Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-4237.NASL
HistoryJul 02, 2018 - 12:00 a.m.

Debian DSA-4237-1 : chromium-browser - security update

2018-07-0200:00:00
This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
JSON

Several vulnerabilities have been discovered in the chromium web browser.

  • CVE-2018-6118 Ned Williamson discovered a use-after-free issue.

  • CVE-2018-6120 Zhou Aiting discovered a buffer overflow issue in the pdfium library.

  • CVE-2018-6121 It was discovered that malicious extensions could escalate privileges.

  • CVE-2018-6122 A type confusion issue was discovered in the v8 JavaScript library.

  • CVE-2018-6123 Looben Yang discovered a use-after-free issue.

  • CVE-2018-6124 Guang Gong discovered a type confusion issue.

  • CVE-2018-6125 Yubico discovered that the WebUSB implementation was too permissive.

  • CVE-2018-6126 Ivan Fratric discovered a buffer overflow issue in the skia library.

  • CVE-2018-6127 Looben Yang discovered a use-after-free issue.

  • CVE-2018-6129 Natalie Silvanovich discovered an out-of-bounds read issue in WebRTC.

  • CVE-2018-6130 Natalie Silvanovich discovered an out-of-bounds read issue in WebRTC.

  • CVE-2018-6131 Natalie Silvanovich discovered an error in WebAssembly.

  • CVE-2018-6132 Ronald E. Crane discovered an uninitialized memory issue.

  • CVE-2018-6133 Khalil Zhani discovered a URL spoofing issue.

  • CVE-2018-6134 Jun Kokatsu discovered a way to bypass the Referrer Policy.

  • CVE-2018-6135 Jasper Rebane discovered a user interface spoofing issue.

  • CVE-2018-6136 Peter Wong discovered an out-of-bounds read issue in the v8 JavaScript library.

  • CVE-2018-6137 Michael Smith discovered an information leak.

  • CVE-2018-6138 Francois Lajeunesse-Robert discovered that the extensions policy was too permissive.

  • CVE-2018-6139 Rob Wu discovered a way to bypass restrictions in the debugger extension.

  • CVE-2018-6140 Rob Wu discovered a way to bypass restrictions in the debugger extension.

  • CVE-2018-6141 Yangkang discovered a buffer overflow issue in the skia library.

  • CVE-2018-6142 Choongwoo Han discovered an out-of-bounds read in the v8 JavaScript library.

  • CVE-2018-6143 Guang Gong discovered an out-of-bounds read in the v8 JavaScript library.

  • CVE-2018-6144 pdknsk discovered an out-of-bounds read in the pdfium library.

  • CVE-2018-6145 Masato Kinugawa discovered an error in the MathML implementation.

  • CVE-2018-6147 Michail Pishchagin discovered an error in password entry fields.

  • CVE-2018-6148 Michal Bentkowski discovered that the Content Security Policy header was handled incorrectly.

  • CVE-2018-6149 Yu Zhou and Jundong Xie discovered an out-of-bounds write issue in the v8 JavaScript library.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-4237. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include("compat.inc");

if (description)
{
  script_id(110820);
  script_version("1.8");
  script_cvs_date("Date: 2019/07/15 14:20:30");

  script_cve_id("CVE-2018-6118", "CVE-2018-6120", "CVE-2018-6121", "CVE-2018-6122", "CVE-2018-6123", "CVE-2018-6124", "CVE-2018-6125", "CVE-2018-6126", "CVE-2018-6127", "CVE-2018-6129", "CVE-2018-6130", "CVE-2018-6131", "CVE-2018-6132", "CVE-2018-6133", "CVE-2018-6134", "CVE-2018-6135", "CVE-2018-6136", "CVE-2018-6137", "CVE-2018-6138", "CVE-2018-6139", "CVE-2018-6140", "CVE-2018-6141", "CVE-2018-6142", "CVE-2018-6143", "CVE-2018-6144", "CVE-2018-6145", "CVE-2018-6147", "CVE-2018-6148", "CVE-2018-6149");
  script_xref(name:"DSA", value:"4237");

  script_name(english:"Debian DSA-4237-1 : chromium-browser - security update");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities have been discovered in the chromium web
browser.

  - CVE-2018-6118
    Ned Williamson discovered a use-after-free issue.

  - CVE-2018-6120
    Zhou Aiting discovered a buffer overflow issue in the
    pdfium library.

  - CVE-2018-6121
    It was discovered that malicious extensions could
    escalate privileges.

