Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.NEWSTART_CGSL_NS-SA-2022-0026_389-DS-BASE.NASL
HistoryMay 10, 2022 - 12:00 a.m.

NewStart CGSL CORE 5.05 / MAIN 5.05 : 389-ds-base Vulnerability (NS-SA-2022-0026)

2022-05-1000:00:00
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
JSON

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has 389-ds-base packages installed that are affected by a vulnerability:

  • When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database. (CVE-2020-35518)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from ZTE advisory NS-SA-2022-0026. The text
# itself is copyright (C) ZTE, Inc.
##

include('compat.inc');

if (description)
{
  script_id(160825);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/10");

  script_cve_id("CVE-2020-35518");

  script_name(english:"NewStart CGSL CORE 5.05 / MAIN 5.05 : 389-ds-base Vulnerability (NS-SA-2022-0026)");

  script_set_attribute(attribute:"synopsis", value:
"The remote NewStart CGSL host is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has 389-ds-base packages installed that are
affected by a vulnerability:

  - When binding against a DN during authentication, the reply from 389-ds-base will be different whether the
    DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in
    the LDAP database. (CVE-2020-35518)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"http://security.gd-linux.com/notice/NS-SA-2022-0026");
  script_set_attribute(attribute:"see_also", value:"http://security.gd-linux.com/info/CVE-2020-35518");
  script_set_attribute(attribute:"solution", value:
"Upgrade the vulnerable CGSL 389-ds-base packages. Note that updated packages may not be available yet. Please contact
ZTE for more information.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-35518");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/02/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/05/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/05/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:389-ds-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:389-ds-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:389-ds-base-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:389-ds-base-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:389-ds-base-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:389-ds-base-tests");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:389-ds-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:389-ds-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:389-ds-base-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:389-ds-base-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:389-ds-base-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:389-ds-base-tests");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:zte:cgsl_core:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:zte:cgsl_main:5");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"NewStart CGSL Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");

  exit(0);
}

include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var release = get_kb_item('Host/ZTE-CGSL/release');
if (isnull(release) || release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');

if (release !~ "CGSL CORE 5.05" &&
    release !~ "CGSL MAIN 5.05")
  audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');

if (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);

var flag = 0;

var pkgs = {
  'CGSL CORE 5.05': [
    '389-ds-base-1.3.10.2-12.el7_9',
    '389-ds-base-debuginfo-1.3.10.2-12.el7_9',
    '389-ds-base-devel-1.3.10.2-12.el7_9',
    '389-ds-base-libs-1.3.10.2-12.el7_9',
    '389-ds-base-snmp-1.3.10.2-12.el7_9',
    '389-ds-base-tests-1.3.10.2-12.el7_9'
  ],
  'CGSL MAIN 5.05': [
    '389-ds-base-1.3.10.2-12.el7_9',
    '389-ds-base-debuginfo-1.3.10.2-12.el7_9',
    '389-ds-base-devel-1.3.10.2-12.el7_9',
    '389-ds-base-libs-1.3.10.2-12.el7_9',
    '389-ds-base-snmp-1.3.10.2-12.el7_9',
    '389-ds-base-tests-1.3.10.2-12.el7_9'
  ]
};
var pkg_list = pkgs[release];

foreach (pkg in pkg_list)
  if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, '389-ds-base');
}
VendorProductVersionCPE
ztecgsl_core389-ds-basep-cpe:/a:zte:cgsl_core:389-ds-base
ztecgsl_core389-ds-base-debuginfop-cpe:/a:zte:cgsl_core:389-ds-base-debuginfo
ztecgsl_core389-ds-base-develp-cpe:/a:zte:cgsl_core:389-ds-base-devel
ztecgsl_core389-ds-base-libsp-cpe:/a:zte:cgsl_core:389-ds-base-libs
ztecgsl_core389-ds-base-snmpp-cpe:/a:zte:cgsl_core:389-ds-base-snmp
ztecgsl_core389-ds-base-testsp-cpe:/a:zte:cgsl_core:389-ds-base-tests
ztecgsl_main389-ds-basep-cpe:/a:zte:cgsl_main:389-ds-base
ztecgsl_main389-ds-base-debuginfop-cpe:/a:zte:cgsl_main:389-ds-base-debuginfo
ztecgsl_main389-ds-base-develp-cpe:/a:zte:cgsl_main:389-ds-base-devel
ztecgsl_main389-ds-base-libsp-cpe:/a:zte:cgsl_main:389-ds-base-libs
Rows per page:
1-10 of 141

Related

fedora 12
oraclelinux 2
nessus 15
centos 1
redhatcve 1
veracode 1
ubuntucve 1
redhat 5
debiancve 1
osv 2
prion 1
suse 1
cve 1
amazon 1
ubuntu 1
fedora
fedora
[SECURITY] Fedora 33 Update: dogtag-pki-10.10.5-1.fc33
2021-03-03 23:15:57
[SECURITY] Fedora 34 Update: pki-core-10.10.5-1.fc34
2021-03-03 21:06:32
[SECURITY] Fedora 32 Update: pki-core-10.10.5-1.fc32
2021-03-04 19:56:27
oraclelinux
oraclelinux
389-ds:1.4 security and bug fix update
2021-04-09 00:00:00
389-ds-base security and bug fix update
2021-06-09 00:00:00
nessus
nessus
SUSE SLES15 Security Update : 389-ds (SUSE-SU-2021:0724-1)
2021-03-10 00:00:00
openSUSE Security Update : 389-ds (openSUSE-2021-418)
2021-03-17 00:00:00
Fedora 33 : 389-ds-base / dogtag-pki / freeipa / pki-core (2021-7458e2d835)
2021-03-04 00:00:00
centos
centos
389 security update
2021-06-14 18:42:56
redhatcve
redhatcve
CVE-2020-35518
2021-01-19 18:20:39
veracode
veracode
Information Disclosure
2021-01-23 02:17:33
ubuntucve
ubuntucve
CVE-2020-35518
2021-03-26 00:00:00
redhat
redhat
(RHSA-2021:0599) Moderate: redhat-ds:11 security and bug fix update
2021-02-16 18:20:06
(RHSA-2021:1258) Moderate: 389-ds:1.4 security and bug fix update
2021-04-19 14:46:41
(RHSA-2021:1243) Moderate: redhat-ds:11 security and bug fix update
2021-04-19 09:44:26
debiancve
debiancve
CVE-2020-35518
2021-03-26 17:15:00
osv
osv
CVE-2020-35518
2021-03-26 17:15:12
389-ds-base vulnerabilities
2022-07-18 10:09:50
prion
prion
Authentication flaw
2021-03-26 17:15:00
suse
suse
Security update for 389-ds (moderate)
2021-03-16 00:00:00
cve
cve
CVE-2020-35518
2021-03-26 17:15:00
amazon
amazon
Medium: 389-ds-base
2021-06-16 20:37:00
ubuntu
ubuntu
389 Directory Server vulnerabilities
2022-07-18 00:00:00
JSON
Related for NEWSTART_CGSL_NS-SA-2022-0026_389-DS-BASE.NASL
fedora12oraclelinux2nessus15centos1redhatcve1veracode1ubuntucve1redhat5debiancve1osv2prion1suse1cve1amazon1ubuntu1