Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.AL2_ALAS-2019-1226.NASLHistoryJun 14, 2019 - 12:00 a.m.
Amazon Linux 2 : libX11 (ALAS-2019-1226)
2019-06-1400:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.5 High
AI Score
Confidence
High
0.011 Low
EPSS
Percentile
84.1%
An off-by-one error has been discovered in libX11 in functions XGetFontPath(), XListExtensions(), and XListFonts(). An attacker who can either configure a malicious X server or modify the data coming from one could use this flaw to make the program crash or have other unspecified effects, caused by the memory corruption. (CVE-2018-14599)
It was discovered that libX11 does not properly validate input coming from the server, causing XListExtensions() and XGetFontPath() functions to produce an invalid list of elements that in turn make XFreeExtensionsList() and XFreeFontPath() access invalid memory. An attacker who can either configure a malicious X server or modify the data coming from one, could use this flaw to crash the application using libX11, resulting in a denial of service. (CVE-2018-14598)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1226.
#
include('compat.inc');
if (description)
{
script_id(125898);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/16");
script_cve_id("CVE-2018-14598", "CVE-2018-14599");
script_xref(name:"ALAS", value:"2019-1226");
script_name(english:"Amazon Linux 2 : libX11 (ALAS-2019-1226)");
script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux 2 host is missing a security update.");
script_set_attribute(attribute:"description", value:
"An off-by-one error has been discovered in libX11 in functions
XGetFontPath(), XListExtensions(), and XListFonts(). An attacker who
can either configure a malicious X server or modify the data coming
from one could use this flaw to make the program crash or have other
unspecified effects, caused by the memory corruption. (CVE-2018-14599)
It was discovered that libX11 does not properly validate input coming
from the server, causing XListExtensions() and XGetFontPath()
functions to produce an invalid list of elements that in turn make
XFreeExtensionsList() and XFreeFontPath() access invalid memory. An
attacker who can either configure a malicious X server or modify the
data coming from one, could use this flaw to crash the application
using libX11, resulting in a denial of service. (CVE-2018-14598)");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/AL2/ALAS-2019-1226.html");
script_set_attribute(attribute:"solution", value:
"Run 'yum update libX11' to update your system.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-14599");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/24");
script_set_attribute(attribute:"patch_publication_date", value:"2019/06/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libX11");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libX11-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libX11-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libX11-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Amazon Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "2")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux 2", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (rpm_check(release:"AL2", reference:"libX11-1.6.5-2.amzn2.0.2")) flag++;
if (rpm_check(release:"AL2", reference:"libX11-common-1.6.5-2.amzn2.0.2")) flag++;
if (rpm_check(release:"AL2", reference:"libX11-debuginfo-1.6.5-2.amzn2.0.2")) flag++;
if (rpm_check(release:"AL2", reference:"libX11-devel-1.6.5-2.amzn2.0.2")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libX11 / libX11-common / libX11-debuginfo / libX11-devel");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| amazon | linux | libx11-debuginfo | p-cpe:/a:amazon:linux:libx11-debuginfo |
| amazon | linux | libx11 | p-cpe:/a:amazon:linux:libx11 |
| amazon | linux | libx11-common | p-cpe:/a:amazon:linux:libx11-common |
| amazon | linux | 2 | cpe:/o:amazon:linux:2 |
| amazon | linux | libx11-devel | p-cpe:/a:amazon:linux:libx11-devel |
Related
openvas
openvas
Fedora Update for libX11 FEDORA-2019-6a756fe3a5
2019-04-30 00:00:00
Huawei EulerOS: Security Advisory for libX11 (EulerOS-SA-2019-1948)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libx11 (EulerOS-SA-2019-1884)
2020-01-23 00:00:00
amazon
amazon
Medium: libX11
2019-06-11 23:17:00
Medium: xorg-x11-server
2020-06-03 18:21:00
ibm
ibm
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in X.Org libx11 (CVE-2018-14599 CVE-2018-14598)
2019-04-11 21:00:01
nessus
nessus
Fedora 28 : libX11 (2019-6a756fe3a5)
2019-04-30 00:00:00
EulerOS Virtualization for ARM 64 3.0.2.0 : libX11 (EulerOS-SA-2019-1948)
2019-09-17 00:00:00
EulerOS 2.0 SP5 : libx11 (EulerOS-SA-2019-1884)
2019-09-16 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: libX11-1.6.7-1.fc28
2019-04-30 01:41:08
mageia
mageia
Updated libx11 packages fix security vulnerabilities
2018-09-21 02:17:55
slackware
slackware
[slackware-security] libX11
2018-08-21 20:09:53
freebsd
freebsd
libX11 -- Multiple vulnerabilities
2018-08-21 00:00:00
gentoo
gentoo
X.Org X11 library: Multiple vulnerabilities
2018-11-09 00:00:00
suse
suse
Security update for libX11 (important)
2018-08-31 12:07:54
Security update for libX11 (moderate)
2018-10-05 12:07:58
debian
debian
[SECURITY] [DLA 1482-1] libx11 security update
2018-08-29 22:17:50
osv
osv
libx11 - security update
2018-08-29 00:00:00
CVE-2018-14598
2018-08-24 19:29:01
CVE-2018-14599
2018-08-24 19:29:01
ubuntu
ubuntu
libx11 vulnerabilities
2018-08-30 00:00:00
libx11 vulnerabilities
2018-08-30 00:00:00
cve
cve
CVE-2018-14598
2018-08-24 19:29:01
CVE-2018-14599
2018-08-24 19:29:01
redhatcve
redhatcve
CVE-2018-14598
2018-08-28 20:25:00
CVE-2018-14599
2018-08-28 20:51:16
alpinelinux
alpinelinux
CVE-2018-14598
2018-08-24 19:29:01
CVE-2018-14599
2018-08-24 19:29:01
cloudfoundry
cloudfoundry
USN-3758-1: libx11 vulnerabilities | Cloud Foundry
2018-09-27 00:00:00
debiancve
debiancve
CVE-2018-14599
2018-08-24 19:29:01
CVE-2018-14598
2018-08-24 19:29:01
veracode
veracode
Out-Of-Bounds Write
2018-08-23 03:42:19
Denial Of Service (DoS)
2018-08-27 08:35:54
nvd
nvd
CVE-2018-14599
2018-08-24 19:29:01
CVE-2018-14598
2018-08-24 19:29:01
ubuntucve
ubuntucve
CVE-2018-14599
2018-08-24 00:00:00
CVE-2018-14598
2018-08-24 00:00:00
prion
prion
Buffer overflow
2018-08-24 19:29:00
Code injection
2018-08-24 19:29:00
cvelist
cvelist
CVE-2018-14598
2018-08-24 19:00:00
CVE-2018-14599
2018-08-24 19:00:00
github
github
ICYMI: improved C++ vulnerability coverage and CodeQL support for Lombok
2023-10-19 19:14:39
centos
centos
gdm, libX11, libxkbcommon, xorg security update
2019-08-30 02:52:02
redhat
redhat
(RHSA-2019:2079) Moderate: Xorg security and bug fix update
2019-08-06 07:58:40
oraclelinux
oraclelinux
Xorg security and bug fix update
2019-08-13 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.5 High
AI Score
Confidence
High
0.011 Low
EPSS
Percentile
84.1%
Related for AL2_ALAS-2019-1226.NASL