Test ID:	1.3.6.1.4.1.25623.1.0.844360
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-4298-1)
Summary:	The remote host is missing an update for the 'sqlite3' package(s) announced via the USN-4298-1 advisory.
Description:	Summary: The remote host is missing an update for the 'sqlite3' package(s) announced via the USN-4298-1 advisory. Vulnerability Insight: It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-13734, CVE-2019-13750, CVE-2019-13753) It was discovered that SQLite incorrectly handled certain corrupt records. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-13751) It was discovered that SQLite incorrectly handled certain queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10. (CVE-2019-19880) It was discovered that SQLite incorrectly handled certain queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2019-19923) It was discovered that SQLite incorrectly handled parser tree rewriting. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10. (CVE-2019-19924) It was discovered that SQLite incorrectly handled certain ZIP archives. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2019-19925, CVE-2019-19959) It was discovered that SQLite incorrectly handled errors during parsing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-19926) It was discovered that SQLite incorrectly handled parsing errors. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-20218) It was discovered that SQLite incorrectly handled generated column optimizations. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2020-9327) Affected Software/OS: 'sqlite3' package(s) on Ubuntu 16.04, Ubuntu 18.04, Ubuntu 19.10. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-13734 Bugtraq: 20200120 [SECURITY] [DSA 4606-1] chromium security update (Google Search) https://seclists.org/bugtraq/2020/Jan/27 Debian Security Information: DSA-4606 (Google Search) https://www.debian.org/security/2020/dsa-4606 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/ https://security.gentoo.org/glsa/202003-08 https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html https://crbug.com/1025466 https://www.oracle.com/security-alerts/cpujan2022.html RedHat Security Advisories: RHSA-2019:4238 https://access.redhat.com/errata/RHSA-2019:4238 RedHat Security Advisories: RHSA-2020:0227 https://access.redhat.com/errata/RHSA-2020:0227 RedHat Security Advisories: RHSA-2020:0229 https://access.redhat.com/errata/RHSA-2020:0229 RedHat Security Advisories: RHSA-2020:0273 https://access.redhat.com/errata/RHSA-2020:0273 RedHat Security Advisories: RHSA-2020:0451 https://access.redhat.com/errata/RHSA-2020:0451 RedHat Security Advisories: RHSA-2020:0463 https://access.redhat.com/errata/RHSA-2020:0463 RedHat Security Advisories: RHSA-2020:0476 https://access.redhat.com/errata/RHSA-2020:0476 SuSE Security Announcement: openSUSE-SU-2019:2692 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html SuSE Security Announcement: openSUSE-SU-2019:2694 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html https://usn.ubuntu.com/4298-1/ https://usn.ubuntu.com/4298-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-13750 https://crbug.com/1025464 Common Vulnerability Exposure (CVE) ID: CVE-2019-13751 https://crbug.com/1025465 Common Vulnerability Exposure (CVE) ID: CVE-2019-13752 https://crbug.com/1025470 Common Vulnerability Exposure (CVE) ID: CVE-2019-13753 https://crbug.com/1025471 Common Vulnerability Exposure (CVE) ID: CVE-2019-19880 Debian Security Information: DSA-4638 (Google Search) https://www.debian.org/security/2020/dsa-4638 https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54 https://www.oracle.com/security-alerts/cpuapr2020.html RedHat Security Advisories: RHSA-2020:0514 https://access.redhat.com/errata/RHSA-2020:0514 SuSE Security Announcement: openSUSE-SU-2020:0189 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html SuSE Security Announcement: openSUSE-SU-2020:0210 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html SuSE Security Announcement: openSUSE-SU-2020:0233 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html Common Vulnerability Exposure (CVE) ID: CVE-2019-19923 https://github.com/sqlite/sqlite/commit/396afe6f6aa90a31303c183e11b2b2d4b7956b35 Common Vulnerability Exposure (CVE) ID: CVE-2019-19924 https://github.com/sqlite/sqlite/commit/8654186b0236d556aa85528c2573ee0b6ab71be3 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2019-19925 https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618 Common Vulnerability Exposure (CVE) ID: CVE-2019-19926 https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089 Common Vulnerability Exposure (CVE) ID: CVE-2019-19959 https://github.com/sqlite/sqlite/commit/1e490c4ca6b43a9cf8637d695907888349f69bec https://github.com/sqlite/sqlite/commit/d8f2d46cbc9925e034a68aaaf60aad788d9373c1 Common Vulnerability Exposure (CVE) ID: CVE-2019-20218 https://security.gentoo.org/glsa/202007-26 https://github.com/sqlite/sqlite/commit/a6c1a71cde082e09750465d5675699062922e387 https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html https://lists.debian.org/debian-lts-announce/2020/12/msg00016.html Common Vulnerability Exposure (CVE) ID: CVE-2020-9327 https://security.netapp.com/advisory/ntap-20200313-0002/ https://security.gentoo.org/glsa/202003-16 https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.sqlite.org/cgi/src/info/4374860b29383380 https://www.sqlite.org/cgi/src/info/9d0d4ab95dc0c56e https://www.sqlite.org/cgi/src/info/abc473fb8fb99900
Copyright	Copyright (C) 2020 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.