According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.(CVE-2019-20907)
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created.(CVE-2020-14422)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(139153);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/27");
script_cve_id("CVE-2019-20907", "CVE-2020-14422");
script_xref(name:"IAVA", value:"2020-A-0340-S");
script_name(english:"EulerOS 2.0 SP8 : python3 (EulerOS-SA-2020-1823)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the python3 packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :
- In Lib/tarfile.py in Python through 3.8.3, an attacker
is able to craft a TAR archive leading to an infinite
loop when opened by tarfile.open, because _proc_pax
lacks header validation.(CVE-2019-20907)
- Lib/ipaddress.py in Python through 3.8.3 improperly
computes hash values in the IPv4Interface and
IPv6Interface classes, which might allow a remote
attacker to cause a denial of service if an application
is affected by the performance of a dictionary
containing IPv4Interface or IPv6Interface objects, and
this attacker can cause many dictionary entries to be
created.(CVE-2020-14422)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1823
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f68c0136");
script_set_attribute(attribute:"solution", value:
"Update the affected python3 packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-20907");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"patch_publication_date", value:"2020/07/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/07/30");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python3-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python3-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python3-test");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python3-unversioned-command");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(8)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);
flag = 0;
pkgs = ["python3-3.7.0-9.h29.eulerosv2r8",
"python3-devel-3.7.0-9.h29.eulerosv2r8",
"python3-libs-3.7.0-9.h29.eulerosv2r8",
"python3-test-3.7.0-9.h29.eulerosv2r8",
"python3-unversioned-command-3.7.0-9.h29.eulerosv2r8"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"8", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python3");
}
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | euleros | python3 | p-cpe:/a:huawei:euleros:python3 |
huawei | euleros | python3-devel | p-cpe:/a:huawei:euleros:python3-devel |
huawei | euleros | python3-libs | p-cpe:/a:huawei:euleros:python3-libs |
huawei | euleros | python3-test | p-cpe:/a:huawei:euleros:python3-test |
huawei | euleros | python3-unversioned-command | p-cpe:/a:huawei:euleros:python3-unversioned-command |
huawei | euleros | 2.0 | cpe:/o:huawei:euleros:2.0 |