  - CVE-2018-6122
    A type confusion issue was discovered in the v8
    JavaScript library.

  - CVE-2018-6123
    Looben Yang discovered a use-after-free issue.

  - CVE-2018-6124
    Guang Gong discovered a type confusion issue.

  - CVE-2018-6125
    Yubico discovered that the WebUSB implementation was too
    permissive.

  - CVE-2018-6126
    Ivan Fratric discovered a buffer overflow issue in the
    skia library.

  - CVE-2018-6127
    Looben Yang discovered a use-after-free issue.

  - CVE-2018-6129
    Natalie Silvanovich discovered an out-of-bounds read
    issue in WebRTC.

  - CVE-2018-6130
    Natalie Silvanovich discovered an out-of-bounds read
    issue in WebRTC.

  - CVE-2018-6131
    Natalie Silvanovich discovered an error in WebAssembly.

  - CVE-2018-6132
    Ronald E. Crane discovered an uninitialized memory
    issue.

  - CVE-2018-6133
    Khalil Zhani discovered a URL spoofing issue.

  - CVE-2018-6134
    Jun Kokatsu discovered a way to bypass the Referrer
    Policy.

  - CVE-2018-6135
    Jasper Rebane discovered a user interface spoofing
    issue.

  - CVE-2018-6136
    Peter Wong discovered an out-of-bounds read issue in the
    v8 JavaScript library.

  - CVE-2018-6137
    Michael Smith discovered an information leak.

  - CVE-2018-6138
    Francois Lajeunesse-Robert discovered that the
    extensions policy was too permissive.

  - CVE-2018-6139
    Rob Wu discovered a way to bypass restrictions in the
    debugger extension.

  - CVE-2018-6140
    Rob Wu discovered a way to bypass restrictions in the
    debugger extension.

  - CVE-2018-6141
    Yangkang discovered a buffer overflow issue in the skia
    library.

  - CVE-2018-6142
    Choongwoo Han discovered an out-of-bounds read in the v8
    JavaScript library.

  - CVE-2018-6143
    Guang Gong discovered an out-of-bounds read in the v8
    JavaScript library.

  - CVE-2018-6144
    pdknsk discovered an out-of-bounds read in the pdfium
    library.

  - CVE-2018-6145
    Masato Kinugawa discovered an error in the MathML
    implementation.

  - CVE-2018-6147
    Michail Pishchagin discovered an error in password entry
    fields.

  - CVE-2018-6148
    Michal Bentkowski discovered that the Content Security
    Policy header was handled incorrectly.

  - CVE-2018-6149
    Yu Zhou and Jundong Xie discovered an out-of-bounds
    write issue in the v8 JavaScript library."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6118"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6120"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6121"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6122"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6123"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6124"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6125"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6126"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6127"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6129"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6130"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6131"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6132"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6133"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6134"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6135"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6136"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6137"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6138"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6139"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6140"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6141"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6142"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6143"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6144"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6145"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6147"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6148"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2018-6149"
  );
  # https://security-tracker.debian.org/tracker/source-package/chromium-browser
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?e33901a2"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/stretch/chromium-browser"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2018/dsa-4237"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the chromium-browser packages.

For the stable distribution (stretch), these problems have been fixed
in version 67.0.3396.87-1~deb9u1."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:chromium-browser");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/06/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/07/02");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"9.0", prefix:"chromedriver", reference:"67.0.3396.87-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"chromium", reference:"67.0.3396.87-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"chromium-driver", reference:"67.0.3396.87-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"chromium-l10n", reference:"67.0.3396.87-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"chromium-shell", reference:"67.0.3396.87-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"chromium-widevine", reference:"67.0.3396.87-1~deb9u1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxchromium-browserp-cpe:/a:debian:debian_linux:chromium-browser
debiandebian_linux9.0cpe:/o:debian:debian_linux:9.0

