Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2019-2399.NASLHistoryDec 10, 2019 - 12:00 a.m.
EulerOS 2.0 SP2 : ppp (EulerOS-SA-2019-2399)
2019-12-1000:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
7.1 High
AI Score
Confidence
Low
According to the versions of the ppp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :
-
Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul’s PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server.(CVE-2015-3310)
-
Integer overflow in the getword function in options.c in pppd in Paul’s PPP Package (ppp) before 2.4.7 allows attackers to ‘access privileged options’ via a long word in an options file, which triggers a heap-based buffer overflow that ‘[corrupts] security-relevant variables.’(CVE-2014-3158)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(131891);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/04");
script_cve_id("CVE-2014-3158", "CVE-2015-3310");
script_bugtraq_id(69399, 74163);
script_name(english:"EulerOS 2.0 SP2 : ppp (EulerOS-SA-2019-2399)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the ppp package installed, the EulerOS
installation on the remote host is affected by the following
vulnerabilities :
- Buffer overflow in the rc_mksid function in
plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6
and earlier, when the PID for pppd is greater than
65535, allows remote attackers to cause a denial of
service (crash) via a start accounting message to the
RADIUS server.(CVE-2015-3310)
- Integer overflow in the getword function in options.c
in pppd in Paul's PPP Package (ppp) before 2.4.7 allows
attackers to 'access privileged options' via a long
word in an options file, which triggers a heap-based
buffer overflow that '[corrupts] security-relevant
variables.'(CVE-2014-3158)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2399
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?74551c9a");
script_set_attribute(attribute:"solution", value:
"Update the affected ppp packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-3158");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"patch_publication_date", value:"2019/12/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/10");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ppp");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
flag = 0;
pkgs = ["ppp-2.4.5-33.h2"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ppp");
}
Related
slackware
slackware
[slackware-security] ppp
2015-04-22 01:23:52
openvas
openvas
Slackware: Security Advisory (SSA:2015-111-11)
2022-04-21 00:00:00
Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2019-2399)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2020-1775)
2020-07-03 00:00:00
nessus
nessus
EulerOS Virtualization 3.0.6.0 : ppp (EulerOS-SA-2020-1775)
2020-07-01 00:00:00
EulerOS 2.0 SP5 : ppp (EulerOS-SA-2019-2183)
2019-11-08 00:00:00
osv
osv
ppp - security update
2015-04-19 00:00:00
ppp - security update
2015-04-16 00:00:00
ppp - security update
2014-11-28 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3228-1] ppp security update
2015-04-17 00:00:00
ppp privilege escalation
2014-09-10 00:00:00
ppp buffer overflow
2015-04-17 00:00:00
mageia
mageia
Updated ppp packages fix CVE-2015-3310
2015-05-01 00:57:25
Updated ppp packages fix a security vulnerability
2014-09-05 13:07:37
debiancve
debiancve
CVE-2015-3310
2015-04-24 14:59:00
CVE-2014-3158
2014-11-15 21:59:00
f5
f5
SOL16686 - Point-to-Point Protocol (PPP) vulnerability CVE-2015-3310
2015-05-26 00:00:00
K16686 : Point-to-Point Protocol (PPP) vulnerability CVE-2015-3310
2015-05-27 00:00:00
cve
cve
CVE-2015-3310
2015-04-24 14:59:00
CVE-2014-3158
2014-11-15 21:59:00
fedora
fedora
[SECURITY] Fedora 20 Update: ppp-2.4.5-34.fc20
2014-08-23 01:57:49
[SECURITY] Fedora 19 Update: ppp-2.4.5-33.fc19
2014-08-30 03:52:51
ubuntu
ubuntu
ppp vulnerability
2014-12-01 00:00:00
ppp vulnerability
2015-05-05 00:00:00
archlinux
archlinux
ppp: denial of service
2015-08-11 00:00:00
ubuntucve
ubuntucve
CVE-2015-3310
2015-04-16 00:00:00
CVE-2014-3158
2014-11-15 00:00:00
debian
debian
[SECURITY] [DLA 205-1] ppp security update
2015-04-19 15:55:29
[SECURITY] [DSA 3228-1] ppp security update
2015-04-16 11:00:32
[SECURITY] [DSA 3228-1] ppp security update
2015-04-16 11:00:32
prion
prion
Buffer overflow
2015-04-24 14:59:00
Integer overflow
2014-11-15 21:59:00
gentoo
gentoo
PPP: Buffer overflow
2017-01-23 00:00:00
PPP: Information disclosure
2014-12-13 00:00:00