Lucene search
K

EulerOS 2.0 SP8 : ncurses (EulerOS-SA-2023-3138)

🗓️ 16 Jan 2024 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 16 Views

EulerOS 2.0 SP8 ncurses vulnerability CVE-2023-2949

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for October 2023
26 Mar 202504:03
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM webMethods API Management
25 Apr 202510:44
ibm
IBM Security Bulletins
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.4-IF001
29 Nov 202320:20
ibm
IBM Security Bulletins
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation Fixes for June 2024.
29 Jan 202521:09
ibm
IBM Security Bulletins
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for January 2024.
2 Feb 202408:25
ibm
IBM Security Bulletins
Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak
26 Mar 202504:12
ibm
IBM Security Bulletins
Security Bulletin: IBM Automation Decision Services October 2023 - Multiple CVEs addressed
30 Oct 202314:35
ibm
IBM Security Bulletins
Security Bulletin: IBM Storage Ceph is vulnerable to Out-of-bounds Write in the RHEL UBI (CVE-2023-29491)
19 Jan 202421:55
ibm
IBM Security Bulletins
Security Bulletin: IBM Cloud Pak for Data Scheduling image contains a vulnerable ncurses package ( CVE-2023-29491 )
6 Dec 202315:47
ibm
IBM Security Bulletins
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from libcurl, glibc-minimal-langpack, glibc-common, ncurses-libs and Kubernetes
16 Nov 202316:21
ibm
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(188344);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/16");

  script_cve_id("CVE-2023-29491");

  script_name(english:"EulerOS 2.0 SP8 : ncurses (EulerOS-SA-2023-3138)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by
the following vulnerabilities :

  - ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-
    relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo
    or reached via the TERMINFO or TERM environment variable. (CVE-2023-29491)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security
advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional
issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-3138
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ad5167de");
  script_set_attribute(attribute:"solution", value:
"Update the affected ncurses packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-29491");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/04/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/11/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/01/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ncurses");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ncurses-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ncurses-c++-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ncurses-compat-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ncurses-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ncurses-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:ncurses-term");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (_release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8");

var sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(8)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8");

if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);

var flag = 0;

var pkgs = [
  "ncurses-6.1-8.20180923.h4.eulerosv2r8",
  "ncurses-base-6.1-8.20180923.h4.eulerosv2r8",
  "ncurses-c++-libs-6.1-8.20180923.h4.eulerosv2r8",
  "ncurses-compat-libs-6.1-8.20180923.h4.eulerosv2r8",
  "ncurses-devel-6.1-8.20180923.h4.eulerosv2r8",
  "ncurses-libs-6.1-8.20180923.h4.eulerosv2r8",
  "ncurses-term-6.1-8.20180923.h4.eulerosv2r8"
];

foreach (var pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"8", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ncurses");
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 Jan 2024 00:00Current
6.8Medium risk
Vulners AI Score6.8
CVSS 3.17.8
EPSS0.00923
SSVC
16