Lucene search

K

EulerOS 2.0 SP8 : squashfs-tools (EulerOS-SA-2021-2814)

EulerOS 2.0 SP8 squashfs-tools vulnerabilit

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
Cvelist
CVE-2021-41072
14 Sep 202100:00
cvelist
Cvelist
CVE-2021-40153
27 Aug 202100:00
cvelist
Debian CVE
CVE-2021-41072
14 Sep 202101:15
debiancve
Debian CVE
CVE-2021-40153
27 Aug 202115:15
debiancve
Oracle linux
squashfs-tools security update
2 May 202400:00
oraclelinux
Oracle linux
squashfs-tools security update
23 May 202400:00
oraclelinux
Gentoo Linux
squashfs-tools: Multiple Vulnerabilities
30 May 202300:00
gentoo
AlmaLinux
Moderate: squashfs-tools security update
22 May 202400:00
almalinux
AlmaLinux
Moderate: squashfs-tools security update
30 Apr 202400:00
almalinux
Ubuntu
Squashfs-Tools vulnerabilities
15 Sep 202100:00
ubuntu
Rows per page
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(156293);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/22");

  script_cve_id("CVE-2021-41072");

  script_name(english:"EulerOS 2.0 SP8 : squashfs-tools (EulerOS-SA-2021-2814)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the squashfs-tools package installed, the EulerOS installation on the remote host is
affected by the following vulnerabilities :

  - squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different
    vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link
    and then contents under the same filename in a filesystem can cause unsquashfs to first create the
    symbolic link pointing outside the expected directory, and then the subsequent write operation will cause
    the unsquashfs process to write through the symbolic link elsewhere in the filesystem. (CVE-2021-41072)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security
advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional
issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2814
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?326d26b2");
  script_set_attribute(attribute:"solution", value:
"Update the affected squashfs-tools packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-41072");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/09/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/12/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/12/25");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:squashfs-tools");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8");

var sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(8)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8");

if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);

var flag = 0;

var pkgs = [
  "squashfs-tools-4.3-16.h7.eulerosv2r8"
];

foreach (var pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"8", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "squashfs-tools");
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
25 Dec 2021 00:00Current
8.3High risk
Vulners AI Score8.3
CVSS38.1
EPSS0.005
38
.json
Report