9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.1 Medium
AI Score
Confidence
Low
0.733 High
EPSS
Percentile
98.1%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.10.2022.0236");
script_cve_id("CVE-2021-36045", "CVE-2021-36046", "CVE-2021-36047", "CVE-2021-36048", "CVE-2021-36050", "CVE-2021-36051", "CVE-2021-36052", "CVE-2021-36053", "CVE-2021-36054", "CVE-2021-36055", "CVE-2021-36056", "CVE-2021-36058", "CVE-2021-36064", "CVE-2021-39847", "CVE-2021-40716", "CVE-2021-40732", "CVE-2021-42528", "CVE-2021-42529", "CVE-2021-42530", "CVE-2021-42531", "CVE-2021-42532");
script_tag(name:"creation_date", value:"2022-06-20 04:29:41 +0000 (Mon, 20 Jun 2022)");
script_version("2024-02-02T05:06:09+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:09 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2022-05-11 00:36:37 +0000 (Wed, 11 May 2022)");
script_name("Mageia: Security Advisory (MGASA-2022-0236)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2022 Greenbone AG");
script_family("Mageia Linux Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA8");
script_xref(name:"Advisory-ID", value:"MGASA-2022-0236");
script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2022-0236.html");
script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=30557");
script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-5483-1");
script_tag(name:"summary", value:"The remote host is missing an update for the 'exempi' package(s) announced via the MGASA-2022-0236 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an
out-of-bounds read vulnerability that could lead to disclosure of
arbitrary memory. An attacker could leverage this vulnerability to bypass
mitigations such as ASLR. Exploitation of this issue requires user
interaction in that a victim must open a malicious file. (CVE-2021-36045)
XMP Toolkit version 2020.1 (and earlier) is affected by a memory
corruption vulnerability, potentially resulting in arbitrary code
execution in the context of the current user. User interaction is required
to exploit this vulnerability. (CVE-2021-36046)
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper
Input Validation vulnerability potentially resulting in arbitrary code
execution in the context of the current user. Exploitation requires user
interaction in that a victim must open a crafted file. (CVE-2021-36047)
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper
Input Validation vulnerability potentially resulting in arbitrary code
execution in the context of the current user. Exploitation requires user
interaction in that a victim must open a crafted file. (CVE-2021-36048)
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer
overflow vulnerability potentially resulting in arbitrary code execution
in the context of the current user. Exploitation requires user interaction
in that a victim must open a crafted file. (CVE-2021-36050)
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer
overflow vulnerability potentially resulting in arbitrary code execution
in the context of the current user. Exploitation requires user interaction
in that a victim must open a specially-crafted .cpp file. (CVE-2021-36051)
XMP Toolkit version 2020.1 (and earlier) is affected by a memory
corruption vulnerability, potentially resulting in arbitrary code
execution in the context of the current user. User interaction is required
to exploit this vulnerability. (CVE-2021-36052)
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an
out-of-bounds read vulnerability that could lead to disclosure of
arbitrary memory. An attacker could leverage this vulnerability to bypass
mitigations such as ASLR. Exploitation of this issue requires user
interaction in that a victim must open a malicious file. (CVE-2021-36053)
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer
overflow vulnerability potentially resulting in local application denial
of service in the context of the current user. Exploitation requires user
interaction in that a victim must open a crafted file. (CVE-2021-36054)
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a
use-after-free vulnerability that could result in arbitrary code execution
in the context of the current user. Exploitation of this issue requires
user interaction in that a victim must open a malicious ... [Please see the references for more information on the vulnerabilities]");
script_tag(name:"affected", value:"'exempi' package(s) on Mageia 8.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "MAGEIA8") {
if(!isnull(res = isrpmvuln(pkg:"exempi", rpm:"exempi~2.5.1~2.1.mga8", rls:"MAGEIA8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64exempi-devel", rpm:"lib64exempi-devel~2.5.1~2.1.mga8", rls:"MAGEIA8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64exempi8", rpm:"lib64exempi8~2.5.1~2.1.mga8", rls:"MAGEIA8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libexempi-devel", rpm:"libexempi-devel~2.5.1~2.1.mga8", rls:"MAGEIA8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libexempi8", rpm:"libexempi8~2.5.1~2.1.mga8", rls:"MAGEIA8"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.1 Medium
AI Score
Confidence
Low
0.733 High
EPSS
Percentile
98.1%