Lucene search

K
nessusThis script is Copyright (C) 2016-2021 Tenable Network Security, Inc.DEBIAN_DLA-629.NASL
HistorySep 19, 2016 - 12:00 a.m.

Debian DLA-629-1 : jackrabbit security update

2016-09-1900:00:00
This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.
www.tenable.com
10

Lukas Reschke discovered that Apache Jackrabbit, a content repository implementation for Java, was vulnerable to Cross-Site-Request-Forgery in Jackrabbit’s webdav module.

The CSRF content-type check for POST requests did not handle missing Content-Type header fields, nor variations in field values with respect to upper/lower case or optional parameters. This could be exploited to create a resource via CSRF.

For Debian 7 ‘Wheezy’, these problems have been fixed in version 2.3.6-1+deb7u2.

We recommend that you upgrade your jackrabbit packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-629-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(93569);
  script_version("2.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2016-6801");

  script_name(english:"Debian DLA-629-1 : jackrabbit security update");
  script_summary(english:"Checks dpkg output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Lukas Reschke discovered that Apache Jackrabbit, a content repository
implementation for Java, was vulnerable to Cross-Site-Request-Forgery
in Jackrabbit's webdav module.

The CSRF content-type check for POST requests did not handle missing
Content-Type header fields, nor variations in field values with
respect to upper/lower case or optional parameters. This could be
exploited to create a resource via CSRF.

For Debian 7 'Wheezy', these problems have been fixed in version
2.3.6-1+deb7u2.

We recommend that you upgrade your jackrabbit packages.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.debian.org/debian-lts-announce/2016/09/msg00022.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/wheezy/jackrabbit"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Upgrade the affected libjackrabbit-java package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libjackrabbit-java");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/09/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/09/19");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"7.0", prefix:"libjackrabbit-java", reference:"2.3.6-1+deb7u2")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Related for DEBIAN_DLA-629.NASL