Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_MS18_JAN_DOTNET_CORE.NASL
HistoryJan 10, 2018 - 12:00 a.m.

Security Update for .NET Core (January 2018) (macOS)

2018-01-1000:00:00
This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
JSON

The Microsoft .NET Core runtime installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by multiple vulnerabilities :

  • A security feature bypass in X509 Certificate Validation allows an attacker to present a certificate that is marked as invalid for a specific use, but a component uses it for that purpose. (CVE-2018-0786)

  • A denial of service vulnerability exists due to improper processing of XML documents. An attacker who successfully exploited this vulnerability could cause a denial of service against a .NET application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET Core application. (CVE-2018-0764)

#
# (C) Tenable Network Security, Inc.
#

# The descriptive text and package checks in this plugin were
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
#


include("compat.inc");

if (description)
{
  script_id(105729);
  script_version("1.6");
  script_cvs_date("Date: 2019/11/08");

  script_cve_id("CVE-2018-0764", "CVE-2018-0786");

  script_name(english:"Security Update for .NET Core (January 2018) (macOS)");
  script_summary(english:"Checks the version of the .NET Core runtime.");

  script_set_attribute(attribute:"synopsis", value:
"An application installed on the remote macOS or Mac OS X host is
affected by a denial of service vulnerability.");
  script_set_attribute(attribute:"description", value:
"The Microsoft .NET Core runtime installed on the remote macOS
or Mac OS X host is missing a security update. It is, therefore,
affected by multiple vulnerabilities :

  - A security feature bypass in X509 Certificate Validation
    allows an attacker to present a certificate that is
    marked as invalid for a specific use, but a component
    uses it for that purpose. (CVE-2018-0786)

  - A denial of service vulnerability exists due to improper
     processing of XML documents. An attacker who
     successfully exploited this vulnerability could cause
     a denial of service against a .NET application. A
     remote unauthenticated attacker could exploit this
     vulnerability by issuing specially crafted requests
     to a .NET Core application. (CVE-2018-0764)");
  script_set_attribute(attribute:"see_also", value:"https://github.com/dotnet/announcements/issues/51");
  script_set_attribute(attribute:"see_also", value:"https://github.com/dotnet/announcements/issues/52");
  # https://blogs.msdn.microsoft.com/dotnet/2018/01/09/net-core-january-2018-update/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ebdb4bc7");
  # https://github.com/dotnet/core/blob/master/release-notes/1.0/1.0.9.md
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6ee5ffe3");
  # https://github.com/dotnet/core/blob/master/release-notes/1.1/1.1.6.md
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e1e826f0");
  # https://github.com/dotnet/core/blob/master/release-notes/2.0/2.0.5.md
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9a103486");
  # https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0786
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3759d74b");
  # https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0764
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cf7d5ce3");
  script_set_attribute(attribute:"solution", value:
"Upgrade to .NET Core Runtime version 1.0.9 / 1.1.6 / 2.0.5 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-0786");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/01/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/01/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:.net_core");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_dotnet_core_installed.nbin");
  script_require_keys("installed_sw/.NET Core MacOS");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("install_func.inc");

app = ".NET Core MacOS";

get_install_count(app_name:app, exit_if_zero:TRUE);

install = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);
fix_ver = "2.0.5";
version = install['version'];

if (ver_compare(ver: version, fix: fix_ver) < 0)
{
  report =
    '\n  Path              : ' + install['path'] +
    '\n  Installed version : ' + version +
    '\n  Fixed version     : ' + fix_ver +
    '\n';

  security_report_v4(port:0, severity:SECURITY_WARNING, extra:report);
  exit(0);
}

audit(AUDIT_INST_VER_NOT_VULN, app, version);
VendorProductVersionCPE
microsoft.net_corecpe:/a:microsoft:.net_core

