Lucene search
This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.AVG_INTERNET_SECURITY_2015_5736.NASLHistoryFeb 24, 2016 - 12:00 a.m.
AVG Internet Security 2015.5736 Address Space Layout Disclosure
2016-02-2400:00:00
This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
68.8%
The AVG Internet Security application installed on the remote Windows host is a version between 2015.5315 through 2015.5751, inclusive, with a virus definition database prior to version 9364. It is, therefore, affected by an information disclosure vulnerability due to insecure allocation of memory pages with Read, Write, and Execute (RWX) permissions at constant predictable addresses when protecting user-mode processes. An unauthenticated, remote attacker can exploit this to bypass the DEP and ASLR protection mechanisms, resulting in the disclosure of the address space layout.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(88933);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");
script_cve_id("CVE-2015-8578");
script_bugtraq_id(78813);
script_name(english:"AVG Internet Security 2015.5736 Address Space Layout Disclosure");
script_set_attribute(attribute:"synopsis", value:
"An antivirus application installed on the remote Windows host is
affected by an information disclosure vulnerability.");
script_set_attribute(attribute:"description", value:
"The AVG Internet Security application installed on the remote Windows
host is a version between 2015.5315 through 2015.5751, inclusive, with
a virus definition database prior to version 9364. It is, therefore,
affected by an information disclosure vulnerability due to insecure
allocation of memory pages with Read, Write, and Execute (RWX)
permissions at constant predictable addresses when protecting
user-mode processes. An unauthenticated, remote attacker can exploit
this to bypass the DEP and ASLR protection mechanisms, resulting in
the disclosure of the address space layout.");
script_set_attribute(attribute:"see_also", value:"https://www.avg.com/en-us/avg-release-notes");
# http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4927ba47");
# http://www.darkreading.com/endpoint/known-security-flaw-found-in-more-antivirus-products/d/d-id/1323480
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f75f1b1b");
script_set_attribute(attribute:"solution", value:
"Upgrade to the latest version of AVG Internet Security.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:ND");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/08");
script_set_attribute(attribute:"patch_publication_date", value:"2015/03/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/24");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:avg:internet_security");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("avg_internet_security_installed.nbin");
script_require_keys("installed_sw/AVG Internet Security");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("install_func.inc");
app = "AVG Internet Security";
install = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);
path = install["path"];
version = install["version"];
dbVerCore = install["vdbCore"];
dbVerAvi = install["vdbAvi"];
vuln = FALSE;
port = NULL;
# Check Version
if(dbVerCore == UNKNOWN_VER || dbVerAvi == UNKNOWN_VER) audit(AUDIT_UNKNOWN_APP_VER, app);
if (ver_compare(ver:version, fix:"2015.5315", strict:FALSE) >= 0 && ver_compare(ver:version, fix:"2015.5751", strict:FALSE) <= 0 )
{
if (dbVerAvi < 9364)
vuln = TRUE;
else
audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);
}
else audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);
# Prepare Report
if (vuln)
{
port = get_kb_item('SMB/transport');
if (!port) port = 445;
report =
'\n Path : ' + path +
'\n Installed version : ' + version +
'\n DB core version : ' + dbVerCore +
'\n DB AVI version : ' + dbVerAvi +
'\n Fix : Update to version 2015.5856 or DB AVI version 9364'+
'\n';
security_report_v4(severity: SECURITY_WARNING, port:port, extra:report);
}
else audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| avg | internet_security | cpe:/a:avg:internet_security |
Related
prion
prion
Design/Logic Flaw
2015-12-16 18:59:00
cve
cve
CVE-2015-8578
2015-12-16 18:59:01
cvelist
cvelist
CVE-2015-8578
2015-12-16 18:00:00
nvd
nvd
CVE-2015-8578
2015-12-16 18:59:01
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
68.8%
Related for AVG_INTERNET_SECURITY_2015_5736.NASL