Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2021-0529-1.NASL
HistoryFeb 22, 2021 - 12:00 a.m.

SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2021:0529-1)

2021-02-2200:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
111

9.7 High

AI Score

Confidence

High

JSON

This update for python3 fixes the following issues :

CVE-2021-3177: Fixed buffer overflow in PyCArg_repr in
_ctypes/callproc.c, which may lead to remote code execution (bsc#1181126).

Provide the newest setuptools wheel (bsc#1176262, CVE-2019-20916) in their correct form (bsc#1180686).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2021:0529-1.
# The text itself is copyright (C) SUSE.
#

include('compat.inc');

if (description)
{
  script_id(146729);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/19");

  script_cve_id("CVE-2019-20916", "CVE-2021-3177");

  script_name(english:"SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2021:0529-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"This update for python3 fixes the following issues :

CVE-2021-3177: Fixed buffer overflow in PyCArg_repr in
_ctypes/callproc.c, which may lead to remote code execution
(bsc#1181126).

Provide the newest setuptools wheel (bsc#1176262, CVE-2019-20916) in
their correct form (bsc#1180686).

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1176262");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1179756");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1180686");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1181126");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-20916/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3177/");
  # https://www.suse.com/support/update/announcement/2021/suse-su-20210529-1
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4540350f");
  script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Module for Development Tools 15-SP2 :

zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP2-2021-529=1

SUSE Linux Enterprise Module for Basesystem 15-SP2 :

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2021-529=1");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-3177");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/09/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/02/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/02/22");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython3_6m1_0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython3_6m1_0-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-curses");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-curses-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-dbm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-dbm-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-devel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-idle");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-tk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-tk-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-tools");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP2", os_ver + " SP" + sp);
if (os_ver == "SLED15" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP2", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES15", sp:"2", reference:"libpython3_6m1_0-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"libpython3_6m1_0-debuginfo-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-base-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-curses-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-curses-debuginfo-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-dbm-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-dbm-debuginfo-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-debuginfo-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-debugsource-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-devel-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-devel-debuginfo-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-idle-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-tk-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-tk-debuginfo-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLES15", sp:"2", reference:"python3-tools-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"libpython3_6m1_0-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"libpython3_6m1_0-debuginfo-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-base-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-curses-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-curses-debuginfo-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-dbm-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-dbm-debuginfo-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-debuginfo-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-debugsource-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-devel-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-devel-debuginfo-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-idle-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-tk-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-tk-debuginfo-3.6.12-3.75.1")) flag++;
if (rpm_check(release:"SLED15", sp:"2", reference:"python3-tools-3.6.12-3.75.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python3");
}
VendorProductVersionCPE
novellsuse_linuxpython3-tkp-cpe:/a:novell:suse_linux:python3-tk
novellsuse_linuxlibpython3_6m1_0p-cpe:/a:novell:suse_linux:libpython3_6m1_0
novellsuse_linuxlibpython3_6m1_0-debuginfop-cpe:/a:novell:suse_linux:libpython3_6m1_0-debuginfo
novellsuse_linuxpython3p-cpe:/a:novell:suse_linux:python3
novellsuse_linuxpython3-basep-cpe:/a:novell:suse_linux:python3-base
novellsuse_linuxpython3-cursesp-cpe:/a:novell:suse_linux:python3-curses
novellsuse_linuxpython3-tk-debuginfop-cpe:/a:novell:suse_linux:python3-tk-debuginfo
novellsuse_linuxpython3-toolsp-cpe:/a:novell:suse_linux:python3-tools
novellsuse_linuxpython3-curses-debuginfop-cpe:/a:novell:suse_linux:python3-curses-debuginfo
novellsuse_linuxpython3-dbmp-cpe:/a:novell:suse_linux:python3-dbm
Rows per page:
1-10 of 171

