EulerOS 2.0 SP2 : libvorbis (EulerOS-SA-2018-1105)

🗓️ 02 May 2018 00:00:00Reported by TenableType

EulerOS 2.0 SP2 libvorbis vulnerabilit

Reporter	Title	Published	Views	Family All 230
IBM Security Bulletins	Security Bulletin: Open Source Libvorbis, Patch and Python-paramiko vulnerabilities affect IBM Netezza Host Management	18 Oct 201903:36	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private	20 Jul 201818:56	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in libvorbis affects PowerKVM	7 Jul 201800:01	–	ibm
Tenable Nessus	Mozilla Firefox < 59 Multiple Vulnerabilities	21 Aug 201800:00	–	nessus
Tenable Nessus	Mozilla Firefox < 59.0.1 Multiple RCE	21 Aug 201800:00	–	nessus
Tenable Nessus	Mozilla Firefox ESR < 52.7 Multiple Vulnerabilities	21 Aug 201800:00	–	nessus
Tenable Nessus	Mozilla Firefox ESR < 52.7.2 RCE	21 Aug 201800:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libvorbis (ALAS-2018-981)	18 Apr 201800:00	–	nessus
Tenable Nessus	Amazon Linux AMI : libvorbis (ALAS-2018-981)	6 Apr 201800:00	–	nessus
Tenable Nessus	CentOS 6 / 7 : firefox (CESA-2018:0549)	21 Mar 201800:00	–	nessus

Source	Link
nessus	www.nessus.org/u
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(109503);
  script_version("1.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/10/15");

  script_cve_id("CVE-2018-5146");

  script_name(english:"EulerOS 2.0 SP2 : libvorbis (EulerOS-SA-2018-1105)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"According to the version of the libvorbis package installed, the
EulerOS installation on the remote host is affected by the following
vulnerability :

  - An out of bounds write flaw was found in the processing
    of vorbis audio data. A maliciously crafted file or
    audio stream could cause the application to crash or,
    potentially, execute arbitrary code.(CVE-2018-5146)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1105
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3e812b76");
  script_set_attribute(attribute:"solution", value:
"Update the affected libvorbis package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-5146");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"patch_publication_date", value:"2018/04/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/02");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvorbis");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2018-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["libvorbis-1.3.3-8.h2"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvorbis");
}

15 Oct 2024 00:00Current

8High risk

Vulners AI Score8

CVSS 26.8

CVSS 38.8

EPSS0.12054