Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2024-8D548B8C96.NASLHistoryApr 20, 2024 - 12:00 a.m.
Fedora 39 : nodejs18 (2024-8d548b8c96)
2024-04-2000:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7
fedora 39
node.js
batch file
vulnerability
code execution
cve-2024-27980
child_process.spawn
child_process.spawnsync
nessus scanner
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-8d548b8c96 advisory.
- Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled. Impact: Thank you, to ryotak for reporting this vulnerability and thank you Ben Noordhuis for fixing it. Summary The Node.js project will release new versions of the 18.x, 20.x, 21.x releases lines on or shortly after, Tuesday, April 9, 2024 in order to address: (CVE-2024-27980)
Note that Nessus has not tested for this issue but has instead relied only on the applicationโs self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2024-8d548b8c96
#
include('compat.inc');
if (description)
{
script_id(193642);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/20");
script_cve_id("CVE-2024-27980");
script_xref(name:"FEDORA", value:"2024-8d548b8c96");
script_name(english:"Fedora 39 : nodejs18 (2024-8d548b8c96)");
script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the
FEDORA-2024-8d548b8c96 advisory.
- Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a malicious
command line argument can inject arbitrary commands and achieve code execution even if the shell option is
not enabled. Impact: Thank you, to ryotak for reporting this vulnerability and thank you Ben Noordhuis for
fixing it. Summary The Node.js project will release new versions of the 18.x, 20.x, 21.x releases lines
on or shortly after, Tuesday, April 9, 2024 in order to address: (CVE-2024-27980)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2024-8d548b8c96");
script_set_attribute(attribute:"solution", value:
"Update the affected 1:nodejs18 package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-27980");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/04/10");
script_set_attribute(attribute:"patch_publication_date", value:"2024/04/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/20");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:39");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nodejs18");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Fedora Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');
var os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');
os_ver = os_ver[1];
if (! preg(pattern:"^39([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 39', 'Fedora ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);
var pkgs = [
{'reference':'nodejs18-18.20.2-1.fc39', 'release':'FC39', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (reference && _release) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs18');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fedoraproject | fedora | nodejs18 | p-cpe:/a:fedoraproject:fedora:nodejs18 |
| fedoraproject | fedora | 39 | cpe:/o:fedoraproject:fedora:39 |
Related
openvas
openvas
Fedora: Security Advisory for nodejs18 (FEDORA-2024-2c52524694)
2024-05-27 00:00:00
Node.js < 18.20.2, 19.x < 20.12.2, 21.x < 21.7.3 Command Injection Vulnerability - Windows
2024-04-11 00:00:00
Fedora: Security Advisory for nodejs18 (FEDORA-2024-8d548b8c96)
2024-05-27 00:00:00
ibm
ibm
Security Bulletin: A remote execution vulnerability in Node.js affects IBM Rational Developer for i RPG and COBOL + Modernization Tools, Java Edition
2024-06-17 19:37:10
fedora
fedora
[SECURITY] Fedora 40 Update: nodejs18-18.20.2-1.fc40
2024-04-19 21:44:23
[SECURITY] Fedora 39 Update: nodejs18-18.20.2-1.fc39
2024-04-20 01:03:34
redhatcve
redhatcve
CVE-2024-27980
2024-04-15 14:55:28
debiancve
debiancve
CVE-2024-27980
2024-04-10 21:31:10
nessus
nessus
nodejsblog
nodejsblog
Wednesday, April 10, 2024 Security Releases
2024-04-10 00:00:00
cgr
cgr
CVE-2024-27980 vulnerabilities
2024-05-19 03:07:16
ubuntucve
ubuntucve
CVE-2024-27980
2024-04-12 00:00:00
wolfi
wolfi
CVE-2024-27980 vulnerabilities
2024-06-29 09:08:33
thn
thn
Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks
2024-04-10 03:05:00