EulerOS SP10 emacs package vulnerabilities discovere
Reporter | Title | Published | Views | Family All 175 |
---|---|---|---|---|
Tenable Nessus | Debian DSA-5360-1 : emacs - security update | 24 Feb 202300:00 | โ | nessus |
Tenable Nessus | FreeBSD : emacs -- multiple vulnerabilities (a75929bd-b6a4-11ed-bad6-080027f5fec9) | 27 Feb 202300:00 | โ | nessus |
Tenable Nessus | Amazon Linux 2 : emacs (ALAS-2023-1981) | 7 Mar 202300:00 | โ | nessus |
Tenable Nessus | EulerOS Virtualization 2.11.1 : emacs (EulerOS-SA-2023-2068) | 7 Jun 202300:00 | โ | nessus |
Tenable Nessus | Fedora 38 : emacs (2023-5763445abe) | 28 Sep 202300:00 | โ | nessus |
Tenable Nessus | EulerOS 2.0 SP11 : emacs (EulerOS-SA-2023-2288) | 4 Jul 202300:00 | โ | nessus |
Tenable Nessus | SUSE SLED15 / SLES15 / openSUSE 15 Security Update : emacs (SUSE-SU-2023:0598-1) | 3 Mar 202300:00 | โ | nessus |
Tenable Nessus | Photon OS 4.0: Emacs PHSA-2023-4.0-0348 | 23 Jul 202400:00 | โ | nessus |
Tenable Nessus | Photon OS 3.0: Emacs PHSA-2023-3.0-0544 | 24 Jul 202400:00 | โ | nessus |
Tenable Nessus | EulerOS 2.0 SP10 : emacs (EulerOS-SA-2023-1950) | 18 May 202300:00 | โ | nessus |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(176029);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/05/18");
script_cve_id("CVE-2022-48337", "CVE-2022-48338", "CVE-2022-48339");
script_name(english:"EulerOS 2.0 SP10 : emacs (EulerOS-SA-2023-1972)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the emacs package installed, the EulerOS installation on the remote host is affected by the
following vulnerabilities :
- GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a
source-code file, because lib-src/etags.c uses the system C library function in its implementation of the
etags program. For example, a victim may use the 'etags -u *' command (suggested in the etags
documentation) in a situation where the current working directory has contents that depend on untrusted
input. (CVE-2022-48337)
- An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function
has a local command injection vulnerability. The ruby-find-library-file function is an interactive
function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-
command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may
cause commands to be executed. (CVE-2022-48338)
- An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability.
In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and
parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be
executed. (CVE-2022-48339)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security
advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional
issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1972
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?939e7a91");
script_set_attribute(attribute:"solution", value:
"Update the affected emacs packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-48337");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/02/20");
script_set_attribute(attribute:"patch_publication_date", value:"2023/05/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/05/18");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:emacs-filesystem");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (_release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP10");
var sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(10)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP10");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP10", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
var flag = 0;
var pkgs = [
"emacs-filesystem-27.1-4.h6.eulerosv2r10"
];
foreach (var pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"10", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "emacs");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo