Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-6481-1.NASL
HistoryNov 15, 2023 - 12:00 a.m.

Ubuntu 22.04 LTS / 23.04 / 23.10 : FRR vulnerabilities (USN-6481-1)

2023-11-1500:00:00
Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
ubuntu 22.04 lts
ubuntu 23.04
ubuntu 23.10
frrouting
vulnerabilities
usn-6481-1
crash
bgp update message
cve-2023-46752
cve-2023-46753
nessus scanner

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.0%

JSON

The remote Ubuntu 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6481-1 advisory.

  • An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash. (CVE-2023-46752)

  • An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute. (CVE-2023-46753)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-6481-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##

include('compat.inc');

if (description)
{
  script_id(185780);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/15");

  script_cve_id("CVE-2023-46752", "CVE-2023-46753");
  script_xref(name:"USN", value:"6481-1");

  script_name(english:"Ubuntu 22.04 LTS / 23.04 / 23.10 : FRR vulnerabilities (USN-6481-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Ubuntu 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as
referenced in the USN-6481-1 advisory.

  - An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data,
    leading to a crash. (CVE-2023-46752)

  - An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message
    without mandatory attributes, e.g., one with only an unknown transit attribute. (CVE-2023-46753)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-6481-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-46753");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/10/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/11/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/15");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:23.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:23.10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:frr");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:frr-pythontools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:frr-rpki-rtrlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:frr-snmp");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('22.04' >< os_release || '23.04' >< os_release || '23.10' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 22.04 / 23.04 / 23.10', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '22.04', 'pkgname': 'frr', 'pkgver': '8.1-1ubuntu1.7'},
    {'osver': '22.04', 'pkgname': 'frr-pythontools', 'pkgver': '8.1-1ubuntu1.7'},
    {'osver': '22.04', 'pkgname': 'frr-rpki-rtrlib', 'pkgver': '8.1-1ubuntu1.7'},
    {'osver': '22.04', 'pkgname': 'frr-snmp', 'pkgver': '8.1-1ubuntu1.7'},
    {'osver': '23.04', 'pkgname': 'frr', 'pkgver': '8.4.2-1ubuntu1.5'},
    {'osver': '23.04', 'pkgname': 'frr-pythontools', 'pkgver': '8.4.2-1ubuntu1.5'},
    {'osver': '23.04', 'pkgname': 'frr-rpki-rtrlib', 'pkgver': '8.4.2-1ubuntu1.5'},
    {'osver': '23.04', 'pkgname': 'frr-snmp', 'pkgver': '8.4.2-1ubuntu1.5'},
    {'osver': '23.10', 'pkgname': 'frr', 'pkgver': '8.4.4-1.1ubuntu1.1'},
    {'osver': '23.10', 'pkgname': 'frr-pythontools', 'pkgver': '8.4.4-1.1ubuntu1.1'},
    {'osver': '23.10', 'pkgname': 'frr-rpki-rtrlib', 'pkgver': '8.4.4-1.1ubuntu1.1'},
    {'osver': '23.10', 'pkgname': 'frr-snmp', 'pkgver': '8.4.4-1.1ubuntu1.1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'frr / frr-pythontools / frr-rpki-rtrlib / frr-snmp');
}
VendorProductVersionCPE
canonicalubuntu_linux22.04cpe:/o:canonical:ubuntu_linux:22.04:-:lts
canonicalubuntu_linux23.04cpe:/o:canonical:ubuntu_linux:23.04
canonicalubuntu_linux23.10cpe:/o:canonical:ubuntu_linux:23.10
canonicalubuntu_linuxfrrp-cpe:/a:canonical:ubuntu_linux:frr
canonicalubuntu_linuxfrr-pythontoolsp-cpe:/a:canonical:ubuntu_linux:frr-pythontools
canonicalubuntu_linuxfrr-rpki-rtrlibp-cpe:/a:canonical:ubuntu_linux:frr-rpki-rtrlib
canonicalubuntu_linuxfrr-snmpp-cpe:/a:canonical:ubuntu_linux:frr-snmp

Related

openvas 6
nessus 12
ubuntu 3
osv 8
almalinux 2
cbl_mariner 4
cvelist 2
ubuntucve 2
nvd 2
redhatcve 2
veracode 2
cve 2
debiancve 2
prion 2
oraclelinux 2
redhat 2
redos 1
debian 1
openvas
openvas
Ubuntu: Security Advisory (USN-6481-1)
2023-11-16 00:00:00
openSUSE: Security Advisory for frr (SUSE-SU-2023:4473-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for frr (SUSE-SU-2023:4483-1)
2024-03-04 00:00:00
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : frr (SUSE-SU-2023:4483-1)
2023-11-21 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : frr (SUSE-SU-2023:4473-1)
2023-11-17 00:00:00
CentOS 8 : frr (CESA-2024:2981)
2024-05-22 00:00:00
ubuntu
ubuntu
FRR vulnerabilities
2023-11-15 00:00:00
Quagga vulnerabilities
2023-11-15 00:00:00
FRR vulnerabilities
2024-06-05 00:00:00
osv
osv
frr vulnerabilities
2023-11-15 14:20:35
CVE-2023-46753
2023-10-26 05:15:26
CVE-2023-46752
2023-10-26 05:15:26
almalinux
almalinux
Moderate: frr security update
2024-05-22 00:00:00
Moderate: frr security update
2024-04-30 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-46753 affecting package frr for versions less than 8.5.3-3
2023-11-10 17:45:58
CVE-2023-46752 affecting package frr for versions less than 8.5.3-3
2023-11-10 17:45:58
CVE-2023-46753 affecting package frr for versions less than 9.1-2
2024-05-17 21:38:35
cvelist
cvelist
CVE-2023-46752
2023-10-26 00:00:00
CVE-2023-46753
2023-10-26 00:00:00
ubuntucve
ubuntucve
CVE-2023-46752
2023-10-26 00:00:00
CVE-2023-46753
2023-10-26 00:00:00
nvd
nvd
CVE-2023-46752
2023-10-26 05:15:26
CVE-2023-46753
2023-10-26 05:15:26
redhatcve
redhatcve
CVE-2023-46752
2023-10-29 09:25:36
CVE-2023-46753
2023-10-26 14:58:13
veracode
veracode
Denial Of Service (DoS)
2023-10-27 08:06:35
Denial Of Service (DoS)
2023-10-27 07:53:52
cve
cve
CVE-2023-46753
2023-10-26 05:15:26
CVE-2023-46752
2023-10-26 05:15:26
debiancve
debiancve
CVE-2023-46752
2023-10-26 05:15:26
CVE-2023-46753
2023-10-26 05:15:26
prion
prion
Design/Logic Flaw
2023-10-26 05:15:00
Code injection
2023-10-26 05:15:00
oraclelinux
oraclelinux
frr security update
2024-05-23 00:00:00
frr security update
2024-05-02 00:00:00
redhat
redhat
(RHSA-2024:2981) Moderate: frr security update
2024-05-22 06:35:15
(RHSA-2024:2156) Moderate: frr security update
2024-04-30 06:14:53
redos
redos
ROS-20240617-02
2024-06-17 00:00:00
debian
debian
[SECURITY] [DLA 3797-1] frr security update
2024-04-28 06:30:09

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.0%

JSON
Related for UBUNTU_USN-6481-1.NASL
openvas6nessus12ubuntu3osv8almalinux2cbl_mariner4cvelist2ubuntucve2nvd2redhatcve2veracode2cve2debiancve2prion2oraclelinux2redhat2redos1debian1