Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-2794.NASL
HistoryNov 21, 2013 - 12:00 a.m.

Debian DSA-2794-1 : spip - several vulnerabilities

2013-11-2100:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
JSON

Several vulnerabilities have been found in SPIP, a website engine for publishing, resulting in cross-site request forgery on logout, cross-site scripting on author page, and PHP injection.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2794. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(70981);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2013-4555", "CVE-2013-4556", "CVE-2013-4557");
  script_bugtraq_id(63636, 63637, 63638);
  script_xref(name:"DSA", value:"2794");

  script_name(english:"Debian DSA-2794-1 : spip - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities have been found in SPIP, a website engine for
publishing, resulting in cross-site request forgery on logout,
cross-site scripting on author page, and PHP injection."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729172"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/squeeze/spip"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/wheezy/spip"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2013/dsa-2794"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the spip packages.

For the oldstable distribution (squeeze), these problems have been
fixed in version 2.1.1-3squeeze7.

For the stable distribution (wheezy), these problems have been fixed
in version 2.1.17-1+deb7u2."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"d2_elliot_name", value:"SPIP ecran_securite connect Parameter RCE");
  script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'D2ExploitPack');

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:spip");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/11/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/11/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/21");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"6.0", prefix:"spip", reference:"2.1.1-3squeeze7")) flag++;
if (deb_check(release:"7.0", prefix:"spip", reference:"2.1.17-1+deb7u2")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxspipp-cpe:/a:debian:debian_linux:spip
debiandebian_linux6.0cpe:/o:debian:debian_linux:6.0
debiandebian_linux7.0cpe:/o:debian:debian_linux:7.0

Related

openvas 3
prion 3
debiancve 3
cvelist 3
ubuntucve 3
cve 3
d2 1
dsquare 1
openvas
openvas
SPIP 'connect' Parameter PHP Code Injection Vulnerability
2013-08-29 00:00:00
Debian Security Advisory DSA 2794-1 (spip - several vulnerabilities)
2013-11-10 00:00:00
Debian: Security Advisory (DSA-2794-1)
2013-11-09 00:00:00
prion
prion
Code injection
2013-11-18 02:55:00
Cross site request forgery (csrf)
2013-11-18 02:55:00
Cross site scripting
2013-11-18 02:55:00
debiancve
debiancve
CVE-2013-4557
2013-11-18 02:55:00
CVE-2013-4555
2013-11-18 02:55:00
CVE-2013-4556
2013-11-18 02:55:00
cvelist
cvelist
CVE-2013-4555
2013-11-15 18:16:00
CVE-2013-4556
2013-11-15 18:16:00
CVE-2013-4557
2013-11-15 18:16:00
ubuntucve
ubuntucve
CVE-2013-4555
2013-11-18 00:00:00
CVE-2013-4557
2013-11-18 00:00:00
CVE-2013-4556
2013-11-18 00:00:00
cve
cve
CVE-2013-4557
2013-11-18 02:55:00
CVE-2013-4556
2013-11-18 02:55:00
CVE-2013-4555
2013-11-18 02:55:00
d2
d2
DSquare Exploit Pack: D2SEC_SPIP_RCE_2
2013-11-18 02:55:00
dsquare
dsquare
SPIP ecran_securite connect Parameter RCE
2013-12-27 00:00:00
JSON
Related for DEBIAN_DSA-2794.NASL
openvas3prion3debiancve3cvelist3ubuntucve3cve3d21dsquare1