Detections
Analytics
Alibaba Cloud Linux 3 : 0205: container-tools:rhel8 (ALINUX3-SA-2024:0205)
high Nessus Plugin ID 236139
Synopsis
The remote Alibaba Cloud Linux host is missing one or more security updates.Description
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0205 advisory.Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities:
CVE-2024-24783:
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
CVE-2024-24784:
The ParseAddressList function incorrectly handles comments (text within parentheses) within display names.
Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers.
CVE-2024-24788:
A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.
CVE-2024-24791:
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an Expect:
100-continue header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending Expect: 100-continue requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.
Tenable has extracted the preceding description block directly from the Alibaba Cloud Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
http://mirrors.aliyun.com/alinux/3/cve/alinux3-sa-20240205.xml
Plugin Details
Severity: High
ID: 236139
File Name: alinux3_sa_2024-0205.nasl
Version: 1.1
Type: local
Published: 5/14/2025
Updated: 5/14/2025
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 5.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N
CVSS Score Source: CVE-2024-24788
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS Score Source: CVE-2024-24784
Vulnerability Information
CPE: p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-remote-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-remote, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-gvproxy, cpe:/o:alibabacloud:alibaba_cloud_linux_3, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-catatonit-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-plugins-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-gvproxy-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-catatonit, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-docker, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-tests, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:podman-plugins
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Alibaba/release, Host/Alibaba/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 9/29/2024
Vulnerability Publication Date: 3/5/2024
Reference Information
CVE: CVE-2024-24783, CVE-2024-24784, CVE-2024-24788, CVE-2024-24791