Language:
https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html
Severity: Critical
ID: 133101
File Name: debian_DLA-2068.nasl
Version: 1.8
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 1/21/2020
Updated: 3/29/2024
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Factor: Critical
Score: 9.6
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2019-15505
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CVSS Score Source: CVE-2019-17133
CPE: p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-586, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-686-pae, p-cpe:/a:debian:debian_linux:xen-linux-system-3.16.0-9-amd64, p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-armmp-lpae, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-armmp-lpae, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-i386, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-armmp, p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-versatile, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-armel, p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-orion5x, p-cpe:/a:debian:debian_linux:linux-support-3.16.0-9, p-cpe:/a:debian:debian_linux:linux-manual-3.16, p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-amd64-dbg, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-armhf, p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-amd64, p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.9-x86, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-kirkwood, p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-686-pae-dbg, p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.8-arm, p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-ixp4xx, p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-armmp, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-amd64, p-cpe:/a:debian:debian_linux:linux-doc-3.16, p-cpe:/a:debian:debian_linux:linux-libc-dev, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-versatile, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-amd64, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all, p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-586, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-orion5x, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-ixp4xx, p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-kirkwood, p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-686-pae, cpe:/o:debian:debian_linux:8.0, p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-common, p-cpe:/a:debian:debian_linux:linux-source-3.16, p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.8-x86
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/17/2020
Vulnerability Publication Date: 8/16/2019
CISA Known Exploited Vulnerability Due Dates: 5/3/2022
Metasploit (Android Binder Use-After-Free Exploit)
CVE: CVE-2019-10220, CVE-2019-14895, CVE-2019-14896, CVE-2019-14897, CVE-2019-14901, CVE-2019-15098, CVE-2019-15217, CVE-2019-15291, CVE-2019-15505, CVE-2019-16746, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17133, CVE-2019-17666, CVE-2019-19051, CVE-2019-19052, CVE-2019-19056, CVE-2019-19057, CVE-2019-19062, CVE-2019-19066, CVE-2019-19227, CVE-2019-19332, CVE-2019-19523, CVE-2019-19524, CVE-2019-19527, CVE-2019-19530, CVE-2019-19531, CVE-2019-19532, CVE-2019-19533, CVE-2019-19534, CVE-2019-19536, CVE-2019-19537, CVE-2019-19767, CVE-2019-19922, CVE-2019-19947, CVE-2019-19965, CVE-2019-19966, CVE-2019-2215