Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-1747.NASL
HistoryApr 02, 2019 - 12:00 a.m.

Debian DLA-1747-1 : firmware-nonfree security update

2019-04-0200:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
41
JSON

Eli Biham and Lior Neumann discovered a cryptographic weakness in the Bluetooth LE SC pairing protocol, called the Fixed Coordinate Invalid Curve Attack (CVE-2018-5383). Depending on the devices used, this could be exploited by a nearby attacker to obtain sensitive information, for denial of service, or for other security impact.

This flaw has been fixed in firmware for Intel Wireless 7260 (B3), 7260 (B5), 7265 (D1), and 8264 adapters, and for Qualcomm Atheros QCA61x4 ‘ROME’ version 3.2 adapters. Other Bluetooth adapters are also affected and remain vulnerable.

For Debian 8 ‘Jessie’, this problem has been fixed in version 20161130-5~deb8u1.

We recommend that you upgrade your firmware-nonfree packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-1747-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(123567);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2018-5383");

  script_name(english:"Debian DLA-1747-1 : firmware-nonfree security update");
  script_summary(english:"Checks dpkg output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Eli Biham and Lior Neumann discovered a cryptographic weakness in the
Bluetooth LE SC pairing protocol, called the Fixed Coordinate Invalid
Curve Attack (CVE-2018-5383). Depending on the devices used, this
could be exploited by a nearby attacker to obtain sensitive
information, for denial of service, or for other security impact.

This flaw has been fixed in firmware for Intel Wireless 7260 (B3),
7260 (B5), 7265 (D1), and 8264 adapters, and for Qualcomm Atheros
QCA61x4 'ROME' version 3.2 adapters. Other Bluetooth adapters are also
affected and remain vulnerable.

For Debian 8 'Jessie', this problem has been fixed in version
20161130-5~deb8u1.

We recommend that you upgrade your firmware-nonfree packages.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.debian.org/debian-lts-announce/2019/04/msg00005.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/jessie/firmware-nonfree"
  );
  script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-adi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-amd-graphics");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-atheros");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-bnx2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-bnx2x");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-brcm80211");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-cavium");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-intel-sound");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-intelwimax");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-ipw2x00");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-ivtv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-iwlwifi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-libertas");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-linux");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-linux-nonfree");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-misc-nonfree");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-myricom");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-netxen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-qlogic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-ralink");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-realtek");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-samsung");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-siano");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-ti-connectivity");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/04/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/02");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"8.0", prefix:"firmware-adi", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-amd-graphics", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-atheros", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-bnx2", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-bnx2x", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-brcm80211", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-cavium", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-intel-sound", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-intelwimax", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-ipw2x00", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-ivtv", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-iwlwifi", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-libertas", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-linux", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-linux-nonfree", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-misc-nonfree", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-myricom", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-netxen", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-qlogic", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-ralink", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-realtek", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-samsung", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-siano", reference:"20161130-5~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"firmware-ti-connectivity", reference:"20161130-5~deb8u1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxfirmware-adip-cpe:/a:debian:debian_linux:firmware-adi
debiandebian_linuxfirmware-amd-graphicsp-cpe:/a:debian:debian_linux:firmware-amd-graphics
debiandebian_linuxfirmware-atherosp-cpe:/a:debian:debian_linux:firmware-atheros
debiandebian_linuxfirmware-bnx2p-cpe:/a:debian:debian_linux:firmware-bnx2
debiandebian_linuxfirmware-bnx2xp-cpe:/a:debian:debian_linux:firmware-bnx2x
debiandebian_linuxfirmware-brcm80211p-cpe:/a:debian:debian_linux:firmware-brcm80211
debiandebian_linuxfirmware-caviump-cpe:/a:debian:debian_linux:firmware-cavium
debiandebian_linuxfirmware-intel-soundp-cpe:/a:debian:debian_linux:firmware-intel-sound
debiandebian_linuxfirmware-intelwimaxp-cpe:/a:debian:debian_linux:firmware-intelwimax
debiandebian_linuxfirmware-ipw2x00p-cpe:/a:debian:debian_linux:firmware-ipw2x00
Rows per page:
1-10 of 251

Related

nessus 16
myhack58 1
lenovo 2
prion 1
redhat 1
cert 1
suse 1
openvas 11
debiancve 1
ubuntu 5
centos 1
pentestpartners 1
veracode 1
ubuntucve 1
debian 1
redhatcve 1
thn 1
cve 1
threatpost 2
osv 1
hp 1
cloudfoundry 3
apple 16
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : Linux firmware vulnerability (USN-4351-1)
2020-05-07 00:00:00
openSUSE Security Update : kernel-firmware (openSUSE-2019-275)
2019-03-04 00:00:00
NewStart CGSL CORE 5.05 / MAIN 5.05 : linux-firmware Vulnerability (NS-SA-2019-0251)
2019-12-31 00:00:00
myhack58
myhack58
A large number of Bluetooth devices and systems will be protected by encryption Vulnerability CVE-2018-5383 impact-vulnerability warning-the black bar safety net
2018-07-27 00:00:00
lenovo
lenovo
Bluetooth Pairing Key Validation - US
2018-09-10 21:55:00
Bluetooth Pairing Key Validation - Lenovo Support US
2018-09-11 03:55:00
prion
prion
Design/Logic Flaw
2018-08-07 21:29:00
redhat
redhat
(RHSA-2019:2169) Important: linux-firmware security, bug fix, and enhancement update
2019-08-06 08:09:24
cert
cert
Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
2018-07-23 00:00:00
suse
suse
Security update for kernel-firmware (important)
2019-03-01 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1747-1)
2019-04-02 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0427-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0466-1)
2021-04-19 00:00:00
debiancve
debiancve
CVE-2018-5383
2018-08-07 21:29:00
ubuntu
ubuntu
Linux firmware vulnerability
2020-05-06 00:00:00
Linux kernel (Xenial HWE) vulnerabilities
2019-08-13 00:00:00
Linux kernel vulnerabilities
2019-08-13 00:00:00
centos
centos
iwl100, iwl1000, iwl105, iwl135, iwl2000, iwl2030, iwl3160, iwl3945, iwl4965, iwl5000, iwl5150, iwl6000, iwl6000g2a, iwl6000g2b, iwl6050, iwl7260, iwl7265, linux security update
2019-08-30 03:35:13
pentestpartners
pentestpartners
Bluetooth vuln CVE-2018-5383 explained
2018-07-24 14:46:26
veracode
veracode
Information Disclosure
2019-08-08 00:07:23
ubuntucve
ubuntucve
CVE-2018-5383
2018-08-07 00:00:00
debian
debian
[SECURITY] [DLA 1747-1] firmware-nonfree security update
2019-04-02 02:13:04
redhatcve
redhatcve
CVE-2018-5383
2018-08-09 06:19:10
thn
thn
New Bluetooth Hack Affects Millions of Devices from Major Vendors
2018-07-24 08:13:00
cve
cve
CVE-2018-5383
2018-08-07 21:29:00
threatpost
threatpost
Bluetooth Bug Allows Man-in-the-Middle Attacks on Phones, Laptops
2018-07-24 18:03:36
Microsoft Flaw Allows Full Multi-Factor Authentication Bypass
2018-08-14 17:09:18
osv
osv
firmware-nonfree - security update
2019-04-02 00:00:00
hp
hp
HPSBHF03585 rev. 1 - Bluetooth Pairing Vulnerability
2018-06-05 00:00:00
cloudfoundry
cloudfoundry
USN-4351-1: Linux firmware vulnerability | Cloud Foundry
2020-06-22 00:00:00
USN-4095-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2019-08-29 00:00:00
USN-4094-1: Linux kernel vulnerabilities | Cloud Foundry
2019-09-30 00:00:00
apple
apple
About the security content of watchOS 4.3.1 - Apple Support
2019-10-08 03:38:09
About the security content of watchOS 4.3.1
2018-05-29 00:00:00
About the security content of tvOS 11.4
2018-05-29 00:00:00
JSON
Related for DEBIAN_DLA-1747.NASL
nessus16myhack581lenovo2prion1redhat1cert1suse1openvas11debiancve1ubuntu5centos1pentestpartners1veracode1ubuntucve1debian1redhatcve1thn1cve1threatpost2osv1hp1cloudfoundry3apple16