Debian DSA-4638-1 : chromium - security update - Nessus

High Plugin ID: 134433

This page contains detailed information about the Debian DSA-4638-1 : chromium - security update Nessus plugin including available exploits and PoCs found on GitHub, in Metasploit or Exploit-DB for verifying of this vulnerability.

Table Of Contents

hide

Plugin Overview
Vulnerability Information

Synopsis
Description
Solution

Public Exploits
Risk Information
Plugin Source
How to Run
References
Version

Plugin Overview

ID: 134433
Name: Debian DSA-4638-1 : chromium - security update
Filename: debian_DSA-4638.nasl
Vulnerability Published: 2019-12-18
This Plugin Published: 2020-03-12
Last Modification Time: 2022-04-04
Plugin Version: 1.7
Plugin Type: local
Plugin Family: Debian Local Security Checks
Dependencies: ssh_get_info.nasl
Required KB Items [?]: Host/Debian/dpkg-l, Host/Debian/release, Host/local_checks_enabled

Vulnerability Information

Severity: High
Vulnerability Published: 2019-12-18
Patch Published: 2020-03-10
CVE [?]: CVE-2019-19880, CVE-2019-19923, CVE-2019-19925, CVE-2019-19926, CVE-2020-6381, CVE-2020-6382, CVE-2020-6383, CVE-2020-6384, CVE-2020-6385, CVE-2020-6386, CVE-2020-6387, CVE-2020-6388, CVE-2020-6389, CVE-2020-6390, CVE-2020-6391, CVE-2020-6392, CVE-2020-6393, CVE-2020-6394, CVE-2020-6395, CVE-2020-6396, CVE-2020-6397, CVE-2020-6398, CVE-2020-6399, CVE-2020-6400, CVE-2020-6401, CVE-2020-6402, CVE-2020-6403, CVE-2020-6404, CVE-2020-6405, CVE-2020-6406, CVE-2020-6407, CVE-2020-6408, CVE-2020-6409, CVE-2020-6410, CVE-2020-6411, CVE-2020-6412, CVE-2020-6413, CVE-2020-6414, CVE-2020-6415, CVE-2020-6416, CVE-2020-6418, CVE-2020-6420
CPE [?]: cpe:/o:debian:debian_linux:10.0, p-cpe:/a:debian:debian_linux:chromium
Exploited by Malware: True

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the chromium web browser.

- CVE-2019-19880 Richard Lorenz discovered an issue in the sqlite library.

- CVE-2019-19923 Richard Lorenz discovered an out-of-bounds read issue in the sqlite library.

- CVE-2019-19925 Richard Lorenz discovered an issue in the sqlite library.

- CVE-2019-19926 Richard Lorenz discovered an implementation error in the sqlite library.

- CVE-2020-6381 UK's National Cyber Security Centre discovered an integer overflow issue in the v8 JavaScript library.

- CVE-2020-6382 Soyeon Park and Wen Xu discovered a type error in the v8 JavaScript library.

- CVE-2020-6383 Sergei Glazunov discovered a type error in the v8 JavaScript library.

- CVE-2020-6384 David Manoucheri discovered a use-after-free issue in WebAudio.

- CVE-2020-6385 Sergei Glazunov discovered a policy enforcement error.

- CVE-2020-6386 Zhe Jin discovered a use-after-free issue in speech processing.

- CVE-2020-6387 Natalie Silvanovich discovered an out-of-bounds write error in the WebRTC implementation.

- CVE-2020-6388 Sergei Glazunov discovered an out-of-bounds read error in the WebRTC implementation.

- CVE-2020-6389 Natalie Silvanovich discovered an out-of-bounds write error in the WebRTC implementation.

- CVE-2020-6390 Sergei Glazunov discovered an out-of-bounds read error.

- CVE-2020-6391 Michal Bentkowski discoverd that untrusted input was insufficiently validated.

- CVE-2020-6392 The Microsoft Edge Team discovered a policy enforcement error.

- CVE-2020-6393 Mark Amery discovered a policy enforcement error.

- CVE-2020-6394 Phil Freo discovered a policy enforcement error.

- CVE-2020-6395 Pierre Langlois discovered an out-of-bounds read error in the v8 JavaScript library.

- CVE-2020-6396 William Luc Ritchie discovered an error in the skia library.

- CVE-2020-6397 Khalil Zhani discovered a user interface error.

- CVE-2020-6398 pdknsk discovered an uninitialized variable in the pdfium library.

- CVE-2020-6399 Luan Herrera discovered a policy enforcement error.

- CVE-2020-6400 Takashi Yoneuchi discovered an error in Cross-Origin Resource Sharing.

