There are integer overflow vulnerabilities in libX11 allowing for arbitrary code execution and heap-buffer overflow in XIM client implementatio
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
Tenable Nessus | EulerOS Virtualization 3.0.6.6 : libX11 (EulerOS-SA-2021-1494) | 4 Mar 202100:00 | – | nessus |
Tenable Nessus | EulerOS 2.0 SP3 : libX11 (EulerOS-SA-2021-1092) | 20 Jan 202100:00 | – | nessus |
Tenable Nessus | EulerOS Virtualization 2.9.1 : libX11 (EulerOS-SA-2021-1609) | 10 Mar 202100:00 | – | nessus |
Tenable Nessus | EulerOS Virtualization 3.0.2.6 : libX11 (EulerOS-SA-2021-1441) | 10 Mar 202100:00 | – | nessus |
Tenable Nessus | Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : libx11 vulnerabilities (USN-4487-1) | 4 Sep 202000:00 | – | nessus |
Tenable Nessus | Fedora 31 : libX11 (2020-9a0b272cc1) | 11 Sep 202000:00 | – | nessus |
Tenable Nessus | EulerOS 2.0 SP8 : libX11 (EulerOS-SA-2020-2313) | 2 Nov 202000:00 | – | nessus |
Tenable Nessus | EulerOS 2.0 SP9 : libX11 (EulerOS-SA-2020-2177) | 9 Oct 202000:00 | – | nessus |
Tenable Nessus | EulerOS Virtualization 2.9.0 : libX11 (EulerOS-SA-2021-1662) | 11 Mar 202100:00 | – | nessus |
Tenable Nessus | EulerOS Virtualization for ARM 64 3.0.6.0 : libX11 (EulerOS-SA-2021-1556) | 4 Mar 202100:00 | – | nessus |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(141320);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/15");
script_cve_id("CVE-2020-14344", "CVE-2020-14363");
script_name(english:"EulerOS 2.0 SP9 : libX11 (EulerOS-SA-2020-2167)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the libX11 package installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :
- An integer overflow vulnerability leading to a
double-free was found in libX11. This flaw allows a
local privileged attacker to cause an application
compiled with libX11 to crash, or in some cases, result
in arbitrary code execution. The highest threat from
this flaw is to confidentiality, integrity as well as
system availability.(CVE-2020-14363)
- An integer overflow leading to a heap-buffer overflow
was found in The X Input Method (XIM) client was
implemented in libX11 before version 1.6.10. As per
upstream this is security relevant when setuid programs
call XIM client functions while running with elevated
privileges. No such programs are shipped with Red Hat
Enterprise Linux.(CVE-2020-14344)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2167
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8a888edd");
script_set_attribute(attribute:"solution", value:
"Update the affected libX11 packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-14363");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"patch_publication_date", value:"2020/10/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/10/09");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libX11");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(9)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);
flag = 0;
pkgs = ["libX11-1.6.9-4.eulerosv2r9"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"9", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libX11");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo