Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2021-1296.NASLHistoryFeb 22, 2021 - 12:00 a.m.
EulerOS 2.0 SP2 : gdb (EulerOS-SA-2021-1296)
2021-02-2200:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
5.8 Medium
AI Score
Confidence
High
According to the versions of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :
-
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to ‘ktypevec.’(CVE-2016-4488)
-
Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary.(CVE-2016-4492)
-
The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary.(CVE-2016-4493)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(146713);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/19");
script_cve_id("CVE-2016-4488", "CVE-2016-4492", "CVE-2016-4493");
script_name(english:"EulerOS 2.0 SP2 : gdb (EulerOS-SA-2021-1296)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the gdb packages installed, the EulerOS
installation on the remote host is affected by the following
vulnerabilities :
- Use-after-free vulnerability in libiberty allows remote
attackers to cause a denial of service (segmentation
fault and crash) via a crafted binary, related to
'ktypevec.'(CVE-2016-4488)
- Buffer overflow in the do_type function in cplus-dem.c
in libiberty allows remote attackers to cause a denial
of service (segmentation fault and crash) via a crafted
binary.(CVE-2016-4492)
- The demangle_template_value_parm and
do_hpacc_template_literal functions in cplus-dem.c in
libiberty allow remote attackers to cause a denial of
service (out-of-bounds read and crash) via a crafted
binary.(CVE-2016-4493)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1296
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4d2a660d");
script_set_attribute(attribute:"solution", value:
"Update the affected gdb packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-4493");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"patch_publication_date", value:"2021/02/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/02/22");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gdb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gdb-gdbserver");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
flag = 0;
pkgs = ["gdb-7.6.1-80.1.h3",
"gdb-gdbserver-7.6.1-80.1.h3"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gdb");
}
Related
openvas
openvas
Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2021-1296)
2021-02-22 00:00:00
Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2021-1786)
2021-05-03 00:00:00
Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2021-1432)
2021-03-05 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : gdb (EulerOS-SA-2021-1190)
2021-02-04 00:00:00
EulerOS Virtualization 3.0.2.6 : gdb (EulerOS-SA-2021-1432)
2021-03-10 00:00:00
EulerOS Virtualization 3.0.6.6 : gdb (EulerOS-SA-2021-1474)
2021-03-10 00:00:00
ubuntucve
ubuntucve
debian
debian
[SECURITY] [DLA 552-1] binutils security update
2016-07-18 08:45:40
osv
osv
binutils - security update
2016-07-18 00:00:00
binutils vulnerabilities
2021-07-21 13:08:04
ubuntu
ubuntu
libiberty vulnerabilities
2017-07-26 00:00:00
Valgrind vulnerabilities
2017-06-21 00:00:00
gdb vulnerabilities
2017-07-26 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-09-21 06:26:51
Denial Of Service (DoS)
2020-09-21 06:18:30
Denial Of Service (DoS)
2020-09-21 06:34:05
prion
prion
Out-of-bounds
2017-02-24 20:59:00
Design/Logic Flaw
2017-02-24 20:59:00
Buffer overflow
2017-02-24 20:59:00
mageia
mageia
Updated valgrind packages fix security vulnerabilities
2017-07-28 21:12:15
Updated binutils packages fix security vulnerability
2018-01-03 17:22:14
Updated gdb packages fix security vulnerability
2018-01-03 17:22:14
redhatcve
redhatcve
CVE-2016-4493
2016-05-05 12:18:43
CVE-2016-4492
2016-05-05 12:18:47
cvelist
cvelist
debiancve
debiancve
cve
cve
cloudfoundry
cloudfoundry
USN-3367-1: gdb vulnerabilities | Cloud Foundry
2017-08-04 00:00:00
cloudlinux
cloudlinux
Fix of 36 CVEs
2021-12-27 16:08:07
ibm
ibm