Lucene search
EulerOS 2.0 SP3 : telnet (EulerOS-SA-2020-2065)
🗓️ 28 Sep 2020 00:00:00Reported by This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.Type 
nessus🔗 www.tenable.com👁 23 Views
EulerOS 2.0 SP3 telnet package vulnerabilit
Show more
| Reporter | Title | Published | Views | Family All 113 |
|---|---|---|---|---|
 | [SECURITY] Fedora 30 Update: telnet-0.17-77.fc30 | 4 Apr 202004:19 | – | fedora |
| [SECURITY] Fedora 32 Update: telnet-0.17-79.fc32 | 1 Apr 202016:35 | – | fedora |
| [SECURITY] Fedora 31 Update: telnet-0.17-78.fc31 | 4 Apr 202003:23 | – | fedora |
| Debian DLA-2176-1 : inetutils security update | 15 May 202000:00 | – | nessus |
| RHEL 7 : telnet (RHSA-2022:0011) | 4 Jan 202200:00 | – | nessus |
| RHEL 8 : telnet (RHSA-2020:1318) | 7 Apr 202000:00 | – | nessus |
| Telnet Vulnerability Affecting Cisco Products: June 2020 (cisco-sa-telnetd-EFJrEzPx) | 10 Jul 202000:00 | – | nessus |
| Fedora 30 : 1:telnet (2020-6b07ff2526) | 6 Apr 202000:00 | – | nessus |
| RHEL 5 : telnet-server (Unpatched Vulnerability) | 11 May 202400:00 | – | nessus |
| Palo Alto Networks PAN-OS 8.1.x < 8.1.20 / 9.0.x < 9.0.14 / 9.1.x < 9.1.9 / 10.0.x < 10.0.6 Vulnerability | 8 Sep 202100:00 | – | nessus |
10
| Source | Link |
|---|---|
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
| nessus | www.nessus.org/u |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(140832);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/19");
script_cve_id("CVE-2020-10188");
script_xref(name:"CEA-ID", value:"CEA-2021-0025");
script_name(english:"EulerOS 2.0 SP3 : telnet (EulerOS-SA-2020-2065)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
script_set_attribute(attribute:"description", value:
"According to the version of the telnet packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerability :
- utility.c in telnetd in netkit telnet through 0.17
allows remote attackers to execute arbitrary code via
short writes or urgent data, because of a buffer
overflow involving the netclear and nextitem
functions.(CVE-2020-10188)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2065
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b5f91234");
script_set_attribute(attribute:"solution", value:
"Update the affected telnet package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-10188");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"patch_publication_date", value:"2020/09/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/09/28");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:telnet");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:telnet-server");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(3)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
flag = 0;
pkgs = ["telnet-0.17-59.h1",
"telnet-server-0.17-59.h1"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"3", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "telnet");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo28 Sep 2020 00:00Current
10High risk
Vulners AI Score10
CVSS210
CVSS39.8
EPSS0.70048