EulerOS Virtualization 2.10.1 : ppp (EulerOS-SA-2023-1908)

🗓️ 16 May 2023 00:00:00Reported by TenableType

EulerOS 2.10.1 ppp (EulerOS-SA-2023-1908) vulnerabilit

Reporter	Title	Published	Views	Family All 73
ATTACKERKB	CVE-2022-4603	18 Dec 202211:15	–	attackerkb
AlpineLinux	CVE-2022-4603	18 Dec 202200:00	–	alpinelinux
AstraLinux	Astra Linux - уязвимость в ppp	20 May 202605:53	–	astralinux
Tenable Nessus	Azure Linux 3.0 Security Update: ppp (CVE-2022-4603)	22 Jan 202600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : ppp (EulerOS-SA-2023-1454)	8 Mar 202300:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : ppp (EulerOS-SA-2023-1479)	8 Mar 202300:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : ppp (EulerOS-SA-2023-1535)	19 Mar 202300:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : ppp (EulerOS-SA-2023-1560)	19 Mar 202300:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : ppp (EulerOS-SA-2023-1576)	24 Mar 202300:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : ppp (EulerOS-SA-2023-1586)	23 Mar 202300:00	–	nessus

Source	Link
nessus	www.nessus.org/u
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(175786);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/16");

  script_cve_id("CVE-2022-4603");

  script_name(english:"EulerOS Virtualization 2.10.1 : ppp (EulerOS-SA-2023-1908)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the ppp package installed, the EulerOS Virtualization installation on the remote host is
affected by the following vulnerabilities :

  - A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the
    file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads
    to improper validation of array index. The real existence of this vulnerability is still doubted at the
    moment. The name of the patch is a75fb7b198eed50d769c80c36629f38346882cbf. It is recommended to apply a
    patch to fix this issue. VDB-216198 is the identifier assigned to this vulnerability. NOTE: pppdump is not
    used in normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked
    automatically in any scenario. (CVE-2022-4603)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security
advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional
issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1908
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?58b30ab6");
  script_set_attribute(attribute:"solution", value:
"Update the affected ppp packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-4603");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/12/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/05/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/05/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ppp");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:2.10.1");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");

  exit(0);
}

include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "2.10.1") audit(AUDIT_OS_NOT, "EulerOS Virtualization 2.10.1");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);

var flag = 0;

var pkgs = [
  "ppp-2.4.8-1.h3.eulerosv2r10"
];

foreach (var pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ppp");
}

16 Jan 2024 00:00Current

5Medium risk

Vulners AI Score5

CVSS 3.14.3 - 6.5

EPSS0.00156