Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-583.NASL
HistoryAug 04, 2016 - 12:00 a.m.

Debian DLA-583-1 : lighttpd security update

2016-08-0400:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
JSON

Dominic Scheirlinck and Scott Geary of Vend reported an insecure behaviour in the lighttpd web server. Lighttpd assigned Proxy header values from client requests to internal HTTP_PROXY environment variables. This could be used to carry out Man in the Middle Attacks (MIDM) or create connections to arbitrary hosts.

For Debian 7 ‘Wheezy’, this issue has been fixed in version 1.4.31-4+deb7u5.

We recommend that you upgrade your lighttpd packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-583-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(92705);
  script_version("2.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2016-1000212");

  script_name(english:"Debian DLA-583-1 : lighttpd security update");
  script_summary(english:"Checks dpkg output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Dominic Scheirlinck and Scott Geary of Vend reported an insecure
behaviour in the lighttpd web server. Lighttpd assigned Proxy header
values from client requests to internal HTTP_PROXY environment
variables. This could be used to carry out Man in the Middle Attacks
(MIDM) or create connections to arbitrary hosts.

For Debian 7 'Wheezy', this issue has been fixed in version
1.4.31-4+deb7u5.

We recommend that you upgrade your lighttpd packages.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.debian.org/debian-lts-announce/2016/08/msg00002.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/wheezy/lighttpd"
  );
  script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:lighttpd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:lighttpd-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:lighttpd-mod-cml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:lighttpd-mod-magnet");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:lighttpd-mod-mysql-vhost");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:lighttpd-mod-trigger-b4-dl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:lighttpd-mod-webdav");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/08/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/08/04");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"7.0", prefix:"lighttpd", reference:"1.4.31-4+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"lighttpd-doc", reference:"1.4.31-4+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"lighttpd-mod-cml", reference:"1.4.31-4+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"lighttpd-mod-magnet", reference:"1.4.31-4+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"lighttpd-mod-mysql-vhost", reference:"1.4.31-4+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"lighttpd-mod-trigger-b4-dl", reference:"1.4.31-4+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"lighttpd-mod-webdav", reference:"1.4.31-4+deb7u5")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxlighttpdp-cpe:/a:debian:debian_linux:lighttpd
debiandebian_linuxlighttpd-docp-cpe:/a:debian:debian_linux:lighttpd-doc
debiandebian_linuxlighttpd-mod-cmlp-cpe:/a:debian:debian_linux:lighttpd-mod-cml
debiandebian_linuxlighttpd-mod-magnetp-cpe:/a:debian:debian_linux:lighttpd-mod-magnet
debiandebian_linuxlighttpd-mod-mysql-vhostp-cpe:/a:debian:debian_linux:lighttpd-mod-mysql-vhost
debiandebian_linuxlighttpd-mod-trigger-b4-dlp-cpe:/a:debian:debian_linux:lighttpd-mod-trigger-b4-dl
debiandebian_linuxlighttpd-mod-webdavp-cpe:/a:debian:debian_linux:lighttpd-mod-webdav
debiandebian_linux7.0cpe:/o:debian:debian_linux:7.0

Related

ubuntucve 1
openvas 7
ibm 2
debian 3
nessus 4
amazon 1
fedora 2
debiancve 1
osv 1
mageia 1
cve 1
ubuntucve
ubuntucve
CVE-2016-1000212
2016-07-27 00:00:00
openvas
openvas
Fedora Update for lighttpd FEDORA-2016-9de7253cc7
2016-08-11 00:00:00
Fedora Update for lighttpd FEDORA-2016-07e9059072
2016-08-11 00:00:00
Debian Security Advisory DSA 3642-1 (lighttpd - security update)
2016-08-05 00:00:00
ibm
ibm
Security Bulletin: A vulnerability in lighttpd affects PowerKVM (CVE-2016-1000212)
2018-06-18 01:33:23
Security Bulletin: Vulnerabilities in cracklib, dhcp, expat, libgcrypt and lighttpd affect IBM Flex System Chassis Management Module (CMM)
2019-01-31 02:25:02
debian
debian
[SECURITY] [DSA 3642-1] lighttpd security update
2016-08-06 02:36:05
[SECURITY] [DSA 3642-1] lighttpd security update
2016-08-06 02:36:05
[SECURITY] [DLA 583-1] lighttpd security update
2016-08-03 06:05:32
nessus
nessus
Amazon Linux AMI : lighttpd (ALAS-2016-746)
2016-09-16 00:00:00
Debian DSA-3642-1 : lighttpd - security update
2016-08-15 00:00:00
Fedora 24 : lighttpd (2016-07e9059072)
2016-08-11 00:00:00
amazon
amazon
Important: lighttpd
2016-09-15 19:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: lighttpd-1.4.41-1.fc23
2016-08-10 11:00:39
[SECURITY] Fedora 24 Update: lighttpd-1.4.41-1.fc24
2016-08-10 07:26:31
debiancve
debiancve
CVE-2016-1000212
2022-02-25 11:44:09
osv
osv
lighttpd - security update
2016-08-03 00:00:00
mageia
mageia
Updated lighttpd packages fix security vulnerability
2016-11-25 20:04:30
cve
cve
CVE-2016-1000212
2022-02-25 11:44:09
JSON
Related for DEBIAN_DLA-583.NASL
ubuntucve1openvas7ibm2debian3nessus4amazon1fedora2debiancve1osv1mageia1cve1