Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2022 Greenbone AGOPENVAS:1361412562311220222454
HistoryOct 10, 2022 - 12:00 a.m.

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2454)

2022-10-1000:00:00
Copyright (C) 2022 Greenbone AG
plugins.openvas.org
14
huawei euleros
curl
package
vulnerability
insufficiently protected credentials
cve-2022-27774
cve-2022-27776
cve-2022-32206
cve-2022-32208
update
install
vendor fix

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.005

Percentile

77.4%

JSON

The remote host is missing an update for the Huawei EulerOS

# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.2.2022.2454");
  script_cve_id("CVE-2022-27774", "CVE-2022-27776", "CVE-2022-32206", "CVE-2022-32208");
  script_tag(name:"creation_date", value:"2022-10-10 07:55:28 +0000 (Mon, 10 Oct 2022)");
  script_version("2024-02-05T14:36:57+0000");
  script_tag(name:"last_modification", value:"2024-02-05 14:36:57 +0000 (Mon, 05 Feb 2024)");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:N/A:N");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2022-07-14 17:40:29 +0000 (Thu, 14 Jul 2022)");

  script_name("Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2454)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2022 Greenbone AG");
  script_family("Huawei EulerOS Local Security Checks");
  script_dependencies("gb_huawei_euleros_consolidation.nasl");
  script_mandatory_keys("ssh/login/euleros", "ssh/login/rpms", re:"ssh/login/release=EULEROS\-2\.0SP8");

  script_xref(name:"Advisory-ID", value:"EulerOS-SA-2022-2454");
  script_xref(name:"URL", value:"https://developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html?secId=EulerOS-SA-2022-2454");

  script_tag(name:"summary", value:"The remote host is missing an update for the Huawei EulerOS 'curl' package(s) announced via the EulerOS-SA-2022-2454 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.(CVE-2022-27774)

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.(CVE-2022-27776)

curl < 7.84.0 supports 'chained' HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable 'links' in this 'decompression chain' was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a 'malloc bomb', makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.(CVE-2022-32206)

When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.(CVE-2022-32208)");

  script_tag(name:"affected", value:"'curl' package(s) on Huawei EulerOS V2.0SP8.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "EULEROS-2.0SP8") {

  if(!isnull(res = isrpmvuln(pkg:"curl", rpm:"curl~7.61.1~2.h24.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libcurl", rpm:"libcurl~7.61.1~2.h24.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"libcurl-devel", rpm:"libcurl-devel~7.61.1~2.h24.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

