Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-3204.NASL
HistoryNov 24, 2022 - 12:00 a.m.

Debian DLA-3204-1 : vim - LTS security update

2022-11-2400:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
44
debian 10
vulnerabilities
vim
buffer overflow
null pointer dereference
out-of-bounds write
use after free
memory modification
remote execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.01 Low

EPSS

Percentile

84.0%

JSON

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3204 advisory.

  • Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)

  • Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)

  • Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0629)

  • NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. (CVE-2022-0696)

  • Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.
    This vulnerabilities are capable of crashing software, modify memory, and possible remote execution (CVE-2022-1619)

  • Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1621)

  • Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)

  • Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000, CVE-2022-2129)

  • Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-1942)

  • Use After Free in GitHub repository vim/vim prior to 9.0.0490. (CVE-2022-3235)

  • Use After Free in GitHub repository vim/vim prior to 9.0.0530. (CVE-2022-3256)

  • Use After Free in GitHub repository vim/vim prior to 9.0.0614. (CVE-2022-3352)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dla-3204. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('compat.inc');

if (description)
{
  script_id(168183);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/09/20");

  script_cve_id(
    "CVE-2022-0318",
    "CVE-2022-0392",
    "CVE-2022-0629",
    "CVE-2022-0696",
    "CVE-2022-1619",
    "CVE-2022-1621",
    "CVE-2022-1785",
    "CVE-2022-1897",
    "CVE-2022-1942",
    "CVE-2022-2000",
    "CVE-2022-2129",
    "CVE-2022-3235",
    "CVE-2022-3256",
    "CVE-2022-3352"
  );

  script_name(english:"Debian DLA-3204-1 : vim - LTS security update");

  script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing one or more security-related updates.");
  script_set_attribute(attribute:"description", value:
"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the
dla-3204 advisory.

  - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)

  - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)

  - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0629)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. (CVE-2022-0696)

  - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.
    This vulnerabilities are capable of crashing software, modify memory, and possible remote execution
    (CVE-2022-1619)

  - Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This
    vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible
    remote execution (CVE-2022-1621)

  - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)

  - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000,
    CVE-2022-2129)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-1942)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0490. (CVE-2022-3235)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0530. (CVE-2022-3256)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0614. (CVE-2022-3352)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/vim");
  script_set_attribute(attribute:"see_also", value:"https://www.debian.org/lts/security/2022/dla-3204");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-0318");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-0392");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-0629");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-0696");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-1619");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-1621");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-1785");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-1897");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-1942");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-2000");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-2129");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-3235");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-3256");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-3352");
  script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/buster/vim");
  script_set_attribute(attribute:"solution", value:
"Upgrade the vim packages.

For Debian 10 buster, these problems have been fixed in version 2");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-0318");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/01/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/11/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/11/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:vim");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:vim-athena");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:vim-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:vim-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:vim-gtk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:vim-gtk3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:vim-gui-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:vim-nox");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:vim-runtime");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:vim-tiny");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:xxd");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Debian Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);

var debian_release = get_kb_item('Host/Debian/release');
if ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');
debian_release = chomp(debian_release);
if (! preg(pattern:"^(10)\.[0-9]+", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);

