Lucene search
Copyright (C) 2023 Greenbone AGOPENVAS:13614125623114202327641HistoryJul 04, 2023 - 12:00 a.m.
SUSE: Security Advisory (SUSE-SU-2023:2764-1)
2023-07-0400:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
3
suse-su-2023:2764-1
libcap
integer overflow
suse linux enterprise
update
vulnerability
package
fixed
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.4.2023.2764.1");
script_cve_id("CVE-2023-2603");
script_tag(name:"creation_date", value:"2023-07-04 04:19:49 +0000 (Tue, 04 Jul 2023)");
script_version("2024-02-02T14:37:52+0000");
script_tag(name:"last_modification", value:"2024-02-02 14:37:52 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-06-21 19:02:07 +0000 (Wed, 21 Jun 2023)");
script_name("SUSE: Security Advisory (SUSE-SU-2023:2764-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES12\.0SP5)");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2023:2764-1");
script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2023/suse-su-20232764-1/");
script_tag(name:"summary", value:"The remote host is missing an update for the 'libcap' package(s) announced via the SUSE-SU-2023:2764-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for libcap fixes the following issues:
CVE-2023-2603: Fixed an integer overflow or wraparound in libcap/cap_alloc.c:_libcap_strdup() (bsc#1211419).");
script_tag(name:"affected", value:"'libcap' package(s) on SUSE Linux Enterprise High Performance Computing 12-SP5, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server for SAP Applications 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP5.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLES12.0SP5") {
if(!isnull(res = isrpmvuln(pkg:"libcap-debugsource", rpm:"libcap-debugsource~2.26~14.9.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libcap-devel", rpm:"libcap-devel~2.26~14.9.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libcap-progs", rpm:"libcap-progs~2.26~14.9.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libcap-progs-debuginfo", rpm:"libcap-progs-debuginfo~2.26~14.9.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libcap2", rpm:"libcap2~2.26~14.9.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libcap2-32bit", rpm:"libcap2-32bit~2.26~14.9.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libcap2-debuginfo", rpm:"libcap2-debuginfo~2.26~14.9.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libcap2-debuginfo-32bit", rpm:"libcap2-debuginfo-32bit~2.26~14.9.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libcap2-debuginfo-64bit", rpm:"libcap2-debuginfo-64bit~2.26~14.9.1", rls:"SLES12.0SP5"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
openvas
openvas
Huawei EulerOS: Security Advisory for libcap (EulerOS-SA-2023-2615)
2023-08-08 00:00:00
Huawei EulerOS: Security Advisory for libcap (EulerOS-SA-2023-3400)
2023-12-14 00:00:00
Huawei EulerOS: Security Advisory for libcap (EulerOS-SA-2024-1686)
2024-05-17 00:00:00
nessus
nessus
Ubuntu 16.04 ESM / 18.04 ESM : libcap2 vulnerability (USN-6166-2)
2023-06-19 00:00:00
SUSE SLES12 Security Update : libcap (SUSE-SU-2023:2764-1)
2023-07-04 00:00:00
EulerOS Virtualization 3.0.6.6 : libcap (EulerOS-SA-2023-3400)
2024-01-16 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-2603 affecting package libcap for versions less than 2.60-2
2023-06-27 20:56:13
CVE-2023-2603 affecting package libcap 2.26-2
2023-07-28 23:16:55
redos
redos
ROS-20240404-11
2024-04-04 00:00:00
cve
cve
CVE-2023-2603
2023-06-06 20:15:13
osv
osv
libcap2 vulnerability
2023-06-19 11:49:36
CVE-2023-2603
2023-06-06 20:15:13
Moderate: libcap security update
2023-08-24 04:20:17
alpinelinux
alpinelinux
CVE-2023-2603
2023-06-06 20:15:13
redhatcve
redhatcve
CVE-2023-2603
2023-05-29 04:40:12
nvd
nvd
CVE-2023-2603
2023-06-06 20:15:13
veracode
veracode
Integer Overflow
2023-06-05 11:41:52
debiancve
debiancve
CVE-2023-2603
2023-06-06 20:15:13
redhat
redhat
(RHSA-2024:0436) Moderate: libcap security update
2024-01-24 14:40:39
(RHSA-2023:4524) Moderate: libcap security update
2023-08-08 07:21:01
(RHSA-2023:7400) Moderate: libcap security update
2023-11-21 09:47:16
prion
prion
Integer overflow
2023-06-06 20:15:00
ubuntu
ubuntu
libcap2 vulnerability
2023-06-19 00:00:00
libcap2 vulnerabilities
2023-06-14 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2309
2023-12-19 08:40:45
ubuntucve
ubuntucve
CVE-2023-2603
2023-05-15 00:00:00
cvelist
cvelist
CVE-2023-2603
2023-06-06 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: libcap-2.48-7.fc38
2023-11-30 03:35:33
[SECURITY] Fedora 39 Update: libcap-2.48-8.fc39
2023-11-29 01:35:51
almalinux
almalinux
Moderate: libcap security update
2023-08-08 00:00:00
Moderate: libcap security update
2023-09-12 00:00:00
rocky
rocky
libcap security update
2023-08-24 04:20:17
oraclelinux
oraclelinux
libcap security update
2023-08-09 00:00:00
libcap security update
2023-09-13 00:00:00
cloudfoundry
cloudfoundry
USN-6166-1: libcap2 vulnerabilities | Cloud Foundry
2023-06-29 00:00:00
mageia
mageia
Updated libcap packages fix security vulnerability
2023-06-28 08:21:41
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0400
2023-06-02 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0020
2023-06-07 00:00:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-05-31 17:23:24
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-05-31 17:22:48
hp
hp
HP ThinPro 8.0 SP 7 Security Updates
2024-01-26 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for OPENVAS:13614125623114202327641