Vulnerabilities > CVE-2020-13398 - Out-of-bounds Write vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
LOW Summary
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 25 | |
OS | 2 | |
OS | 1 | |
OS | 4 |
Common Weakness Enumeration (CWE)
Nessus
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2020-2406.NASL description The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2406 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-11 modified 2020-06-05 plugin id 137152 published 2020-06-05 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137152 title CentOS 6 : freerdp (CESA-2020:2406) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:2406 and # CentOS Errata and Security Advisory 2020:2406 respectively. # include("compat.inc"); if (description) { script_id(137152); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/10"); script_cve_id("CVE-2020-13398"); script_xref(name:"RHSA", value:"2020:2406"); script_name(english:"CentOS 6 : freerdp (CESA-2020:2406)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2406 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number." ); # https://lists.centos.org/pipermail/centos-announce/2020-June/035749.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ac7f32f6" ); script_set_attribute( attribute:"solution", value:"Update the affected freerdp packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-13398"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:freerdp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:freerdp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:freerdp-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:freerdp-plugins"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/22"); script_set_attribute(attribute:"patch_publication_date", value:"2020/06/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/05"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 6.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-6", reference:"freerdp-1.0.2-7.el6_10")) flag++; if (rpm_check(release:"CentOS-6", reference:"freerdp-devel-1.0.2-7.el6_10")) flag++; if (rpm_check(release:"CentOS-6", reference:"freerdp-libs-1.0.2-7.el6_10")) flag++; if (rpm_check(release:"CentOS-6", reference:"freerdp-plugins-1.0.2-7.el6_10")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "freerdp / freerdp-devel / freerdp-libs / freerdp-plugins"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-2415.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2415 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-12 modified 2020-06-08 plugin id 137237 published 2020-06-08 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137237 title RHEL 8 : freerdp (RHSA-2020:2415) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:2415. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(137237); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/10"); script_cve_id("CVE-2020-13398"); script_xref(name:"RHSA", value:"2020:2415"); script_name(english:"RHEL 8 : freerdp (RHSA-2020:2415)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing a security update."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2415 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/805.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/787.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:2415"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-13398"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1841199"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-13398"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_cwe_id(122, 787, 805); script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/22"); script_set_attribute(attribute:"patch_publication_date", value:"2020/06/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/08"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_eus:8.1"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_eus:8.1::appstream"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_eus:8.1::crb"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libwinpr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libwinpr-devel"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^8\.1([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); pkgs = [ {'reference':'freerdp-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'s390x', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-debugsource-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-debugsource-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'i686', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-debugsource-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'s390x', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-debugsource-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-devel-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-devel-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'i686', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-devel-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'s390x', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-devel-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-libs-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-libs-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'i686', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-libs-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'s390x', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'freerdp-libs-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'libwinpr-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'libwinpr-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'i686', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'libwinpr-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'s390x', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'libwinpr-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'libwinpr-devel-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'libwinpr-devel-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'i686', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'libwinpr-devel-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'s390x', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}, {'reference':'libwinpr-devel-2.0.0-46.rc4.el8_1.2', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_1', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'} ]; flag = 0; foreach package_array ( pkgs ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; allowmaj = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj']; if (reference && release) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++; } } if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'freerdp / freerdp-debugsource / freerdp-devel / etc'); }
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-2405.NASL description From Red Hat Security Advisory 2020:2405 : The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2405 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-11 modified 2020-06-08 plugin id 137222 published 2020-06-08 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137222 title Oracle Linux 7 : freerdp (ELSA-2020-2405) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:2405 and # Oracle Linux Security Advisory ELSA-2020-2405 respectively. # include("compat.inc"); if (description) { script_id(137222); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/10"); script_cve_id("CVE-2020-13398"); script_xref(name:"RHSA", value:"2020:2405"); script_name(english:"Oracle Linux 7 : freerdp (ELSA-2020-2405)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2020:2405 : The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2405 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2020-June/010004.html" ); script_set_attribute( attribute:"solution", value:"Update the affected freerdp packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:freerdp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:freerdp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:freerdp-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libwinpr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libwinpr-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/22"); script_set_attribute(attribute:"patch_publication_date", value:"2020/06/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/08"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 7", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu); flag = 0; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"freerdp-2.0.0-4.rc4.el7_8.1")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"freerdp-devel-2.0.0-4.rc4.el7_8.1")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"freerdp-libs-2.0.0-4.rc4.el7_8.1")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libwinpr-2.0.0-4.rc4.el7_8.1")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"libwinpr-devel-2.0.0-4.rc4.el7_8.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "freerdp / freerdp-devel / freerdp-libs / libwinpr / libwinpr-devel"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-2406.NASL description The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2406 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-10 modified 2020-06-05 plugin id 137138 published 2020-06-05 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137138 title RHEL 6 : freerdp (RHSA-2020:2406) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:2406. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(137138); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/08"); script_cve_id("CVE-2020-13398"); script_xref(name:"RHSA", value:"2020:2406"); script_name(english:"RHEL 6 : freerdp (RHSA-2020:2406)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing a security update."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2406 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/805.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/787.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:2406"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-13398"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1841199"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-13398"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_cwe_id(122, 787, 805); script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/22"); script_set_attribute(attribute:"patch_publication_date", value:"2020/06/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/05"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6::client"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6::server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6::workstation"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp-plugins"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); pkgs = [ {'reference':'freerdp-1.0.2-7.el6_10', 'cpu':'i686', 'release':'6'}, {'reference':'freerdp-1.0.2-7.el6_10', 'cpu':'s390x', 'release':'6'}, {'reference':'freerdp-1.0.2-7.el6_10', 'cpu':'x86_64', 'release':'6'}, {'reference':'freerdp-devel-1.0.2-7.el6_10', 'cpu':'i686', 'release':'6'}, {'reference':'freerdp-devel-1.0.2-7.el6_10', 'cpu':'s390', 'release':'6'}, {'reference':'freerdp-devel-1.0.2-7.el6_10', 'cpu':'s390x', 'release':'6'}, {'reference':'freerdp-devel-1.0.2-7.el6_10', 'cpu':'x86_64', 