var pkgs = [
    {'release': '10.0', 'prefix': 'vim', 'reference': '2:8.1.0875-5+deb10u4'},
    {'release': '10.0', 'prefix': 'vim-athena', 'reference': '2:8.1.0875-5+deb10u4'},
    {'release': '10.0', 'prefix': 'vim-common', 'reference': '2:8.1.0875-5+deb10u4'},
    {'release': '10.0', 'prefix': 'vim-doc', 'reference': '2:8.1.0875-5+deb10u4'},
    {'release': '10.0', 'prefix': 'vim-gtk', 'reference': '2:8.1.0875-5+deb10u4'},
    {'release': '10.0', 'prefix': 'vim-gtk3', 'reference': '2:8.1.0875-5+deb10u4'},
    {'release': '10.0', 'prefix': 'vim-gui-common', 'reference': '2:8.1.0875-5+deb10u4'},
    {'release': '10.0', 'prefix': 'vim-nox', 'reference': '2:8.1.0875-5+deb10u4'},
    {'release': '10.0', 'prefix': 'vim-runtime', 'reference': '2:8.1.0875-5+deb10u4'},
    {'release': '10.0', 'prefix': 'vim-tiny', 'reference': '2:8.1.0875-5+deb10u4'},
    {'release': '10.0', 'prefix': 'xxd', 'reference': '2:8.1.0875-5+deb10u4'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var _release = NULL;
  var prefix = NULL;
  var reference = NULL;
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (_release && prefix && reference) {
    if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : deb_report_get()
  );
  exit(0);
}
else
{
  var tested = deb_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim / vim-athena / vim-common / vim-doc / vim-gtk / vim-gtk3 / etc');
}
VendorProductVersionCPE
debiandebian_linuxvim-gui-commonp-cpe:/a:debian:debian_linux:vim-gui-common
debiandebian_linuxvim-noxp-cpe:/a:debian:debian_linux:vim-nox
debiandebian_linuxvim-runtimep-cpe:/a:debian:debian_linux:vim-runtime
debiandebian_linuxvim-tinyp-cpe:/a:debian:debian_linux:vim-tiny
debiandebian_linuxxxdp-cpe:/a:debian:debian_linux:xxd
debiandebian_linux10.0cpe:/o:debian:debian_linux:10.0
debiandebian_linuxvimp-cpe:/a:debian:debian_linux:vim
debiandebian_linuxvim-athenap-cpe:/a:debian:debian_linux:vim-athena
debiandebian_linuxvim-commonp-cpe:/a:debian:debian_linux:vim-common
debiandebian_linuxvim-docp-cpe:/a:debian:debian_linux:vim-doc
Rows per page:
1-10 of 121

