Lucene search
This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.SLACKWARE_SSA_2018-233-01.NASLHistoryAug 22, 2018 - 12:00 a.m.
Slackware 14.0 / 14.1 / 14.2 / current : libX11 (SSA:2018-233-01)
2018-08-2200:00:00
This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.05 Low
EPSS
Percentile
92.9%
New libX11 packages are available for Slackware 14.0, 14.1, 14.2, and
-current to fix security issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Slackware Security Advisory 2018-233-01. The text
# itself is copyright (C) Slackware Linux, Inc.
#
include("compat.inc");
if (description)
{
script_id(112054);
script_version("1.2");
script_cvs_date("Date: 2018/10/22 11:13:02");
script_cve_id("CVE-2018-14598", "CVE-2018-14599", "CVE-2018-14600");
script_xref(name:"SSA", value:"2018-233-01");
script_name(english:"Slackware 14.0 / 14.1 / 14.2 / current : libX11 (SSA:2018-233-01)");
script_summary(english:"Checks for updated package in /var/log/packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Slackware host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"New libX11 packages are available for Slackware 14.0, 14.1, 14.2, and
-current to fix security issues."
);
# http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.432068
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?8968dce7"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected libX11 package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:libX11");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.2");
script_set_attribute(attribute:"patch_publication_date", value:"2018/08/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/22");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Slackware Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("slackware.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);
flag = 0;
if (slackware_check(osver:"14.0", pkgname:"libX11", pkgver:"1.6.6", pkgarch:"i486", pkgnum:"1_slack14.0")) flag++;
if (slackware_check(osver:"14.0", arch:"x86_64", pkgname:"libX11", pkgver:"1.6.6", pkgarch:"x86_64", pkgnum:"1_slack14.0")) flag++;
if (slackware_check(osver:"14.1", pkgname:"libX11", pkgver:"1.6.6", pkgarch:"i486", pkgnum:"1_slack14.1")) flag++;
if (slackware_check(osver:"14.1", arch:"x86_64", pkgname:"libX11", pkgver:"1.6.6", pkgarch:"x86_64", pkgnum:"1_slack14.1")) flag++;
if (slackware_check(osver:"14.2", pkgname:"libX11", pkgver:"1.6.6", pkgarch:"i586", pkgnum:"1_slack14.2")) flag++;
if (slackware_check(osver:"14.2", arch:"x86_64", pkgname:"libX11", pkgver:"1.6.6", pkgarch:"x86_64", pkgnum:"1_slack14.2")) flag++;
if (slackware_check(osver:"current", pkgname:"libX11", pkgver:"1.6.6", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", arch:"x86_64", pkgname:"libX11", pkgver:"1.6.6", pkgarch:"x86_64", pkgnum:"1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| slackware | slackware_linux | 14.1 | cpe:/o:slackware:slackware_linux:14.1 |
| slackware | slackware_linux | 14.2 | cpe:/o:slackware:slackware_linux:14.2 |
| slackware | slackware_linux | libx11 | p-cpe:/a:slackware:slackware_linux:libx11 |
| slackware | slackware_linux | cpe:/o:slackware:slackware_linux | |
| slackware | slackware_linux | 14.0 | cpe:/o:slackware:slackware_linux:14.0 |
Related
slackware
slackware
[slackware-security] libX11
2018-08-21 20:09:53
freebsd
freebsd
libX11 -- Multiple vulnerabilities
2018-08-21 00:00:00
nessus
nessus
FreeBSD : libX11 -- Multiple vulnerabilities (fe99d3ca-a63a-11e8-a7c6-54e1ad3d6335)
2018-08-23 00:00:00
Debian DLA-1482-1 : libx11 security update
2018-08-30 00:00:00
gentoo
gentoo
X.Org X11 library: Multiple vulnerabilities
2018-11-09 00:00:00
ibm
ibm
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in xorg-x11-libX11 (CVE-2018-14598 CVE-2018-14599 CVE-2018-14600)
2023-12-07 22:45:02
suse
suse
Security update for libX11 (important)
2018-08-31 12:07:54
Security update for libX11 (moderate)
2018-10-05 12:07:58
openvas
openvas
openSUSE: Security Advisory for libX11 (openSUSE-SU-2018:2567-1)
2018-09-01 00:00:00
Huawei EulerOS: Security Advisory for libX11 (EulerOS-SA-2019-2624)
2020-01-23 00:00:00
Debian: Security Advisory (DLA-1482-1)
2018-09-02 00:00:00
debian
debian
[SECURITY] [DLA 1482-1] libx11 security update
2018-08-29 22:17:50
osv
osv
libx11 - security update
2018-08-29 00:00:00
CVE-2018-14598
2018-08-24 19:29:01
CVE-2018-14600
2018-08-24 19:29:01
mageia
mageia
Updated libx11 packages fix security vulnerabilities
2018-09-21 02:17:55
ubuntu
ubuntu
libx11 vulnerabilities
2018-08-30 00:00:00
libx11 vulnerabilities
2018-08-30 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: libX11-1.6.7-1.fc28
2019-04-30 01:41:08
amazon
amazon
Medium: libX11
2019-06-11 23:17:00
Medium: xorg-x11-server
2020-06-03 18:21:00
cloudfoundry
cloudfoundry
USN-3758-1: libx11 vulnerabilities | Cloud Foundry
2018-09-27 00:00:00
cve
cve
redhatcve
redhatcve
alpinelinux
alpinelinux
cvelist
cvelist
nvd
nvd
debiancve
debiancve
ubuntucve
ubuntucve
veracode
veracode
Out-Of-Bounds Write
2018-08-23 03:42:19
Denial Of Service (DoS)
2018-08-27 08:35:54
Out-Of-Bounds Write
2018-08-23 06:03:01
prion
prion
github
github
ICYMI: improved C++ vulnerability coverage and CodeQL support for Lombok
2023-10-19 19:14:39
centos
centos
gdm, libX11, libxkbcommon, xorg security update
2019-08-30 02:52:02
redhat
redhat
(RHSA-2019:2079) Moderate: Xorg security and bug fix update
2019-08-06 07:58:40
oraclelinux
oraclelinux
Xorg security and bug fix update
2019-08-13 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.05 Low
EPSS
Percentile
92.9%
Related for SLACKWARE_SSA_2018-233-01.NASL