Detections
Analytics
TencentOS Server 3: container-tools:rhel8 (TSSA-2024:0779)
high Nessus Plugin ID 238632
Synopsis
The remote TencentOS Server 3 host is missing one or more security updates.Description
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0779 advisory.Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:
CVE-2023-45290:
When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.
CVE-2024-24783:
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
CVE-2024-24784:
The ParseAddressList function incorrectly handles comments (text within parentheses) within display names.
Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers.
CVE-2024-24788:
A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.
CVE-2024-24791:
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an Expect:
100-continue header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending Expect: 100-continue requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.
Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://mirrors.tencent.com/tlinux/errata/tssa-20240779.xml
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24788
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791
Plugin Details
Severity: High
ID: 238632
File Name: tencentos_TSSA_2024_0779.nasl
Version: 1.1
Type: local
Family: Tencent Local Security Checks
Published: 6/16/2025
Updated: 6/16/2025
Supported Sensors: Nessus
Vulnerability Information
CPE: p-cpe:/a:tencent:tencentos_server:containernetworking-plugins, p-cpe:/a:tencent:tencentos_server:conmon, p-cpe:/a:tencent:tencentos_server:containers-common, p-cpe:/a:tencent:tencentos_server:toolbox, p-cpe:/a:tencent:tencentos_server:libslirp, p-cpe:/a:tencent:tencentos_server:cockpit-podman, p-cpe:/a:tencent:tencentos_server:skopeo, p-cpe:/a:tencent:tencentos_server:aardvark-dns, p-cpe:/a:tencent:tencentos_server:buildah, p-cpe:/a:tencent:tencentos_server:udica, p-cpe:/a:tencent:tencentos_server:fuse-overlayfs, p-cpe:/a:tencent:tencentos_server:python-podman, p-cpe:/a:tencent:tencentos_server:netavark, p-cpe:/a:tencent:tencentos_server:podman, p-cpe:/a:tencent:tencentos_server:oci-seccomp-bpf-hook, p-cpe:/a:tencent:tencentos_server:criu, p-cpe:/a:tencent:tencentos_server:crun, cpe:/o:tencent:tencentos_server:3, p-cpe:/a:tencent:tencentos_server:runc, p-cpe:/a:tencent:tencentos_server:slirp4netns, p-cpe:/a:tencent:tencentos_server:container-selinux
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/etc/os-release, Host/TencentOS/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 9/24/2024
Vulnerability Publication Date: 9/24/2024