Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2019-1629.NASL
HistoryMay 30, 2019 - 12:00 a.m.

EulerOS Virtualization for ARM 64 3.0.2.0 : libtiff (EulerOS-SA-2019-1629)

2019-05-3000:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
JSON

According to the versions of the libtiff package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :

  • In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.(CVE-2018-19210)

  • The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.(CVE-2019-6128)

  • An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900.(CVE-2019-7663)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(125581);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id(
    "CVE-2018-19210",
    "CVE-2019-6128",
    "CVE-2019-7663"
  );

  script_name(english:"EulerOS Virtualization for ARM 64 3.0.2.0 : libtiff (EulerOS-SA-2019-1629)");
  script_summary(english:"Checks the rpm output for the updated packages.");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization for ARM 64 host is missing multiple security
updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the libtiff package installed, the
EulerOS Virtualization for ARM 64 installation on the remote host is
affected by the following vulnerabilities :

  - In LibTIFF 4.0.9, there is a NULL pointer dereference
    in the TIFFWriteDirectorySec function in tif_dirwrite.c
    that will lead to a denial of service attack, as
    demonstrated by tiffset.(CVE-2018-19210)

  - The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10
    has a memory leak, as demonstrated by
    pal2rgb.(CVE-2019-6128)

  - An Invalid Address dereference was discovered in
    TIFFWriteDirectoryTagTransferfunction in
    libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the
    cpSeparateBufToContigBuf function in tiffcp.c. Remote
    attackers could leverage this vulnerability to cause a
    denial-of-service via a crafted tiff file. This is
    different from CVE-2018-12900.(CVE-2019-7663)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1629
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e92637b0");
  script_set_attribute(attribute:"solution", value:
"Update the affected libtiff packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"patch_publication_date", value:"2019/05/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libtiff");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "3.0.2.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.2.0");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);

flag = 0;

pkgs = ["libtiff-4.0.3-27.h8"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libtiff");
}
VendorProductVersionCPE
huaweieuleroslibtiffp-cpe:/a:huawei:euleros:libtiff
huaweieulerosuvpcpe:/o:huawei:euleros:uvp:3.0.2.0

Related

nessus 25
openvas 28
suse 3
gentoo 1
archlinux 1
osv 6
debian 4
cloudfoundry 1
fedora 6
ubuntu 2
slackware 1
redhatcve 3
cve 3
prion 3
ubuntucve 3
veracode 3
debiancve 3
alpinelinux 1
mageia 3
photon 10
ibm 3
nessus
nessus
EulerOS 2.0 SP5 : libtiff (EulerOS-SA-2019-1313)
2019-05-01 00:00:00
openSUSE Security Update : tiff (openSUSE-2019-1161)
2019-04-08 00:00:00
SUSE SLED15 / SLES15 Security Update : tiff (SUSE-SU-2019:0786-1)
2019-03-29 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2019-1313)
2020-01-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0786-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2019-1629)
2020-01-23 00:00:00
suse
suse
Security update for tiff (moderate)
2019-04-05 00:00:00
Security update for tiff (moderate)
2018-12-08 15:12:16
Security update for tiff (moderate)
2018-12-23 00:10:13
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2020-03-15 00:00:00
archlinux
archlinux
[ASA-201911-13] libtiff: denial of service
2019-11-13 00:00:00
osv
osv
tiff - security update
2019-02-18 00:00:00
CVE-2018-19210
2018-11-12 19:29:00
CVE-2019-6128
2019-01-11 05:29:01
debian
debian
[SECURITY] [DLA 1680-1] tiff security update
2019-02-18 07:13:17
[SECURITY] [DSA 4670-1] tiff security update
2020-04-29 21:12:38
[SECURITY] [DSA 4670-1] tiff security update
2020-04-29 21:12:38
cloudfoundry
cloudfoundry
USN-3906-1: LibTIFF vulnerabilities | Cloud Foundry
2019-03-21 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: libtiff-4.0.10-5.fc29
2019-06-28 22:09:22
[SECURITY] Fedora 30 Update: libtiff-4.0.10-5.fc30
2019-06-28 16:34:07
[SECURITY] Fedora 29 Update: libtiff-4.0.10-4.fc29
2019-02-19 14:04:47
ubuntu
ubuntu
LibTIFF vulnerabilities
2019-03-12 00:00:00
LibTIFF vulnerabilities
2019-03-18 00:00:00
slackware
slackware
[slackware-security] libtiff
2019-11-04 22:37:12
redhatcve
redhatcve
CVE-2018-19210
2020-04-02 08:43:46
CVE-2019-6128
2019-12-13 04:45:58
CVE-2019-7663
2019-02-15 07:49:43
cve
cve
CVE-2018-19210
2018-11-12 19:29:00
CVE-2019-6128
2019-01-11 05:29:00
CVE-2019-7663
2019-02-09 16:29:00
prion
prion
Null pointer dereference
2018-11-12 19:29:00
Memory corruption
2019-01-11 05:29:00
Code injection
2019-02-09 16:29:00
ubuntucve
ubuntucve
CVE-2018-19210
2018-11-12 00:00:00
CVE-2019-6128
2019-01-11 00:00:00
CVE-2019-7663
2019-02-09 00:00:00
veracode
veracode
Denial Of Service (DoS)
2018-11-13 06:52:28
Denial Of Service (DoS)
2019-02-11 06:57:45
Information Disclosure
2019-02-11 05:02:30
debiancve
debiancve
CVE-2018-19210
2018-11-12 19:29:00
CVE-2019-6128
2019-01-11 05:29:00
CVE-2019-7663
2019-02-09 16:29:00
alpinelinux
alpinelinux
CVE-2019-6128
2019-01-11 05:29:00
mageia
mageia
Updated libtiff packages fix security vulnerability
2019-02-13 14:08:25
Updated libtiff packages fix security vulnerability
2019-02-22 03:35:50
Updated libtiff packages fix security vulnerabilities
2018-12-30 02:24:32
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0131
2019-02-19 00:00:00
Important Photon OS Security Update - PHSA-2019-0131
2019-02-19 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0118
2019-01-07 00:00:00
ibm
ibm
Security Bulletin: IBM ToolsCenter Dynamic System Analysis (DSA) Preboot is affected by multiple vulnerabilities.
2019-12-20 08:47:33
Security Bulletin: IBM Cloud Pak for Security is vulnerable to using components with known vulnerabilities
2022-11-01 18:28:47
Security Bulletin: Gdal vulnerabilities affect IBM Netezza Analytics for NPS
2022-06-03 14:32:29
JSON
Related for EULEROS_SA-2019-1629.NASL
nessus25openvas28suse3gentoo1archlinux1osv6debian4cloudfoundry1fedora6ubuntu2slackware1redhatcve3cve3prion3ubuntucve3veracode3debiancve3alpinelinux1mageia3photon10ibm3