Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-5305.NASL
HistoryDec 23, 2022 - 12:00 a.m.

Debian DSA-5305-1 : libksba - security update

2022-12-2300:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
debian 11
libksba
integer overflow

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

71.5%

JSON

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5305 advisory.

  • Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.
    (CVE-2022-47629)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dsa-5305. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('compat.inc');

if (description)
{
  script_id(169280);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/02/10");

  script_cve_id("CVE-2022-47629");
  script_xref(name:"IAVA", value:"2023-A-0072");

  script_name(english:"Debian DSA-5305-1 : libksba - security update");

  script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing a security-related update.");
  script_set_attribute(attribute:"description", value:
"The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5305
advisory.

  - Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.
    (CVE-2022-47629)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/libksba");
  script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2022/dsa-5305");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-47629");
  script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/bullseye/libksba");
  script_set_attribute(attribute:"solution", value:
"Upgrade the libksba packages.

For the stable distribution (bullseye), this problem has been fixed in version 1.5.0-3+deb11u2.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-47629");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/12/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/12/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/12/23");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libksba-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libksba-mingw-w64-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libksba8");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Debian Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);

var debian_release = get_kb_item('Host/Debian/release');
if ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');
debian_release = chomp(debian_release);
if (! preg(pattern:"^(11)\.[0-9]+", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + debian_release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);

var pkgs = [
    {'release': '11.0', 'prefix': 'libksba-dev', 'reference': '1.5.0-3+deb11u2'},
    {'release': '11.0', 'prefix': 'libksba-mingw-w64-dev', 'reference': '1.5.0-3+deb11u2'},
    {'release': '11.0', 'prefix': 'libksba8', 'reference': '1.5.0-3+deb11u2'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var _release = NULL;
  var prefix = NULL;
  var reference = NULL;
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (_release && prefix && reference) {
    if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : deb_report_get()
  );
  exit(0);
}
else
{
  var tested = deb_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libksba-dev / libksba-mingw-w64-dev / libksba8');
}
VendorProductVersionCPE
debiandebian_linux11.0cpe:/o:debian:debian_linux:11.0
debiandebian_linuxlibksba8p-cpe:/a:debian:debian_linux:libksba8
debiandebian_linuxlibksba-devp-cpe:/a:debian:debian_linux:libksba-dev
debiandebian_linuxlibksba-mingw-w64-devp-cpe:/a:debian:debian_linux:libksba-mingw-w64-dev

Related

nessus 49
ibm 9
osv 10
oraclelinux 3
redhat 59
openvas 24
ubuntu 2
cbl_mariner 2
ubuntucve 1
nvd 1
photon 6
rocky 2
rosalinux 3
amazon 2
debiancve 1
centos 1
debian 2
veracode 1
alpinelinux 1
redos 1
almalinux 2
prion 1
cvelist 1
redhatcve 1
mageia 1
cve 1
gentoo 1
cloudlinux 1
ics 1
oracle 1
nessus
nessus
Oracle Linux 8 : libksba (ELSA-2023-0625)
2023-02-08 00:00:00
Oracle Linux 9 : libksba (ELSA-2023-0626)
2023-02-08 00:00:00
Photon OS 5.0: Libksba PHSA-2023-5.0-0010
2024-07-24 00:00:00
ibm
ibm
Security Bulletin: A vulnerability in libksba package affects Data Replication on Cloud Pak for Data
2023-11-07 20:35:56
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in Libksba ( CVE-2022-47629 )
2023-05-03 14:11:07
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Libksba abitrary code execution vulnerability( CVE-2022-47629)
2023-07-05 22:08:29
osv
osv
CGA-h347-jgp6-x43h
2024-06-06 12:27:35
Important: libksba security update
2023-02-07 00:00:00
libksba - security update
2022-12-21 00:00:00
oraclelinux
oraclelinux
libksba security update
2023-02-08 00:00:00
libksba security update
2023-02-07 00:00:00
libksba security update
2023-01-30 00:00:00
redhat
redhat
(RHSA-2023:0594) Important: libksba security update
2023-02-06 16:19:16
(RHSA-2023:0626) Important: libksba security update
2023-02-07 15:24:12
(RHSA-2023:0624) Important: libksba security update
2023-02-07 15:21:57
openvas
openvas
Huawei EulerOS: Security Advisory for libksba (EulerOS-SA-2023-2155)
2023-06-09 00:00:00
Debian: Security Advisory (DLA-3248-1)
2022-12-25 00:00:00
CentOS: Security Advisory for libksba (CESA-2023:0530)
2023-02-21 00:00:00
ubuntu
ubuntu
Libksba vulnerability
2023-01-09 00:00:00
Libksba vulnerability
2023-01-05 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-47629 affecting package libksba for versions less than 1.6.3-1
2023-01-17 16:46:45
CVE-2022-47629 affecting package libksba 1.3.5-3
2023-01-12 20:54:53
ubuntucve
ubuntucve
CVE-2022-47629
2022-12-20 00:00:00
nvd
nvd
CVE-2022-47629
2022-12-20 23:15:12
photon
photon
Critical Photon OS Security Update - PHSA-2023-0511
2023-01-06 00:00:00
Critical Photon OS Security Update - PHSA-2023-0309
2023-01-06 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0511
2023-01-06 00:00:00
rocky
rocky
libksba security update
2023-02-16 06:35:04
libksba security update
2023-02-16 06:35:52
rosalinux
rosalinux
Advisory ROSA-SA-2023-2129
2023-03-07 10:01:35
Advisory ROSA-SA-2023-2170
2023-06-20 10:21:17
Advisory ROSA-SA-2023-2193
2023-07-18 11:25:52
amazon
amazon
Important: libksba
2023-05-11 17:49:00
Important: libksba
2023-05-25 17:41:00
debiancve
debiancve
CVE-2022-47629
2022-12-20 23:15:12
centos
centos
libksba security update
2023-02-20 16:15:30
debian
debian
[SECURITY] [DLA 3248-1] libksba security update
2022-12-24 15:26:43
[SECURITY] [DSA 5305-1] libksba security update
2022-12-21 21:42:59
veracode
veracode
Integer Overflow
2022-12-26 05:43:35
alpinelinux
alpinelinux
CVE-2022-47629
2022-12-20 23:15:12
redos
redos
ROS-20221227-01
2022-12-27 00:00:00
almalinux
almalinux
Important: libksba security update
2023-02-07 00:00:00
Important: libksba security update
2023-02-07 00:00:00
prion
prion
Integer overflow
2022-12-20 23:15:00
cvelist
cvelist
CVE-2022-47629
2022-12-20 00:00:00
redhatcve
redhatcve
CVE-2022-47629
2023-01-17 10:34:55
mageia
mageia
Updated libksba packages fix security vulnerability
2022-12-31 01:39:00
cve
cve
CVE-2022-47629
2022-12-20 23:15:12
gentoo
gentoo
libksba: Remote Code Execution
2022-12-28 00:00:00
cloudlinux
cloudlinux
libksba: Fix of 2 CVEs
2023-12-01 15:38:16
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

71.5%

JSON
Related for DEBIAN_DSA-5305.NASL
nessus49ibm9osv10oraclelinux3redhat59openvas24ubuntu2cbl_mariner2ubuntucve1nvd1photon6rocky2rosalinux3amazon2debiancve1centos1debian2veracode1alpinelinux1redos1almalinux2prion1cvelist1redhatcve1mageia1cve1gentoo1cloudlinux1ics1oracle1