Debian DSA-4500-1 : chromium - security update - Nessus
High Plugin ID: 127868This page contains detailed information about the Debian DSA-4500-1 : chromium - security update Nessus plugin including available exploits and PoCs found on GitHub, in Metasploit or Exploit-DB for verifying of this vulnerability.
Plugin Overview
ID: 127868
Name: Debian DSA-4500-1 : chromium - security update
Filename: debian_DSA-4500.nasl
Vulnerability Published: 2019-06-27
This Plugin Published: 2019-08-14
Last Modification Time: 2020-03-09
Plugin Version: 1.6
Plugin Type: local
Plugin Family: Debian Local Security Checks
Dependencies:
ssh_get_info.nasl
Required KB Items [?]: Host/Debian/dpkg-l, Host/Debian/release, Host/local_checks_enabled
Vulnerability Information
Severity: High
Vulnerability Published: 2019-06-27
Patch Published: 2019-08-12
CVE [?]: CVE-2019-5805, CVE-2019-5806, CVE-2019-5807, CVE-2019-5808, CVE-2019-5809, CVE-2019-5810, CVE-2019-5811, CVE-2019-5813, CVE-2019-5814, CVE-2019-5815, CVE-2019-5818, CVE-2019-5819, CVE-2019-5820, CVE-2019-5821, CVE-2019-5822, CVE-2019-5823, CVE-2019-5824, CVE-2019-5825, CVE-2019-5826, CVE-2019-5827, CVE-2019-5828, CVE-2019-5829, CVE-2019-5830, CVE-2019-5831, CVE-2019-5832, CVE-2019-5833, CVE-2019-5834, CVE-2019-5836, CVE-2019-5837, CVE-2019-5838, CVE-2019-5839, CVE-2019-5840, CVE-2019-5842, CVE-2019-5847, CVE-2019-5848, CVE-2019-5849, CVE-2019-5850, CVE-2019-5851, CVE-2019-5852, CVE-2019-5853, CVE-2019-5854, CVE-2019-5855, CVE-2019-5856, CVE-2019-5857, CVE-2019-5858, CVE-2019-5859, CVE-2019-5860, CVE-2019-5861, CVE-2019-5862, CVE-2019-5864, CVE-2019-5865, CVE-2019-5867, CVE-2019-5868
CPE [?]: cpe:/o:debian:debian_linux:10.0, p-cpe:/a:debian:debian_linux:chromium
Synopsis
The remote Debian host is missing a security-related update.
Description
Several vulnerabilities have been discovered in the chromium web browser.
- CVE-2019-5805 A use-after-free issue was discovered in the pdfium library.
- CVE-2019-5806 Wen Xu discovered an integer overflow issue in the Angle library.
- CVE-2019-5807 TimGMichaud discovered a memory corruption issue in the v8 JavaScript library.
- CVE-2019-5808 cloudfuzzer discovered a use-after-free issue in Blink/Webkit.
- CVE-2019-5809 Mark Brand discovered a use-after-free issue in Blink/Webkit.
- CVE-2019-5810 Mark Amery discovered an information disclosure issue.
- CVE-2019-5811 Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature.
- CVE-2019-5813 Aleksandar Nikolic discovered an out-of-bounds read issue in the v8 JavaScript library.
- CVE-2019-5814 @AaylaSecura1138 discovered a way to bypass the Cross-Origin Resource Sharing feature.
- CVE-2019-5815 Nicolas Gregoire discovered a buffer overflow issue in Blink/Webkit.
- CVE-2019-5818 Adrian Tolbaru discovered an uninitialized value issue.
- CVE-2019-5819 Svyat Mitin discovered an error in the developer tools.
- CVE-2019-5820 pdknsk discovered an integer overflow issue in the pdfium library.
- CVE-2019-5821 pdknsk discovered another integer overflow issue in the pdfium library.
- CVE-2019-5822 Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature.
- CVE-2019-5823 David Erceg discovered a navigation error.
- CVE-2019-5824 leecraso and Guang Gong discovered an error in the media player.
- CVE-2019-5825 Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered an out-of-bounds write issue in the v8 JavaScript library.
- CVE-2019-5826 Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered a use-after-free issue.
- CVE-2019-5827 mlfbrown discovered an out-of-bounds read issue in the sqlite library.
- CVE-2019-5828 leecraso and Guang Gong discovered a use-after-free issue.
- CVE-2019-5829 Lucas Pinheiro discovered a use-after-free issue.
- CVE-2019-5830 Andrew Krashichkov discovered a credential error in the Cross-Origin Resource Sharing feature.
- CVE-2019-5831 yngwei discovered a map error in the v8 JavaScript library.
- CVE-2019-5832 Sergey Shekyan discovered an error in the Cross-Origin Resource Sharing feature.
- CVE-2019-5833 Khalil Zhani discovered a user interface error.
- CVE-2019-5834 Khalil Zhani discovered a URL spoofing issue.
- CVE-2019-5836 Omair discovered a buffer overflow issue in the Angle library.
- CVE-2019-5837 Adam Iawniuk discovered an information disclosure issue.
- CVE-2019-5838 David Erceg discovered an error in extension permissions.
- CVE-2019-5839 Masato Kinugawa discovered implementation errors in Blink/Webkit.
- CVE-2019-5840 Eliya Stein and Jerome Dangu discovered a way to bypass the popup blocker.
- CVE-2019-5842 BUGFENSE discovered a use-after-free issue in Blink/Webkit.
- CVE-2019-5847 m3plex discovered an error in the v8 JavaScript library.
- CVE-2019-5848 Mark Amery discovered an information disclosure issue.
- CVE-2019-5849 Zhen Zhou discovered an out-of-bounds read in the Skia library.
- CVE-2019-5850 Brendon Tiszka discovered a use-after-free issue in the offline page fetcher.
- CVE-2019-5851 Zhe Jin discovered a use-after-poison issue.
- CVE-2019-5852 David Erceg discovered an information disclosure issue.
- CVE-2019-5853 Yngwei and sakura discovered a memory corruption issue.
- CVE-2019-5854 Zhen Zhou discovered an integer overflow issue in the pdfium library.
- CVE-2019-5855 Zhen Zhou discovered an integer overflow issue in the pdfium library.
- CVE-2019-5856 Yongke Wang discovered an error related to filesystem: URI permissions.
- CVE-2019-5857 cloudfuzzer discovered a way to crash chromium.
- CVE-2019-5858 evil1m0 discovered an information disclosure issue.
- CVE-2019-5859 James Lee discovered a way to launch alternative browsers.
- CVE-2019-5860 A use-after-free issue was discovered in the v8 JavaScript library.
- CVE-2019-5861 Robin Linus discovered an error determining click location.
- CVE-2019-5862 Jun Kokatsu discovered an error in the AppCache implementation.
- CVE-2019-5864 Devin Grindle discovered an error in the Cross-Origin Resourse Sharing feature for extensions.
- CVE-2019-5865 Ivan Fratric discovered a way to bypass the site isolation feature.
- CVE-2019-5867 Lucas Pinheiro discovered an out-of-bounds read issue in the v8 JavaScript library.
- CVE-2019-5868 banananapenguin discovered a use-after-free issue in the v8 JavaScript library.
Solution
Upgrade the chromium packages.
For the stable distribution (buster), these problems have been fixed in version 76.0.3809.100-1~deb10u1.
