Vulnerabilities > CVE-2018-19211 - NULL Pointer Dereference vulnerability in GNU Ncurses 6.1

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
gnu
CWE-476
nessus
NVD
Published: 2018-11-12
Updated: 2019-04-23

Summary

In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection.

Vulnerable Configurations

Part Description Count
Application
Gnu
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-1516.NASL
    descriptionThis update for ncurses fixes the following issues : Security issue fixed : - CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry (bsc#1115929). Non-security issue fixed : - Remove scree.xterm from terminfo data base as with this screen uses fallback TERM=screen (bsc#1103320). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-05
    modified2018-12-10
    plugin id119545
    published2018-12-10
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119545
    titleopenSUSE Security Update : ncurses (openSUSE-2018-1516)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2420.NASL
    descriptionAccording to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.(CVE-2019-17594) - There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.(CVE-2019-17595) - In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.(CVE-2017-10684) - In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.(CVE-2017-10685) - In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.(CVE-2017-11112) - In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.(CVE-2017-11113) - There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.(CVE-2017-13728) - There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.(CVE-2017-13729) - There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.(CVE-2017-13730) - There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.(CVE-2017-13731) - There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.(CVE-2017-13732) - There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.(CVE-2017-13733) - There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack.(CVE-2017-13734) - In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a
    last seen2020-05-08
    modified2019-12-10
    plugin id131912
    published2019-12-10
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131912
    titleEulerOS 2.0 SP2 : ncurses (EulerOS-SA-2019-2420)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-1509.NASL
    descriptionThis update for ncurses fixes the following issue : Security issue fixed : - CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry (bsc#1115929). This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2018-12-10
    plugin id119542
    published2018-12-10
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119542
    titleopenSUSE Security Update : ncurses (openSUSE-2018-1509)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-984.NASL
    descriptionThis update for ncurses fixes the following issues : Security issue fixed : - CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry (bsc#1115929). Non-security issue fixed : - Remove scree.xterm from terminfo data base as with this screen uses fallback TERM=screen (bsc#1103320). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id123401
    published2019-03-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123401
    titleopenSUSE Security Update : ncurses (openSUSE-2019-984)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-3967-1.NASL
    descriptionThis update for ncurses fixes the following issue : Security issue fixed : CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry (bsc#1115929). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-13
    modified2018-12-04
    plugin id119335
    published2018-12-04
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119335
    titleSUSE SLED12 / SLES12 Security Update : ncurses (SUSE-SU-2018:3967-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-4000-1.NASL
    descriptionThis update for ncurses fixes the following issues : Security issue fixed : CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry (bsc#1115929). Non-security issue fixed: Remove scree.xterm from terminfo data base as with this screen uses fallback TERM=screen (bsc#1103320). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-18
    modified2019-01-02
    plugin id120179
    published2019-01-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120179
    titleSUSE SLED15 / SLES15 Security Update : ncurses (SUSE-SU-2018:4000-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2634.NASL
    descriptionAccording to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a
    last seen2020-05-08
    modified2019-12-18
    plugin id132169
    published2019-12-18
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132169
    titleEulerOS 2.0 SP3 : ncurses (EulerOS-SA-2019-2634)

References