Fixed RCEs and deprecations in php-twig-1.20.0-1.fc21 (2015-13423
Source | Link |
---|---|
bugzilla | www.bugzilla.redhat.com/show_bug.cgi |
nessus | www.nessus.org/u |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2015-13423.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(85811);
script_version("2.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_xref(name:"FEDORA", value:"2015-13423");
script_name(english:"Fedora 21 : php-twig-1.20.0-1.fc21 (2015-13423)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"## 1.20.0 (2015-08-12) * forbid access to the Twig environment from
templates and internal parts of Twig_Template * fixed limited RCEs
when in sandbox mode * deprecated Twig_Template::getEnvironment() *
deprecated the _self variable for usage outside of the from and import
tags * added Twig_BaseNodeVisitor to ease the compatibility of node
visitors between 1.x and 2.x ## 1.19.0 (2015-07-31)
- fixed wrong error message when including an undefined
template in a child template * added support for
variadic filters, functions, and tests * added support
for extra positional arguments in macros * added
ignore_missing flag to the source function * fixed batch
filter with zero items * deprecated
Twig_Environment::clearTemplateCache() * fixed sandbox
disabling when using the include function
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1255795"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2015-September/165741.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?150d2496"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected php-twig package."
);
script_set_attribute(attribute:"risk_factor", value:"High");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:php-twig");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:21");
script_set_attribute(attribute:"patch_publication_date", value:"2015/09/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/08");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^21([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 21.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC21", reference:"php-twig-1.20.0-1.fc21")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php-twig");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo