Lucene search

K

EulerOS 2.0 SP8 : gnuplot (EulerOS-SA-2020-1851)

EulerOS 2.0 SP8 affected by gnuplot vulnerabilitie

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
OSV
gnuplot vulnerabilities
25 Sep 202017:14
osv
OSV
gnuplot5 - security update
25 Nov 201800:00
osv
OSV
gnuplot - security update
26 Nov 201800:00
osv
OSV
CVE-2018-19490
23 Nov 201817:29
osv
OSV
CVE-2018-19491
23 Nov 201817:29
osv
OSV
CVE-2018-19492
23 Nov 201817:29
osv
OSV
gnuplot-5.4.2-1.3 on GA media
15 Jun 202400:00
osv
Ubuntu
Gnuplot vulnerabilities
25 Sep 202000:00
ubuntu
OpenVAS
Ubuntu: Security Advisory (USN-4541-1)
26 Sep 202000:00
openvas
OpenVAS
Huawei EulerOS: Security Advisory for gnuplot (EulerOS-SA-2020-1851)
31 Aug 202000:00
openvas
Rows per page
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(139954);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/23");

  script_cve_id("CVE-2018-19490", "CVE-2018-19491", "CVE-2018-19492");

  script_name(english:"EulerOS 2.0 SP8 : gnuplot (EulerOS-SA-2020-1851)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the gnuplot packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

  - An issue was discovered in datafile.c in Gnuplot 5.2.5.
    This issue allows an attacker to conduct a heap-based
    buffer overflow with an arbitrary amount of data in
    df_generate_ascii_array_entry. To exploit this
    vulnerability, an attacker must pass an overlong string
    as the right bound of the range argument that is passed
    to the plot function.(CVE-2018-19490)

  - An issue was discovered in post.trm in Gnuplot 5.2.5.
    This issue allows an attacker to conduct a buffer
    overflow with an arbitrary amount of data in the
    PS_options function. This flaw is caused by a missing
    size check of an argument passed to the 'set font'
    function. This issue occurs when the Gnuplot postscript
    terminal is used as a backend.(CVE-2018-19491)

  - An issue was discovered in cairo.trm in Gnuplot 5.2.5.
    This issue allows an attacker to conduct a buffer
    overflow with an arbitrary amount of data in the
    cairotrm_options function. This flaw is caused by a
    missing size check of an argument passed to the 'set
    font' function. This issue occurs when the Gnuplot
    pngcairo terminal is used as a backend.(CVE-2018-19492)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1851
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?946afb6c");
  script_set_attribute(attribute:"solution", value:
"Update the affected gnuplot packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-19492");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"patch_publication_date", value:"2020/08/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/08/28");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gnuplot");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gnuplot-common");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(8)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);

flag = 0;

pkgs = ["gnuplot-5.0.6-11.eulerosv2r8",
        "gnuplot-common-5.0.6-11.eulerosv2r8"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"8", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gnuplot");
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo