Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2024-1229.NASLHistoryMar 12, 2024 - 12:00 a.m.
EulerOS 2.0 SP11 : sudo (EulerOS-SA-2024-1229)
2024-03-1200:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7
euleros
sudo
vulnerability
row hammer attack
authentication bypass
privilege escalation
cve-2023-42465
tenable network security
CVSS3
7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
Low
EPSS
0.001
Percentile
20.1%
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :
- Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit. (CVE-2023-42465)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(191802);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/12");
script_cve_id("CVE-2023-42465");
script_xref(name:"IAVA", value:"2024-A-0068");
script_name(english:"EulerOS 2.0 SP11 : sudo (EulerOS-SA-2024-1229)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
script_set_attribute(attribute:"description", value:
"According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the
following vulnerabilities :
- Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation)
because application logic sometimes is based on not equaling an error value (instead of equaling a success
value), and because the values do not resist flips of a single bit. (CVE-2023-42465)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security
advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional
issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2024-1229
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3a1f9e8f");
script_set_attribute(attribute:"solution", value:
"Update the affected sudo packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-42465");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/12/22");
script_set_attribute(attribute:"patch_publication_date", value:"2024/03/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/03/12");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:sudo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (_release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP11");
var sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(11)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP11");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP11", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);
var flag = 0;
var pkgs = [
"sudo-1.9.8p2-2.h15.eulerosv2r11"
];
foreach (var pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"11", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "sudo");
}
Related
nessus
nessus
Amazon Linux 2023 : sudo, sudo-devel, sudo-logsrvd (ALAS2023-2024-514)
2024-02-06 00:00:00
Photon OS 5.0: Sudo PHSA-2024-5.0-0185
2024-07-24 00:00:00
Photon OS 3.0: Sudo PHSA-2024-3.0-0713
2024-07-24 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0890-1)
2024-05-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0797-1)
2024-03-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0877-1)
2024-05-07 00:00:00
ubuntucve
ubuntucve
CVE-2023-42465
2023-12-22 00:00:00
gentoo
gentoo
sudo: Memory Manipulation
2024-01-24 00:00:00
nvd
nvd
CVE-2023-42465
2023-12-22 16:15:08
osv
osv
CVE-2023-42465
2023-12-22 16:15:08
Moderate: sudo security update
2024-02-14 00:00:00
cloudlinux
cloudlinux
sudo: Fix of CVE-2023-42465
2024-02-20 11:18:42
sudo: Fix of CVE-2023-42465
2024-02-22 22:07:28
fedora
fedora
[SECURITY] Fedora 38 Update: sudo-1.9.15-1.p5.fc38
2024-02-18 01:50:00
[SECURITY] Fedora 39 Update: sudo-1.9.15-1.p5.fc39
2024-01-28 03:13:16
prion
prion
Authentication flaw
2023-12-22 16:15:00
debiancve
debiancve
CVE-2023-42465
2023-12-22 16:15:08
cbl_mariner
cbl_mariner
CVE-2023-42465 affecting package sudo for versions less than 1.9.15p5-1
2024-01-19 03:54:24
cve
cve
CVE-2023-42465
2023-12-22 16:15:08
cvelist
cvelist
CVE-2023-42465
2023-12-22 00:00:00
redhatcve
redhatcve
CVE-2023-42465
2023-12-21 23:30:30
ibm
ibm
redos
redos
ROS-20240328-04
2024-03-28 00:00:00
slackware
slackware
[slackware-security] sudo
2023-11-07 20:03:49
redhat
redhat
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0539
2024-01-06 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0185
2024-01-05 00:00:00
Important Photon OS Security Update - PHSA-2024-3.0-0713
2024-01-16 00:00:00
oraclelinux
oraclelinux
sudo security update
2024-02-14 00:00:00
almalinux
almalinux
Moderate: sudo security update
2024-02-14 00:00:00
avleonov
avleonov
CVSS3
7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
Low
EPSS
0.001
Percentile
20.1%
Related for EULEROS_SA-2024-1229.NASL