Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2020-1037.NASL
HistoryJan 02, 2020 - 12:00 a.m.

EulerOS 2.0 SP8 : xorg-x11-server (EulerOS-SA-2020-1037)

2020-01-0200:00:00
This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
JSON

According to the version of the xorg-x11-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :

  • systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.(CVE-2018-20839)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(132630);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/02/22");

  script_cve_id("CVE-2018-20839");

  script_name(english:"EulerOS 2.0 SP8 : xorg-x11-server (EulerOS-SA-2020-1037)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"According to the version of the xorg-x11-server packages installed,
the EulerOS installation on the remote host is affected by the
following vulnerability :

  - systemd 242 changes the VT1 mode upon a logout, which
    allows attackers to read cleartext passwords in certain
    circumstances, such as watching a shutdown, or using
    Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the
    KDGKBMODE (aka current keyboard mode) check is
    mishandled.(CVE-2018-20839)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1037
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f2f1bbbb");
  script_set_attribute(attribute:"solution", value:
"Update the affected xorg-x11-server package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-20839");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"patch_publication_date", value:"2020/01/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/02");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:xorg-x11-server-Xephyr");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:xorg-x11-server-Xorg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:xorg-x11-server-Xvfb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:xorg-x11-server-Xwayland");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:xorg-x11-server-common");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(8)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);

flag = 0;

pkgs = ["xorg-x11-server-Xephyr-1.20.1-4.h4.eulerosv2r8",
        "xorg-x11-server-Xorg-1.20.1-4.h4.eulerosv2r8",
        "xorg-x11-server-Xvfb-1.20.1-4.h4.eulerosv2r8",
        "xorg-x11-server-Xwayland-1.20.1-4.h4.eulerosv2r8",
        "xorg-x11-server-common-1.20.1-4.h4.eulerosv2r8"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"8", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xorg-x11-server");
}
VendorProductVersionCPE
huaweieulerosxorg-x11-server-xephyrp-cpe:/a:huawei:euleros:xorg-x11-server-xephyr
huaweieulerosxorg-x11-server-xorgp-cpe:/a:huawei:euleros:xorg-x11-server-xorg
huaweieulerosxorg-x11-server-xvfbp-cpe:/a:huawei:euleros:xorg-x11-server-xvfb
huaweieulerosxorg-x11-server-xwaylandp-cpe:/a:huawei:euleros:xorg-x11-server-xwayland
huaweieulerosxorg-x11-server-commonp-cpe:/a:huawei:euleros:xorg-x11-server-common
huaweieuleros2.0cpe:/o:huawei:euleros:2.0

Related

osv 1
cve 1
openvas 2
redhatcve 1
ubuntucve 1
prion 1
debiancve 1
nessus 1
osv
osv
CVE-2018-20839
2019-05-17 04:29:00
cve
cve
CVE-2018-20839
2019-05-17 04:29:00
openvas
openvas
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2020-1037)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2020-1062)
2020-01-23 00:00:00
redhatcve
redhatcve
CVE-2018-20839
2019-06-04 13:20:53
ubuntucve
ubuntucve
CVE-2018-20839
2019-05-17 00:00:00
prion
prion
Code injection
2019-05-17 04:29:00
debiancve
debiancve
CVE-2018-20839
2019-05-17 04:29:00
nessus
nessus
EulerOS Virtualization for ARM 64 3.0.5.0 : xorg-x11-server (EulerOS-SA-2020-1062)
2020-01-13 00:00:00
JSON
Related for EULEROS_SA-2020-1037.NASL
osv1cve1openvas2redhatcve1ubuntucve1prion1debiancve1nessus1