'release':'6'}, {'reference':'freerdp-libs-1.0.2-7.el6_10', 'cpu':'i686', 'release':'6'}, {'reference':'freerdp-libs-1.0.2-7.el6_10', 'cpu':'s390', 'release':'6'}, {'reference':'freerdp-libs-1.0.2-7.el6_10', 'cpu':'s390x', 'release':'6'}, {'reference':'freerdp-libs-1.0.2-7.el6_10', 'cpu':'x86_64', 'release':'6'}, {'reference':'freerdp-plugins-1.0.2-7.el6_10', 'cpu':'i686', 'release':'6'}, {'reference':'freerdp-plugins-1.0.2-7.el6_10', 'cpu':'s390x', 'release':'6'}, {'reference':'freerdp-plugins-1.0.2-7.el6_10', 'cpu':'x86_64', 'release':'6'} ]; flag = 0; foreach package_array ( pkgs ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; allowmaj = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj']; if (reference && release) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++; } } if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'freerdp / freerdp-devel / freerdp-libs / etc'); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-2407.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2407 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-10 modified 2020-06-05 plugin id 137140 published 2020-06-05 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137140 title RHEL 8 : freerdp (RHSA-2020:2407) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:2407. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(137140); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/08"); script_cve_id("CVE-2020-13398"); script_xref(name:"RHSA", value:"2020:2407"); script_name(english:"RHEL 8 : freerdp (RHSA-2020:2407)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing a security update."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2407 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/805.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/787.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:2407"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-13398"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1841199"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-13398"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_cwe_id(122, 787, 805); script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/22"); script_set_attribute(attribute:"patch_publication_date", value:"2020/06/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/05"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:enterprise_linux:8::appstream"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:enterprise_linux:8::crb"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libwinpr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libwinpr-devel"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); pkgs = [ {'reference':'freerdp-2.0.0-46.rc4.el8_2.2', 'cpu':'aarch64', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-2.0.0-46.rc4.el8_2.2', 'cpu':'s390x', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-2.0.0-46.rc4.el8_2.2', 'cpu':'x86_64', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-debugsource-2.0.0-46.rc4.el8_2.2', 'cpu':'aarch64', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-debugsource-2.0.0-46.rc4.el8_2.2', 'cpu':'i686', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-debugsource-2.0.0-46.rc4.el8_2.2', 'cpu':'s390x', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-debugsource-2.0.0-46.rc4.el8_2.2', 'cpu':'x86_64', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-devel-2.0.0-46.rc4.el8_2.2', 'cpu':'aarch64', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-devel-2.0.0-46.rc4.el8_2.2', 'cpu':'i686', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-devel-2.0.0-46.rc4.el8_2.2', 'cpu':'s390x', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-devel-2.0.0-46.rc4.el8_2.2', 'cpu':'x86_64', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-libs-2.0.0-46.rc4.el8_2.2', 'cpu':'aarch64', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-libs-2.0.0-46.rc4.el8_2.2', 'cpu':'i686', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-libs-2.0.0-46.rc4.el8_2.2', 'cpu':'s390x', 'release':'8', 'epoch':'2'}, {'reference':'freerdp-libs-2.0.0-46.rc4.el8_2.2', 'cpu':'x86_64', 'release':'8', 'epoch':'2'}, {'reference':'libwinpr-2.0.0-46.rc4.el8_2.2', 'cpu':'aarch64', 'release':'8', 'epoch':'2'}, {'reference':'libwinpr-2.0.0-46.rc4.el8_2.2', 'cpu':'i686', 'release':'8', 'epoch':'2'}, {'reference':'libwinpr-2.0.0-46.rc4.el8_2.2', 'cpu':'s390x', 'release':'8', 'epoch':'2'}, {'reference':'libwinpr-2.0.0-46.rc4.el8_2.2', 'cpu':'x86_64', 'release':'8', 'epoch':'2'}, {'reference':'libwinpr-devel-2.0.0-46.rc4.el8_2.2', 'cpu':'aarch64', 'release':'8', 'epoch':'2'}, {'reference':'libwinpr-devel-2.0.0-46.rc4.el8_2.2', 'cpu':'i686', 'release':'8', 'epoch':'2'}, {'reference':'libwinpr-devel-2.0.0-46.rc4.el8_2.2', 'cpu':'s390x', 'release':'8', 'epoch':'2'}, {'reference':'libwinpr-devel-2.0.0-46.rc4.el8_2.2', 'cpu':'x86_64', 'release':'8', 'epoch':'2'} ]; flag = 0; foreach package_array ( pkgs ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; allowmaj = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj']; if (reference && release) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++; } } if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'freerdp / freerdp-debugsource / freerdp-devel / etc'); }