- CVE-2020-6401 Tzachy Horesh discovered that user input was insufficiently validated.

- CVE-2020-6402 Vladimir Metnew discovered a policy enforcement error.

- CVE-2020-6403 Khalil Zhani discovered a user interface error.

- CVE-2020-6404 kanchi discovered an error in Blink/Webkit.

- CVE-2020-6405 Yongheng Chen and Rui Zhong discovered an out-of-bounds read issue in the sqlite library.

- CVE-2020-6406 Sergei Glazunov discovered a use-after-free issue.

- CVE-2020-6407 Sergei Glazunov discovered an out-of-bounds read error.

- CVE-2020-6408 Zhong Zhaochen discovered a policy enforcement error in Cross-Origin Resource Sharing.

- CVE-2020-6409 Divagar S and Bharathi V discovered an error in the omnibox implementation.

- CVE-2020-6410 evil1m0 discovered a policy enforcement error.

- CVE-2020-6411 Khalil Zhani discovered that user input was insufficiently validated.

- CVE-2020-6412 Zihan Zheng discovered that user input was insufficiently validated.

- CVE-2020-6413 Michal Bentkowski discovered an error in Blink/Webkit.

- CVE-2020-6414 Lijo A.T discovered a policy safe browsing policy enforcement error.

- CVE-2020-6415 Avihay Cohen discovered an implementation error in the v8 JavaScript library.

- CVE-2020-6416 Woojin Oh discovered that untrusted input was insufficiently validated.

- CVE-2020-6418 Clement Lecigne discovered a type error in the v8 JavaScript library.

- CVE-2020-6420 Taras Uzdenov discovered a policy enforcement error.

Solution

Upgrade the chromium packages.

For the oldstable distribution (stretch), security support for chromium has been discontinued.

For the stable distribution (buster), these problems have been fixed in version 80.0.3987.132-1~deb10u1.

Public Exploits

Target Network Port(s): N/A
Target Asset(s): N/A
Exploit Available: True (Metasploit Framework, Exploit-DB, GitHub)
Exploit Ease: Exploits are available

Here's the list of publicly known exploits and PoCs for verifying the Debian DSA-4638-1 : chromium - security update vulnerability:

Metasploit: exploit/multi/browser/chrome_jscreate_sideeffect
[Google Chrome 80 JSCreate side-effect type confusion exploit]
Exploit-DB: exploits/windows/dos/48237.txt
[EDB-48237: Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service (PoC)]
Exploit-DB: exploits/multiple/remote/48186.rb
[EDB-48186: Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)]
GitHub: https://github.com/sslab-gatech/DIE
[CVE-2020-6382]
GitHub: https://github.com/allpaca/chrome-sbx-db
[CVE-2020-6385]
GitHub: https://github.com/SexyBeast233/SecBooks
[CVE-2020-6404]
GitHub: https://github.com/0x2l/0x2l_v8_exp
[CVE-2020-6418]
GitHub: https://github.com/7o8v/Browser
[CVE-2020-6418]
GitHub: https://github.com/CYB3R-X3eRo0/CVE-2020-6418
[CVE-2020-6418: CVE-2020-6418 제로데이 취약점]
GitHub: https://github.com/Jabri1/cve-2020_6418-exploit
[CVE-2020-6418: cve-2020_6418-exploittt.js]
GitHub: https://github.com/SexyBeast233/SecBooks
[CVE-2020-6418]
GitHub: https://github.com/SivaPriyaRanganatha/CVE-2020-6418
[CVE-2020-6418]
GitHub: https://github.com/fardeen-ahmed/Bug-bounty-Writeups
[CVE-2020-6418]
GitHub: https://github.com/ray-cp/browser_pwn/tree/master/cve-2020-6418
[CVE-2020-6418]
GitHub: https://github.com/star-sg/CVE
[CVE-2020-6418]
GitHub: https://github.com/ulexec/ChromeSHELFLoader
[CVE-2020-6418: An exploit for CVE-2020-6418 implementing a SHELF Loader. Published as part of ...]
GitHub: https://github.com/ulexec/Exploits
[CVE-2020-6418]
GitHub: https://github.com/ChoKyuWon/CVE-2020-6418
[CVE-2020-6418: PoC of CVE]
GitHub: https://github.com/Goyotan/CVE-2020-6418-PoC
[CVE-2020-6418: For 供養]

Before running any exploit against any system, make sure you are authorized by the owner of the target system(s) to perform such activity. In any other case, this would be considered as an illegal activity.

WARNING: Beware of using unverified exploits from sources such as GitHub or Exploit-DB. These exploits and PoCs could contain malware. For more information, see how to use exploits safely.

Risk Information

CVSS Score Source [?]: CVE-2020-6420
CVSS V2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C

CVSS Base Score:	6.8 (Medium)
Impact Subscore:	6.4
Exploitability Subscore:	8.6
CVSS Temporal Score:	5.9 (Medium)
CVSS Environmental Score:	NA (None)
Modified Impact Subscore:	NA
Overall CVSS Score:	5.9 (Medium)

CVSS V3 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C

CVSS Base Score:	8.8 (High)
Impact Subscore:	5.9
Exploitability Subscore:	2.8
CVSS Temporal Score:	8.4 (High)
CVSS Environmental Score:	NA (None)
Modified Impact Subscore:	NA
Overall CVSS Score:	8.4 (High)

Go back to menu.

Plugin Source

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-4638. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include("compat.inc");

if (description)
{
  script_id(134433);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/04");

  script_cve_id("CVE-2019-19880", "CVE-2019-19923", "CVE-2019-19925", "CVE-2019-19926", "CVE-2020-6381", "CVE-2020-6382", "CVE-2020-6383", "CVE-2020-6384", "CVE-2020-6385", "CVE-2020-6386", "CVE-2020-6387", "CVE-2020-6388", "CVE-2020-6389", "CVE-2020-6390", "CVE-2020-6391", "CVE-2020-6392", "CVE-2020-6393", "CVE-2020-6394", "CVE-2020-6395", "CVE-2020-6396", "CVE-2020-6397", "CVE-2020-6398", "CVE-2020-6399", "CVE-2020-6400", "CVE-2020-6401", "CVE-2020-6402", "CVE-2020-6403", "CVE-2020-6404", "CVE-2020-6405", "CVE-2020-6406", "CVE-2020-6407", "CVE-2020-6408", "CVE-2020-6409", "CVE-2020-6410", "CVE-2020-6411", "CVE-2020-6412", "CVE-2020-6413", "CVE-2020-6414", "CVE-2020-6415", "CVE-2020-6416", "CVE-2020-6418", "CVE-2020-6420");
  script_xref(name:"DSA", value:"4638");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/05/03");

  script_name(english:"Debian DSA-4638-1 : chromium - security update");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description",
    value:
"Several vulnerabilities have been discovered in the chromium web
browser.

  - CVE-2019-19880
    Richard Lorenz discovered an issue in the sqlite
    library.

  - CVE-2019-19923
    Richard Lorenz discovered an out-of-bounds read issue in
    the sqlite library.

  - CVE-2019-19925
    Richard Lorenz discovered an issue in the sqlite
    library.

  - CVE-2019-19926
    Richard Lorenz discovered an implementation error in the
    sqlite library.

  - CVE-2020-6381
    UK's National Cyber Security Centre discovered an
    integer overflow issue in the v8 JavaScript library.

  - CVE-2020-6382
    Soyeon Park and Wen Xu discovered a type error in the v8
    JavaScript library.

  - CVE-2020-6383
    Sergei Glazunov discovered a type error in the v8
    JavaScript library.

  - CVE-2020-6384
    David Manoucheri discovered a use-after-free issue in
    WebAudio.

  - CVE-2020-6385
    Sergei Glazunov discovered a policy enforcement error.

  - CVE-2020-6386
    Zhe Jin discovered a use-after-free issue in speech
    processing.

  - CVE-2020-6387
    Natalie Silvanovich discovered an out-of-bounds write
    error in the WebRTC implementation.

  - CVE-2020-6388
    Sergei Glazunov discovered an out-of-bounds read error
    in the WebRTC implementation.

  - CVE-2020-6389
    Natalie Silvanovich discovered an out-of-bounds write
    error in the WebRTC implementation.

  - CVE-2020-6390
    Sergei Glazunov discovered an out-of-bounds read error.

  - CVE-2020-6391
    Michal Bentkowski discoverd that untrusted input was
    insufficiently validated.

  - CVE-2020-6392
    The Microsoft Edge Team discovered a policy enforcement
    error.

  - CVE-2020-6393
    Mark Amery discovered a policy enforcement error.

  - CVE-2020-6394
    Phil Freo discovered a policy enforcement error.

  - CVE-2020-6395
    Pierre Langlois discovered an out-of-bounds read error
    in the v8 JavaScript library.

  - CVE-2020-6396
    William Luc Ritchie discovered an error in the skia
    library.

  - CVE-2020-6397
    Khalil Zhani discovered a user interface error.

  - CVE-2020-6398
    pdknsk discovered an uninitialized variable in the
    pdfium library.

  - CVE-2020-6399
    Luan Herrera discovered a policy enforcement error.

  - CVE-2020-6400
    Takashi Yoneuchi discovered an error in Cross-Origin
    Resource Sharing.

  - CVE-2020-6401
    Tzachy Horesh discovered that user input was
    insufficiently validated.

  - CVE-2020-6402
    Vladimir Metnew discovered a policy enforcement error.

  - CVE-2020-6403
    Khalil Zhani discovered a user interface error.

  - CVE-2020-6404
    kanchi discovered an error in Blink/Webkit.

  - CVE-2020-6405
    Yongheng Chen and Rui Zhong discovered an out-of-bounds
    read issue in the sqlite library.

  - CVE-2020-6406
    Sergei Glazunov discovered a use-after-free issue.

  - CVE-2020-6407
    Sergei Glazunov discovered an out-of-bounds read error.

  - CVE-2020-6408
    Zhong Zhaochen discovered a policy enforcement error in
    Cross-Origin Resource Sharing.

  - CVE-2020-6409
    Divagar S and Bharathi V discovered an error in the
    omnibox implementation.

  - CVE-2020-6410
    evil1m0 discovered a policy enforcement error.

  - CVE-2020-6411
    Khalil Zhani discovered that user input was
    insufficiently validated.

  - CVE-2020-6412
    Zihan Zheng discovered that user input was
    insufficiently validated.

  - CVE-2020-6413
    Michal Bentkowski discovered an error in Blink/Webkit.

  - CVE-2020-6414
    Lijo A.T discovered a policy safe browsing policy
    enforcement error.

  - CVE-2020-6415
    Avihay Cohen discovered an implementation error in the
    v8 JavaScript library.

  - CVE-2020-6416
    Woojin Oh discovered that untrusted input was
    insufficiently validated.

  - CVE-2020-6418
    Clement Lecigne discovered a type error in the v8
    JavaScript library.

  - CVE-2020-6420
    Taras Uzdenov discovered a policy enforcement error."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2019-19880"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2019-19923"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2019-19925"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2019-19926"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6381"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6382"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6383"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6384"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6385"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6386"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6387"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6388"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6389"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6390"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6391"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6392"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6393"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6394"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6395"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6396"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6397"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6398"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6399"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6400"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6401"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6402"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6403"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6404"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6405"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6406"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6407"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6408"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6409"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6410"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6411"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6412"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6413"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6414"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6415"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6416"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6418"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2020-6420"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/source-package/chromium"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/buster/chromium"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2020/dsa-4638"
  );
  script_set_attribute(
    attribute:"solution",
    value:
"Upgrade the chromium packages.

For the oldstable distribution (stretch), security support for
chromium has been discontinued.

For the stable distribution (buster), these problems have been fixed
in version 80.0.3987.132-1~deb10u1."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-6420");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Google Chrome 80 JSCreate side-effect type confusion exploit');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:chromium");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/03/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"10.0", prefix:"chromium", reference:"80.0.3987.132-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-common", reference:"80.0.3987.132-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-driver", reference:"80.0.3987.132-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-l10n", reference:"80.0.3987.132-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-sandbox", reference:"80.0.3987.132-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-shell", reference:"80.0.3987.132-1~deb10u1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

The latest version of this script can be found in these locations depending on your platform:

Linux / Unix:
/opt/nessus/lib/nessus/plugins/debian_DSA-4638.nasl
Windows:
C:\ProgramData\Tenable\Nessus\nessus\plugins\debian_DSA-4638.nasl
Mac OS X:
/Library/Nessus/run/lib/nessus/plugins/debian_DSA-4638.nasl

Go back to menu.

How to Run

Here is how to run the Debian DSA-4638-1 : chromium - security update as a standalone plugin via the Nessus web user interface (https://localhost:8834/):

Click to start a New Scan.
Select Advanced Scan.
Navigate to the Plugins tab.
On the top right corner click to Disable All plugins.
On the left side table select Debian Local Security Checks plugin family.
On the right side table select Debian DSA-4638-1 : chromium - security update plugin ID 134433.
Specify the target on the Settings tab and click to Save the scan.
Run the scan.

Here are a few examples of how to run the plugin in the command line. Note that the examples below demonstrate the usage on the Linux / Unix platform.

Basic usage:

/opt/nessus/bin/nasl debian_DSA-4638.nasl -t <IP/HOST>

Run the plugin with audit trail message on the console:

/opt/nessus/bin/nasl -a debian_DSA-4638.nasl -t <IP/HOST>

Run the plugin with trace script execution written to the console (useful for debugging):

/opt/nessus/bin/nasl -T - debian_DSA-4638.nasl -t <IP/HOST>

Run the plugin with using a state file for the target and updating it (useful for running multiple plugins on the target):

/opt/nessus/bin/nasl -K /tmp/state debian_DSA-4638.nasl -t <IP/HOST>

Go back to menu.

