Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-3385.NASL
HistoryApr 10, 2023 - 12:00 a.m.

Debian DLA-3385-1 : trafficserver - LTS security update

2023-04-1000:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
4
debian 10
packages
vulnerabilities
apache traffic server
input validation
http/2 header parsing
unusual conditions vulnerability
cve-2022-31778
cve-2022-31779
cve-2022-32749
cve-2022-37392
nessus scanner

0.003 Low

EPSS

Percentile

68.0%

JSON

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3385 advisory.

  • Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2.
    (CVE-2022-31778)

  • Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. (CVE-2022-31779)

  • Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an attacker to crash the server under certain conditions. This issue affects Apache Traffic Server: from 8.0.0 through 9.1.3. (CVE-2022-32749)

  • Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to Apache Traffic Server. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. (CVE-2022-37392)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dla-3385. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('compat.inc');

if (description)
{
  script_id(174043);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/10");

  script_cve_id(
    "CVE-2022-31778",
    "CVE-2022-31779",
    "CVE-2022-32749",
    "CVE-2022-37392"
  );

  script_name(english:"Debian DLA-3385-1 : trafficserver - LTS security update");

  script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing one or more security-related updates.");
  script_set_attribute(attribute:"description", value:
"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the
dla-3385 advisory.

  - Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server
    allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2.
    (CVE-2022-31778)

  - Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an
    attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. (CVE-2022-31779)

  - Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic
    Server allows an attacker to crash the server under certain conditions. This issue affects Apache Traffic
    Server: from 8.0.0 through 9.1.3. (CVE-2022-32749)

  - Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to Apache
    Traffic Server. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. (CVE-2022-37392)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://security-tracker.debian.org/tracker/source-package/trafficserver
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?20613153");
  script_set_attribute(attribute:"see_also", value:"https://www.debian.org/lts/security/2023/dla-3385");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-31778");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-31779");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-32749");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-37392");
  script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/buster/trafficserver");
  script_set_attribute(attribute:"solution", value:
"Upgrade the trafficserver packages.

For Debian 10 buster, these problems have been fixed in version 8.1.6+ds-1~deb10u1.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-31779");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/08/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/04/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/04/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:trafficserver");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:trafficserver-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:trafficserver-experimental-plugins");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Debian Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);

var debian_release = get_kb_item('Host/Debian/release');
if ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');
debian_release = chomp(debian_release);
if (! preg(pattern:"^(10)\.[0-9]+", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);

var pkgs = [
    {'release': '10.0', 'prefix': 'trafficserver', 'reference': '8.1.6+ds-1~deb10u1'},
    {'release': '10.0', 'prefix': 'trafficserver-dev', 'reference': '8.1.6+ds-1~deb10u1'},
    {'release': '10.0', 'prefix': 'trafficserver-experimental-plugins', 'reference': '8.1.6+ds-1~deb10u1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var _release = NULL;
  var prefix = NULL;
  var reference = NULL;
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (_release && prefix && reference) {
    if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : deb_report_get()
  );
  exit(0);
}
else
{
  var tested = deb_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'trafficserver / trafficserver-dev / trafficserver-experimental-plugins');
}
VendorProductVersionCPE
debiandebian_linuxtrafficserverp-cpe:/a:debian:debian_linux:trafficserver
debiandebian_linuxtrafficserver-devp-cpe:/a:debian:debian_linux:trafficserver-dev
debiandebian_linuxtrafficserver-experimental-pluginsp-cpe:/a:debian:debian_linux:trafficserver-experimental-plugins
debiandebian_linux10.0cpe:/o:debian:debian_linux:10.0

Related

openvas 10
debian 3
osv 7
nessus 3
fedora 4
cnvd 3
ubuntucve 4
prion 4
veracode 4
cvelist 4
debiancve 4
nvd 4
cve 4
openvas
openvas
Debian: Security Advisory (DLA-3385-1)
2023-04-11 00:00:00
Apache Traffic Server (ATS) 8.x < 8.1.5, 9.x < 9.1.3 Multiple Vulnerabilities
2022-12-20 00:00:00
Debian: Security Advisory (DSA-5311-1)
2023-01-09 00:00:00
debian
debian
[SECURITY] [DLA 3385-1] trafficserver security update
2023-04-05 22:00:47
[SECURITY] [DSA 5311-1] trafficserver security update
2023-01-08 18:57:53
[SECURITY] [DSA 5206-1] trafficserver security update
2022-08-12 15:05:18
osv
osv
trafficserver - security update
2023-04-05 00:00:00
trafficserver - security update
2023-01-08 00:00:00
CVE-2022-37392
2022-12-19 11:15:10
nessus
nessus
Debian DSA-5311-1 : trafficserver - security update
2023-01-09 00:00:00
Fedora 36 : trafficserver (2022-489ea47e69)
2022-12-29 00:00:00
Debian DSA-5206-1 : trafficserver - security update
2022-08-13 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: trafficserver-9.1.4-1.fc37
2022-12-29 01:10:11
[SECURITY] Fedora 36 Update: trafficserver-9.1.4-1.fc36
2022-12-29 01:16:05
[SECURITY] Fedora 35 Update: trafficserver-9.1.3-1.fc35
2022-08-20 01:30:52
cnvd
cnvd
Apache Traffic Server Input Validation Error Vulnerability (CNVD-2023-03925)
2022-08-15 00:00:00
Apache Traffic Server Exception Handling Error Vulnerability
2022-12-21 00:00:00
Apache Traffic Server Input Validation Error Vulnerability (CNVD-2023-03923)
2022-08-15 00:00:00
ubuntucve
ubuntucve
CVE-2022-31778
2022-08-10 00:00:00
CVE-2022-37392
2022-12-19 00:00:00
CVE-2022-32749
2022-12-19 00:00:00
prion
prion
Input validation
2022-08-10 06:15:00
Input validation
2022-12-19 11:15:00
Input validation
2022-08-10 06:15:00
veracode
veracode
Cross-site Scripting (XSS)
2022-08-21 02:46:35
Information Disclosure
2023-01-03 18:41:05
Improper Input Validation
2022-08-21 02:46:43
cvelist
cvelist
CVE-2022-31778 Transfer-Encoding not treated as hop-by-hop
2022-08-10 00:00:00
CVE-2022-37392 Apache Traffic Server: Improperly reading the client requests
2022-12-19 10:59:05
CVE-2022-31779 Improper HTTP/2 scheme and method validation
2022-08-10 05:50:40
debiancve
debiancve
CVE-2022-31778
2022-08-10 06:15:08
CVE-2022-31779
2022-08-10 06:15:08
CVE-2022-37392
2022-12-19 11:15:10
nvd
nvd
CVE-2022-37392
2022-12-19 11:15:10
CVE-2022-31778
2022-08-10 06:15:08
CVE-2022-32749
2022-12-19 11:15:10
cve
cve
CVE-2022-37392
2022-12-19 11:15:10
CVE-2022-31778
2022-08-10 06:15:08
CVE-2022-31779
2022-08-10 06:15:08

0.003 Low

EPSS

Percentile

68.0%

JSON
Related for DEBIAN_DLA-3385.NASL
openvas10debian3osv7nessus3fedora4cnvd3ubuntucve4prion4veracode4cvelist4debiancve4nvd4cve4