Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-5538-1.NASL
HistoryJul 28, 2022 - 12:00 a.m.

Ubuntu 20.04 LTS / 22.04 LTS : libtirpc vulnerability (USN-5538-1)

2022-07-2800:00:00
Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
JSON

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5538-1 advisory.

  • In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections. (CVE-2021-46828)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-5538-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##

include('compat.inc');

if (description)
{
  script_id(163523);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/10");

  script_cve_id("CVE-2021-46828");
  script_xref(name:"USN", value:"5538-1");

  script_name(english:"Ubuntu 20.04 LTS / 22.04 LTS : libtirpc vulnerability (USN-5538-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the
USN-5538-1 advisory.

  - In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses
    libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop
    without accepting new connections. (CVE-2021-46828)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-5538-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected libtirpc-common, libtirpc-dev and / or libtirpc3 packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-46828");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/07/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/07/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/07/28");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libtirpc-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libtirpc-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libtirpc3");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('20.04' >< os_release || '22.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 22.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '20.04', 'pkgname': 'libtirpc-common', 'pkgver': '1.2.5-1ubuntu0.1'},
    {'osver': '20.04', 'pkgname': 'libtirpc-dev', 'pkgver': '1.2.5-1ubuntu0.1'},
    {'osver': '20.04', 'pkgname': 'libtirpc3', 'pkgver': '1.2.5-1ubuntu0.1'},
    {'osver': '22.04', 'pkgname': 'libtirpc-common', 'pkgver': '1.3.2-2ubuntu0.1'},
    {'osver': '22.04', 'pkgname': 'libtirpc-dev', 'pkgver': '1.3.2-2ubuntu0.1'},
    {'osver': '22.04', 'pkgname': 'libtirpc3', 'pkgver': '1.3.2-2ubuntu0.1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libtirpc-common / libtirpc-dev / libtirpc3');
}
VendorProductVersionCPE
canonicalubuntu_linux20.04cpe:/o:canonical:ubuntu_linux:20.04:-:lts
canonicalubuntu_linux22.04cpe:/o:canonical:ubuntu_linux:22.04:-:lts
canonicalubuntu_linuxlibtirpc-commonp-cpe:/a:canonical:ubuntu_linux:libtirpc-common
canonicalubuntu_linuxlibtirpc-devp-cpe:/a:canonical:ubuntu_linux:libtirpc-dev
canonicalubuntu_linuxlibtirpc3p-cpe:/a:canonical:ubuntu_linux:libtirpc3

Related

nessus 22
prion 1
cve 1
cbl_mariner 2
oraclelinux 1
veracode 1
ubuntu 1
debiancve 1
osv 6
ubuntucve 1
rocky 2
suse 1
redhat 2
almalinux 1
alpinelinux 1
redhatcve 1
rosalinux 1
mageia 1
debian 2
redos 1
gentoo 1
photon 4
ics 2
ibm 2
avleonov 1
nessus
nessus
EulerOS 2.0 SP10 : libtirpc (EulerOS-SA-2022-2690)
2022-11-02 00:00:00
Siemens SCALANCE XCM332 Allocation of Resources Without Limits or Throttling (CVE-2021-46828)
2023-05-02 00:00:00
RHEL 9 : libtirpc (RHSA-2022:8400)
2022-11-16 00:00:00
prion
prion
Code injection
2022-07-20 06:15:00
cve
cve
CVE-2021-46828
2022-07-20 06:15:00
cbl_mariner
cbl_mariner
CVE-2021-46828 affecting package libtirpc 1.3.3-1
2024-04-18 09:20:20
CVE-2021-46828 affecting package libtirpc 1.1.4-4
2022-09-17 05:56:35
oraclelinux
oraclelinux
libtirpc security update
2022-11-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-07-20 11:06:47
ubuntu
ubuntu
libtirpc vulnerability
2022-07-28 00:00:00
debiancve
debiancve
CVE-2021-46828
2022-07-20 06:15:00
osv
osv
libtirpc - security update
2022-08-07 00:00:00
libtirpc vulnerability
2022-07-28 14:40:41
libtirpc - security update
2022-08-11 00:00:00
ubuntucve
ubuntucve
CVE-2021-46828
2022-07-20 00:00:00
rocky
rocky
libtirpc security update
2022-11-15 06:23:29
libtirpc bug fix and enhancement update
2022-05-10 08:15:03
suse
suse
Security update for libtirpc (important)
2022-09-19 00:00:00
redhat
redhat
(RHSA-2022:8400) Moderate: libtirpc security update
2022-11-15 06:23:29
(RHSA-2023:3742) Important: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update
2023-06-21 15:20:50
almalinux
almalinux
Moderate: libtirpc security update
2022-11-15 00:00:00
alpinelinux
alpinelinux
CVE-2021-46828
2022-07-20 06:15:00
redhatcve
redhatcve
CVE-2021-46828
2022-07-21 07:45:33
rosalinux
rosalinux
Advisory ROSA-SA-2024-2339
2024-02-06 08:17:10
mageia
mageia
Updated libitrpc packages fix security vulnerability
2022-08-20 13:04:13
debian
debian
[SECURITY] [DLA 3071-1] libtirpc security update
2022-08-11 10:59:36
[SECURITY] [DSA 5200-1] libtirpc security update
2022-08-07 08:56:53
redos
redos
ROS-20240403-03
2024-04-03 00:00:00
gentoo
gentoo
Libtirpc: Denial of Service
2022-10-31 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0504
2022-08-06 00:00:00
Important Photon OS Security Update - PHSA-2022-0224
2022-08-06 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0431
2022-08-09 00:00:00
ics
ics
Siemens SCALANCE XCM332
2023-04-13 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
ibm
ibm
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from curl, systemd, and Golang Go
2022-09-28 09:47:09
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
2023-07-31 09:28:35
avleonov
avleonov
Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs
2022-12-30 18:03:13
JSON
Related for UBUNTU_USN-5538-1.NASL
nessus22prion1cve1cbl_mariner2oraclelinux1veracode1ubuntu1debiancve1osv6ubuntucve1rocky2suse1redhat2almalinux1alpinelinux1redhatcve1rosalinux1mageia1debian2redos1gentoo1photon4ics2ibm2avleonov1