Lucene search
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2022-4930.NASLHistoryJun 07, 2022 - 12:00 a.m.
Oracle Linux 7 : python-twisted-web (ELSA-2022-4930)
2022-06-0700:00:00
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
35
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-4930 advisory.
- Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the
twisted.web.httpmodule, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing can lead to desync if requests pass through multiple HTTP parsers, potentially resulting in HTTP request smuggling.
Users who may be affected use Twisted Web’s HTTP 1.1 server and/or proxy and also pass requests through a different HTTP server and/or proxy. The Twisted Web client is not affected. The HTTP 2.0 server uses a different parser, so it is not affected. The issue has been addressed in Twisted 22.4.0rc1. Two workarounds are available: Ensure any vulnerabilities in upstream proxies have been addressed, such as by upgrading them; or filter malformed requests by other means, such as configuration of an upstream proxy.
(CVE-2022-24801)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Oracle Linux Security Advisory ELSA-2022-4930.
##
include('compat.inc');
if (description)
{
script_id(161929);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/06/07");
script_cve_id("CVE-2022-24801");
script_name(english:"Oracle Linux 7 : python-twisted-web (ELSA-2022-4930)");
script_set_attribute(attribute:"synopsis", value:
"The remote Oracle Linux host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the
ELSA-2022-4930 advisory.
- Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version
22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the `twisted.web.http` module, parsed several HTTP
request constructs more leniently than permitted by RFC 7230. This non-conformant parsing can lead to
desync if requests pass through multiple HTTP parsers, potentially resulting in HTTP request smuggling.
Users who may be affected use Twisted Web's HTTP 1.1 server and/or proxy and also pass requests through a
different HTTP server and/or proxy. The Twisted Web client is not affected. The HTTP 2.0 server uses a
different parser, so it is not affected. The issue has been addressed in Twisted 22.4.0rc1. Two
workarounds are available: Ensure any vulnerabilities in upstream proxies have been addressed, such as by
upgrading them; or filter malformed requests by other means, such as configuration of an upstream proxy.
(CVE-2022-24801)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://linux.oracle.com/errata/ELSA-2022-4930.html");
script_set_attribute(attribute:"solution", value:
"Update the affected python-twisted-web package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-24801");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/04/04");
script_set_attribute(attribute:"patch_publication_date", value:"2022/06/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/06/07");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python-twisted-web");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Oracle Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/local_checks_enabled");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');
var release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');
var os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');
var os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);
if ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);
var pkgs = [
{'reference':'python-twisted-web-12.1.0-8.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var release = NULL;
var sp = NULL;
var cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && release) {
if (exists_check) {
if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
} else {
if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-twisted-web');
}
Related
nessus
nessus
RHEL 7 : python-twisted-web (RHSA-2022:4930)
2022-06-07 00:00:00
Ubuntu 22.04 LTS : Twisted vulnerability (USN-5576-1)
2022-10-03 00:00:00
alpinelinux
alpinelinux
CVE-2022-24801
2022-04-04 18:15:00
redhat
redhat
ubuntu
ubuntu
Twisted vulnerability
2022-08-24 00:00:00
osv
osv
Inconsistent Interpretation of HTTP Requests in twisted.web
2022-04-04 21:29:41
CVE-2022-24801
2022-04-04 18:15:07
PYSEC-2022-195
2022-04-04 18:15:00
debiancve
debiancve
CVE-2022-24801
2022-04-04 18:15:00
amazon
amazon
Important: python-twisted-web
2022-07-19 01:22:00
Important: python-twisted-web
2023-03-30 22:50:00
cbl_mariner
cbl_mariner
CVE-2022-24801 affecting package python-twisted 22.4.0-1
2022-11-16 02:26:13
CVE-2022-24801 affecting package python-twisted 20.3.0-2
2022-06-15 17:03:06
veracode
veracode
HTTP Request Smuggling (HRS)
2022-04-05 11:15:03
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:1477-1)
2022-05-02 00:00:00
Debian: Security Advisory (DLA-2991-1)
2022-05-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1546-1)
2022-05-06 00:00:00
ibm
ibm
github
github
Inconsistent Interpretation of HTTP Requests in twisted.web
2022-04-04 21:29:41
ubuntucve
ubuntucve
CVE-2022-24801
2022-04-04 00:00:00
centos
centos
python security update
2022-08-02 19:23:01
prion
prion
Design/Logic Flaw
2022-04-04 18:15:00
oraclelinux
oraclelinux
python-twisted-web security update
2022-06-08 00:00:00
suse
suse
Security update for python-Twisted (moderate)
2022-04-29 00:00:00
cve
cve
CVE-2022-24801
2022-04-04 18:15:00
redhatcve
redhatcve
CVE-2022-24801
2022-04-07 17:01:46
debian
debian
[SECURITY] [DLA 2991-1] twisted security update
2022-05-03 12:11:10
fedora
fedora
[SECURITY] Fedora 36 Update: python-twisted-22.4.0-1.fc36
2022-07-03 01:07:05
[SECURITY] Fedora 35 Update: python-twisted-22.4.0-1.fc35
2022-07-03 01:21:11
mageia
mageia
Updated python-twisted packages fix security vulnerability
2022-05-12 13:24:45
oracle
oracle
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00
Related for ORACLELINUX_ELSA-2022-4930.NASL