Lucene search

K

Qnap QTS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2017-17033)

Qnap QTS memory buffer boundary restriction vulnerability

Show more
Related
Refs
Code
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(502638);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/10/17");

  script_cve_id("CVE-2017-17033");

  script_name(english:"Qnap QTS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2017-17033)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"A buffer overflow vulnerability in password function in QNAP QTS
version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387
(Beta 2) build 20171116 and earlier could allow remote attackers to
execute arbitrary code on NAS devices.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"http://www.securitytracker.com/id/1040018");
  script_set_attribute(attribute:"see_also", value:"https://www.qnap.com/zh-tw/security-advisory/nas-201712-15");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-17033");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(119);

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/12/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/12/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/10/16");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:qnap:qts:4.2.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:qnap:qts:4.3.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:qnap:qts:4.3.4");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Qnap");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Qnap');

var asset = tenable_ot::assets::get(vendor:'Qnap');

var vuln_cpes = {
    "cpe:/o:qnap:qts:4.2.6" :
        {"versionEndIncluding" : "4.2.6", "versionStartIncluding" : "4.2.6", "family" : "QTS"},
    "cpe:/o:qnap:qts:4.3.3" :
        {"versionEndIncluding" : "4.3.3.0396", "versionStartIncluding" : "4.3.3", "family" : "QTS"},
    "cpe:/o:qnap:qts:4.3.4" :
        {"versionEndIncluding" : "4.3.4.0411", "versionStartIncluding" : "4.3.4", "family" : "QTS"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
16 Oct 2024 00:00Current
8.6High risk
Vulners AI Score8.6
CVSS27.5
CVSS39.8
EPSS0.026
6
.json
Report