CBL Mariner 2.0 host affected by clamav CVE-2024-20328 vulnerabilit
Reporter | Title | Published | Views | Family All 30 |
---|---|---|---|---|
![]() | Arbitrary Command Injection | 12 Feb 202420:50 | – | veracode |
![]() | CVE-2024-20328 affecting package clamav for versions less than 1.0.6-1 | 17 May 202421:38 | – | cbl_mariner |
![]() | CVE-2024-20328 affecting package clamav for versions less than 0.105.2-5 | 7 Mar 202400:42 | – | cbl_mariner |
![]() | CVE-2024-20328 | 1 Mar 202421:15 | – | alpinelinux |
![]() | CVE-2024-20328 | 1 Mar 202421:15 | – | debiancve |
![]() | ClamAV 0.104.x, 0.105.x, 1.0.0 < 1.0.4, 1.1.x, 1.2.0 < 1.2.1 RCE | 9 Feb 202400:00 | – | nessus |
![]() | FreeBSD : clamav -- Multiple vulnerabilities (68ae70c5-c5e5-11ee-9768-08002784c58d) | 8 Feb 202400:00 | – | nessus |
![]() | Ubuntu 23.10 : ClamAV vulnerabilities (USN-6636-1) | 15 Feb 202400:00 | – | nessus |
![]() | Fedora 38 : clamav (2024-c42cf0e576) | 13 Feb 202400:00 | – | nessus |
![]() | Fedora 39 : clamav (2024-3439911df6) | 14 Feb 202400:00 | – | nessus |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(201783);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/20");
script_cve_id("CVE-2024-20328");
script_xref(name:"IAVB", value:"2024-B-0008-S");
script_name(english:"CBL Mariner 2.0 Security Update: clamav (CVE-2024-20328)");
script_set_attribute(attribute:"synopsis", value:
"The remote CBL Mariner host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The version of clamav installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore,
affected by a vulnerability as referenced in the CVE-2024-20328 advisory.
- A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject arbitrary
commands with the privileges of the application service account.The vulnerability is due to unsafe
handling of file names. A local attacker could exploit this vulnerability by supplying a file name
containing command-line sequences. When processed on a system using configuration options for the
VirusEvent feature, the attacker could cause the application to execute arbitrary commands. ClamAV has
released software updates that address this vulnerability. There are no workarounds that address this
vulnerability. (CVE-2024-20328)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://nvd.nist.gov/vuln/detail/CVE-2024-20328");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-20328");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/02/07");
script_set_attribute(attribute:"patch_publication_date", value:"2024/07/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/07/03");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:clamav");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:clamav-debuginfo");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:microsoft:cbl-mariner");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MarinerOS Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CBLMariner/release", "Host/CBLMariner/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/CBLMariner/release');
if (isnull(release) || 'CBL-Mariner' >!< release) audit(AUDIT_OS_NOT, 'CBL-Mariner');
var os_ver = pregmatch(pattern: "CBL-Mariner ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CBL-Mariner');
os_ver = os_ver[1];
if (! preg(pattern:"^2([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'CBL-Mariner 2.0', 'CBL-Mariner ' + os_ver);
if (!get_kb_item('Host/CBLMariner/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu)
audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CBL-Mariner', cpu);
var pkgs = [
{'reference':'clamav-0.105.2-5.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'clamav-0.105.2-5.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'clamav-debuginfo-0.105.2-5.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'clamav-debuginfo-0.105.2-5.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'CBLMariner-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'clamav / clamav-debuginfo');
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo