Detections
Analytics

Debian DLA-3682-1 : ncurses - LTS security update

high Nessus Plugin ID 186526

Language:

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3682 advisory.

 - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)

 - ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security- relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. (CVE-2023-29491)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the ncurses packages.

For Debian 10 buster, these problems have been fixed in version 6.1+20181013-2+deb10u5.

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034372

https://security-tracker.debian.org/tracker/source-package/ncurses

https://www.debian.org/lts/security/2023/dla-3682

https://security-tracker.debian.org/tracker/CVE-2021-39537

https://security-tracker.debian.org/tracker/CVE-2023-29491

https://packages.debian.org/source/buster/ncurses

Plugin Details

Severity: High

ID: 186526

File Name: debian_DLA-3682.nasl

Version: 1.0

Type: local

Agent: unix

Published: 12/3/2023

Updated: 12/3/2023

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2021-39537

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:libtinfo-dev, p-cpe:/a:debian:debian_linux:libtinfo6-dbg, p-cpe:/a:debian:debian_linux:libncurses6, p-cpe:/a:debian:debian_linux:ncurses-doc, p-cpe:/a:debian:debian_linux:libncursesw6-dbg, cpe:/o:debian:debian_linux:10.0, p-cpe:/a:debian:debian_linux:ncurses-term, p-cpe:/a:debian:debian_linux:libncursesw6, p-cpe:/a:debian:debian_linux:libncurses5-dev, p-cpe:/a:debian:debian_linux:libncursesw5, p-cpe:/a:debian:debian_linux:lib64ncurses-dev, p-cpe:/a:debian:debian_linux:lib32ncursesw6, p-cpe:/a:debian:debian_linux:ncurses-bin, p-cpe:/a:debian:debian_linux:lib64ncursesw6, p-cpe:/a:debian:debian_linux:lib64tinfo6, p-cpe:/a:debian:debian_linux:libtinfo5, p-cpe:/a:debian:debian_linux:lib32ncurses-dev, p-cpe:/a:debian:debian_linux:libtinfo6, p-cpe:/a:debian:debian_linux:ncurses-base, p-cpe:/a:debian:debian_linux:lib64ncurses6, p-cpe:/a:debian:debian_linux:libncurses6-dbg, p-cpe:/a:debian:debian_linux:lib32tinfo6, p-cpe:/a:debian:debian_linux:libncurses-dev, p-cpe:/a:debian:debian_linux:libncurses5, p-cpe:/a:debian:debian_linux:libncursesw5-dev, p-cpe:/a:debian:debian_linux:ncurses-examples, p-cpe:/a:debian:debian_linux:lib32ncurses6

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/3/2023

Vulnerability Publication Date: 9/20/2021

Reference Information

CVE: CVE-2021-39537, CVE-2023-29491