Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2019-1357.NASL
HistoryMay 10, 2019 - 12:00 a.m.

EulerOS Virtualization 2.5.3 : python (EulerOS-SA-2019-1357)

2019-05-1000:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
JSON

According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  • Python’s elementtree C accelerator failed to initialise Expat’s hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by contructing an XML document that would cause pathological hash collisions in Expat’s internal data structures, consuming large amounts CPU and RAM.(CVE-2018-14647)

  • A null pointer dereference vulnerability was found in the certificate parsing code in Python. This causes a denial of service to applications when parsing specially crafted certificates. This vulnerability is unlikely to be triggered if application enables SSL/TLS certificate validation and accepts certificates only from trusted root certificate authorities.(CVE-2019-5010)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(124735);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id(
    "CVE-2018-14647",
    "CVE-2019-5010"
  );

  script_name(english:"EulerOS Virtualization 2.5.3 : python (EulerOS-SA-2019-1357)");
  script_summary(english:"Checks the rpm output for the updated packages.");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization host is missing multiple security
updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the python packages installed, the
EulerOS Virtualization installation on the remote host is affected by
the following vulnerabilities :

  - Python's elementtree C accelerator failed to initialise
    Expat's hash salt during initialization. This could
    make it easy to conduct denial of service attacks
    against Expat by contructing an XML document that would
    cause pathological hash collisions in Expat's internal
    data structures, consuming large amounts CPU and
    RAM.(CVE-2018-14647)

  - A null pointer dereference vulnerability was found in
    the certificate parsing code in Python. This causes a
    denial of service to applications when parsing
    specially crafted certificates. This vulnerability is
    unlikely to be triggered if application enables SSL/TLS
    certificate validation and accepts certificates only
    from trusted root certificate
    authorities.(CVE-2019-5010)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1357
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a4884fcd");
  script_set_attribute(attribute:"solution", value:
"Update the affected python packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"patch_publication_date", value:"2019/05/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:tkinter");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:2.5.3");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "2.5.3") audit(AUDIT_OS_NOT, "EulerOS Virtualization 2.5.3");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["python-2.7.5-58.h13",
        "python-devel-2.7.5-58.h13",
        "python-libs-2.7.5-58.h13",
        "python-tools-2.7.5-58.h13",
        "tkinter-2.7.5-58.h13"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python");
}
VendorProductVersionCPE
huaweieulerospythonp-cpe:/a:huawei:euleros:python
huaweieulerospython-develp-cpe:/a:huawei:euleros:python-devel
huaweieulerospython-libsp-cpe:/a:huawei:euleros:python-libs
huaweieulerospython-toolsp-cpe:/a:huawei:euleros:python-tools
huaweieulerostkinterp-cpe:/a:huawei:euleros:tkinter
huaweieulerosuvpcpe:/o:huawei:euleros:uvp:2.5.3

