The remote host is missing an update for the
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.10.2022.0383");
script_cve_id("CVE-2022-24882", "CVE-2022-24883");
script_tag(name:"creation_date", value:"2022-10-24 04:53:32 +0000 (Mon, 24 Oct 2022)");
script_version("2024-02-02T05:06:09+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:09 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2022-05-06 13:51:41 +0000 (Fri, 06 May 2022)");
script_name("Mageia: Security Advisory (MGASA-2022-0383)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2022 Greenbone AG");
script_family("Mageia Linux Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA8");
script_xref(name:"Advisory-ID", value:"MGASA-2022-0383");
script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2022-0383.html");
script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=30392");
script_xref(name:"URL", value:"https://lists.fedoraproject.org/archives/list/[email protected]/thread/AELSWWBAM2YONRPGLWVDY6UNTLJERJYL/");
script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-5461-1");
script_xref(name:"URL", value:"https://lists.opensuse.org/archives/list/[email protected]/thread/3XAZEK5W555DLYFBAHQKYWZRJ4CADMBX/");
script_tag(name:"summary", value:"The remote host is missing an update for the 'freerdp' package(s) announced via the MGASA-2022-0383 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In
versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not
properly abort when someone provides and empty password value. This issue
affects FreeRDP based RDP Server implementations. RDP clients are not
affected. The vulnerability is patched in FreeRDP 2.7.0. There are
currently no known workarounds. (CVE-2022-24882)
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP).
Prior to version 2.7.0, server side authentication against a 'SAM' file
might be successful for invalid credentials if the server has configured
an invalid 'SAM' file path. FreeRDP based clients are not affected. RDP
server implementations using FreeRDP to authenticate against a 'SAM' file
are affected. Version 2.7.0 contains a fix for this issue. As a
workaround, use custom authentication via 'HashCallback' and/or ensure the
'SAM' database path configured is valid and the application has file
handles left. (CVE-2022-24883)");
script_tag(name:"affected", value:"'freerdp' package(s) on Mageia 8.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "MAGEIA8") {
if(!isnull(res = isrpmvuln(pkg:"freerdp", rpm:"freerdp~2.2.0~1.2.mga8", rls:"MAGEIA8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64freerdp-devel", rpm:"lib64freerdp-devel~2.2.0~1.2.mga8", rls:"MAGEIA8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64freerdp2", rpm:"lib64freerdp2~2.2.0~1.2.mga8", rls:"MAGEIA8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreerdp-devel", rpm:"libfreerdp-devel~2.2.0~1.2.mga8", rls:"MAGEIA8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreerdp2", rpm:"libfreerdp2~2.2.0~1.2.mga8", rls:"MAGEIA8"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
advisories.mageia.org/MGASA-2022-0383.html
bugs.mageia.org/show_bug.cgi?id=30392
lists.fedoraproject.org/archives/list/[email protected]/thread/AELSWWBAM2YONRPGLWVDY6UNTLJERJYL/
lists.opensuse.org/archives/list/[email protected]/thread/3XAZEK5W555DLYFBAHQKYWZRJ4CADMBX/
ubuntu.com/security/notices/USN-5461-1
MGASA-2022-0383