Lucene search
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2020-4908.NASLHistoryNov 05, 2020 - 12:00 a.m.
Oracle Linux 7 : libX11 (ELSA-2020-4908)
2020-11-0500:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
7.9 High
AI Score
Confidence
High
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-4908 advisory.
- An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability. (CVE-2020-14363)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Oracle Linux Security Advisory ELSA-2020-4908.
##
include('compat.inc');
if (description)
{
script_id(142484);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/09");
script_cve_id("CVE-2020-14363");
script_name(english:"Oracle Linux 7 : libX11 (ELSA-2020-4908)");
script_set_attribute(attribute:"synopsis", value:
"The remote Oracle Linux host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the
ELSA-2020-4908 advisory.
- An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local
privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in
arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as
system availability. (CVE-2020-14363)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://linux.oracle.com/errata/ELSA-2020-4908.html");
script_set_attribute(attribute:"solution", value:
"Update the affected libX11, libX11-common and / or libX11-devel packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-14363");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/09/11");
script_set_attribute(attribute:"patch_publication_date", value:"2020/11/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/11/05");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libX11");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libX11-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libX11-devel");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Oracle Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/local_checks_enabled");
exit(0);
}
include('audit.inc');
include('global_settings.inc');
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);
pkgs = [
{'reference':'libX11-1.6.7-3.el7_9', 'cpu':'aarch64', 'release':'7'},
{'reference':'libX11-1.6.7-3.el7_9', 'cpu':'i686', 'release':'7'},
{'reference':'libX11-1.6.7-3.el7_9', 'cpu':'x86_64', 'release':'7'},
{'reference':'libX11-common-1.6.7-3.el7_9', 'release':'7'},
{'reference':'libX11-devel-1.6.7-3.el7_9', 'cpu':'aarch64', 'release':'7'},
{'reference':'libX11-devel-1.6.7-3.el7_9', 'cpu':'i686', 'release':'7'},
{'reference':'libX11-devel-1.6.7-3.el7_9', 'cpu':'x86_64', 'release':'7'}
];
flag = 0;
foreach package_array ( pkgs ) {
reference = NULL;
release = NULL;
sp = NULL;
cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
rpm_prefix = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];
if (reference && release) {
if (rpm_prefix) {
if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
} else {
if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libX11 / libX11-common / libX11-devel');
}Related
suse
suse
Security update for libX11 (moderate)
2020-09-07 00:00:00
Security update for libX11 (moderate)
2020-09-07 00:00:00
nessus
nessus
NewStart CGSL CORE 5.05 / MAIN 5.05 : libX11 Vulnerability (NS-SA-2021-0161)
2021-10-27 00:00:00
openSUSE Security Update : libX11 (openSUSE-2020-1368)
2020-09-08 00:00:00
SUSE SLES15 Security Update : libX11 (SUSE-SU-2020:2474-2)
2020-12-09 00:00:00
osv
osv
libx11 - security update
2020-09-01 00:00:00
CVE-2020-14363
2020-09-11 18:15:13
libx11 vulnerabilities
2020-09-08 16:18:57
ubuntucve
ubuntucve
CVE-2020-14363
2020-08-25 00:00:00
redhatcve
redhatcve
CVE-2020-14363
2020-08-25 21:08:56
openvas
openvas
openSUSE: Security Advisory for libX11 (openSUSE-SU-2020:1368-1)
2020-09-08 00:00:00
Debian: Security Advisory (DLA-2361-1)
2020-09-02 00:00:00
CentOS: Security Advisory for libX11 (CESA-2020:4946)
2020-11-10 00:00:00
amazon
amazon
Important: libX11
2021-01-12 22:51:00
Important: libX11
2020-12-16 20:31:00
Important: libX11
2020-12-08 20:55:00
debiancve
debiancve
CVE-2020-14363
2020-09-11 18:15:00
alpinelinux
alpinelinux
CVE-2020-14363
2020-09-11 18:15:00
freebsd
freebsd
libX11 -- Doublefree in locale handlng code
2020-08-25 00:00:00
veracode
veracode
Integer Overflow
2020-08-31 03:47:03
prion
prion
Integer overflow
2020-09-11 18:15:00
oraclelinux
oraclelinux
libX11 security update
2020-11-06 00:00:00
libX11 security update
2020-11-06 00:00:00
redhat
redhat
(RHSA-2020:4946) Important: libX11 security update
2020-11-05 08:24:28
(RHSA-2020:4908) Important: libX11 security update
2020-11-04 09:39:33
cve
cve
CVE-2020-14363
2020-09-11 18:15:00
mageia
mageia
Updated libx11 packages fix security vulnerability
2020-08-27 18:52:56
centos
centos
libX11 security update
2020-11-09 13:17:07
libX11 security update
2020-11-06 22:01:30
debian
debian
[SECURITY] [DLA 2361-1] libx11 security update
2020-09-01 07:55:25
fedora
fedora
[SECURITY] Fedora 33 Update: libX11-1.6.12-1.fc33
2020-09-25 17:06:36
[SECURITY] Fedora 31 Update: libX11-1.6.12-1.fc31
2020-09-10 17:34:34
[SECURITY] Fedora 32 Update: libX11-1.6.12-1.fc32
2020-08-27 14:32:02
cloudfoundry
cloudfoundry
USN-4487-1: libx11 vulnerabilities | Cloud Foundry
2020-09-24 00:00:00
gentoo
gentoo
X.Org X11 library: Multiple vulnerabilities
2020-08-27 00:00:00
ubuntu
ubuntu
libx11 vulnerabilities
2020-09-08 00:00:00
libx11 vulnerabilities
2020-09-02 00:00:00
rocky
rocky
almalinux
almalinux
ibm
ibm