Related

nessus 60
openvas 46
fedora 34
suse 3
slackware 1
mageia 3
prion 2
ibm 9
hackerone 1
veracode 2
cve 2
debiancve 2
redhat 3
amazon 5
ubuntucve 2
osv 7
redhatcve 2
alpinelinux 2
centos 1
githubexploit 1
talos 1
freebsd 1
altlinux 1
checkpoint_advisories 1
debian 3
oraclelinux 1
talosblog 1
photon 2
nessus
nessus
openSUSE Security Update : python (openSUSE-2019-292)
2019-03-06 00:00:00
SUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2019:0482-1)
2019-02-26 00:00:00
EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2019-1626)
2019-05-30 00:00:00
openvas
openvas
openSUSE: Security Advisory for python (openSUSE-SU-2019:0292-1)
2019-03-06 00:00:00
Fedora Update for python36 FEDORA-2019-7eb6d3b8ea
2019-05-07 00:00:00
Huawei EulerOS: Security Advisory for python (EulerOS-SA-2019-1626)
2020-01-23 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: python37-3.7.2-2.fc28
2019-01-28 01:53:21
[SECURITY] Fedora 29 Update: python36-3.6.8-3.fc29
2019-02-05 02:18:50
[SECURITY] Fedora 30 Update: python2-2.7.16-1.fc30
2019-03-29 19:26:15
suse
suse
Security update for python (important)
2019-03-06 00:00:00
Security update for python (moderate)
2019-02-14 00:00:00
Security update for python3 (important)
2019-02-09 00:00:00
slackware
slackware
[slackware-security] python
2019-03-03 22:46:15
mageia
mageia
Updated python3 packages fix security vulnerability
2019-04-11 00:25:19
Updated python packages fix security vulnerability
2019-02-14 11:38:16
Updated python packages fix security vulnerabilities
2019-01-01 01:42:09
prion
prion
Code injection
2018-09-25 00:29:00
Null pointer dereference
2019-10-31 21:15:00
ibm
ibm
Security Bulletin: A Security Vulnerability affects IBM Cloud Private - Python
2019-03-12 22:45:01
Security Bulletin: Vulnerability in Python affects Watson Machine Learning Services (CVE-2018-14647)
2019-07-23 18:55:01
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in python (CVE-2018-14647)
2019-04-11 22:55:01
hackerone
hackerone
Internet Bug Bounty: XML hash collision DoS vulnerability in Python's xml.etree module
2018-09-22 06:36:27
veracode
veracode
Denial Of Service (DoS)
2019-05-27 00:40:17
Denial Of Service (Dos)
2019-08-08 00:07:13
cve
cve
CVE-2018-14647
2018-09-25 00:29:00
CVE-2019-5010
2019-10-31 21:15:00
debiancve
debiancve
CVE-2018-14647
2018-09-25 00:29:00
CVE-2019-5010
2019-10-31 21:15:00
redhat
redhat
(RHSA-2019:2030) Moderate: python security and bug fix update
2019-08-06 07:52:47
(RHSA-2019:3725) Moderate: rh-python36-python security, bug fix, and enhancement update
2019-11-06 09:12:32
(RHSA-2020:1462) Moderate: python security update
2020-04-14 14:34:05
amazon
amazon
Medium: python3
2018-12-17 19:14:00
Medium: python34, python36
2018-12-20 00:01:00
Medium: python35
2018-11-05 21:47:00
ubuntucve
ubuntucve
CVE-2018-14647
2018-09-24 00:00:00
CVE-2019-5010
2019-01-18 00:00:00
osv
osv
CVE-2018-14647
2018-09-25 00:29:00
_elementree C accelerator doesn't call XML_SetHashSalt()
2018-09-25 00:00:00
TALOS-2018-0758 SSL CRL distribution points Denial of Service
2019-10-31 20:05:57
redhatcve
redhatcve
CVE-2018-14647
2020-04-02 08:14:30
CVE-2019-5010
2020-02-15 20:24:09
alpinelinux
alpinelinux
CVE-2018-14647
2018-09-25 00:29:00
CVE-2019-5010
2019-10-31 21:15:00
centos
centos
python, tkinter security update
2019-08-30 04:00:52
githubexploit
githubexploit
Exploit for NULL Pointer Dereference in Python
2019-11-06 07:26:43
talos
talos
Python.org CPython X509 certificate parsing denial-of-service vulnerability
2019-01-28 00:00:00
freebsd
freebsd
Python -- NULL pointer dereference vulnerability
2019-01-15 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package python3 version 3.6.8-alt1
2019-01-29 00:00:00
checkpoint_advisories
checkpoint_advisories
Python SSL Denial of Service (CVE-2019-5010)
2019-11-21 00:00:00
debian
debian
[SECURITY] [DLA 1834-1] python2.7 security update
2019-06-25 03:40:12
[SECURITY] [DSA 4307-1] python3.5 security update
2018-09-28 19:17:56
[SECURITY] [DLA 1835-1] python3.4 security update
2019-06-25 03:40:34
oraclelinux
oraclelinux
python security and bug fix update
2019-08-13 00:00:00
talosblog
talosblog
Vulnerability Spotlight: Python.org certificate parsing denial-of-service
2019-01-28 11:12:00
photon
photon
Important Photon OS Security Update - PHSA-2019-0120
2019-01-10 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0120
2019-01-10 00:00:00
JSON
Related for EULEROS_SA-2019-1357.NASL
nessus60openvas46fedora34suse3slackware1mageia3prion2ibm9hackerone1veracode2cve2debiancve2redhat3amazon5ubuntucve2osv7redhatcve2alpinelinux2centos1githubexploit1talos1freebsd1altlinux1checkpoint_advisories1debian3oraclelinux1talosblog1photon2