Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.CENTOS_RHSA-2021-1354.NASLHistoryApr 30, 2021 - 12:00 a.m.
CentOS 7 : xstream (CESA-2021:1354)
2021-04-3000:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23
9.9 High
AI Score
Confidence
High
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1354 advisory.
-
XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet (CVE-2021-21344)
-
XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry (CVE-2021-21345)
-
XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue (CVE-2021-21346)
-
XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator (CVE-2021-21347)
-
XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader (CVE-2021-21350)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2021:1354 and
# CentOS Errata and Security Advisory 2021:1354 respectively.
##
include('compat.inc');
if (description)
{
script_id(149208);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/02");
script_cve_id(
"CVE-2021-21344",
"CVE-2021-21345",
"CVE-2021-21346",
"CVE-2021-21347",
"CVE-2021-21350"
);
script_xref(name:"RHSA", value:"2021:1354");
script_name(english:"CentOS 7 : xstream (CESA-2021:1354)");
script_set_attribute(attribute:"synopsis", value:
"The remote CentOS Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the
CESA-2021:1354 advisory.
- XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet (CVE-2021-21344)
- XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry (CVE-2021-21345)
- XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue (CVE-2021-21346)
- XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment
NameProcessIterator (CVE-2021-21347)
- XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader (CVE-2021-21350)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://lists.centos.org/pipermail/centos-announce/2021-April/048306.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3a2425af");
script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/94.html");
script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/434.html");
script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/502.html");
script_set_attribute(attribute:"solution", value:
"Update the affected xstream and / or xstream-javadoc packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-21350");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2021-21345");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(94, 434, 502);
script_set_attribute(attribute:"vuln_publication_date", value:"2021/03/23");
script_set_attribute(attribute:"patch_publication_date", value:"2021/04/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/04/30");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xstream");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xstream-javadoc");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CentOS Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list", "Host/cpu");
exit(0);
}
include('audit.inc');
include('global_settings.inc');
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item('Host/CentOS/release');
if (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);
if (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);
pkgs = [
{'reference':'xstream-1.3.1-13.el7_9', 'sp':'9', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'xstream-javadoc-1.3.1-13.el7_9', 'sp':'9', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE}
];
flag = 0;
foreach package_array ( pkgs ) {
reference = NULL;
release = NULL;
sp = NULL;
cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (reference && release) {
if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'xstream / xstream-javadoc');
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21344
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21345
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21346
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21347
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21350
www.nessus.org/u?3a2425af
cwe.mitre.org/data/definitions/434.html
cwe.mitre.org/data/definitions/502.html
cwe.mitre.org/data/definitions/94.html
Related
nessus
nessus
RHEL 7 : xstream (RHSA-2021:1354)
2021-04-26 00:00:00
Oracle Linux 7 : xstream (ELSA-2021-1354)
2021-04-27 00:00:00
redhat
redhat
(RHSA-2021:1354) Important: xstream security update
2021-04-26 05:03:43
(RHSA-2021:2476) Moderate: Red Hat Decision Manager 7.11.0 security update
2021-06-17 13:10:59
openvas
openvas
CentOS: Security Advisory for xstream (CESA-2021:1354)
2021-05-01 00:00:00
openSUSE: Security Advisory for xstream (openSUSE-SU-2021:1840-1)
2021-07-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:1840-1)
2021-06-09 00:00:00
centos
centos
xstream security update
2021-04-29 17:56:41
oraclelinux
oraclelinux
xstream security update
2021-04-27 00:00:00
amazon
amazon
Important: xstream
2021-05-20 17:10:00
ibm
ibm
suse
suse
Security update for xstream (important)
2021-07-11 00:00:00
Security update for xstream (important)
2021-06-04 00:00:00
osv
osv
libxstream-java - security update
2021-04-03 00:00:00
libxstream-java vulnerabilities
2021-05-11 09:41:13
CVE-2021-21345
2021-03-23 00:15:12
debian
debian
[SECURITY] [DLA 2616-1] libxstream-java security update
2021-04-03 19:56:11
[SECURITY] [DSA 5004-1] libxstream-java security update
2021-11-10 20:29:25
[SECURITY] [DSA 5004-1] libxstream-java security update
2021-11-10 20:29:25
mageia
mageia
Updated xstream packages fix security vulnerabilities
2021-07-25 17:45:06
ubuntu
ubuntu
XStream vulnerabilities
2021-05-11 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2021-03-15 07:41:51
Remote Code Execution
2021-03-23 06:40:02
Remote Code Execution
2021-03-23 07:01:01
ubuntucve
ubuntucve
debiancve
debiancve
nuclei
nuclei
XStream <1.4.16 - Remote Code Execution
2023-03-12 03:38:05
prion
prion
Design/Logic Flaw
2021-03-23 00:15:00
Design/Logic Flaw
2021-03-23 00:15:00
Default configuration
2021-03-23 00:15:00
cve
cve
redhatcve
redhatcve
github
github
XStream is vulnerable to a Remote Command Execution attack
2021-03-22 23:28:38
XStream is vulnerable to an Arbitrary Code Execution attack
2021-03-22 23:28:49
XStream is vulnerable to an Arbitrary Code Execution attack
2021-03-22 23:29:00
fedora
fedora
[SECURITY] Fedora 33 Update: xstream-1.4.18-2.fc33
2021-10-12 23:47:14
[SECURITY] Fedora 34 Update: xstream-1.4.18-2.fc34
2021-10-12 23:45:05
[SECURITY] Fedora 35 Update: xstream-1.4.18-2.fc35
2021-10-29 23:18:39
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00