The remote NewStart CGSL host, running version MAIN 6.06, has bind packages installed that are affected by multiple vulnerabilities:
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.
The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. (CVE-2021-25220)
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver’s performance, effectively denying legitimate clients access to the DNS resolution service.
(CVE-2022-2795)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from ZTE advisory NS-SA-2023-0134. The text
# itself is copyright (C) ZTE, Inc.
##
include('compat.inc');
if (description)
{
script_id(185389);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/14");
script_cve_id("CVE-2021-25220", "CVE-2022-2795");
script_xref(name:"IAVA", value:"2022-A-0387-S");
script_xref(name:"IAVA", value:"2023-A-0500");
script_xref(name:"IAVA", value:"2022-A-0122-S");
script_name(english:"NewStart CGSL MAIN 6.06 : bind Multiple Vulnerabilities (NS-SA-2023-0134)");
script_set_attribute(attribute:"synopsis", value:
"The remote NewStart CGSL host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The remote NewStart CGSL host, running version MAIN 6.06, has bind packages installed that are affected by multiple
vulnerabilities:
- BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 ->
9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including
Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.
The cache could become poisoned with incorrect records leading to queries being made to the wrong servers,
which might also result in false information being returned to clients. (CVE-2021-25220)
- By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the
resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
(CVE-2022-2795)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/notice/NS-SA-2023-0134");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2021-25220");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-2795");
script_set_attribute(attribute:"solution", value:
"Upgrade the vulnerable CGSL bind packages. Note that updated packages may not be available yet. Please contact ZTE for
more information.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-25220");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/16");
script_set_attribute(attribute:"patch_publication_date", value:"2023/11/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-chroot");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-export-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-export-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-libs-lite");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-license");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-lite-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-pkcs11");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-pkcs11-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-pkcs11-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-pkcs11-utils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-sdb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-sdb-chroot");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bind-utils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:python3-bind");
script_set_attribute(attribute:"cpe", value:"cpe:/o:zte:cgsl_main:6");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"NewStart CGSL Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/ZTE-CGSL/release');
if (isnull(os_release) || os_release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');
if (os_release !~ "CGSL MAIN 6.06")
audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.06');
if (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);
var flag = 0;
var pkgs = {
'CGSL MAIN 6.06': [
'bind-9.11.36-8.zncgsl6',
'bind-chroot-9.11.36-8.zncgsl6',
'bind-devel-9.11.36-8.zncgsl6',
'bind-export-devel-9.11.36-8.zncgsl6',
'bind-export-libs-9.11.36-8.zncgsl6',
'bind-libs-9.11.36-8.zncgsl6',
'bind-libs-lite-9.11.36-8.zncgsl6',
'bind-license-9.11.36-8.zncgsl6',
'bind-lite-devel-9.11.36-8.zncgsl6',
'bind-pkcs11-9.11.36-8.zncgsl6',
'bind-pkcs11-devel-9.11.36-8.zncgsl6',
'bind-pkcs11-libs-9.11.36-8.zncgsl6',
'bind-pkcs11-utils-9.11.36-8.zncgsl6',
'bind-sdb-9.11.36-8.zncgsl6',
'bind-sdb-chroot-9.11.36-8.zncgsl6',
'bind-utils-9.11.36-8.zncgsl6',
'python3-bind-9.11.36-8.zncgsl6'
]
};
var pkg_list = pkgs[os_release];
foreach (pkg in pkg_list)
if (rpm_check(release:'ZTE ' + os_release, reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bind');
}
Vendor | Product | Version | CPE |
---|---|---|---|
zte | cgsl_main | bind | p-cpe:/a:zte:cgsl_main:bind |
zte | cgsl_main | bind-chroot | p-cpe:/a:zte:cgsl_main:bind-chroot |
zte | cgsl_main | bind-devel | p-cpe:/a:zte:cgsl_main:bind-devel |
zte | cgsl_main | bind-libs | p-cpe:/a:zte:cgsl_main:bind-libs |
zte | cgsl_main | bind-libs-lite | p-cpe:/a:zte:cgsl_main:bind-libs-lite |
zte | cgsl_main | bind-license | p-cpe:/a:zte:cgsl_main:bind-license |
zte | cgsl_main | bind-lite-devel | p-cpe:/a:zte:cgsl_main:bind-lite-devel |
zte | cgsl_main | bind-pkcs11 | p-cpe:/a:zte:cgsl_main:bind-pkcs11 |
zte | cgsl_main | bind-pkcs11-devel | p-cpe:/a:zte:cgsl_main:bind-pkcs11-devel |
zte | cgsl_main | bind-pkcs11-libs | p-cpe:/a:zte:cgsl_main:bind-pkcs11-libs |