Public Exploits
Target Network Port(s): N/A
Target Asset(s): N/A
Exploit Available: True (Metasploit Framework, Exploit-DB, GitHub)
Exploit Ease: Exploits are available
Here's the list of publicly known exploits and PoCs for verifying the Debian DSA-4500-1 : chromium - security update vulnerability:
- Metasploit: exploit/multi/browser/chrome_array_map
[Google Chrome 72 and 73 Array.map exploit] - Exploit-DB: exploits/multiple/remote/48183.rb
[EDB-48183: Google Chrome 72 and 73 - Array.map Out-of-Bounds Write (Metasploit)] - GitHub: https://github.com/sslab-gatech/freedom
[CVE-2019-5806] - GitHub: https://github.com/ZihanYe/web-browser-vulnerabilities
[CVE-2019-5808] - GitHub: https://github.com/allpaca/chrome-sbx-db
[CVE-2019-5809] - GitHub: https://github.com/Silence-Rain/14-828_Exploitation_of_CVE-2019-5822
[CVE-2019-5822] - GitHub: https://github.com/fs0c-sh/exploits
[CVE-2019-5825] - GitHub: https://github.com/timwr/CVE-2019-5825
[CVE-2019-5825] - GitHub: https://github.com/Kiprey/Skr_Learning
[CVE-2019-5826] - GitHub: https://github.com/SexyBeast233/SecBooks
[CVE-2019-5826] - GitHub: https://github.com/allpaca/chrome-sbx-db
[CVE-2019-5826] - GitHub: https://github.com/farif/cve_2019-5827
[CVE-2019-5827: Heap Corruption] - GitHub: https://github.com/googleprojectzero/fuzzilli
[CVE-2019-5831] - GitHub: https://github.com/googleprojectzero/fuzzilli
[CVE-2019-5847] - GitHub: https://github.com/allpaca/chrome-sbx-db
[CVE-2019-5850] - GitHub: https://github.com/googleprojectzero/fuzzilli
[CVE-2019-5853] - GitHub: https://github.com/allpaca/chrome-sbx-db
[CVE-2019-5859]
Before running any exploit against any system, make sure you are authorized by the owner of the target system(s) to perform such activity. In any other case, this would be considered as an illegal activity.
WARNING: Beware of using unverified exploits from sources such as GitHub or Exploit-DB. These exploits and PoCs could contain malware. For more information, see how to use exploits safely.
Risk Information
CVSS Score Source [?]: CVE-2019-5859
CVSS V2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C
CVSS Base Score: | 6.8 (Medium) |
Impact Subscore: | 6.4 |
Exploitability Subscore: | 8.6 |
CVSS Temporal Score: | 5.6 (Medium) |
CVSS Environmental Score: | NA (None) |
Modified Impact Subscore: | NA |
Overall CVSS Score: | 5.6 (Medium) |
CVSS Base Score: | 8.8 (High) |
Impact Subscore: | 5.9 |
Exploitability Subscore: | 2.8 |
CVSS Temporal Score: | 8.2 (High) |
CVSS Environmental Score: | NA (None) |
Modified Impact Subscore: | NA |
Overall CVSS Score: | 8.2 (High) |
Go back to menu.
Plugin Source
This is the debian_DSA-4500.nasl nessus plugin source code. This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-4500. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include("compat.inc");
if (description)
{
script_id(127868);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/09");
script_cve_id("CVE-2019-5805", "CVE-2019-5806", "CVE-2019-5807", "CVE-2019-5808", "CVE-2019-5809", "CVE-2019-5810", "CVE-2019-5811", "CVE-2019-5813", "CVE-2019-5814", "CVE-2019-5815", "CVE-2019-5818", "CVE-2019-5819", "CVE-2019-5820", "CVE-2019-5821", "CVE-2019-5822", "CVE-2019-5823", "CVE-2019-5824", "CVE-2019-5825", "CVE-2019-5826", "CVE-2019-5827", "CVE-2019-5828", "CVE-2019-5829", "CVE-2019-5830", "CVE-2019-5831", "CVE-2019-5832", "CVE-2019-5833", "CVE-2019-5834", "CVE-2019-5836", "CVE-2019-5837", "CVE-2019-5838", "CVE-2019-5839", "CVE-2019-5840", "CVE-2019-5842", "CVE-2019-5847", "CVE-2019-5848", "CVE-2019-5849", "CVE-2019-5850", "CVE-2019-5851", "CVE-2019-5852", "CVE-2019-5853", "CVE-2019-5854", "CVE-2019-5855", "CVE-2019-5856", "CVE-2019-5857", "CVE-2019-5858", "CVE-2019-5859", "CVE-2019-5860", "CVE-2019-5861", "CVE-2019-5862", "CVE-2019-5864", "CVE-2019-5865", "CVE-2019-5867", "CVE-2019-5868");
script_xref(name:"DSA", value:"4500");
script_name(english:"Debian DSA-4500-1 : chromium - security update");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Several vulnerabilities have been discovered in the chromium web
browser.
- CVE-2019-5805
A use-after-free issue was discovered in the pdfium
library.
- CVE-2019-5806
Wen Xu discovered an integer overflow issue in the Angle
library.
- CVE-2019-5807
TimGMichaud discovered a memory corruption issue in the
v8 JavaScript library.
- CVE-2019-5808
cloudfuzzer discovered a use-after-free issue in
Blink/Webkit.
- CVE-2019-5809
Mark Brand discovered a use-after-free issue in
Blink/Webkit.
- CVE-2019-5810
Mark Amery discovered an information disclosure issue.
- CVE-2019-5811
Jun Kokatsu discovered a way to bypass the Cross-Origin
Resource Sharing feature.
- CVE-2019-5813
Aleksandar Nikolic discovered an out-of-bounds read
issue in the v8 JavaScript library.
- CVE-2019-5814
@AaylaSecura1138 discovered a way to bypass the
Cross-Origin Resource Sharing feature.
- CVE-2019-5815
Nicolas Gregoire discovered a buffer overflow issue in
Blink/Webkit.
- CVE-2019-5818
Adrian Tolbaru discovered an uninitialized value issue.
- CVE-2019-5819
Svyat Mitin discovered an error in the developer tools.
- CVE-2019-5820
pdknsk discovered an integer overflow issue in the
pdfium library.
- CVE-2019-5821
pdknsk discovered another integer overflow issue in the
pdfium library.
- CVE-2019-5822
Jun Kokatsu discovered a way to bypass the Cross-Origin
Resource Sharing feature.
- CVE-2019-5823
David Erceg discovered a navigation error.
- CVE-2019-5824
leecraso and Guang Gong discovered an error in the media
player.
- CVE-2019-5825
Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu
discovered an out-of-bounds write issue in the v8
JavaScript library.
- CVE-2019-5826
Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu
discovered a use-after-free issue.
- CVE-2019-5827
mlfbrown discovered an out-of-bounds read issue in the
sqlite library.
- CVE-2019-5828
leecraso and Guang Gong discovered a use-after-free
issue.
- CVE-2019-5829
Lucas Pinheiro discovered a use-after-free issue.
- CVE-2019-5830
Andrew Krashichkov discovered a credential error in the
Cross-Origin Resource Sharing feature.
- CVE-2019-5831
yngwei discovered a map error in the v8 JavaScript
library.
- CVE-2019-5832
Sergey Shekyan discovered an error in the Cross-Origin
Resource Sharing feature.
- CVE-2019-5833
Khalil Zhani discovered a user interface error.
- CVE-2019-5834
Khalil Zhani discovered a URL spoofing issue.
- CVE-2019-5836
Omair discovered a buffer overflow issue in the Angle
library.
- CVE-2019-5837
Adam Iawniuk discovered an information disclosure issue.
- CVE-2019-5838
David Erceg discovered an error in extension
permissions.
- CVE-2019-5839
Masato Kinugawa discovered implementation errors in
Blink/Webkit.
- CVE-2019-5840
Eliya Stein and Jerome Dangu discovered a way to bypass
the popup blocker.
- CVE-2019-5842
BUGFENSE discovered a use-after-free issue in
Blink/Webkit.
- CVE-2019-5847
m3plex discovered an error in the v8 JavaScript library.
- CVE-2019-5848
Mark Amery discovered an information disclosure issue.
- CVE-2019-5849
Zhen Zhou discovered an out-of-bounds read in the Skia
library.
- CVE-2019-5850
Brendon Tiszka discovered a use-after-free issue in the
offline page fetcher.
- CVE-2019-5851
Zhe Jin discovered a use-after-poison issue.
- CVE-2019-5852
David Erceg discovered an information disclosure issue.
- CVE-2019-5853
Yngwei and sakura discovered a memory corruption issue.
- CVE-2019-5854
Zhen Zhou discovered an integer overflow issue in the
pdfium library.
- CVE-2019-5855
Zhen Zhou discovered an integer overflow issue in the
pdfium library.
- CVE-2019-5856
Yongke Wang discovered an error related to filesystem:
URI permissions.
- CVE-2019-5857
cloudfuzzer discovered a way to crash chromium.
- CVE-2019-5858
evil1m0 discovered an information disclosure issue.
- CVE-2019-5859
James Lee discovered a way to launch alternative
browsers.
- CVE-2019-5860
A use-after-free issue was discovered in the v8
JavaScript library.
- CVE-2019-5861
Robin Linus discovered an error determining click
location.
- CVE-2019-5862
Jun Kokatsu discovered an error in the AppCache
implementation.
- CVE-2019-5864
Devin Grindle discovered an error in the Cross-Origin
Resourse Sharing feature for extensions.
- CVE-2019-5865
Ivan Fratric discovered a way to bypass the site
isolation feature.
- CVE-2019-5867
Lucas Pinheiro discovered an out-of-bounds read issue in
the v8 JavaScript library.
- CVE-2019-5868
banananapenguin discovered a use-after-free issue in the
v8 JavaScript library."
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5805"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5806"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5807"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5808"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5809"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5810"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5811"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5813"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5814"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5815"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5818"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5819"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5820"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5821"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5822"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5823"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5824"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5825"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5826"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5827"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5828"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5829"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5830"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5831"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5832"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5833"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5834"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5836"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5837"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5838"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5839"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5840"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5842"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5847"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5848"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5849"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5850"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5851"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5852"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5853"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5854"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5855"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5856"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5857"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5858"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5859"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5860"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5861"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5862"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5864"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5865"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5867"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2019-5868"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/source-package/chromium"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/buster/chromium"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2019/dsa-4500"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the chromium packages.
For the stable distribution (buster), these problems have been fixed
in version 76.0.3809.100-1~deb10u1."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5859");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Google Chrome 72 and 73 Array.map exploit');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:chromium");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/06/27");
script_set_attribute(attribute:"patch_publication_date", value:"2019/08/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/14");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"10.0", prefix:"chromium", reference:"76.0.3809.100-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-common", reference:"76.0.3809.100-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-driver", reference:"76.0.3809.100-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-l10n", reference:"76.0.3809.100-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-sandbox", reference:"76.0.3809.100-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-shell", reference:"76.0.3809.100-1~deb10u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
The latest version of this script can be found in these locations depending on your platform:
- Linux / Unix:
/opt/nessus/lib/nessus/plugins/debian_DSA-4500.nasl
- Windows:
C:\ProgramData\Tenable\Nessus\nessus\plugins\debian_DSA-4500.nasl
- Mac OS X:
/Library/Nessus/run/lib/nessus/plugins/debian_DSA-4500.nasl
Go back to menu.
How to Run
Here is how to run the Debian DSA-4500-1 : chromium - security update as a standalone plugin via the Nessus web user interface (https://localhost:8834/):
- Click to start a New Scan.
- Select Advanced Scan.
- Navigate to the Plugins tab.
- On the top right corner click to Disable All plugins.
- On the left side table select Debian Local Security Checks plugin family.
