Lucene search
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2020-1639.NASLHistoryJun 17, 2020 - 12:00 a.m.
EulerOS 2.0 SP2 : apr-util (EulerOS-SA-2020-1639)
2020-06-1700:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
0.033 Low
EPSS
Percentile
91.4%
According to the version of the apr-util packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :
- The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.(CVE-2016-4472)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(137481);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/06");
script_cve_id("CVE-2016-4472");
script_name(english:"EulerOS 2.0 SP2 : apr-util (EulerOS-SA-2020-1639)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
script_set_attribute(attribute:"description", value:
"According to the version of the apr-util packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerability :
- The overflow protection in Expat is removed by
compilers with certain optimization settings, which
allows remote attackers to cause a denial of service
(crash) or possibly execute arbitrary code via crafted
XML data. NOTE: this vulnerability exists because of an
incomplete fix for CVE-2015-1283 and
CVE-2015-2716.(CVE-2016-4472)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1639
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9735cc16");
script_set_attribute(attribute:"solution", value:
"Update the affected apr-util package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-4472");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"patch_publication_date", value:"2020/06/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/17");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:apr-util");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:apr-util-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
flag = 0;
pkgs = ["apr-util-1.5.2-6.h1",
"apr-util-devel-1.5.2-6.h1"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apr-util");
}
Related
cve
cve
ubuntucve
ubuntucve
veracode
veracode
Denial Of Service (DoS)
2017-03-27 05:30:04
Denial Of Service (DoS)
2017-02-01 05:26:42
Arbitrary Code Execution
2019-05-02 05:39:09
cvelist
cvelist
freebsd
freebsd
expat2 -- denial of service
2016-06-09 00:00:00
FreeBSD -- Multiple integer overflows in expat (libbsdxml) XML parser
2015-08-18 00:00:00
alpinelinux
alpinelinux
CVE-2016-4472
2016-06-30 17:59:04
openvas
openvas
f5
f5
SOL22232964 - Expat XML library vulnerability CVE-2016-4472
2016-10-21 00:00:00
K22232964 : Expat XML library vulnerability CVE-2016-4472
2016-10-21 00:00:00
K15104541 : Expat XML library vulnerability CVE-2015-1283
2016-10-11 00:00:00
osv
osv
CVE-2016-4472
2016-06-30 17:59:00
expat - security update
2015-07-25 00:00:00
expat - security update
2016-05-18 00:00:00
nessus
nessus
FreeBSD : expat2 -- denial of service (ff76f0e0-3f11-11e6-b3c8-14dae9d210b8)
2016-07-01 00:00:00
NewStart CGSL CORE 5.05 / MAIN 5.05 : expat Vulnerability (NS-SA-2020-0116)
2020-12-09 00:00:00
Amazon Linux AMI : expat (ALAS-2020-1364)
2020-05-15 00:00:00
redhatcve
redhatcve
CVE-2016-4472
2016-06-09 09:48:44
prion
prion
Buffer overflow
2016-06-30 17:59:00
Buffer overflow
2015-05-14 10:59:00
Integer overflow
2015-07-23 00:59:00
nvd
nvd
debiancve
debiancve
CVE-2016-4472
2016-06-30 17:59:04
CVE-2015-1283
2015-07-23 00:59:12
ibm
ibm
Security Bulletin: Vulnerabilities in Expat component shipped with IBM Rational ClearQuest (CVE-2016-0718, CVE-2015-1283, CVE-2016-4472, CVE-2015-2716)
2020-02-04 16:40:40
archlinux
archlinux
expat: arbitrary code execution
2016-03-24 00:00:00
lib32-expat: arbitrary code execution
2016-05-18 00:00:00
expat: arbitrary code execution
2016-05-18 00:00:00
amazon
amazon
Medium: expat
2020-05-11 20:41:00
debian
debian
[SECURITY] [DLA 281-1] expat security update
2015-07-25 14:17:27
[SECURITY] [DSA 3318-1] expat security update
2015-07-26 17:54:13
[SECURITY] [DSA 3582-1] expat security update
2016-05-18 05:18:57
slackware
slackware
[slackware-security] expat
2016-12-24 19:24:21
[slackware-security] python
2017-09-23 06:33:04
mozilla
mozilla
Buffer overflow when parsing compressed XML — Mozilla
2015-05-12 00:00:00
oraclelinux
oraclelinux
expat security update
2020-04-06 00:00:00
thunderbird security update
2015-05-19 00:00:00
firefox security update
2015-05-13 00:00:00
ubuntu
ubuntu
XML-RPC for C and C++ vulnerabilities
2016-06-20 00:00:00
Expat vulnerability
2015-08-31 00:00:00
VNC4 vulnerabilities
2021-03-15 00:00:00
centos
centos
expat security update
2020-04-08 17:58:10
thunderbird security update
2015-05-18 14:07:12
redhat
redhat
(RHSA-2020:1011) Moderate: expat security update
2020-03-31 09:08:15
(RHSA-2020:2508) Moderate: expat security update
2020-06-10 16:46:54
(RHSA-2015:1012) Important: thunderbird security update
2015-05-18 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3318-1] expat security update
2015-08-03 00:00:00
expat library integer overflow
2015-08-03 00:00:00
mageia
mageia
Updated expat package fixes security vulnerability
2015-07-27 20:18:02
freebsd_advisory
freebsd_advisory
FreeBSD-SA-15:20.expat
2015-08-18 00:00:00
gentoo
gentoo
Expat: Multiple vulnerabilities
2017-01-11 00:00:00
suse
suse
Security update for expat (important)
2016-06-08 12:07:50
Security update for expat (important)
2016-05-30 14:09:21
Security update for expat (important)
2016-06-07 17:08:51
fedora
fedora
[SECURITY] Fedora 22 Update: expat-2.1.1-2.fc22
2016-07-12 02:27:38
[SECURITY] Fedora 24 Update: expat-2.1.1-2.fc24
2016-06-21 19:27:49
[SECURITY] Fedora 23 Update: expat-2.1.1-2.fc23
2016-06-19 07:27:54
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
0.033 Low
EPSS
Percentile
91.4%
Related for EULEROS_SA-2020-1639.NASL