Lucene search
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2020-1937.NASLHistorySep 02, 2020 - 12:00 a.m.
EulerOS 2.0 SP5 : freerdp (EulerOS-SA-2020-1937)
2020-09-0200:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
6.5 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
68.9%
According to the versions of the freerdp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :
-
In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0.(CVE-2020-11089)
-
In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2.(CVE-2020-4033)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(140158);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/22");
script_cve_id("CVE-2020-11089", "CVE-2020-4033");
script_name(english:"EulerOS 2.0 SP5 : freerdp (EulerOS-SA-2020-1937)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the freerdp packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :
- In FreeRDP before 2.1.0, there is an out-of-bound read
in irp functions (parallel_process_irp_create,
serial_process_irp_create, drive_process_irp_write,
printer_process_irp_write, rdpei_recv_pdu,
serial_process_irp_write). This has been fixed in
2.1.0.(CVE-2020-11089)
- In FreeRDP before version 2.1.2, there is an out of
bounds read in RLEDECOMPRESS. All FreeRDP based clients
with sessions with color depth < 32 are affected. This
is fixed in version 2.1.2.(CVE-2020-4033)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1937
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7380f573");
script_set_attribute(attribute:"solution", value:
"Update the affected freerdp packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-4033");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"patch_publication_date", value:"2020/09/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/09/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:freerdp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:freerdp-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:freerdp-plugins");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(5)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
flag = 0;
pkgs = ["freerdp-1.0.2-15.h8.eulerosv2r7",
"freerdp-libs-1.0.2-15.h8.eulerosv2r7",
"freerdp-plugins-1.0.2-15.h8.eulerosv2r7"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"5", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "freerdp");
}
Related
openvas
openvas
Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2020-1937)
2020-09-04 00:00:00
Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2020-1801)
2020-07-31 00:00:00
Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2020-2343)
2020-11-04 00:00:00
nessus
nessus
EulerOS 2.0 SP8 : freerdp (EulerOS-SA-2020-1801)
2020-07-30 00:00:00
EulerOS 2.0 SP2 : freerdp (EulerOS-SA-2020-2343)
2020-11-03 00:00:00
EulerOS 2.0 SP3 : freerdp (EulerOS-SA-2020-2064)
2020-09-28 00:00:00
nvd
nvd
CVE-2020-11089
2020-05-29 20:15:11
CVE-2020-4033
2020-06-22 22:15:13
cvelist
cvelist
CVE-2020-11089 Out-of-bound read in FreeRDP
2020-05-29 00:00:00
CVE-2020-4033 OOB Read in RLEDECOMPRESS in FreeRDP
2020-06-22 00:00:00
prion
prion
Out-of-bounds
2020-05-29 20:15:00
Out-of-bounds
2020-06-22 22:15:00
osv
osv
CVE-2020-11089
2020-05-29 20:15:11
CVE-2020-4033
2020-06-22 22:15:13
Moderate: freerdp security, bug fix, and enhancement update
2021-05-18 06:14:36
redhatcve
redhatcve
CVE-2020-11089
2020-06-04 19:12:43
CVE-2020-4033
2020-07-08 12:20:44
cve
cve
CVE-2020-11089
2020-05-29 20:15:11
CVE-2020-4033
2020-06-22 22:15:13
debiancve
debiancve
CVE-2020-11089
2020-05-29 20:15:11
CVE-2020-4033
2020-06-22 22:15:13
ubuntucve
ubuntucve
CVE-2020-11089
2020-05-29 00:00:00
CVE-2020-4033
2020-06-22 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-10-01 03:56:28
Denial Of Service (DoS)
2020-08-06 21:33:42
alpinelinux
alpinelinux
CVE-2020-4033
2020-06-22 22:15:13
almalinux
almalinux
Moderate: freerdp security, bug fix, and enhancement update
2021-05-18 06:14:36
Moderate: freerdp and vinagre security, bug fix, and enhancement update
2020-11-03 12:23:37
rocky
rocky
freerdp security, bug fix, and enhancement update
2021-05-18 06:14:36
freerdp and vinagre security, bug fix, and enhancement update
2020-11-03 12:23:37
oraclelinux
oraclelinux
freerdp security, bug fix, and enhancement update
2021-05-25 00:00:00
freerdp security, bug fix, and enhancement update
2020-10-06 00:00:00
freerdp and vinagre security, bug fix, and enhancement update
2020-11-10 00:00:00
redhat
redhat
altlinux
altlinux
Security fix for the ALT Linux 9 package freerdp version 2.1.2-alt1
2020-06-25 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: freerdp-2.2.0-1.fc31
2020-08-01 01:18:39
[SECURITY] Fedora 32 Update: freerdp-2.2.0-1.fc32
2020-07-30 17:54:06
archlinux
archlinux
[ASA-202006-15] freerdp: multiple issues
2020-06-28 00:00:00
ubuntu
ubuntu
FreeRDP vulnerabilities
2020-09-01 00:00:00
suse
suse
Security update for freerdp (important)
2020-07-26 00:00:00
mageia
mageia
Updated freerdp/remmina packages fix security vulnerability
2020-08-01 02:25:42
debian
debian
[SECURITY] [DLA 3606-1] freerdp2 security update
2023-10-07 18:09:17
amazon
amazon
Medium: freerdp
2020-10-22 17:36:00
centos
centos
freerdp, libwinpr security update
2020-10-20 18:03:15
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
6.5 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
68.9%
Related for EULEROS_SA-2020-1937.NASL