- On the right side table select Debian DSA-4500-1 : chromium - security update plugin ID 127868.
- Specify the target on the Settings tab and click to Save the scan.
- Run the scan.
Here are a few examples of how to run the plugin in the command line. Note that the examples below demonstrate the usage on the Linux / Unix platform.
Basic usage:
/opt/nessus/bin/nasl debian_DSA-4500.nasl -t <IP/HOST>
Run the plugin with audit trail message on the console:
/opt/nessus/bin/nasl -a debian_DSA-4500.nasl -t <IP/HOST>
Run the plugin with trace script execution written to the console (useful for debugging):
/opt/nessus/bin/nasl -T - debian_DSA-4500.nasl -t <IP/HOST>
Run the plugin with using a state file for the target and updating it (useful for running multiple plugins on the target):
/opt/nessus/bin/nasl -K /tmp/state debian_DSA-4500.nasl -t <IP/HOST>
Go back to menu.
References
DSA | Debian Security Advisory: See also:
- https://www.tenable.com/plugins/nessus/127868
- https://packages.debian.org/source/buster/chromium
- https://security-tracker.debian.org/tracker/CVE-2019-5805
- https://security-tracker.debian.org/tracker/CVE-2019-5806
- https://security-tracker.debian.org/tracker/CVE-2019-5807
- https://security-tracker.debian.org/tracker/CVE-2019-5808
- https://security-tracker.debian.org/tracker/CVE-2019-5809
- https://security-tracker.debian.org/tracker/CVE-2019-5810
- https://security-tracker.debian.org/tracker/CVE-2019-5811
- https://security-tracker.debian.org/tracker/CVE-2019-5813
- https://security-tracker.debian.org/tracker/CVE-2019-5814
- https://security-tracker.debian.org/tracker/CVE-2019-5815
- https://security-tracker.debian.org/tracker/CVE-2019-5818
- https://security-tracker.debian.org/tracker/CVE-2019-5819
- https://security-tracker.debian.org/tracker/CVE-2019-5820
- https://security-tracker.debian.org/tracker/CVE-2019-5821
- https://security-tracker.debian.org/tracker/CVE-2019-5822
- https://security-tracker.debian.org/tracker/CVE-2019-5823
- https://security-tracker.debian.org/tracker/CVE-2019-5824
- https://security-tracker.debian.org/tracker/CVE-2019-5825
- https://security-tracker.debian.org/tracker/CVE-2019-5826
- https://security-tracker.debian.org/tracker/CVE-2019-5827
- https://security-tracker.debian.org/tracker/CVE-2019-5828
- https://security-tracker.debian.org/tracker/CVE-2019-5829
- https://security-tracker.debian.org/tracker/CVE-2019-5830
- https://security-tracker.debian.org/tracker/CVE-2019-5831
- https://security-tracker.debian.org/tracker/CVE-2019-5832
- https://security-tracker.debian.org/tracker/CVE-2019-5833
- https://security-tracker.debian.org/tracker/CVE-2019-5834
- https://security-tracker.debian.org/tracker/CVE-2019-5836
- https://security-tracker.debian.org/tracker/CVE-2019-5837
- https://security-tracker.debian.org/tracker/CVE-2019-5838
- https://security-tracker.debian.org/tracker/CVE-2019-5839
- https://security-tracker.debian.org/tracker/CVE-2019-5840
- https://security-tracker.debian.org/tracker/CVE-2019-5842
- https://security-tracker.debian.org/tracker/CVE-2019-5847
- https://security-tracker.debian.org/tracker/CVE-2019-5848
- https://security-tracker.debian.org/tracker/CVE-2019-5849
