Lucene search
Ubuntu Security Notice (C) 2024 Canonical, Inc. / NASL script (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-6852-1.NASLHistoryJun 26, 2024 - 12:00 a.m.
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Wget vulnerability (USN-6852-1)
2024-06-2600:00:00
Ubuntu Security Notice (C) 2024 Canonical, Inc. / NASL script (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
1
ubuntu 20.04 lts
ubuntu 22.04 lts
ubuntu 23.10
wget vulnerability
remote attacker
uri
userinfo
tenable
nessus
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6852-1 advisory.
It was discovered that Wget incorrectly handled semicolons in the userinfo subcomponent of a URI. A remote attacker could possibly trick a user into connecting to a different host than expected.
Tenable has extracted the preceding description block directly from the Ubuntu security advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-6852-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##
include('compat.inc');
if (description)
{
script_id(201043);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/26");
script_cve_id("CVE-2024-38428");
script_xref(name:"USN", value:"6852-1");
script_name(english:"Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Wget vulnerability (USN-6852-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has a package installed that is affected by a
vulnerability as referenced in the USN-6852-1 advisory.
It was discovered that Wget incorrectly handled semicolons in the userinfo subcomponent of a URI. A remote
attacker could possibly trick a user into connecting to a different host than expected.
Tenable has extracted the preceding description block directly from the Ubuntu security advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-6852-1");
script_set_attribute(attribute:"solution", value:
"Update the affected wget package.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-38428");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/06/16");
script_set_attribute(attribute:"patch_publication_date", value:"2024/06/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/06/26");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:23.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:24.04:-:lts");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:wget");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Ubuntu Local Security Checks");
script_copyright(english:"Ubuntu Security Notice (C) 2024 Canonical, Inc. / NASL script (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('20.04' >< os_release || '22.04' >< os_release || '23.10' >< os_release || '24.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 22.04 / 23.10 / 24.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);
var pkgs = [
{'osver': '20.04', 'pkgname': 'wget', 'pkgver': '1.20.3-1ubuntu2.1'},
{'osver': '22.04', 'pkgname': 'wget', 'pkgver': '1.21.2-2ubuntu1.1'},
{'osver': '23.10', 'pkgname': 'wget', 'pkgver': '1.21.3-1ubuntu1.1'},
{'osver': '24.04', 'pkgname': 'wget', 'pkgver': '1.21.4-1ubuntu4.1'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var osver = NULL;
var pkgname = NULL;
var pkgver = NULL;
if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
if (osver && pkgname && pkgver) {
if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
var tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'wget');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | 20.04 | cpe:/o:canonical:ubuntu_linux:20.04:-:lts |
| canonical | ubuntu_linux | wget | p-cpe:/a:canonical:ubuntu_linux:wget |
| canonical | ubuntu_linux | 22.04 | cpe:/o:canonical:ubuntu_linux:22.04:-:lts |
| canonical | ubuntu_linux | 23.10 | cpe:/o:canonical:ubuntu_linux:23.10 |
| canonical | ubuntu_linux | 24.04 | cpe:/o:canonical:ubuntu_linux:24.04:-:lts |
Related
debiancve
debiancve
CVE-2024-38428
2024-06-16 03:15:08
osv
osv
wget vulnerability
2024-06-27 10:42:13
wget vulnerability
2024-06-26 12:20:33
redhatcve
redhatcve
CVE-2024-38428
2024-06-18 05:07:17
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0240)
2024-06-28 00:00:00
Ubuntu: Security Advisory (USN-6852-1)
2024-06-27 00:00:00
Ubuntu: Security Advisory (USN-6852-2)
2024-06-28 00:00:00
nvd
nvd
CVE-2024-38428
2024-06-16 03:15:08
nessus
nessus
SUSE SLES12 Security Update : wget (SUSE-SU-2024:2154-1)
2024-06-22 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : Wget vulnerability (USN-6852-2)
2024-06-27 00:00:00
cvelist
cvelist
CVE-2024-38428
2024-06-16 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-38428 affecting package wget for versions less than 1.21.2-3
2024-06-28 17:07:09
ubuntucve
ubuntucve
CVE-2024-38428
2024-06-16 00:00:00
redos
redos
ROS-20240619-03
2024-06-19 00:00:00
cve
cve
CVE-2024-38428
2024-06-16 03:15:08
mageia
mageia
Updated wget packages fix security vulnerability
2024-06-27 20:12:06