References

Related

osv 14
debian 1
openvas 20
nessus 31
rocky 2
redhat 2
almalinux 2
rosalinux 1
oraclelinux 2
ubuntu 2
ibm 4
fedora 4
huntr 9
ubuntucve 10
nvd 9
veracode 6
cvelist 9
cbl_mariner 16
alpinelinux 9
redhatcve 11
redos 1
cve 8
prion 9
debiancve 10
cloudlinux 2
cnvd 3
f5 1
amazon 1
osv
osv
vim - security update
2022-11-24 00:00:00
Moderate: vim security update
2022-08-09 00:00:00
Moderate: vim security update
2022-08-02 06:59:03
debian
debian
[SECURITY] [DLA 3204-1] vim security update
2022-11-24 09:17:54
openvas
openvas
Debian: Security Advisory (DLA-3204-1)
2022-11-25 00:00:00
Ubuntu: Security Advisory (USN-5507-1)
2022-08-26 00:00:00
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2023-1025)
2023-01-09 00:00:00
nessus
nessus
Ubuntu 16.04 ESM : Vim vulnerabilities (USN-5507-1)
2022-07-08 00:00:00
RHEL 8 : vim (RHSA-2022:5813)
2022-08-03 00:00:00
Rocky Linux 8 : vim (RLSA-2022:5813)
2022-08-16 00:00:00
rocky
rocky
vim security update
2022-08-09 09:32:59
vim security update
2022-08-02 06:59:03
redhat
redhat
(RHSA-2022:5942) Moderate: vim security update
2022-08-09 09:32:59
(RHSA-2022:5813) Moderate: vim security update
2022-08-02 06:59:03
almalinux
almalinux
Moderate: vim security update
2022-08-09 00:00:00
Moderate: vim security update
2022-08-03 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2215
2023-08-15 09:26:16
oraclelinux
oraclelinux
vim security update
2022-08-05 00:00:00
vim security update
2022-08-10 00:00:00
ubuntu
ubuntu
Vim vulnerabilities
2022-07-08 00:00:00
Vim vulnerability
2022-07-26 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in Vim (CVE-2022-1785, CVE-2022-1897, CVE-2022-1927)
2023-01-12 21:59:00
Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak prior to 21.0.4
2022-09-07 18:04:25
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in Vim (CVE-2022-1621)
2023-01-12 21:59:00
fedora
fedora
[SECURITY] Fedora 36 Update: vim-9.0.720-1.fc36
2022-10-14 13:03:30
[SECURITY] Fedora 35 Update: vim-9.0.720-1.fc35
2022-10-17 11:34:07
[SECURITY] Fedora 34 Update: vim-8.2.4927-1.fc34
2022-05-18 01:25:20
huntr
huntr
Out-of-bounds write in function vim_regsub_both
2022-06-16 05:35:22
Heap-based Buffer Overflow in vim/vim
2022-01-18 07:23:55
Heap-based Buffer Overflow in function cmdline_erase_chars
2022-04-28 03:47:02
ubuntucve
ubuntucve
CVE-2022-2129
2022-06-19 00:00:00
CVE-2022-1942
2022-05-31 00:00:00
CVE-2022-1619
2022-05-08 00:00:00
nvd
nvd
CVE-2022-2129
2022-06-19 19:15:08
CVE-2022-3352
2022-09-29 12:15:09
CVE-2022-3256
2022-09-22 13:15:09
veracode
veracode
Out-of-Bounds Write
2022-07-04 01:23:02
Denial Of Service (DoS)
2022-03-12 02:21:49
Out-of-bounds Write
2022-08-09 13:37:17
cvelist
cvelist
CVE-2022-2129 Out-of-bounds Write in vim/vim
2022-06-19 00:00:00
CVE-2022-1942 Heap-based Buffer Overflow in vim/vim
2022-05-31 00:00:00
CVE-2022-3256 Use After Free in vim/vim
2022-09-22 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-0392 affecting package vim 8.2.4151-1
2022-02-25 01:45:45
CVE-2022-2129 affecting package vim 8.2.5064-1
2022-07-14 20:59:57
CVE-2022-2129 affecting package vim for versions less than 8.2.5172-1
2022-07-22 17:02:55
alpinelinux
alpinelinux
CVE-2022-2129
2022-06-19 19:15:08
CVE-2022-1942
2022-05-31 14:15:07
CVE-2022-0392
2022-01-28 22:15:15
redhatcve
redhatcve
CVE-2022-3352
2022-09-29 20:18:57
CVE-2022-2129
2022-06-21 10:03:59
CVE-2022-1942
2022-06-07 02:27:38
redos
redos
ROS-20221007-03
2022-10-07 00:00:00
cve
cve
CVE-2022-2129
2022-06-19 19:15:08
CVE-2022-1942
2022-05-31 14:15:07
CVE-2022-3256
2022-09-22 13:15:09
prion
prion
Design/Logic Flaw
2022-06-19 19:15:00
Heap overflow
2022-05-31 14:15:00
Design/Logic Flaw
2022-09-18 20:15:00
debiancve
debiancve
CVE-2022-2129
2022-06-19 19:15:08
CVE-2022-1942
2022-05-31 14:15:07
CVE-2022-3256
2022-09-22 13:15:09
cloudlinux
cloudlinux
Fixed CVE-2022-3256 in vim
2022-09-29 18:33:03
Fixed CVEs in vim: CVE-2022-1620, CVE-2022-1616, CVE-2022-1629, CVE-2022-1621, CVE-2022-1619
2022-05-20 00:32:32
cnvd
cnvd
vim buffer overflow vulnerability (CNVD-2022-18519)
2022-03-11 00:00:00
vim buffer overflow vulnerability (CNVD-2022-13367)
2022-02-18 00:00:00
Vim Resource Management Error Vulnerability (CNVD-2022-68078)
2022-09-20 00:00:00
f5
f5
K29855410 : Vim vulnerabilities CVE-2022-0261, CVE-2022-0318, CVE-2022-0361, CVE-2022-0392, and CVE-2022-0413
2022-04-04 00:00:00
amazon
amazon
Medium: vim
2022-04-04 23:23:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.01 Low

EPSS

Percentile

84.0%

JSON
Related for DEBIAN_DLA-3204.NASL
osv14debian1openvas20nessus31rocky2redhat2almalinux2rosalinux1oraclelinux2ubuntu2ibm4fedora4huntr9ubuntucve10nvd9veracode6cvelist9cbl_mariner16alpinelinux9redhatcve11redos1cve8prion9debiancve10cloudlinux2cnvd3f51amazon1