Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2020-14341-1.NASL
HistoryJun 10, 2021 - 12:00 a.m.

SUSE SLES11 Security Update : cups (SUSE-SU-2020:14341-1)

2021-06-1000:00:00
This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
JSON

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2020:14341-1 advisory.

  • A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges. (CVE-2020-3898)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2020:14341-1. The text itself
# is copyright (C) SUSE.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(150583);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/06/10");

  script_cve_id("CVE-2020-3898");
  script_xref(name:"SuSE", value:"SUSE-SU-2020:14341-1");

  script_name(english:"SUSE SLES11 Security Update : cups (SUSE-SU-2020:14341-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE-
SU-2020:14341-1 advisory.

  - A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina
    10.15.4. An application may be able to gain elevated privileges. (CVE-2020-3898)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1168422");
  # https://lists.suse.com/pipermail/sle-security-updates/2020-April/006729.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b3fc9158");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-3898");
  script_set_attribute(attribute:"solution", value:
"Update the affected cups, cups-client, cups-libs and / or cups-libs-32bit packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-3898");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/04/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/06/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cups");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cups-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cups-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cups-libs-32bit");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES11" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP4", os_ver + " SP" + sp);

pkgs = [
    {'reference':'cups-1.3.9-8.46.56.11', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'cups-client-1.3.9-8.46.56.11', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'cups-libs-1.3.9-8.46.56.11', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'cups-libs-32bit-1.3.9-8.46.56.11', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'cups-libs-32bit-1.3.9-8.46.56.11', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'cups-1.3.9-8.46.56.11', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'cups-client-1.3.9-8.46.56.11', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'cups-libs-1.3.9-8.46.56.11', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'cups-libs-32bit-1.3.9-8.46.56.11', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'cups-libs-32bit-1.3.9-8.46.56.11', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}
];

flag = 0;
foreach package_array ( pkgs ) {
  reference = NULL;
  release = NULL;
  sp = NULL;
  cpu = NULL;
  exists_check = NULL;
  rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && release && exists_check) {
    if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
  else if (reference && release) {
    if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  ltss_plugin_caveat = '\n' +
    'NOTE: This vulnerability check contains fixes that apply to\n' +
    'packages only available in SUSE Enterprise Linux Server LTSS\n' +
    'repositories. Access to these package security updates require\n' +
    'a paid SUSE LTSS subscription.\n';
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + ltss_plugin_caveat
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cups / cups-client / cups-libs / cups-libs-32bit');
}
VendorProductVersionCPE
novellsuse_linuxcupsp-cpe:/a:novell:suse_linux:cups
novellsuse_linuxcups-clientp-cpe:/a:novell:suse_linux:cups-client
novellsuse_linuxcups-libsp-cpe:/a:novell:suse_linux:cups-libs
novellsuse_linuxcups-libs-32bitp-cpe:/a:novell:suse_linux:cups-libs-32bit
novellsuse_linux11cpe:/o:novell:suse_linux:11

Related

nessus 25
almalinux 1
suse 1
veracode 1
redhatcve 1
cvelist 1
cve 1
osv 3
openvas 18
oraclelinux 1
ubuntucve 1
redhat 3
alpinelinux 1
fedora 3
debiancve 1
prion 1
rocky 1
debian 1
ubuntu 1
freebsd 1
mageia 1
apple 2
androidsecurity 1
ibm 1
nessus
nessus
CentOS 8 : cups (CESA-2020:4469)
2021-02-01 00:00:00
SUSE SLED15 / SLES15 Security Update : cups (SUSE-SU-2020:1083-1)
2020-04-24 00:00:00
EulerOS Virtualization for ARM 64 3.0.2.0 : cups (EulerOS-SA-2020-1974)
2020-09-08 00:00:00
almalinux
almalinux
Low: cups security and bug fix update
2020-11-03 12:07:34
suse
suse
Security update for cups (important)
2020-04-26 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-11-05 03:19:14
redhatcve
redhatcve
CVE-2020-3898
2020-04-21 13:04:19
cvelist
cvelist
CVE-2020-3898
2020-10-22 17:48:29
cve
cve
CVE-2020-3898
2020-10-22 18:15:00
osv
osv
Low: cups security and bug fix update
2020-11-03 12:07:34
CVE-2020-3898
2020-10-22 18:15:12
cups - security update
2020-06-07 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2020-2306)
2020-11-02 00:00:00
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2020-2464)
2020-11-05 00:00:00
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2020-2241)
2020-10-30 00:00:00
oraclelinux
oraclelinux
cups security and bug fix update
2020-11-10 00:00:00
ubuntucve
ubuntucve
CVE-2020-3898
2020-04-21 00:00:00
redhat
redhat
(RHSA-2020:4469) Low: cups security and bug fix update
2020-11-03 12:07:34
(RHSA-2020:5635) Moderate: OpenShift Container Platform 4.7.0 extras and security update
2021-02-24 14:47:52
(RHSA-2020:5633) Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update
2021-02-24 14:49:26
alpinelinux
alpinelinux
CVE-2020-3898
2020-10-22 18:15:00
fedora
fedora
[SECURITY] Fedora 30 Update: cups-2.2.12-8.fc30
2020-05-05 03:13:47
[SECURITY] Fedora 31 Update: cups-2.2.12-8.fc31
2020-04-30 03:44:09
[SECURITY] Fedora 32 Update: cups-2.3.1-9.fc32
2020-04-28 02:33:57
debiancve
debiancve
CVE-2020-3898
2020-10-22 18:15:00
prion
prion
Memory corruption
2020-10-22 18:15:00
rocky
rocky
cups security and bug fix update
2020-11-03 12:07:34
debian
debian
[SECURITY] [DLA 2237-1] cups security update
2020-06-07 16:27:47
ubuntu
ubuntu
CUPS vulnerabilities
2020-04-27 00:00:00
freebsd
freebsd
CUPS -- memory corruption
2020-04-28 00:00:00
mageia
mageia
Updated cups packages fix security vulnerability
2020-06-11 01:26:12
apple
apple
About the security content of macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra - Apple Support
2020-12-15 06:13:57
About the security content of macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra
2020-03-24 00:00:00
androidsecurity
androidsecurity
Android 11 Security Release Notes
2020-08-25 00:00:00
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-05-09 12:31:16
JSON
Related for SUSE_SU-2020-14341-1.NASL
nessus25almalinux1suse1veracode1redhatcve1cvelist1cve1osv3openvas18oraclelinux1ubuntucve1redhat3alpinelinux1fedora3debiancve1prion1rocky1debian1ubuntu1freebsd1mageia1apple2androidsecurity1ibm1