References

Related

osv 1
debian 2
openvas 24
nessus 27
redhat 5
fedora 2
suse 6
kaspersky 5
chrome 4
freebsd 3
threatpost 1
gentoo 3
mageia 2
debiancve 22
prion 23
redhatcve 20
cve 22
yubico 1
ubuntucve 21
archlinux 3
zdt 1
alpinelinux 1
osv
osv
chromium-browser - security update
2018-06-30 00:00:00
debian
debian
[SECURITY] [DSA 4237-1] chromium-browser security update
2018-07-01 01:00:22
[SECURITY] [DSA 4237-1] chromium-browser security update
2018-07-01 01:00:22
openvas
openvas
Debian: Security Advisory (DSA-4237-1)
2018-06-29 00:00:00
Fedora Update for chromium FEDORA-2018-7c80aaef26
2018-06-15 00:00:00
Fedora Update for chromium FEDORA-2018-09b59b0227
2018-06-21 00:00:00
nessus
nessus
openSUSE Security Update : Chromium (openSUSE-2018-759)
2018-07-26 00:00:00
RHEL 6 : chromium-browser (RHSA-2018:1815)
2018-06-08 00:00:00
Fedora 27 : chromium (2018-09b59b0227)
2018-06-21 00:00:00
redhat
redhat
(RHSA-2018:1815) Important: chromium-browser security update
2018-06-07 20:24:56
(RHSA-2018:1446) Important: chromium-browser security update
2018-05-14 18:39:26
(RHSA-2018:1825) Important: chromium-browser security update
2018-06-11 11:58:02
fedora
fedora
[SECURITY] Fedora 28 Update: chromium-67.0.3396.79-1.fc28
2018-06-14 19:18:25
[SECURITY] Fedora 27 Update: chromium-67.0.3396.79-1.fc27
2018-06-20 13:55:31
suse
suse
Security update for Chromium (important)
2018-07-25 15:08:23
Security update for Chromium (important)
2018-07-25 15:09:58
Security update for chromium (important)
2018-06-01 03:06:56
kaspersky
kaspersky
KLA11257 Multiple vulnerabilities in Google Chrome
2018-05-29 00:00:00
KLA11732 Multiple vulnerabilities in Opera
2018-06-14 00:00:00
KLA11260 SB vulnerability in Google Chrome
2018-06-06 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2018-05-29 00:00:00
Stable Channel Update for Desktop
2018-05-10 00:00:00
Stable Channel Update for Desktop
2018-06-06 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2018-05-29 00:00:00
chromium -- multiple vulnerabilities
2018-04-14 00:00:00
chromium -- Incorrect handling of CSP header
2018-06-06 00:00:00
threatpost
threatpost
Google Patches 34 Browser Bugs in Chrome 67, Adds Spectre Fixes
2018-05-30 15:32:20
gentoo
gentoo
Chromium, Google Chrome: Multiple vulnerabilities
2018-05-20 00:00:00
Chromium, Google Chrome: User-assisted execution of arbitrary code
2018-06-20 00:00:00
Chromium, Google Chrome: Multiple vulnerabilities
2018-05-02 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2018-07-12 00:07:50
Updated chromium-browser-stable packages fix security vulnerabilities
2018-06-04 18:11:47
debiancve
debiancve
CVE-2018-6141
2019-01-09 19:29:00
CVE-2018-6147
2019-01-09 19:29:00
CVE-2018-6138
2019-06-27 17:15:00
prion
prion
Information disclosure
2019-01-09 19:29:00
Design/Logic Flaw
2019-01-09 19:29:00
Type confusion
2019-01-09 19:29:00
redhatcve
redhatcve
CVE-2018-6122
2018-05-11 12:20:32
CVE-2018-6147
2018-05-30 09:05:33
CVE-2018-6125
2018-05-30 09:00:25
cve
cve
CVE-2018-6147
2019-01-09 19:29:00
CVE-2018-6138
2019-06-27 17:15:00
CVE-2018-6148
2019-06-27 17:15:00
yubico
yubico
Security advisory YSA-2018-02 - Yubico
2018-02-08 00:00:00
ubuntucve
ubuntucve
CVE-2018-6148
2019-06-27 00:00:00
CVE-2018-6125
2021-11-02 00:00:00
CVE-2018-6140
2019-01-09 00:00:00
archlinux
archlinux
[ASA-201806-4] chromium: access restriction bypass
2018-06-07 00:00:00
[ASA-201806-9] chromium: arbitrary code execution
2018-06-13 00:00:00
[ASA-201806-5] firefox: arbitrary code execution
2018-06-08 00:00:00
zdt
zdt
Skia - Heap Overflow in SkScan::FillPath due to Precision Error Vulnerability
2018-07-27 00:00:00
alpinelinux
alpinelinux
CVE-2018-6126
2019-01-09 19:29:00
JSON
Related for DEBIAN_DSA-4237.NASL
osv1debian2openvas24nessus27redhat5fedora2suse6kaspersky5chrome4freebsd3threatpost1gentoo3mageia2debiancve22prion23redhatcve20cve22yubico1ubuntucve21archlinux3zdt1alpinelinux1