References

DSA | Debian Security Advisory:

4638

See also:

Similar and related Nessus plugins:

132984 - Photon OS 1.0: Sqlite PHSA-2020-1.0-0264
132989 - Photon OS 2.0: Sqlite PHSA-2020-2.0-0200
133464 - Google Chrome < 80.0.3987.87 Multiple Vulnerabilities
133465 - Google Chrome < 80.0.3987.87 Multiple Vulnerabilities
133500 - Photon OS 2.0: Sqlite PHSA-2020-2.0-0204
133503 - Photon OS 1.0: Sqlite PHSA-2020-1.0-0270
133506 - Photon OS 3.0: Sqlite PHSA-2020-3.0-0055
133593 - openSUSE Security Update : chromium (openSUSE-2020-189)
133749 - RHEL 6 : chromium-browser (RHSA-2020:0514)
133933 - EulerOS 2.0 SP5 : sqlite (EulerOS-SA-2020-1132)
133953 - Google Chrome < 80.0.3987.122 Multiple Vulnerabilities
133954 - Google Chrome < 80.0.3987.122 Multiple Vulnerabilities
134014 - EulerOS 2.0 SP8 : sqlite (EulerOS-SA-2020-1180)
134157 - openSUSE Security Update : chromium (openSUSE-2020-259)
134360 - RHEL 6 : chromium-browser (RHSA-2020:0738)
134402 - Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : SQLite vulnerabilities (USN-4298-1)
134475 - GLSA-202003-08 : Chromium, Google Chrome: Multiple vulnerabilities
134718 - Fedora 31 : chromium (2020-f6271d7afa)
134990 - Fedora 30 : chromium (2020-39e0b8bd14)
135151 - EulerOS Virtualization for ARM 64 3.0.6.0 : sqlite (EulerOS-SA-2020-1364)
136056 - RHEL 8 : sqlite (RHSA-2020:1810)
136265 - EulerOS Virtualization for ARM 64 3.0.2.0 : sqlite (EulerOS-SA-2020-1562)
137983 - EulerOS Virtualization 3.0.6.0 : sqlite (EulerOS-SA-2020-1764)
138174 - Microsoft Edge (Chromium) < 80.0.361.48 Multiple Vulnerabilities
138176 - Microsoft Edge (Chromium) < 80.0.361.62 Multiple Vulnerabilities
138774 - NewStart CGSL MAIN 6.01 : sqlite Multiple Vulnerabilities (NS-SA-2020-0031)
141765 - EulerOS Virtualization 3.0.2.2 : sqlite (EulerOS-SA-2020-2197)
142254 - EulerOS 2.0 SP2 : sqlite (EulerOS-SA-2020-2398)
142429 - RHEL 8 : sqlite (RHSA-2020:4442)
142752 - Oracle Linux 8 : sqlite (ELSA-2020-4442)
145795 - CentOS 8 : sqlite (CESA-2020:1810)
145815 - CentOS 8 : sqlite (CESA-2020:4442)
147397 - NewStart CGSL MAIN 6.02 : sqlite Multiple Vulnerabilities (NS-SA-2021-0064)

Version

This page has been produced using Nessus Professional 10.1.2 (#68) LINUX, Plugin set 202205072148.
Plugin file debian_DSA-4638.nasl version 1.7. For more plugins, visit the Nessus Plugin Library.

Go back to menu.

Debian DSA-4638-1 : chromium - security update - Nessus

Plugin Overview

Vulnerability Information

Synopsis

Description

Solution

Public Exploits

Risk Information

Plugin Source

How to Run

References

Version

Nessus Plugin Library

Solving Problems with Office 365 Email from GoDaddy

Empire Module Library

CrackMapExec Module Library

Metasploit Android Modules

Top 16 Active Directory Vulnerabilities

Top 10 Vulnerabilities: Internal Infrastructure Pentest

Terminal Escape Injection

Cisco Password Cracking and Decrypting Guide

Capture Passwords using Wireshark

SSH Brute Force Attack Tool using PuTTY / Plink (ssh-putty-brute.ps1)

SMB Brute Force Attack Tool in PowerShell (SMBLogin.ps1)

Port Scanner in PowerShell (TCP/UDP)

Nessus CSV Parser and Extractor

Default Password Scanner (default-http-login-hunter.sh)