Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-3031.NASL
HistorySep 25, 2014 - 12:00 a.m.

Debian DSA-3031-1 : apt - security update

2014-09-2500:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.4%

JSON

The Google Security Team discovered a buffer overflow vulnerability in the HTTP transport code in apt-get. An attacker able to man-in-the-middle a HTTP request to an apt repository can trigger the buffer overflow, leading to a crash of the ‘http’ apt method binary, or potentially to arbitrary code execution.

Two regression fixes were included in this update :

  • Fix regression from the previous update in DSA-3025-1 when the custom apt configuration option for Dir::state::lists is set to a relative path (#762160).
  • Fix regression in the reverification handling of cdrom:
    sources that may lead to incorrect hashsum warnings.
    Affected users need to run ‘apt-cdrom add’ again after the update was applied.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-3031. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(77824);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2014-6273");
  script_xref(name:"DSA", value:"3031");

  script_name(english:"Debian DSA-3031-1 : apt - security update");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The Google Security Team discovered a buffer overflow vulnerability in
the HTTP transport code in apt-get. An attacker able to
man-in-the-middle a HTTP request to an apt repository can trigger the
buffer overflow, leading to a crash of the 'http' apt method binary,
or potentially to arbitrary code execution.

Two regression fixes were included in this update :

  - Fix regression from the previous update in DSA-3025-1
    when the custom apt configuration option for
    Dir::state::lists is set to a relative path (#762160).
  - Fix regression in the reverification handling of cdrom:
    sources that may lead to incorrect hashsum warnings.
    Affected users need to run 'apt-cdrom add' again after
    the update was applied."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/wheezy/apt"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2014/dsa-3031"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the apt packages.

For the stable distribution (wheezy), this problem has been fixed in
version 0.9.7.9+deb7u5."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:apt");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/09/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/25");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"7.0", prefix:"apt", reference:"0.9.7.9+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"apt-doc", reference:"0.9.7.9+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"apt-transport-https", reference:"0.9.7.9+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"apt-utils", reference:"0.9.7.9+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"libapt-inst1.5", reference:"0.9.7.9+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"libapt-pkg-dev", reference:"0.9.7.9+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"libapt-pkg-doc", reference:"0.9.7.9+deb7u5")) flag++;
if (deb_check(release:"7.0", prefix:"libapt-pkg4.12", reference:"0.9.7.9+deb7u5")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxaptp-cpe:/a:debian:debian_linux:apt
debiandebian_linux7.0cpe:/o:debian:debian_linux:7.0

Related

mageia 1
debian 4
openvas 5
osv 1
cve 1
ubuntu 1
debiancve 1
nvd 1
prion 1
nessus 1
ubuntucve 1
securityvulns 2
cvelist 1
fortinet 1
mageia
mageia
Updated apt packages fix security vulnerability
2014-11-12 12:56:47
debian
debian
[SECURITY] [DLA 58-1] apt security update
2014-09-23 17:05:35
[SECURITY] [DSA 3031-1] apt security update
2014-09-23 16:18:11
[SECURITY] [DSA 3031-1] apt security update
2014-09-23 16:18:11
openvas
openvas
Debian: Security Advisory (DSA-3031-1)
2014-09-22 00:00:00
Debian Security Advisory DSA 3031-1 (apt - security update)
2014-09-23 00:00:00
Debian: Security Advisory (DLA-58-1)
2023-03-08 00:00:00
osv
osv
apt - security update
2014-09-23 00:00:00
cve
cve
CVE-2014-6273
2014-09-30 14:55:11
ubuntu
ubuntu
APT vulnerability
2014-09-23 00:00:00
debiancve
debiancve
CVE-2014-6273
2014-09-30 14:55:11
nvd
nvd
CVE-2014-6273
2014-09-30 14:55:11
prion
prion
Buffer overflow
2014-09-30 14:55:00
nessus
nessus
Ubuntu 14.04 LTS : APT vulnerability (USN-2353-1)
2014-09-24 00:00:00
ubuntucve
ubuntucve
CVE-2014-6273
2014-09-23 00:00:00
securityvulns
securityvulns
[USN-2353-1] APT vulnerability
2014-09-25 00:00:00
apt multiple security vulnerabilities
2014-09-25 00:00:00
cvelist
cvelist
CVE-2014-6273
2014-09-30 14:00:00
fortinet
fortinet
Remote Exploit Vulnerability in Bash - (Shellshock)
2014-09-25 00:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.4%

JSON
Related for DEBIAN_DSA-3031.NASL
mageia1debian4openvas5osv1cve1ubuntu1debiancve1nvd1prion1nessus1ubuntucve1securityvulns2cvelist1fortinet1