According to the versions of the ntp packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(128941);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/07/08");
script_cve_id(
"CVE-2017-6462",
"CVE-2017-6463",
"CVE-2017-6464",
"CVE-2019-8936"
);
script_name(english:"EulerOS Virtualization for ARM 64 3.0.2.0 : ntp (EulerOS-SA-2019-1938)");
script_summary(english:"Checks the rpm output for the updated packages.");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization for ARM 64 host is missing multiple security
updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the ntp packages installed, the EulerOS
Virtualization for ARM 64 installation on the remote host is affected
by the following vulnerabilities :
- The Network Time Protocol (NTP) is used to synchronize
a computer's time with another reference time source.
This package includes ntpd (a daemon which continuously
adjusts system time) and utilities used to query and
configure the ntpd daemon. Perl scripts ntp-wait and
ntptrace are in the ntp-perl package, ntpdate is in the
ntpdate package and sntp is in the sntp package. The
documentation is in the ntp-doc package. Security
Fix(es):NTP through 4.2.8p12 has a NULL Pointer
Dereference.(CVE-2019-8936)Buffer overflow in the
legacy Datum Programmable Time Server (DPTS) refclock
driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94
allows local users to have unspecified impact via a
crafted /dev/datum device.(CVE-2017-6462)NTP before
4.2.8p10 and 4.3.x before 4.3.94 allows remote
attackers to cause a denial of service (ntpd crash) via
a malformed mode configuration
directive.(CVE-2017-6464)NTP before 4.2.8p10 and 4.3.x
before 4.3.94 allows remote authenticated users to
cause a denial of service (daemon crash) via an invalid
setting in a :config directive, related to the unpeer
option.(CVE-2017-6463)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1938
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8b0d55c4");
script_set_attribute(attribute:"solution", value:
"Update the affected ntp packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-6462");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"patch_publication_date", value:"2019/09/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/17");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ntp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ntpdate");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:sntp");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "3.0.2.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.2.0");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);
flag = 0;
pkgs = ["ntp-4.2.6p5-28.h9",
"ntpdate-4.2.6p5-28.h9",
"sntp-4.2.6p5-28.h9"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ntp");
}