Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-5631.NASLHistoryFeb 25, 2024 - 12:00 a.m.
Debian dsa-5631 : iwd - security update
2024-02-2500:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
debian 11
debian 12
iwd package
wi-fi network
vulnerability
access point
unauthorized access
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.6%
The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5631 advisory.
- The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key. (CVE-2023-52161)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dsa-5631. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('compat.inc');
if (description)
{
script_id(190967);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/05");
script_cve_id("CVE-2023-52161");
script_name(english:"Debian dsa-5631 : iwd - security update");
script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing a security-related update.");
script_set_attribute(attribute:"description", value:
"The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5631
advisory.
- The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before
2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete
the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key. (CVE-2023-52161)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/iwd");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-52161");
script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/bookworm/iwd");
script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/bullseye/iwd");
script_set_attribute(attribute:"solution", value:
"Upgrade the iwd packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-52161");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/02/22");
script_set_attribute(attribute:"patch_publication_date", value:"2024/02/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/02/25");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:iwd");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:12.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Debian Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
var debian_release = get_kb_item('Host/Debian/release');
if ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');
debian_release = chomp(debian_release);
if (! preg(pattern:"^(11)\.[0-9]+|^(12)\.[0-9]+", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 11.0 / 12.0', 'Debian ' + debian_release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);
var pkgs = [
{'release': '11.0', 'prefix': 'iwd', 'reference': '1.14-3+deb11u1'},
{'release': '12.0', 'prefix': 'iwd', 'reference': '2.3-1+deb12u1'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var _release = NULL;
var prefix = NULL;
var reference = NULL;
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (_release && prefix && reference) {
if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : deb_report_get()
);
exit(0);
}
else
{
var tested = deb_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'iwd');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | 11.0 | cpe:/o:debian:debian_linux:11.0 |
| debian | debian_linux | iwd | p-cpe:/a:debian:debian_linux:iwd |
| debian | debian_linux | 12.0 | cpe:/o:debian:debian_linux:12.0 |
Related
openvas
openvas
Fedora: Security Advisory for iwd (FEDORA-2024-fdce971b84)
2024-03-08 00:00:00
Fedora: Security Advisory for iwd (FEDORA-2024-38faa9a2a8)
2024-03-08 00:00:00
Fedora: Security Advisory for iwd (FEDORA-2024-58c59bfa4c)
2024-03-25 00:00:00
osv
osv
iwd - security update
2024-02-22 00:00:00
iwd - security update
2024-02-25 00:00:00
alpinelinux
alpinelinux
CVE-2023-52161
2024-02-22 17:15:08
nvd
nvd
CVE-2023-52161
2024-02-22 17:15:08
debian
debian
[SECURITY] [DSA 5631-1] iwd security update
2024-02-25 10:45:49
[SECURITY] [DLA 3738-1] iwd security update
2024-02-22 15:08:20
cve
cve
CVE-2023-52161
2024-02-22 17:15:08
debiancve
debiancve
CVE-2023-52161
2024-02-22 17:15:08
cvelist
cvelist
CVE-2023-52161
2024-02-22 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: iwd-2.15-1.fc39
2024-03-08 01:19:37
[SECURITY] Fedora 40 Update: libell-0.63-1.fc40
2024-03-23 00:44:54
[SECURITY] Fedora 39 Update: libell-0.63-1.fc39
2024-03-08 01:19:37
nessus
nessus
Fedora 40 : iwd / libell (2024-58c59bfa4c)
2024-04-29 00:00:00
Fedora 38 : iwd / libell (2024-38faa9a2a8)
2024-03-07 00:00:00
Debian dla-3738 : iwd - security update
2024-02-22 00:00:00
veracode
veracode
Improper Authentication
2024-02-20 15:58:33
ubuntucve
ubuntucve
CVE-2023-52161
2024-02-22 00:00:00
prion
prion
Code injection
2024-02-22 17:15:00
thn
thn
New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers
2024-02-21 16:16:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.6%
Related for DEBIAN_DSA-5631.NASL