Lucene search
Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-3637-1.NASLHistoryMay 01, 2018 - 12:00 a.m.
Ubuntu 18.04 LTS : WavPack vulnerabilities (USN-3637-1)
2018-05-0100:00:00
Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.003
Percentile
70.7%
Thuan Pham, Marcel Bohme, Andrew Santosa and Alexandru Razvan Caciulescu discovered that WavPack incorrectly handled certain .wav files. An attacker could possibly use this to execute arbitrary code or cause a denial of service. (CVE-2018-10536, CVE-2018-10537)
Thuan Pham, Marcel Bohme, Andrew Santosa and Alexandru Razvan Caciulescu discovered that WavPack incorrectly handled certain .wav files. An attacker could possibly use this to cause a denial of service. (CVE-2018-10538, CVE-2018-10539, CVE-2018-10540).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-3637-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include('compat.inc');
if (description)
{
script_id(109469);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/20");
script_cve_id(
"CVE-2018-10536",
"CVE-2018-10537",
"CVE-2018-10538",
"CVE-2018-10539",
"CVE-2018-10540"
);
script_xref(name:"USN", value:"3637-1");
script_name(english:"Ubuntu 18.04 LTS : WavPack vulnerabilities (USN-3637-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"Thuan Pham, Marcel Bohme, Andrew Santosa and Alexandru Razvan
Caciulescu discovered that WavPack incorrectly handled certain .wav
files. An attacker could possibly use this to execute arbitrary code
or cause a denial of service. (CVE-2018-10536, CVE-2018-10537)
Thuan Pham, Marcel Bohme, Andrew Santosa and Alexandru Razvan
Caciulescu discovered that WavPack incorrectly handled certain .wav
files. An attacker could possibly use this to cause a denial of
service. (CVE-2018-10538, CVE-2018-10539, CVE-2018-10540).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-3637-1");
script_set_attribute(attribute:"solution", value:
"Update the affected libwavpack-dev, libwavpack1 and / or wavpack packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-10537");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/29");
script_set_attribute(attribute:"patch_publication_date", value:"2018/04/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/01");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:wavpack");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwavpack-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwavpack1");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Ubuntu Local Security Checks");
script_copyright(english:"Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('18.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);
var pkgs = [
{'osver': '18.04', 'pkgname': 'libwavpack-dev', 'pkgver': '5.1.0-2ubuntu1.1'},
{'osver': '18.04', 'pkgname': 'libwavpack1', 'pkgver': '5.1.0-2ubuntu1.1'},
{'osver': '18.04', 'pkgname': 'wavpack', 'pkgver': '5.1.0-2ubuntu1.1'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var osver = NULL;
var pkgname = NULL;
var pkgver = NULL;
if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
if (osver && pkgname && pkgver) {
if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
var tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libwavpack-dev / libwavpack1 / wavpack');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | wavpack | p-cpe:/a:canonical:ubuntu_linux:wavpack |
| canonical | ubuntu_linux | 18.04 | cpe:/o:canonical:ubuntu_linux:18.04:-:lts |
| canonical | ubuntu_linux | libwavpack-dev | p-cpe:/a:canonical:ubuntu_linux:libwavpack-dev |
| canonical | ubuntu_linux | libwavpack1 | p-cpe:/a:canonical:ubuntu_linux:libwavpack1 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10536
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10537
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10538
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10539
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10540
ubuntu.com/security/notices/USN-3637-1
Related
nessus
nessus
Debian DSA-4197-1 : wavpack - security update
2018-05-10 00:00:00
Fedora 28 : wavpack (2018-17a97bb25b)
2019-01-03 00:00:00
Fedora 27 : wavpack (2018-d6002f761d)
2018-05-29 00:00:00
debian
debian
[SECURITY] [DSA 4197-1] wavpack security updaze
2018-05-09 18:24:39
ubuntu
ubuntu
WavPack vulnerabilities
2018-04-30 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3637-1)
2018-10-26 00:00:00
Debian: Security Advisory (DSA-4197-1)
2018-05-08 00:00:00
Fedora Update for wavpack FEDORA-2018-17a97bb25b
2018-05-27 00:00:00
osv
osv
wavpack - security update
2018-05-09 00:00:00
CVE-2018-10538
2018-04-29 15:29:00
CVE-2018-10539
2018-04-29 15:29:00
fedora
fedora
[SECURITY] Fedora 28 Update: wavpack-5.1.0-8.fc28
2018-05-26 20:47:16
[SECURITY] Fedora 27 Update: wavpack-5.1.0-8.fc27
2018-05-26 21:13:05
[SECURITY] Fedora 28 Update: wavpack-5.1.0-12.fc28
2019-04-23 18:49:38
freebsd
freebsd
wavpack -- multiple vulnerabilities
2018-05-09 00:00:00
slackware
slackware
[slackware-security] wavpack
2019-12-19 23:44:00
mageia
mageia
Updated wavpack packages fix security vulnerabilities
2019-01-23 18:50:09
suse
suse
Security update for wavpack (moderate)
2021-01-24 00:00:00
Security update for wavpack (moderate)
2021-01-24 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1995
2021-07-02 18:19:37
nvd
nvd
ubuntucve
ubuntucve
prion
prion
Design/Logic Flaw
2018-04-29 15:29:00
Integer overflow
2018-04-29 15:29:00
Integer overflow
2018-04-29 15:29:00
veracode
veracode
Arbitrary Code Execution
2020-05-10 23:25:07
Denial Of Service (DoS)
2020-05-10 23:25:05
Arbitrary Code Execution
2020-05-10 23:25:07
cve
cve
redhatcve
redhatcve
debiancve
debiancve
cvelist
cvelist
alpinelinux
alpinelinux
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.003
Percentile
70.7%
Related for UBUNTU_USN-3637-1.NASL