Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-5198.NASL
HistoryAug 03, 2022 - 12:00 a.m.

Debian DSA-5198-1 : jetty9 - security update

2022-08-0300:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

51.1%

JSON

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5198 advisory.

  • In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario. (CVE-2022-2047)

  • In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests. (CVE-2022-2048)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dsa-5198. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('compat.inc');

if (description)
{
  script_id(163753);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/17");

  script_cve_id("CVE-2022-2047", "CVE-2022-2048");

  script_name(english:"Debian DSA-5198-1 : jetty9 - security update");

  script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing one or more security-related updates.");
  script_set_attribute(attribute:"description", value:
"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the
dsa-5198 advisory.

  - In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the
    parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an
    invalid input as a hostname. This can lead to failures in a Proxy scenario. (CVE-2022-2047)

  - In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error
    handling has a bug that can wind up not properly cleaning up the active connections and associated
    resources. This can lead to a Denial of Service scenario where there are no enough resources left to
    process good requests. (CVE-2022-2048)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/jetty9");
  script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2022/dsa-5198");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-2047");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-2048");
  script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/bullseye/jetty9");
  script_set_attribute(attribute:"solution", value:
"Upgrade the jetty9 packages.

For the stable distribution (bullseye), these problems have been fixed in version 9.4.39-3+deb11u1.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-2047");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/07/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/08/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/08/03");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:jetty9");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libjetty9-extra-java");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libjetty9-java");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Debian Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);

var release = get_kb_item('Host/Debian/release');
if ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');
var release = chomp(release);
if (! preg(pattern:"^(11)\.[0-9]+", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);

var pkgs = [
    {'release': '11.0', 'prefix': 'jetty9', 'reference': '9.4.39-3+deb11u1'},
    {'release': '11.0', 'prefix': 'libjetty9-extra-java', 'reference': '9.4.39-3+deb11u1'},
    {'release': '11.0', 'prefix': 'libjetty9-java', 'reference': '9.4.39-3+deb11u1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var release = NULL;
  var prefix = NULL;
  var reference = NULL;
  if (!empty_or_null(package_array['release'])) release = package_array['release'];
  if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (release && prefix && reference) {
    if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : deb_report_get()
  );
  exit(0);
}
else
{
  var tested = deb_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'jetty9 / libjetty9-extra-java / libjetty9-java');
}
VendorProductVersionCPE
debiandebian_linuxjetty9p-cpe:/a:debian:debian_linux:jetty9
debiandebian_linuxlibjetty9-extra-javap-cpe:/a:debian:debian_linux:libjetty9-extra-java
debiandebian_linuxlibjetty9-javap-cpe:/a:debian:debian_linux:libjetty9-java
debiandebian_linux11.0cpe:/o:debian:debian_linux:11.0

Related

openvas 6
osv 7
debian 2
ibm 41
nessus 8
ubuntucve 2
cve 2
github 2
veracode 2
alpinelinux 1
prion 2
debiancve 2
redhatcve 2
nvd 2
githubexploit 1
cvelist 2
redhat 7
oracle 4
openvas
openvas
Eclipse Jetty Multiple Vulnerabilities (Jul 2022) - Linux
2022-07-08 00:00:00
Debian: Security Advisory (DLA-3079-1)
2022-08-22 00:00:00
Debian: Security Advisory (DSA-5198-1)
2022-08-03 00:00:00
osv
osv
jetty9 - security update
2022-08-22 00:00:00
jetty9 - security update
2022-08-02 00:00:00
BIT-jenkins-2022-2048
2024-03-06 10:58:27
debian
debian
[SECURITY] [DSA 5198-1] jetty9 security update
2022-08-02 11:01:19
[SECURITY] [DLA 3079-1] jetty9 security update
2022-08-21 22:58:15
ibm
ibm
Security Bulletin: Tivoli Netcool/Omnibus installation contains vulnerable Eclipse Jetty code libraries (Multiple CVEs)
2022-12-30 14:56:25
Security Bulletin: An Eclipse Jetty vulnerability affects IBM Rational Functional Tester
2022-08-17 05:45:47
Security Bulletin: IBM Secure External Authentication Server is vulnerable to multiple issues due to Eclipse Jetty
2022-07-29 17:36:26
nessus
nessus
Debian DLA-3079-1 : jetty9 - LTS security update
2022-08-22 00:00:00
Jenkins LTS < 2.361.1 / Jenkins weekly < 2.363
2022-09-09 00:00:00
Oracle Database Server (Oct 2022 CPU)
2022-10-21 00:00:00
ubuntucve
ubuntucve
CVE-2022-2048
2022-07-07 00:00:00
CVE-2022-2047
2022-07-07 00:00:00
cve
cve
CVE-2022-2048
2022-07-07 21:15:10
CVE-2022-2047
2022-07-07 21:15:10
github
github
Jetty vulnerable to Invalid HTTP/2 requests that can lead to denial of service
2022-07-07 20:55:40
Jetty invalid URI parsing may produce invalid HttpURI.authority
2022-07-07 20:55:34
veracode
veracode
Denial Of Service (DoS)
2022-07-08 05:05:57
Improper Input Validation
2022-07-08 04:29:10
alpinelinux
alpinelinux
CVE-2022-2048
2022-07-07 21:15:10
prion
prion
Design/Logic Flaw
2022-07-07 21:15:00
Design/Logic Flaw
2022-07-07 21:15:00
debiancve
debiancve
CVE-2022-2048
2022-07-07 21:15:10
CVE-2022-2047
2022-07-07 21:15:10
redhatcve
redhatcve
CVE-2022-2048
2022-08-09 15:36:51
CVE-2022-2047
2022-08-09 15:36:51
nvd
nvd
CVE-2022-2047
2022-07-07 21:15:10
CVE-2022-2048
2022-07-07 21:15:10
githubexploit
githubexploit
Exploit for CVE-2022-2048
2023-10-31 11:32:00
cvelist
cvelist
CVE-2022-2048
2022-07-07 20:35:09
CVE-2022-2047
2022-07-07 20:45:12
redhat
redhat
(RHSA-2023:0189) Moderate: Red Hat AMQ Streams 2.3.0 release and security update
2023-01-17 11:45:43
(RHSA-2023:1661) Important: Red Hat AMQ Broker 7.11.0 release and security update
2023-04-05 13:22:07
(RHSA-2023:0017) Important: OpenShift Container Platform 4.8.56 packages and security update
2023-01-12 16:42:52
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

51.1%

JSON
Related for DEBIAN_DSA-5198.NASL
openvas6osv7debian2ibm41nessus8ubuntucve2cve2github2veracode2alpinelinux1prion2debiancve2redhatcve2nvd2githubexploit1cvelist2redhat7oracle4