Related

nessus 70
openvas 47
suse 13
osv 10
debiancve 2
veracode 2
ubuntu 1
amazon 3
ibm 3
redhatcve 2
almalinux 2
oraclelinux 10
redhat 3
cbl_mariner 2
prion 2
ubuntucve 2
cve 2
centos 1
github 1
debian 1
fedora 10
alpinelinux 1
f5 1
photon 1
hackerone 1
mageia 2
rocky 1
redos 3
nessus
nessus
openSUSE Security Update : python3 (openSUSE-2021-331)
2021-02-25 00:00:00
openSUSE Security Update : python (openSUSE-2021-270)
2021-02-16 00:00:00
SUSE SLES12 Security Update : python36 (SUSE-SU-2021:0428-1)
2021-02-11 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:0529-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for python (openSUSE-SU-2021:0270-1)
2021-04-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:0355-1)
2021-04-19 00:00:00
suse
suse
Security update for python (important)
2021-02-10 00:00:00
Security update for python3 (moderate)
2021-02-23 00:00:00
Security update for python-setuptools (important)
2020-12-01 00:00:00
osv
osv
PYSEC-2020-173
2020-09-04 20:15:00
CVE-2019-20916
2020-09-04 20:15:11
python-pip - security update
2020-09-11 00:00:00
debiancve
debiancve
CVE-2019-20916
2020-09-04 20:15:00
CVE-2021-3177
2021-01-19 06:15:00
veracode
veracode
Directory Traversal
2019-06-13 01:55:10
Buffer Overflow
2021-01-21 19:51:33
ubuntu
ubuntu
pip vulnerability
2020-10-22 00:00:00
amazon
amazon
Medium: python-pip
2021-05-20 16:07:00
Medium: python, python3
2021-02-19 01:27:00
Medium: python27, python36, python38
2021-02-23 20:18:00
ibm
ibm
Security Bulletin: A vulnerability in Python affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2019-20916)
2023-01-12 21:59:00
Security Bulletin: IBM Waston Machine Learning Acclerator is affected by a Python vulnerability
2021-06-04 02:38:13
Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by CVE-2021-3177
2021-05-06 18:56:13
redhatcve
redhatcve
CVE-2019-20916
2020-09-07 14:21:56
CVE-2021-3177
2021-01-20 08:55:23
almalinux
almalinux
Moderate: python-pip security update
2020-11-03 12:04:06
Moderate: python27:2.7 security update
2020-11-03 12:24:08
oraclelinux
oraclelinux
python-pip security update
2020-11-10 00:00:00
python-pip security update
2022-03-10 00:00:00
python-virtualenv security update
2022-06-29 00:00:00
redhat
redhat
(RHSA-2020:4432) Moderate: python-pip security update
2020-11-03 12:04:06
(RHSA-2022:5234) Moderate: python-virtualenv security update
2022-06-28 07:52:36
(RHSA-2020:4654) Moderate: python27:2.7 security update
2020-11-03 12:24:08
cbl_mariner
cbl_mariner
CVE-2019-20916 affecting package python-pip 18.0-5
2021-01-11 21:49:40
CVE-2021-3177 affecting package python3 3.7.9-4
2021-02-09 16:59:15
prion
prion
Directory traversal
2020-09-04 20:15:00
Buffer overflow
2021-01-19 06:15:00
ubuntucve
ubuntucve
CVE-2019-20916
2020-09-04 00:00:00
CVE-2021-3177
2021-01-19 00:00:00
cve
cve
CVE-2019-20916
2020-09-04 20:15:00
CVE-2021-3177
2021-01-19 06:15:00
centos
centos
python security update
2022-08-02 19:21:51
github
github
Path Traversal in pip
2021-06-09 17:35:04
debian
debian
[SECURITY] [DLA 2370-1] python-pip security update
2020-09-11 10:16:16
fedora
fedora
[SECURITY] Fedora 33 Update: python2.7-2.7.18-8.fc33
2021-02-11 01:43:47
[SECURITY] Fedora 32 Update: python3.10-3.10.0~a5-1.fc32
2021-02-13 01:18:35
[SECURITY] Fedora 33 Update: mingw-python3-3.9.1-2.fc33
2021-01-30 01:55:18
alpinelinux
alpinelinux
CVE-2021-3177
2021-01-19 06:15:00
f5
f5
K000133761 : Python vulnerability CVE-2021-3177
2023-05-10 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2021-0192
2021-02-11 00:00:00
hackerone
hackerone
Internet Bug Bounty: Buffer overflow in PyCArg_repr in _ctypes/callproc.c for Python 3.x to 3.9.1
2021-01-22 09:48:45
mageia
mageia
Updated python and python3 packages fix security vulnerability
2021-02-04 16:40:24
Updated python-pip packages fix security vulnerabilities
2021-01-25 18:25:52
rocky
rocky
python27:2.7 security update
2020-11-03 12:24:08
redos
redos
ROS-20230619-05
2023-06-19 00:00:00
ROS-2-453
2021-09-08 00:00:00
ROS-2-621
2021-09-08 00:00:00

9.7 High

AI Score

Confidence

High

JSON
Related for SUSE_SU-2021-0529-1.NASL
nessus70openvas47suse13osv10debiancve2veracode2ubuntu1amazon3ibm3redhatcve2almalinux2oraclelinux10redhat3cbl_mariner2prion2ubuntucve2cve2centos1github1debian1fedora10alpinelinux1f51photon1hackerone1mageia2rocky1redos3