nessus 52
openvas 32
rocky 3
hackerone 9
osv 13
almalinux 3
suse 3
ibm 12
redhat 5
oraclelinux 4
rosalinux 1
amazon 3
ubuntu 2
slackware 2
fedora 5
freebsd 2
cloudfoundry 2
mageia 2
photon 3
redos 1
debiancve 4
nvd 4
cve 4
redhatcve 4
cbl_mariner 6
veracode 3
alpinelinux 3
cvelist 4
prion 4
ubuntucve 3
mscve 1
nessus
nessus
EulerOS 2.0 SP8 : curl (EulerOS-SA-2022-2454)
2022-10-09 00:00:00
Rocky Linux 8 : curl (RLSA-2022:6159)
2022-08-29 00:00:00
RHEL 8 : curl (RHSA-2022:6159)
2022-08-24 00:00:00
openvas
openvas
openSUSE: Security Advisory for curl (SUSE-SU-2022:2327-2)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:2327-1)
2022-07-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:2288-1)
2022-07-07 00:00:00
rocky
rocky
curl security update
2022-08-24 15:12:40
curl security update
2022-08-24 14:56:48
curl security update
2022-06-28 10:52:02
hackerone
hackerone
curl: CVE-2022-27776: Auth/cookie leak on redirect
2022-04-21 15:20:43
Internet Bug Bounty: CVE-2022-27776: Auth/cookie leak on redirect
2022-04-27 07:10:47
curl: CVE-2022-27774: Credential leak on redirect
2022-04-18 19:36:47
osv
osv
Moderate: curl security update
2022-08-24 00:00:00
Moderate: curl security update
2022-08-24 15:12:40
Moderate: curl security update
2022-08-24 14:56:48
almalinux
almalinux
Moderate: curl security update
2022-08-24 00:00:00
Moderate: curl security update
2022-08-24 00:00:00
Moderate: curl security update
2022-06-30 00:00:00
suse
suse
Security update for curl (important)
2022-07-07 00:00:00
Security update for curl (important)
2022-09-01 00:00:00
Security update for curl (important)
2022-07-06 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in libcurl may affect IBM Spectrum Copy Data Management (CVE-2022-32206, CVE-2022-32208)
2022-10-07 18:12:33
Security Bulletin: IBM Cloud Pak for Data is vulnerable to denial of service due to cURL libcurl ( CVE-2022-32208, CVE-2022-32206 )
2024-07-29 19:12:38
Security Bulletin: IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint has addressed multiple security vulnerabilities (CVE-2022-27774, CVE-2022-27775, CVE-2022-27776)
2023-02-02 16:36:32
redhat
redhat
(RHSA-2022:6159) Moderate: curl security update
2022-08-24 15:12:40
(RHSA-2022:6157) Moderate: curl security update
2022-08-24 14:56:48
(RHSA-2022:5313) Moderate: curl security update
2022-06-28 10:52:02
oraclelinux
oraclelinux
curl security update
2022-08-24 00:00:00
curl security update
2022-08-25 00:00:00
curl security update
2022-06-30 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2220
2023-08-22 13:18:19
amazon
amazon
Medium: curl
2022-12-01 17:33:00
Medium: curl
2022-05-04 01:01:00
Medium: curl
2022-10-31 19:40:00
ubuntu
ubuntu
curl vulnerabilities
2022-04-28 00:00:00
curl vulnerabilities
2022-06-27 00:00:00
slackware
slackware
[slackware-security] curl
2022-04-27 21:48:34
[slackware-security] curl
2022-06-28 19:27:52
fedora
fedora
[SECURITY] Fedora 36 Update: curl-7.82.0-4.fc36
2022-05-07 05:15:01
[SECURITY] Fedora 35 Update: curl-7.79.1-5.fc35
2022-07-15 01:36:25
[SECURITY] Fedora 36 Update: curl-7.82.0-6.fc36
2022-07-01 01:09:59
freebsd
freebsd
cURL -- Multiple vulnerabilities
2022-04-27 00:00:00
cURL -- Multiple vulnerabilities
2022-06-27 00:00:00
cloudfoundry
cloudfoundry
USN-5397-1: curl vulnerabilities | Cloud Foundry
2022-05-23 00:00:00
USN-5495-1: curl vulnerabilities | Cloud Foundry
2022-12-07 00:00:00
mageia
mageia
Updated curl packages fix security vulnerability
2022-07-05 22:11:26
Updated curl packages fix security vulnerability
2022-05-02 22:44:52
photon
photon
Moderate Photon OS Security Update - PHSA-2022-0412
2022-06-30 00:00:00
Moderate Photon OS Security Update - PHSA-2022-0491
2022-06-30 00:00:00
Critical Photon OS Security Update - PHSA-2022-3.0-0412
2022-06-30 00:00:00
redos
redos
ROS-20220516-09
2022-05-16 00:00:00
debiancve
debiancve
CVE-2022-32208
2022-07-07 13:15:08
CVE-2022-27776
2022-06-02 14:15:43
CVE-2022-27774
2022-06-02 14:15:43
nvd
nvd
CVE-2022-32208
2022-07-07 13:15:08
CVE-2022-27774
2022-06-02 14:15:43
CVE-2022-27776
2022-06-02 14:15:43
cve
cve
CVE-2022-32208
2022-07-07 13:15:08
CVE-2022-27774
2022-06-02 14:15:43
CVE-2022-27776
2022-06-02 14:15:43
redhatcve
redhatcve
CVE-2022-27774
2022-04-27 06:54:31
CVE-2022-27776
2022-04-27 06:55:50
CVE-2022-32208
2022-06-28 03:35:50
cbl_mariner
cbl_mariner
CVE-2022-32208 affecting package curl for versions less than 7.84.0-1
2022-08-03 21:15:00
CVE-2022-27774 affecting package curl 7.76.0-9
2022-05-12 02:16:39
CVE-2022-32208 affecting package curl 7.76.0-9
2022-08-24 22:05:05
veracode
veracode
Man-in-the-Middle (MitM)
2022-06-29 00:04:59
Information Disclosure
2022-04-30 16:23:48
Information Disclosure
2022-04-30 16:23:47
alpinelinux
alpinelinux
CVE-2022-27774
2022-06-02 14:15:43
CVE-2022-27776
2022-06-02 14:15:43
CVE-2022-32208
2022-07-07 13:15:08
cvelist
cvelist
CVE-2022-27776
2022-06-01 00:00:00
CVE-2022-27774
2022-06-01 00:00:00
CVE-2022-32208
2022-07-07 00:00:00
prion
prion
Design/Logic Flaw
2022-06-02 14:15:00
Design/Logic Flaw
2022-06-02 14:15:00
Code injection
2022-07-07 13:15:00
ubuntucve
ubuntucve
CVE-2022-27774
2022-04-27 00:00:00
CVE-2022-27776
2022-04-27 00:00:00
CVE-2022-32208
2022-06-27 00:00:00
mscve
mscve
HackerOne: CVE-2022-27776 Insufficiently protected credentials vulnerability might leak authentication or cookie header data
2022-07-12 07:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.005

Percentile

77.4%

JSON
Related for OPENVAS:1361412562311220222454
nessus52openvas32rocky3hackerone9osv13almalinux3suse3ibm12redhat5oraclelinux4rosalinux1amazon3ubuntu2slackware2fedora5freebsd2cloudfoundry2mageia2photon3redos1debiancve4nvd4cve4redhatcve4cbl_mariner6veracode3alpinelinux3cvelist4prion4ubuntucve3mscve1