Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-4380-1.NASL
HistoryJun 02, 2020 - 12:00 a.m.

Ubuntu 19.10 : Apache Ant vulnerability (USN-4380-1)

2020-06-0200:00:00
Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24
JSON

It was discovered that Apache Ant created temporary files with insecure permissions. An attacker could use this vulnerability to read sensitive information leaked into /tmp, or potentially inject malicious code into a project that is built with Apache Ant.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-4380-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(137046);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/05/11");

  script_cve_id("CVE-2020-1945");
  script_xref(name:"USN", value:"4380-1");
  script_xref(name:"CEA-ID", value:"CEA-2021-0004");
  script_xref(name:"CEA-ID", value:"CEA-2021-0025");

  script_name(english:"Ubuntu 19.10 : Apache Ant vulnerability (USN-4380-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis",
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description",
    value:
"It was discovered that Apache Ant created temporary files with
insecure permissions. An attacker could use this vulnerability to read
sensitive information leaked into /tmp, or potentially inject
malicious code into a project that is built with Apache Ant.

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/4380-1/"
  );
  script_set_attribute(
    attribute:"solution",
    value:"Update the affected ant, ant-doc and / or ant-optional packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-1945");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ant");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ant-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ant-optional");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.10");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/06/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/02");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(19\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 19.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var flag = 0;

if (ubuntu_check(osver:"19.10", pkgname:"ant", pkgver:"1.10.6-1ubuntu0.1")) flag++;
if (ubuntu_check(osver:"19.10", pkgname:"ant-doc", pkgver:"1.10.6-1ubuntu0.1")) flag++;
if (ubuntu_check(osver:"19.10", pkgname:"ant-optional", pkgver:"1.10.6-1ubuntu0.1")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_NOTE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ant / ant-doc / ant-optional");
}
VendorProductVersionCPE
canonicalubuntu_linuxantp-cpe:/a:canonical:ubuntu_linux:ant
canonicalubuntu_linuxant-docp-cpe:/a:canonical:ubuntu_linux:ant-doc
canonicalubuntu_linuxant-optionalp-cpe:/a:canonical:ubuntu_linux:ant-optional
canonicalubuntu_linux19.10cpe:/o:canonical:ubuntu_linux:19.10

Related

nessus 21
rosalinux 1
photon 6
openvas 14
debiancve 2
fedora 2
cve 2
github 7
ibm 15
osv 10
veracode 2
gentoo 1
mageia 2
redhatcve 2
archlinux 2
suse 1
freebsd 1
alpinelinux 2
ubuntu 2
prion 2
ubuntucve 2
redhat 7
oracle 8
nessus
nessus
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Apache Ant vulnerability (USN-4874-1)
2023-10-16 00:00:00
EulerOS 2.0 SP5 : ant (EulerOS-SA-2020-1915)
2020-09-02 00:00:00
Fedora 32 : ant (2020-7f07da3fef)
2020-06-04 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1805
2021-07-02 16:31:56
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0247
2020-05-30 00:00:00
Moderate Photon OS Security Update - PHSA-2020-0099
2020-06-01 00:00:00
Moderate Photon OS Security Update - PHSA-2020-0247
2020-05-30 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:1944-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for ant (EulerOS-SA-2020-2132)
2020-09-29 00:00:00
Ubuntu: Security Advisory (USN-4874-1)
2023-01-27 00:00:00
debiancve
debiancve
CVE-2020-1945
2020-05-14 16:15:00
CVE-2020-11979
2020-10-01 20:15:00
fedora
fedora
[SECURITY] Fedora 32 Update: ant-1.10.8-1.fc32
2020-06-02 03:54:05
[SECURITY] Fedora 31 Update: ant-1.10.8-1.fc31
2020-06-02 03:14:07
cve
cve
CVE-2020-1945
2020-05-14 16:15:00
CVE-2020-11979
2020-10-01 20:15:00
github
github
Sensitive Data Exposure in Apache Ant
2020-09-14 18:13:29
Code injection in Apache Ant
2021-02-03 19:16:35
TemporaryFolder on unix-like systems does not limit access to created files
2022-11-23 22:17:25
ibm
ibm
Security Bulletin: Vulnerability in Apache Ant affects IBM Platform Symphony and IBM Spectrum Symphony
2020-09-07 07:52:14
Security Bulletin: Vulnerability in Apache Ant affect IBM Operations Analytics - Log Analysis Analysis (CVE-2020-1945)
2021-04-20 05:46:46
Security Bulletin: Apache Ant Vulnerabilities Affect IBM Control Center (CVE-2020-1945, CVE-2020-11979)
2021-05-14 21:33:34
osv
osv
ant vulnerability
2021-03-15 23:05:04
Sensitive Data Exposure in Apache Ant
2020-09-14 18:13:29
Code injection in Apache Ant
2021-02-03 19:16:35
veracode
veracode
Insecure Temporary Directory
2020-05-15 05:16:57
Authorization Bypass
2020-10-04 04:38:58
gentoo
gentoo
Apache Ant: Multiple vulnerabilities
2020-07-27 00:00:00
mageia
mageia
Updated ant packages fix security vulnerability
2020-05-27 21:17:37
Updated ant packages fix security vulnerability
2021-04-03 16:16:06
redhatcve
redhatcve
CVE-2020-1945
2020-05-19 13:30:55
CVE-2020-11979
2020-12-02 18:03:54
archlinux
archlinux
[ASA-202005-15] ant: arbitrary command execution
2020-05-20 00:00:00
[ASA-202012-5] ant: arbitrary code execution
2020-12-05 00:00:00
suse
suse
Security update for ant (moderate)
2020-07-20 00:00:00
freebsd
freebsd
Apache Ant leaks sensitive information via the java.io.tmpdir
2020-05-14 00:00:00
alpinelinux
alpinelinux
CVE-2020-1945
2020-05-14 16:15:00
CVE-2020-11979
2020-10-01 20:15:00
ubuntu
ubuntu
Apache Ant vulnerability
2021-03-15 00:00:00
Apache Ant vulnerability
2020-06-01 00:00:00
prion
prion
Design/Logic Flaw
2020-05-14 16:15:00
Design/Logic Flaw
2020-10-01 20:15:00
ubuntucve
ubuntucve
CVE-2020-1945
2020-05-14 00:00:00
CVE-2020-11979
2020-10-01 00:00:00
redhat
redhat
(RHSA-2020:2618) Moderate: Red Hat AMQ Streams 1.5.0 release and security update
2020-06-18 14:18:27
(RHSA-2020:4960) Moderate: Red Hat Decision Manager 7.9.0 security update
2020-11-05 18:43:06
(RHSA-2020:4961) Moderate: Red Hat Process Automation Manager 7.9.0 security update
2020-11-05 18:44:42
oracle
oracle
Oracle Critical Patch Update Advisory - January 2021
2021-01-19 00:00:00
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00
JSON
Related for UBUNTU_USN-4380-1.NASL
nessus21rosalinux1photon6openvas14debiancve2fedora2cve2github7ibm15osv10veracode2gentoo1mageia2redhatcve2archlinux2suse1freebsd1alpinelinux2ubuntu2prion2ubuntucve2redhat7oracle8