Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-3863-1.NASL
HistoryJan 23, 2019 - 12:00 a.m.

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : APT vulnerability (USN-3863-1)

2019-01-2300:00:00
Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
42
JSON

Max Justicz discovered that APT incorrectly handled certain parameters during redirects. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-3863-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('compat.inc');

if (description)
{
  script_id(121328);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/21");

  script_cve_id("CVE-2019-3462");
  script_xref(name:"USN", value:"3863-1");

  script_name(english:"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : APT vulnerability (USN-3863-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"Max Justicz discovered that APT incorrectly handled certain parameters
during redirects. If a remote attacker were able to perform a
man-in-the-middle attack, this flaw could potentially be used to
install altered packages.

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-3863-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3462");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/01/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/23");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apt-transport-https");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apt-utils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapt-inst1.5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapt-inst2.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapt-pkg-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapt-pkg4.12");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapt-pkg5.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('14.04' >< os_release || '16.04' >< os_release || '18.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04 / 16.04 / 18.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '14.04', 'pkgname': 'apt', 'pkgver': '1.0.1ubuntu2.19'},
    {'osver': '14.04', 'pkgname': 'apt-transport-https', 'pkgver': '1.0.1ubuntu2.19'},
    {'osver': '14.04', 'pkgname': 'apt-utils', 'pkgver': '1.0.1ubuntu2.19'},
    {'osver': '14.04', 'pkgname': 'libapt-inst1.5', 'pkgver': '1.0.1ubuntu2.19'},
    {'osver': '14.04', 'pkgname': 'libapt-pkg-dev', 'pkgver': '1.0.1ubuntu2.19'},
    {'osver': '14.04', 'pkgname': 'libapt-pkg4.12', 'pkgver': '1.0.1ubuntu2.19'},
    {'osver': '16.04', 'pkgname': 'apt', 'pkgver': '1.2.29ubuntu0.1'},
    {'osver': '16.04', 'pkgname': 'apt-transport-https', 'pkgver': '1.2.29ubuntu0.1'},
    {'osver': '16.04', 'pkgname': 'apt-utils', 'pkgver': '1.2.29ubuntu0.1'},
    {'osver': '16.04', 'pkgname': 'libapt-inst2.0', 'pkgver': '1.2.29ubuntu0.1'},
    {'osver': '16.04', 'pkgname': 'libapt-pkg-dev', 'pkgver': '1.2.29ubuntu0.1'},
    {'osver': '16.04', 'pkgname': 'libapt-pkg5.0', 'pkgver': '1.2.29ubuntu0.1'},
    {'osver': '18.04', 'pkgname': 'apt', 'pkgver': '1.6.6ubuntu0.1'},
    {'osver': '18.04', 'pkgname': 'apt-transport-https', 'pkgver': '1.6.6ubuntu0.1'},
    {'osver': '18.04', 'pkgname': 'apt-utils', 'pkgver': '1.6.6ubuntu0.1'},
    {'osver': '18.04', 'pkgname': 'libapt-inst2.0', 'pkgver': '1.6.6ubuntu0.1'},
    {'osver': '18.04', 'pkgname': 'libapt-pkg-dev', 'pkgver': '1.6.6ubuntu0.1'},
    {'osver': '18.04', 'pkgname': 'libapt-pkg5.0', 'pkgver': '1.6.6ubuntu0.1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apt / apt-transport-https / apt-utils / libapt-inst1.5 / etc');
}
VendorProductVersionCPE
canonicalubuntu_linuxaptp-cpe:/a:canonical:ubuntu_linux:apt
canonicalubuntu_linuxapt-transport-httpsp-cpe:/a:canonical:ubuntu_linux:apt-transport-https
canonicalubuntu_linuxapt-utilsp-cpe:/a:canonical:ubuntu_linux:apt-utils
canonicalubuntu_linuxlibapt-inst1.5p-cpe:/a:canonical:ubuntu_linux:libapt-inst1.5
canonicalubuntu_linuxlibapt-inst2.0p-cpe:/a:canonical:ubuntu_linux:libapt-inst2.0
canonicalubuntu_linuxlibapt-pkg-devp-cpe:/a:canonical:ubuntu_linux:libapt-pkg-dev
canonicalubuntu_linuxlibapt-pkg4.12p-cpe:/a:canonical:ubuntu_linux:libapt-pkg4.12
canonicalubuntu_linuxlibapt-pkg5.0p-cpe:/a:canonical:ubuntu_linux:libapt-pkg5.0
canonicalubuntu_linux14.04cpe:/o:canonical:ubuntu_linux:14.04:-:lts
canonicalubuntu_linux16.04cpe:/o:canonical:ubuntu_linux:16.04:-:lts
Rows per page:
1-10 of 111

