Lucene search

K
openvasCopyright (C) 2018 Greenbone AGOPENVAS:1361412562310814517
HistoryNov 29, 2018 - 12:00 a.m.

Node.js Multiple Vulnerabilities (Nov 2018) - Mac OS X

2018-11-2900:00:00
Copyright (C) 2018 Greenbone AG
plugins.openvas.org
22

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.7

Confidence

Low

EPSS

0.013

Percentile

86.3%

Node.js is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2018 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:nodejs:node.js";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.814517");
  script_version("2024-02-08T14:36:53+0000");
  script_cve_id("CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_tag(name:"last_modification", value:"2024-02-08 14:36:53 +0000 (Thu, 08 Feb 2024)");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2022-09-06 17:54:00 +0000 (Tue, 06 Sep 2022)");
  script_tag(name:"creation_date", value:"2018-11-29 13:13:28 +0530 (Thu, 29 Nov 2018)");
  script_tag(name:"qod_type", value:"executable_version");
  script_name("Node.js Multiple Vulnerabilities (Nov 2018) - Mac OS X");

  script_tag(name:"summary", value:"Node.js is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws are due to:

  - An error in Hostname spoofing in URL parser for javascript protocol, If a
    Node.js is using url.parse() to determine the URL hostname, that hostname
    can be spoofed by using a mixed case 'javascript:',

  - An error in Slowloris HTTP, An attacker can cause a Denial of Service
    (DoS) by sending headers very slowly keeping HTTP or HTTPS connections
    and associated resources alive for a long period of time and

  - Denial of Service with large HTTP headers, By using a combination of many
    requests with maximum sized headers (almost 80 KB per connection), and
    carefully timed completion of the headers, it is possible to cause the
    HTTP server to abort from heap allocation failure.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to conduct denial of service and spoofing attacks.");

  script_tag(name:"affected", value:"Node.js All versions prior to 6.15.0,
  8.14.0, 10.14.0 and 11.3.0 on Mac OS X.");

  script_tag(name:"solution", value:"Upgrade to Node.js version 6.15.0, 8.14.0,
  or 10.14.0, 11.3.0 or later. Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_xref(name:"URL", value:"https://nodejs.org/en/blog/vulnerability/november-2018-security-releases");
  script_copyright("Copyright (C) 2018 Greenbone AG");
  script_category(ACT_GATHER_INFO);
  script_family("General");
  script_dependencies("gb_nodejs_detect_macosx.nasl");
  script_mandatory_keys("Nodejs/MacOSX/Ver");
  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );
nodejsVer = infos['version'];
appPath = infos['location'];

if(version_in_range(version:nodejsVer, test_version:"6.0", test_version2:"6.14.0")){
  fix = "6.15.0";
}

else if(version_in_range(version:nodejsVer, test_version:"8.0", test_version2:"8.13.0,")){
  fix = "8.14.0";
}

else if(version_in_range(version:nodejsVer, test_version:"10.0", test_version2:"10.13.0")){
  fix = "10.14.0";
}

else if(version_in_range(version:nodejsVer, test_version:"11.0", test_version2:"11.2.0")){
  fix = "11.3.0";
}

if(fix)
{
  report = report_fixed_ver(installed_version:nodejsVer, fixed_version:fix, install_path:appPath);
  security_message(data:report);
  exit(0);
}
exit(99);

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.7

Confidence

Low

EPSS

0.013

Percentile

86.3%