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4379-1.NASL description It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly exeucte arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-06 modified 2020-06-02 plugin id 137045 published 2020-06-02 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137045 title Ubuntu 18.04 LTS / 19.10 / 20.04 : freerdp2 vulnerabilities (USN-4379-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-4379-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(137045); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/05"); script_cve_id("CVE-2018-1000852", "CVE-2019-17177", "CVE-2020-11042", "CVE-2020-11044", "CVE-2020-11045", "CVE-2020-11046", "CVE-2020-11047", "CVE-2020-11048", "CVE-2020-11049", "CVE-2020-11058", "CVE-2020-11521", "CVE-2020-11522", "CVE-2020-11523", "CVE-2020-11524", "CVE-2020-11525", "CVE-2020-11526", "CVE-2020-13396", "CVE-2020-13397", "CVE-2020-13398"); script_xref(name:"USN", value:"4379-1"); script_name(english:"Ubuntu 18.04 LTS / 19.10 / 20.04 : freerdp2 vulnerabilities (USN-4379-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly exeucte arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/4379-1/" ); script_set_attribute( attribute:"solution", value: "Update the affected libfreerdp-client2-2, libfreerdp-server2-2 and / or libfreerdp2-2 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libfreerdp-client2-2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libfreerdp-server2-2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libfreerdp2-2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/20"); script_set_attribute(attribute:"patch_publication_date", value:"2020/06/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(18\.04|19\.10|20\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 18.04 / 19.10 / 20.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"18.04", pkgname:"libfreerdp-client2-2", pkgver:"2.1.1+dfsg1-0ubuntu0.18.04.1")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"libfreerdp-server2-2", pkgver:"2.1.1+dfsg1-0ubuntu0.18.04.1")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"libfreerdp2-2", pkgver:"2.1.1+dfsg1-0ubuntu0.18.04.1")) flag++; if (ubuntu_check(osver:"19.10", pkgname:"libfreerdp-client2-2", pkgver:"2.1.1+dfsg1-0ubuntu0.19.10.1")) flag++; if (ubuntu_check(osver:"19.10", pkgname:"libfreerdp-server2-2", pkgver:"2.1.1+dfsg1-0ubuntu0.19.10.1")) flag++; if (ubuntu_check(osver:"19.10", pkgname:"libfreerdp2-2", pkgver:"2.1.1+dfsg1-0ubuntu0.19.10.1")) flag++; if (ubuntu_check(osver:"20.04", pkgname:"libfreerdp-client2-2", pkgver:"2.1.1+dfsg1-0ubuntu0.20.04.1")) flag++; if (ubuntu_check(osver:"20.04", pkgname:"libfreerdp-server2-2", pkgver:"2.1.1+dfsg1-0ubuntu0.20.04.1")) flag++; if (ubuntu_check(osver:"20.04", pkgname:"libfreerdp2-2", pkgver:"2.1.1+dfsg1-0ubuntu0.20.04.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libfreerdp-client2-2 / libfreerdp-server2-2 / libfreerdp2-2"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-2405.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2405 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-10 modified 2020-06-05 plugin id 137186 published 2020-06-05 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137186 title RHEL 7 : freerdp (RHSA-2020:2405) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:2405. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(137186); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/08"); script_cve_id("CVE-2020-13398"); script_xref(name:"RHSA", value:"2020:2405"); script_name(english:"RHEL 7 : freerdp (RHSA-2020:2405)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing a security update."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2405 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/805.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/787.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:2405"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-13398"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1841199"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-13398"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_cwe_id(122, 787, 805); script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/22"); script_set_attribute(attribute:"patch_publication_date", value:"2020/06/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/05"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7::client"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7::server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7::workstation"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:freerdp-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libwinpr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libwinpr-devel"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); pkgs = [ {'reference':'freerdp-2.0.0-4.rc4.el7_8.1', 'cpu':'s390x', 'release':'7'}, {'reference':'freerdp-2.0.0-4.rc4.el7_8.1', 'cpu':'x86_64', 'release':'7'}, {'reference':'freerdp-devel-2.0.0-4.rc4.el7_8.1', 'cpu':'i686', 'release':'7'}, {'reference':'freerdp-devel-2.0.0-4.rc4.el7_8.1', 'cpu':'s390', 'release':'7'}, {'reference':'freerdp-devel-2.0.0-4.rc4.el7_8.1', 'cpu':'s390x', 'release':'7'}, {'reference':'freerdp-devel-2.0.0-4.rc4.el7_8.1', 'cpu':'x86_64', 'release':'7'}, {'reference':'freerdp-libs-2.0.0-4.rc4.el7_8.1', 'cpu':'i686', 'release':'7'}, {'reference':'freerdp-libs-2.0.0-4.rc4.el7_8.1', 'cpu':'s390', 'release':'7'}, {'reference':'freerdp-libs-2.0.0-4.rc4.el7_8.1', 'cpu':'s390x', 'release':'7'}, {'reference':'freerdp-libs-2.0.0-4.rc4.el7_8.1', 'cpu':'x86_64', 'release':'7'}, {'reference':'libwinpr-2.0.0-4.rc4.el7_8.1', 'cpu':'i686', 'release':'7'}, {'reference':'libwinpr-2.0.0-4.rc4.el7_8.1', 'cpu':'s390', 'release':'7'}, {'reference':'libwinpr-2.0.0-4.rc4.el7_8.1', 'cpu':'s390x', 'release':'7'}, {'reference':'libwinpr-2.0.0-4.rc4.el7_8.1', 'cpu':'x86_64', 'release':'7'}, {'reference':'libwinpr-devel-2.0.0-4.rc4.el7_8.1', 'cpu':'i686', 'release':'7'}, {'reference':'libwinpr-devel-2.0.0-4.rc4.el7_8.1', 'cpu':'s390', 'release':'7'}, {'reference':'libwinpr-devel-2.0.0-4.rc4.el7_8.1', 'cpu':'s390x', 'release':'7'}, {'reference':'libwinpr-devel-2.0.0-4.rc4.el7_8.1', 'cpu':'x86_64', 'release':'7'} ]; flag = 0; foreach package_array ( pkgs ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; allowmaj = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj']; if (reference && release) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++; } } if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'freerdp / freerdp-devel / freerdp-libs / etc'); }
