Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-5159-1.NASL
HistoryOct 23, 2023 - 12:00 a.m.

Ubuntu 16.04 ESM : bl vulnerability (USN-5159-1)

2023-10-2300:00:00
Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
3
ubuntu 16.04 esm
buffer over-read
bl package
vulnerability
usn-5159-1 advisory
JSON

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5159-1 advisory.

  • A buffer over-read vulnerability exists in bl <4.0.3, <3.0.1, <2.2.1, and <1.2.3 which could allow an attacker to supply user input (even typed) that if it ends up in consume() argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via regular .slice() calls. (CVE-2020-8244)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-5159-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##

include('compat.inc');

if (description)
{
  script_id(183710);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/23");

  script_cve_id("CVE-2020-8244");
  script_xref(name:"USN", value:"5159-1");

  script_name(english:"Ubuntu 16.04 ESM : bl vulnerability (USN-5159-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the
USN-5159-1 advisory.

  - A buffer over-read vulnerability exists in bl <4.0.3, <3.0.1, <2.2.1, and <1.2.3 which could allow an
    attacker to supply user input (even typed) that if it ends up in consume() argument and can become
    negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via
    regular .slice() calls. (CVE-2020-8244)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-5159-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected node-bl package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8244");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/08/30");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/02/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/10/23");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:esm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:node-bl");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('16.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '16.04', 'pkgname': 'node-bl', 'pkgver': '0.9.3-1ubuntu0.1~esm1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'node-bl');
}
VendorProductVersionCPE
canonicalubuntu_linux16.04cpe:/o:canonical:ubuntu_linux:16.04:-:esm
canonicalubuntu_linuxnode-blp-cpe:/a:canonical:ubuntu_linux:node-bl

Related

ibm 15
osv 5
openvas 3
nessus 2
github 1
prion 1
hackerone 1
debian 1
cve 1
githubexploit 1
ubuntucve 1
redhatcve 1
debiancve 1
ubuntu 2
veracode 1
ibm
ibm
Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise V11 ( CVE-2020-8244)
2020-12-09 09:55:48
Security Bulletin: A security vulnerability in Node.js bl module affects IBM Cloud Pak for Multicloud Management Managed Service.
2020-12-15 17:35:27
Security Bulletin: A security vulnerability in Node.js bl module affects IBM Cloud Automation Manager.
2020-11-26 21:42:11
osv
osv
node-bl vulnerability
2022-02-08 22:24:46
node-bl vulnerability
2021-09-30 21:03:10
Remote Memory Exposure in bl
2020-09-02 15:26:19
openvas
openvas
Debian: Security Advisory (DLA-2698-1)
2021-07-01 00:00:00
Ubuntu: Security Advisory (USN-5159-1)
2023-01-27 00:00:00
Ubuntu: Security Advisory (USN-5098-1)
2021-10-05 00:00:00
nessus
nessus
Ubuntu 18.04 LTS : bl vulnerability (USN-5098-1)
2021-10-04 00:00:00
Debian DLA-2698-1 : node-bl - LTS security update
2021-07-01 00:00:00
github
github
Remote Memory Exposure in bl
2020-09-02 15:26:19
prion
prion
Buffer overflow
2020-08-30 15:15:00
hackerone
hackerone
Node.js third-party modules: [bl] Uninitialized memory exposure via negative .consume()
2020-08-24 22:04:17
debian
debian
[SECURITY] [DLA 2698-1] node-bl security update
2021-06-30 22:30:23
cve
cve
CVE-2020-8244
2020-08-30 15:15:00
githubexploit
githubexploit
Exploit for Out-of-bounds Read in Bufferlist Project Bufferlist
2020-12-08 13:40:01
ubuntucve
ubuntucve
CVE-2020-8244
2020-08-30 00:00:00
redhatcve
redhatcve
CVE-2020-8244
2020-09-02 08:51:36
debiancve
debiancve
CVE-2020-8244
2020-08-30 15:15:00
ubuntu
ubuntu
bl vulnerability
2022-02-08 00:00:00
bl vulnerability
2021-09-30 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-08-28 02:47:08
JSON
Related for UBUNTU_USN-5159-1.NASL
ibm15osv5openvas3nessus2github1prion1hackerone1debian1cve1githubexploit1ubuntucve1redhatcve1debiancve1ubuntu2veracode1