Related

altlinux 10
mskb 34
openvas 17
nessus 3
kaspersky 1
osv 4
symantec 2
redhatcve 2
mscve 2
veracode 3
cve 2
prion 2
github 2
redhat 1
threatpost 1
thn 1
talosblog 1
trendmicroblog 1
altlinux
altlinux
Security fix for the ALT Linux 10 package dotnet-coreclr-3.1 version 2.0.5-alt1
2018-02-22 00:00:00
Security fix for the ALT Linux 8 package dotnet-bootstrap version 2.0.5-alt1
2018-02-05 00:00:00
Security fix for the ALT Linux 10 package dotnet-bootstrap-6.0 version 2.0.5-alt1
2018-02-05 00:00:00
mskb
mskb
Description of the Security and Quality Rollup for the .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows Server 2012 (KB 4055000)
2018-01-09 08:00:00
Description of the Security and Quality Rollup for .NET Framework 4.6 on Windows Server 2008 SP2 (KB 4055002)
2018-01-09 08:00:00
Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 updates for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4055532)
2018-01-20 00:00:00
openvas
openvas
Microsoft .NET Framework 3.0 And 2.0 SP2 Multiple Vulnerabilities (KB4054996)
2018-01-10 00:00:00
Microsoft .NET Framework DoS And Security Feature Bypass Vulnerability (KB4054999)
2018-01-10 00:00:00
Microsoft .NET Framework Security Feature Bypass And DoS Vulnerabilities (KB4054995)
2018-01-10 00:00:00
nessus
nessus
Security and Quality Rollup for .NET Framework (January 2018)
2018-01-10 00:00:00
Security Update for .NET Core (January 2018)
2018-01-10 00:00:00
RHEL 7 : .NET Core on Red Hat Enterprise Linux (RHSA-2018:0379)
2018-03-02 00:00:00
kaspersky
kaspersky
KLA11172 Multiple vulnerabilities in Microsoft Development Tools
2018-01-09 00:00:00
osv
osv
Improper Certificate Validation in Microsoft .NET Framework components
2018-10-16 19:59:05
CVE-2018-0786
2018-01-10 01:29:00
Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents
2018-10-16 17:34:00
symantec
symantec
Microsoft .NET Framework CVE-2018-0786 Security Bypass Vulnerability
2018-01-09 00:00:00
Microsoft .NET Framework CVE-2018-0764 Remote Denial of Service Vulnerability
2018-01-09 00:00:00
redhatcve
redhatcve
CVE-2018-0786
2018-01-12 04:49:52
CVE-2018-0764
2018-01-12 04:49:33
mscve
mscve
.NET Security Feature Bypass Vulnerability
2018-01-09 08:00:00
.NET and .NET Core Denial of Service Vulnerability
2018-01-09 08:00:00
veracode
veracode
Certificate Validation Bypass
2018-07-04 05:05:53
Denial Of Service (DoS)
2018-07-05 02:32:00
Denial Of Service (DoS)
2019-01-15 09:22:46
cve
cve
CVE-2018-0786
2018-01-10 01:29:00
CVE-2018-0764
2018-01-10 01:29:00
prion
prion
Security feature bypass
2018-01-10 01:29:00
Denial of service
2018-01-10 01:29:00
github
github
Improper Certificate Validation in Microsoft .NET Framework components
2018-10-16 19:59:05
Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents
2018-10-16 17:34:00
redhat
redhat
(RHSA-2018:0379) Moderate: .NET Core on Red Hat Enterprise Linux security update
2018-03-01 05:56:46
threatpost
threatpost
Microsoft January Patch Tuesday Update Fixes 16 Critical Bugs
2018-01-09 16:25:06
thn
thn
Microsoft Releases Patches for 16 Critical Flaws, Including a Zero-Day
2018-01-09 19:35:00
talosblog
talosblog
Microsoft Patch Tuesday - January 2018
2018-01-09 13:36:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of January 8, 2018
2018-01-12 15:09:44
JSON
Related for MACOSX_MS18_JAN_DOTNET_CORE.NASL
altlinux10mskb34openvas17nessus3kaspersky1osv4symantec2redhatcve2mscve2veracode3cve2prion2github2redhat1threatpost1thn1talosblog1trendmicroblog1