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4382-1.NASL description It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-10 modified 2020-06-05 plugin id 137178 published 2020-06-05 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137178 title Ubuntu 16.04 LTS : freerdp vulnerabilities (USN-4382-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-4382-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(137178); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/09"); script_cve_id("CVE-2020-11042", "CVE-2020-11045", "CVE-2020-11046", "CVE-2020-11048", "CVE-2020-11049", "CVE-2020-11058", "CVE-2020-11521", "CVE-2020-11522", "CVE-2020-11523", "CVE-2020-11525", "CVE-2020-11526", "CVE-2020-13396", "CVE-2020-13397", "CVE-2020-13398"); script_xref(name:"USN", value:"4382-1"); script_name(english:"Ubuntu 16.04 LTS : freerdp vulnerabilities (USN-4382-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/4382-1/" ); script_set_attribute( attribute:"solution", value: "Update the affected libfreerdp-client1.1, libfreerdp-common1.1.0 and / or libfreerdp-core1.1 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libfreerdp-client1.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libfreerdp-common1.1.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libfreerdp-core1.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/07"); script_set_attribute(attribute:"patch_publication_date", value:"2020/06/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/05"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(16\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"16.04", pkgname:"libfreerdp-client1.1", pkgver:"1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.4")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"libfreerdp-common1.1.0", pkgver:"1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.4")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"libfreerdp-core1.1", pkgver:"1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.4")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libfreerdp-client1.1 / libfreerdp-common1.1.0 / libfreerdp-core1.1"); }
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-2406.NASL description From Red Hat Security Advisory 2020:2406 : The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2406 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-11 modified 2020-06-08 plugin id 137223 published 2020-06-08 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137223 title Oracle Linux 6 : freerdp (ELSA-2020-2406) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-2407.NASL description From Red Hat Security Advisory 2020:2407 : The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2407 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-11 modified 2020-06-08 plugin id 137224 published 2020-06-08 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137224 title Oracle Linux 8 : freerdp (ELSA-2020-2407) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-2417.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2417 advisory. - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-12 modified 2020-06-08 plugin id 137240 published 2020-06-08 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137240 title RHEL 8 : freerdp (RHSA-2020:2417) NASL family Scientific Linux Local Security Checks NASL id SL_20200609_FREERDP_ON_SL6_X.NASL description Security Fix(es) : - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) last seen 2020-06-13 modified 2020-06-10 plugin id 137292 published 2020-06-10 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137292 title Scientific Linux Security Update : freerdp on SL6.x i386/x86_64 (20200609) NASL family Scientific Linux Local Security Checks NASL id SL_20200609_FREERDP_ON_SL7_X.NASL description Security Fix(es) : - freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) last seen 2020-06-13 modified 2020-06-10 plugin id 137293 published 2020-06-10 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137293 title Scientific Linux Security Update : freerdp on SL7.x x86_64 (20200609)
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
References
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
- https://github.com/FreeRDP/FreeRDP/commit/8305349a943c68b1bc8c158f431dc607655aadea
- https://github.com/FreeRDP/FreeRDP/commit/8fb6336a4072abcee8ce5bd6ae91104628c7bb69
- https://github.com/FreeRDP/FreeRDP/compare/2.1.0...2.1.1
- https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html
- https://usn.ubuntu.com/4379-1/
- https://usn.ubuntu.com/4382-1/
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
- https://usn.ubuntu.com/4382-1/
- https://usn.ubuntu.com/4379-1/
- https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html
- https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html
- https://github.com/FreeRDP/FreeRDP/compare/2.1.0...2.1.1
- https://github.com/FreeRDP/FreeRDP/commit/8fb6336a4072abcee8ce5bd6ae91104628c7bb69
- https://github.com/FreeRDP/FreeRDP/commit/8305349a943c68b1bc8c158f431dc607655aadea