- https://security-tracker.debian.org/tracker/CVE-2019-5850
- https://security-tracker.debian.org/tracker/CVE-2019-5851
- https://security-tracker.debian.org/tracker/CVE-2019-5852
- https://security-tracker.debian.org/tracker/CVE-2019-5853
- https://security-tracker.debian.org/tracker/CVE-2019-5854
- https://security-tracker.debian.org/tracker/CVE-2019-5855
- https://security-tracker.debian.org/tracker/CVE-2019-5856
- https://security-tracker.debian.org/tracker/CVE-2019-5857
- https://security-tracker.debian.org/tracker/CVE-2019-5858
- https://security-tracker.debian.org/tracker/CVE-2019-5859
- https://security-tracker.debian.org/tracker/CVE-2019-5860
- https://security-tracker.debian.org/tracker/CVE-2019-5861
- https://security-tracker.debian.org/tracker/CVE-2019-5862
- https://security-tracker.debian.org/tracker/CVE-2019-5864
- https://security-tracker.debian.org/tracker/CVE-2019-5865
- https://security-tracker.debian.org/tracker/CVE-2019-5867
- https://security-tracker.debian.org/tracker/CVE-2019-5868
- https://security-tracker.debian.org/tracker/source-package/chromium
- https://www.debian.org/security/2019/dsa-4500
- https://vulners.com/nessus/DEBIAN_DSA-4500.NASL
- 125729 - Google Chrome < 75.0.3770.80 Multiple Vulnerabilities
- 125940 - RHEL 6 : chromium-browser (RHSA-2019:1477)
- 125941 - openSUSE Security Update : chromium (openSUSE-2019-1557)
- 125942 - openSUSE Security Update : chromium (openSUSE-2019-1558)
- 125943 - openSUSE Security Update : chromium (openSUSE-2019-1559)
- 126359 - Fedora 30 : chromium (2019-8fb8240d14)
- 126368 - openSUSE Security Update : chromium (openSUSE-2019-1666)
- 126752 - Google Chrome < 75.0.3770.142 Multiple Vulnerabilities
- 126753 - Google Chrome < 75.0.3770.142 Multiple Vulnerabilities
- 126995 - Fedora 29 : chromium (2019-a1af621faf)
- 127119 - Google Chrome < 76.0.3809.87 Multiple Vulnerabilities
- 127120 - Google Chrome < 76.0.3809.87 Multiple Vulnerabilities
- 127628 - RHEL 6 : chromium-browser (RHSA-2019:1930)
- 127735 - openSUSE Security Update : chromium (openSUSE-2019-1815)
- 127828 - RHEL 6 : chromium-browser (RHSA-2019:2427)
- 127836 - openSUSE Security Update : chromium (openSUSE-2019-1848)
- 127837 - openSUSE Security Update : chromium (openSUSE-2019-1849)
- 127967 - GLSA-201908-18 : Chromium, Google Chrome: Multiple vulnerabilities
- 128623 - Fedora 30 : chromium (2019-5d2420030c)
- 129857 - Fedora 29 : qt5-qtwebengine (2019-e5ff5d0ffd)
- 131561 - Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : sqlite3 vulnerabilities (USN-4205-1)
- 134593 - GLSA-202003-16 : SQLite: Multiple vulnerabilities
- 139986 - EulerOS 2.0 SP8 : sqlite (EulerOS-SA-2020-1883)
- 140981 - EulerOS Virtualization for ARM 64 3.0.6.0 : sqlite (EulerOS-SA-2020-2033)
- 142254 - EulerOS 2.0 SP2 : sqlite (EulerOS-SA-2020-2398)
- 155196 - CentOS 8 : sqlite (CESA-2021:4396)
- 155211 - RHEL 8 : sqlite (RHSA-2021:4396)
- 155418 - Oracle Linux 8 : sqlite (ELSA-2021-4396)
- 157628 - AlmaLinux 8 : sqlite (ALSA-2021:4396)
Version
This page has been produced using Nessus Professional 10.1.2 (#68) LINUX, Plugin set 202205072148.
Plugin file debian_DSA-4500.nasl version 1.6. For more plugins, visit the Nessus Plugin Library.
Go back to menu.