NewStart CGSL MAIN 6.02 : libxml2 Multiple Vulnerabilities (NS-SA-2024-0055)

high Nessus Plugin ID 206834

Synopsis

The remote NewStart CGSL host is affected by multiple vulnerabilities.

Description

The remote NewStart CGSL host, running version MAIN 6.02, has libxml2 packages installed that are affected by multiple vulnerabilities:

- A Cross-site scripting (XSS) vulnerability was found in libxml2. A specially crafted input, when serialized and re-parsed by the libxml2 library, will result in a document with element attributes that did not exist in the original document. (CVE-2016-3709)

- A flaw was found in libxml2. Parsing a XML document with the XML_PARSE_HUGE option enabled can result in an integer overflow because safety checks were missing in some functions. Also, the xmlParseEntityValue function didn't have any length limitation. (CVE-2022-40303)

- A flaw was found in libxml2. When a reference cycle is detected in the XML entity cleanup function the XML entity data can be stored in a dictionary. In this case, the dictionary becomes corrupted resulting in logic errors, including memory errors like double free. (CVE-2022-40304)

- A NULL pointer dereference vulnerability was found in libxml2. This issue occurs when parsing (invalid) XML schemas. (CVE-2023-28484)

- A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors. (CVE-2023-29469)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the vulnerable CGSL libxml2 packages. Note that updated packages may not be available yet. Please contact ZTE for more information.

See Also

https://security.gd-linux.com/notice/NS-SA-2024-0055

https://security.gd-linux.com/info/CVE-2016-3709

https://security.gd-linux.com/info/CVE-2022-40303

https://security.gd-linux.com/info/CVE-2022-40304

https://security.gd-linux.com/info/CVE-2023-28484

https://security.gd-linux.com/info/CVE-2023-29469

Plugin Details

Severity: High

ID: 206834

File Name: newstart_cgsl_NS-SA-2024-0055_libxml2.nasl

Version: 1.1

Type: local

Published: 9/10/2024

Updated: 9/10/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-40304

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:zte:cgsl_main:6, p-cpe:/a:zte:cgsl_main:libxml2, p-cpe:/a:zte:cgsl_main:libxml2-devel, p-cpe:/a:zte:cgsl_main:python3-libxml2

Required KB Items: Host/local_checks_enabled, Host/ZTE-CGSL/release, Host/ZTE-CGSL/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/3/2024

Vulnerability Publication Date: 7/28/2022

Reference Information

CVE: CVE-2016-3709, CVE-2022-40303, CVE-2022-40304, CVE-2023-28484, CVE-2023-29469