EulerOS 2.0 SP10: busybox vulnerabilitie
Reporter | Title | Published | Views | Family All 184 |
---|---|---|---|---|
Mageia | Updated busybox packages fix security vulnerability | 2 Dec 202119:49 | β | mageia |
Tenable Nessus | EulerOS 2.0 SP10 : busybox (EulerOS-SA-2022-1463) | 20 Apr 202200:00 | β | nessus |
Tenable Nessus | EulerOS 2.0 SP9 : busybox (EulerOS-SA-2022-1303) | 2 Mar 202200:00 | β | nessus |
Tenable Nessus | EulerOS 2.0 SP9 : busybox (EulerOS-SA-2022-1287) | 2 Mar 202200:00 | β | nessus |
Tenable Nessus | Amazon Linux AMI : busybox (ALAS-2022-1558) | 19 Jan 202200:00 | β | nessus |
Tenable Nessus | GLSA-202407-17 : BusyBox: Multiple Vulnerabilities | 5 Jul 202400:00 | β | nessus |
Tenable Nessus | Ubuntu 18.04 LTS / 20.04 LTS : BusyBox vulnerabilities (USN-5179-1) | 8 Dec 202100:00 | β | nessus |
Tenable Nessus | SUSE SLES15 Security Update : busybox (SUSE-SU-2022:0135-2) | 15 Feb 202200:00 | β | nessus |
Tenable Nessus | SUSE SLED15 / SLES15 Security Update : busybox (SUSE-SU-2022:3959-1) | 13 Nov 202200:00 | β | nessus |
Tenable Nessus | SUSE SLES12 Security Update : busybox (SUSE-SU-2022:4253-1) | 29 Nov 202200:00 | β | nessus |
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(159984);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/20");
script_cve_id(
"CVE-2021-42376",
"CVE-2021-42377",
"CVE-2021-42378",
"CVE-2021-42379",
"CVE-2021-42380",
"CVE-2021-42381",
"CVE-2021-42382",
"CVE-2021-42383",
"CVE-2021-42384",
"CVE-2021-42385",
"CVE-2021-42386"
);
script_name(english:"EulerOS 2.0 SP10 : busybox (EulerOS-SA-2022-1472)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by
the following vulnerabilities :
- A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted
shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under
very rare conditions of filtered command input. (CVE-2021-42376)
- An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code
execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may
be used for remote code execution under rare conditions of filtered command input. (CVE-2021-42377)
- A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when
processing a crafted awk pattern in the getvar_i function (CVE-2021-42378)
- A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when
processing a crafted awk pattern in the next_input_file function (CVE-2021-42379)
- A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when
processing a crafted awk pattern in the clrvar function (CVE-2021-42380)
- A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when
processing a crafted awk pattern in the hash_init function (CVE-2021-42381)
- A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when
processing a crafted awk pattern in the getvar_s function (CVE-2021-42382)
- A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when
processing a crafted awk pattern in the evaluate function (CVE-2021-42383, CVE-2021-42385)
- A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when
processing a crafted awk pattern in the handle_special function (CVE-2021-42384)
- A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when
processing a crafted awk pattern in the nvalloc function (CVE-2021-42386)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security
advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional
issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1472
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?42e9f791");
script_set_attribute(attribute:"solution", value:
"Update the affected busybox packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-42377");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/11/15");
script_set_attribute(attribute:"patch_publication_date", value:"2022/04/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/04/20");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:busybox-help");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP10");
var sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(10)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP10");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP10", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
var flag = 0;
var pkgs = [
"busybox-help-1.31.1-6.h6.eulerosv2r10"
];
foreach (var pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"10", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "busybox");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo