redos
redos
ROS-20221028-01
2022-10-28 00:00:00