Related

osv 4
ubuntucve 2
debian 3
openvas 4
prion 2
thn 1
nessus 2
cloudfoundry 1
debiancve 1
redhatcve 1
cve 2
ubuntu 2
checkpoint_advisories 1
f5 1
cvelist 2
hackerone 1
github 1
ibm 1
kitploit 1
osv
osv
apt - security update
2019-01-22 00:00:00
apt - security update
2019-01-22 00:00:00
Weave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisements
2021-05-27 19:00:08
ubuntucve
ubuntucve
CVE-2019-3462
2019-01-22 00:00:00
CVE-2020-11091
2020-06-03 00:00:00
debian
debian
[SECURITY] [DSA 4371-1] apt security update
2019-01-22 12:18:38
[SECURITY] [DLA 1637-1] apt security update (amended)
2019-01-22 14:55:53
[SECURITY] [DLA 1637-1] apt security update
2019-01-22 14:32:01
openvas
openvas
Debian: Security Advisory (DSA-4371-1)
2019-01-21 00:00:00
Debian: Security Advisory (DLA-1637-1)
2019-01-21 00:00:00
Ubuntu: Security Advisory (USN-3863-1)
2019-01-23 00:00:00
prion
prion
Design/Logic Flaw
2019-01-28 21:29:00
Command injection
2020-06-03 23:15:00
thn
thn
Critical RCE Flaw in Linux APT Allows Remote Attackers to Hack Systems
2019-01-22 16:20:00
nessus
nessus
Debian DLA-1637-1 : apt security update (amended)
2019-01-23 00:00:00
Debian DSA-4371-1 : apt - security update
2019-01-23 00:00:00
cloudfoundry
cloudfoundry
USN-3863-1: APT vulnerability | Cloud Foundry
2019-01-24 00:00:00
debiancve
debiancve
CVE-2019-3462
2019-01-28 21:29:00
redhatcve
redhatcve
CVE-2019-3462
2022-05-20 22:48:56
cve
cve
CVE-2019-3462
2019-01-28 21:29:00
CVE-2020-11091
2020-06-03 23:15:00
ubuntu
ubuntu
APT vulnerability
2019-01-22 00:00:00
APT vulnerability
2019-01-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Advanced Package Tool Remote Code Execution (CVE-2019-3462)
2019-01-28 00:00:00
f5
f5
K22356857 : APT remote code injection vulnerability CVE-2019-3462
2019-03-06 00:00:00
cvelist
cvelist
CVE-2019-3462
2019-01-22 00:00:00
CVE-2020-11091 Weave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisements
2020-06-03 22:55:13
hackerone
hackerone
Kubernetes: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements
2020-03-15 17:34:18
github
github
Weave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisements
2021-05-27 19:00:08
ibm
ibm
Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-v
2019-04-18 16:40:01
kitploit
kitploit
Trivy - A Simple And Comprehensive Vulnerability Scanner For Containers, Suitable For CI
2019-11-05 12:00:00
JSON
Related for UBUNTU_USN-3863-1.NASL
osv4ubuntucve2debian3openvas4prion2thn1nessus2cloudfoundry1debiancve1redhatcve1cve2ubuntu2checkpoint_advisories1f51cvelist2hackerone1github1ibm1kitploit1