Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-3658-1.NASL
HistoryMay 24, 2018 - 12:00 a.m.

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : procps-ng vulnerabilities (USN-3658-1)

2018-05-2400:00:00
Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24
JSON

It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local attacker could possibly use this issue to escalate privileges.
(CVE-2018-1122)

It was discovered that the procps-ng ps tool incorrectly handled memory. A local user could possibly use this issue to cause a denial of service. (CVE-2018-1123)

It was discovered that libprocps incorrectly handled the file2strvec() function. A local attacker could possibly use this to execute arbitrary code. (CVE-2018-1124)

It was discovered that the procps-ng pgrep utility incorrectly handled memory. A local attacker could possibly use this issue to cause de denial of service. (CVE-2018-1125)

It was discovered that procps-ng incorrectly handled memory. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2018-1126).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-3658-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('compat.inc');

if (description)
{
  script_id(110094);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/20");

  script_cve_id(
    "CVE-2018-1122",
    "CVE-2018-1123",
    "CVE-2018-1124",
    "CVE-2018-1125",
    "CVE-2018-1126"
  );
  script_xref(name:"USN", value:"3658-1");
  script_xref(name:"IAVA", value:"2018-A-0174-S");

  script_name(english:"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : procps-ng vulnerabilities (USN-3658-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"It was discovered that the procps-ng top utility incorrectly read its
configuration file from the current working directory. A local
attacker could possibly use this issue to escalate privileges.
(CVE-2018-1122)

It was discovered that the procps-ng ps tool incorrectly handled
memory. A local user could possibly use this issue to cause a denial
of service. (CVE-2018-1123)

It was discovered that libprocps incorrectly handled the file2strvec()
function. A local attacker could possibly use this to execute
arbitrary code. (CVE-2018-1124)

It was discovered that the procps-ng pgrep utility incorrectly handled
memory. A local attacker could possibly use this issue to cause de
denial of service. (CVE-2018-1125)

It was discovered that procps-ng incorrectly handled memory. A local
attacker could use this issue to cause a denial of service, or
possibly execute arbitrary code. (CVE-2018-1126).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-3658-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-1126");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/05/23");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/05/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libprocps3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libprocps3-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libprocps4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libprocps4-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libprocps6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:procps");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libprocps-dev");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"II");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('14.04' >< os_release || '16.04' >< os_release || '18.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04 / 16.04 / 18.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '14.04', 'pkgname': 'libprocps3', 'pkgver': '1:3.3.9-1ubuntu2.3'},
    {'osver': '14.04', 'pkgname': 'libprocps3-dev', 'pkgver': '1:3.3.9-1ubuntu2.3'},
    {'osver': '14.04', 'pkgname': 'procps', 'pkgver': '1:3.3.9-1ubuntu2.3'},
    {'osver': '16.04', 'pkgname': 'libprocps4', 'pkgver': '2:3.3.10-4ubuntu2.4'},
    {'osver': '16.04', 'pkgname': 'libprocps4-dev', 'pkgver': '2:3.3.10-4ubuntu2.4'},
    {'osver': '16.04', 'pkgname': 'procps', 'pkgver': '2:3.3.10-4ubuntu2.4'},
    {'osver': '18.04', 'pkgname': 'libprocps-dev', 'pkgver': '2:3.3.12-3ubuntu1.1'},
    {'osver': '18.04', 'pkgname': 'libprocps6', 'pkgver': '2:3.3.12-3ubuntu1.1'},
    {'osver': '18.04', 'pkgname': 'procps', 'pkgver': '2:3.3.12-3ubuntu1.1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libprocps-dev / libprocps3 / libprocps3-dev / libprocps4 / etc');
}
VendorProductVersionCPE
canonicalubuntu_linuxlibprocps3p-cpe:/a:canonical:ubuntu_linux:libprocps3
canonicalubuntu_linuxlibprocps3-devp-cpe:/a:canonical:ubuntu_linux:libprocps3-dev
canonicalubuntu_linuxlibprocps4p-cpe:/a:canonical:ubuntu_linux:libprocps4
canonicalubuntu_linuxlibprocps4-devp-cpe:/a:canonical:ubuntu_linux:libprocps4-dev
canonicalubuntu_linuxlibprocps6p-cpe:/a:canonical:ubuntu_linux:libprocps6
canonicalubuntu_linuxprocpsp-cpe:/a:canonical:ubuntu_linux:procps
canonicalubuntu_linux14.04cpe:/o:canonical:ubuntu_linux:14.04:-:lts
canonicalubuntu_linux16.04cpe:/o:canonical:ubuntu_linux:16.04:-:lts
canonicalubuntu_linux18.04cpe:/o:canonical:ubuntu_linux:18.04:-:lts
canonicalubuntu_linuxlibprocps-devp-cpe:/a:canonical:ubuntu_linux:libprocps-dev

Related

nessus 59
osv 7
openvas 25
ubuntu 3
ibm 7
suse 4
cloudfoundry 1
debian 3
slackware 1
rosalinux 1
exploitpack 1
photon 4
packetstorm 1
gentoo 1
oraclelinux 4
fedora 2
f5 3
amazon 2
redhat 11
prion 5
debiancve 5
centos 3
cve 5
redhatcve 5
ubuntucve 5
zdt 1
exploitdb 1
veracode 4
nessus
nessus
Debian DSA-4208-1 : procps - security update
2018-05-23 00:00:00
SUSE SLED12 / SLES12 Security Update : procps (SUSE-SU-2018:2451-2)
2018-11-27 00:00:00
SUSE SLED12 / SLES12 Security Update : procps (SUSE-SU-2018:1836-1)
2018-06-29 00:00:00
osv
osv
procps - security update
2018-05-31 00:00:00
procps - security update
2018-05-22 00:00:00
CVE-2018-1126
2018-05-23 13:29:00
openvas
openvas
Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2018-1340)
2020-01-23 00:00:00
openSUSE: Security Advisory for procps (openSUSE-SU-2019:0291-1)
2019-03-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:2451-2)
2021-04-19 00:00:00
ubuntu
ubuntu
procps-ng vulnerabilities
2018-05-23 00:00:00
procps-ng vulnerabilities
2018-08-16 00:00:00
procps-ng vulnerabilities
2018-06-05 00:00:00
ibm
ibm
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in procps
2023-12-07 22:45:03
Security Bulletin: Vulnerabilities in procps affect IBM BladeCenter Advanced Management Module (AMM)
2018-10-11 15:50:01
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in procps
2023-12-07 22:45:02
suse
suse
Security update for procps (moderate)
2018-06-29 15:30:55
Security update for procps (important)
2019-10-26 00:00:00
Security update for procps (important)
2019-03-04 00:00:00
cloudfoundry
cloudfoundry
USN-3658-1: procps-ng vulnerabilities | Cloud Foundry
2018-06-05 00:00:00
debian
debian
[SECURITY] [DSA 4208-1] procps security update
2018-05-22 15:45:25
[SECURITY] [DSA 4208-1] procps security update
2018-05-22 15:45:25
[SECURITY] [DLA 1390-1] procps security update
2018-05-31 20:24:15
slackware
slackware
[slackware-security] procps-ng
2018-05-23 06:37:37
rosalinux
rosalinux
Advisory ROSA-SA-2021-1956
2021-07-02 18:00:03
exploitpack
exploitpack
Procps-ng - Multiple Vulnerabilities
2018-05-30 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0175
2018-08-15 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0085
2018-08-15 00:00:00
Critical Photon OS Security Update - PHSA-2018-0084
2018-08-15 00:00:00
packetstorm
packetstorm
Procps-ng Audit Report
2018-05-22 00:00:00
gentoo
gentoo
procps: Multiple vulnerabilities
2018-05-30 00:00:00
oraclelinux
oraclelinux
procps security update
2018-05-31 00:00:00
procps-ng security update
2018-05-23 00:00:00
procps-ng security and bug fix update
2019-08-13 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: procps-ng-3.3.12-2.fc28
2018-05-22 15:09:03
[SECURITY] Fedora 27 Update: procps-ng-3.3.10-16.fc27
2018-05-24 14:27:09
f5
f5
K83271321 : procps-ng vulnerability CVE-2018-1126
2020-12-28 00:00:00
K00409335 : procps-ng vulnerability CVE-2018-1122
2020-12-29 00:00:00
K16124204 : procps-ng vulnerability CVE-2018-1124
2020-12-28 00:00:00
amazon
amazon
Important: procps-ng
2018-06-07 23:26:00
Medium: procps-ng
2019-10-21 18:01:00
redhat
redhat
(RHSA-2019:1944) Important: procps-ng security update
2019-07-30 08:22:54
(RHSA-2018:1700) Important: procps-ng security update
2018-05-23 13:45:48
(RHSA-2018:1777) Important: procps security update
2018-05-31 13:15:29
prion
prion
Integer overflow
2018-05-23 13:29:00
Buffer overflow
2018-05-23 14:29:00
Integer overflow
2018-05-23 13:29:00
debiancve
debiancve
CVE-2018-1126
2018-05-23 13:29:00
CVE-2018-1124
2018-05-23 13:29:00
CVE-2018-1123
2018-05-23 14:29:00
centos
centos
procps security update
2018-06-01 15:12:08
procps security update
2018-05-29 17:26:08
procps security update
2019-08-30 03:59:50
cve
cve
CVE-2018-1126
2018-05-23 13:29:00
CVE-2018-1124
2018-05-23 13:29:00
CVE-2018-1123
2018-05-23 14:29:00
redhatcve
redhatcve
CVE-2018-1126
2019-10-05 13:49:59
CVE-2018-1123
2018-05-18 05:20:45
CVE-2018-1124
2018-05-18 05:21:11
ubuntucve
ubuntucve
CVE-2018-1126
2018-05-17 00:00:00
CVE-2018-1123
2018-05-17 00:00:00
CVE-2018-1124
2018-05-17 00:00:00
zdt
zdt
Procps-ng - Multiple Vulnerabilities
2018-05-30 00:00:00
exploitdb
exploitdb
Procps-ng - Multiple Vulnerabilities
2018-05-30 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:23:43
Integer Overflow
2019-05-16 03:00:36
Privilege Escalation
2019-08-08 00:07:55
JSON
Related for UBUNTU_USN-3658-1.NASL
nessus59osv7openvas25ubuntu3ibm7suse4cloudfoundry1debian3slackware1rosalinux1exploitpack1photon4packetstorm1gentoo1oraclelinux4fedora2f53amazon2redhat11prion5debiancve5centos3cve5redhatcve5ubuntucve5zdt1exploitdb1veracode4