EulerOS 2.0 SP5 : webkitgtk4 (EulerOS-SA-2020-1328)

2020-03-2300:00:00

www.tenable.com

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.7%

JSON

According to the version of the webkitgtk4 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :

WebCore/platform/network/soup/SocketStreamHandleImplSou     p.cpp in the libsoup network backend of WebKit, as used     in WebKitGTK+ prior to version 2.20.0 or without     libsoup 2.62.0, unexpectedly failed to use system proxy     settings for WebSocket connections. As a result, users     could be deanonymized by crafted web sites via a     WebSocket connection.(CVE-2018-11713)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(134819);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/21");

  script_cve_id("CVE-2018-11713");

  script_name(english:"EulerOS 2.0 SP5 : webkitgtk4 (EulerOS-SA-2020-1328)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"According to the version of the webkitgtk4 packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerability :

  -
    WebCore/platform/network/soup/SocketStreamHandleImplSou
    p.cpp in the libsoup network backend of WebKit, as used
    in WebKitGTK+ prior to version 2.20.0 or without
    libsoup 2.62.0, unexpectedly failed to use system proxy
    settings for WebSocket connections. As a result, users
    could be deanonymized by crafted web sites via a
    WebSocket connection.(CVE-2018-11713)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1328
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6d501618");
  script_set_attribute(attribute:"solution", value:
"Update the affected webkitgtk4 package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-11713");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"patch_publication_date", value:"2020/03/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/23");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:webkitgtk4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:webkitgtk4-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:webkitgtk4-jsc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:webkitgtk4-jsc-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:webkitgtk4-plugin-process-gtk2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(5)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["webkitgtk4-2.16.6-6.h9.eulerosv2r7",
        "webkitgtk4-devel-2.16.6-6.h9.eulerosv2r7",
        "webkitgtk4-jsc-2.16.6-6.h9.eulerosv2r7",
        "webkitgtk4-jsc-devel-2.16.6-6.h9.eulerosv2r7",
        "webkitgtk4-plugin-process-gtk2-2.16.6-6.h9.eulerosv2r7"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"5", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "webkitgtk4");
}

VendorProductVersionCPE
huaweieuleroswebkitgtk4p-cpe:/a:huawei:euleros:webkitgtk4
huaweieuleroswebkitgtk4-develp-cpe:/a:huawei:euleros:webkitgtk4-devel
huaweieuleroswebkitgtk4-jscp-cpe:/a:huawei:euleros:webkitgtk4-jsc
huaweieuleroswebkitgtk4-jsc-develp-cpe:/a:huawei:euleros:webkitgtk4-jsc-devel
huaweieuleroswebkitgtk4-plugin-process-gtk2p-cpe:/a:huawei:euleros:webkitgtk4-plugin-process-gtk2
huaweieuleros2.0cpe:/o:huawei:euleros:2.0

Vendor	Product	Version	CPE
huawei	euleros	webkitgtk4	p-cpe:/a:huawei:euleros:webkitgtk4
huawei	euleros	webkitgtk4-devel	p-cpe:/a:huawei:euleros:webkitgtk4-devel
huawei	euleros	webkitgtk4-jsc	p-cpe:/a:huawei:euleros:webkitgtk4-jsc
huawei	euleros	webkitgtk4-jsc-devel	p-cpe:/a:huawei:euleros:webkitgtk4-jsc-devel
huawei	euleros	webkitgtk4-plugin-process-gtk2	p-cpe:/a:huawei:euleros:webkitgtk4-plugin-process-gtk2
huawei	euleros	2.0	cpe:/o:huawei:euleros:2.0