| Reporter | Title | Published | Views | Family All 181 |
|---|---|---|---|---|
| Security fix for the ALT Linux 9 package SPICE version 0.15.0-alt1 | 31 May 202100:00 | – | altlinux | |
| Amazon Linux 2 : spice-gtk (ALAS-2020-1546) | 28 Oct 202000:00 | – | nessus | |
| Amazon Linux 2 : spice (ALAS-2020-1547) | 28 Oct 202000:00 | – | nessus | |
| Alibaba Cloud Linux 3 : 0090: spice and spice-gtk (ALINUX3-SA-2021:0090) | 14 May 202500:00 | – | nessus | |
| CentOS 8 : spice and spice-gtk (CESA-2020:4186) | 1 Feb 202100:00 | – | nessus | |
| CentOS 7 : spice and spice-gtk (RHSA-2020:4187) | 6 Nov 202000:00 | – | nessus | |
| Debian DLA-2427-1 : spice security update | 2 Nov 202000:00 | – | nessus | |
| Debian DLA-2428-1 : spice-gtk security update | 2 Nov 202000:00 | – | nessus | |
| Debian DSA-4771-1 : spice - security update | 12 Oct 202000:00 | – | nessus | |
| EulerOS 2.0 SP1 : spice-gtk (EulerOS-SA-2018-1149) | 29 May 201800:00 | – | nessus |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(145110);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/30");
script_cve_id("CVE-2017-12194", "CVE-2020-14355");
script_name(english:"EulerOS 2.0 SP3 : spice-gtk (EulerOS-SA-2021-1122)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the spice-gtk packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :
- A flaw was found in the way spice-client processed
certain messages sent from the server. An attacker,
having control of malicious spice-server, could use
this flaw to crash the client or execute arbitrary code
with permissions of the user running the client.
spice-gtk versions through 0.34 are believed to be
vulnerable.(CVE-2017-12194)
- Multiple buffer overflow vulnerabilities were found in
the QUIC image decoding process of the SPICE remote
display system, before spice-0.14.2-1. Both the SPICE
client (spice-gtk) and server are affected by these
flaws. These flaws allow a malicious client or server
to send specially crafted messages that, when processed
by the QUIC image compression algorithm, result in a
process crash or potential code
execution.(CVE-2020-14355)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1122
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?29bf2497");
script_set_attribute(attribute:"solution", value:
"Update the affected spice-gtk packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-12194");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"patch_publication_date", value:"2021/01/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/01/20");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:spice-glib");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:spice-gtk3");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(3)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
flag = 0;
pkgs = ["spice-glib-0.31-6.2.h5",
"spice-gtk3-0.31-6.2.h5"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"3", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "spice-gtk");
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation